client worker & auth

src/main/kotlin/org/octopus/lorca_core/common/enums/EUserRoles.kt

@@ -5,6 +5,5 @@ enum class EUserRoles(val role: String) {
     PSICO("PSICO"),
     ALL("ALL"),
     ADMIN("ADMIN"),
-    BASE("BASE"),
-    EMPTY("")
+    BASE("BASE")
 }

src/main/kotlin/org/octopus/lorca_core/common/models/Client.kt

@@ -1,8 +1,15 @@
 package org.octopus.lorca_core.common.models
 
+import java.util.*
+
 data class Client(
     var id: Long?,
     var name: String,
     var surname: String,
+    var dni: String,
+    val phoneNumber: String,
+    val expNumber: String,
+    val userNumber: String,
+    val birthDate: Date,
     val deactivated: Boolean
 )

src/main/kotlin/org/octopus/lorca_core/config/security/JwtAuthenticationFilter.kt

@@ -47,7 +47,7 @@ class JwtAuthenticationFilter(
 
                 val roles = jwtService.getRoles(jwt)
 
-                if (jwtService.isTokenValid(jwt, userDetails) && roles.isNotEmpty()) {
+                if (jwtService.isTokenValid(jwt, userDetails)) {
                     val authToken = UsernamePasswordAuthenticationToken(
                         userDetails,
                         null,

src/main/kotlin/org/octopus/lorca_core/config/security/SecurityConfig.kt

@@ -1,8 +1,10 @@
 package org.octopus.lorca_core.config.security
 
+import org.octopus.lorca_core.common.enums.EUserRoles
 import org.springframework.context.annotation.Bean
 import org.springframework.context.annotation.Configuration
 import org.springframework.security.authentication.AuthenticationProvider
+import org.springframework.security.authorization.AuthorizationDecision
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
@@ -26,8 +28,12 @@ class SecurityConfig(
             .authorizeHttpRequests { auth ->
                 auth
                     .requestMatchers("/auth/**").permitAll()
-                    .requestMatchers("/workers/register/**").hasRole("EMPTY")
-                    .anyRequest().authenticated()
+                    .requestMatchers("/workers/register/**").access { authentication, _ ->
+                        AuthorizationDecision(
+                            authentication.get().isAuthenticated && authentication.get().authorities.isEmpty()
+                        )
+                    }
+                    .anyRequest().hasAnyRole(*EUserRoles.entries.map { role -> role.role }.toTypedArray())
             }
             .sessionManagement { session ->
                 session.sessionCreationPolicy(SessionCreationPolicy.STATELESS)

src/main/kotlin/org/octopus/lorca_core/services/impl/ClientServiceImpl.kt

@@ -17,6 +17,18 @@ class ClientServiceImpl(val repo: ClientRepository) : ClientService {
     }
 
     override fun createClient(clientDto: ClientDto): Client {
-        return repo.createClient(Client(null, clientDto.name, clientDto.surname, clientDto.deactivated))
+        return repo.createClient(
+            Client(
+                id = 0L,
+                name = clientDto.name,
+                surname = clientDto.surname,
+                dni = clientDto.dni,
+                birthDate = clientDto.dateOfBirth,
+                userNumber = clientDto.numUser,
+                expNumber = clientDto.numExp,
+                phoneNumber = clientDto.phone,
+                deactivated = clientDto.deactivated ?: false
+            )
+        )
     }
 }

src/main/kotlin/org/octopus/lorca_core/services/impl/JwtServiceImpl.kt

@@ -78,7 +78,7 @@ class JwtServiceImpl(
         extractAllClaims(token)["roles"]?.let { roles ->
             return (roles as List<String>).map { EUserRoles.valueOf(it) }
         }
-        return listOf(EUserRoles.EMPTY)
+        return listOf()
     }
 
     private fun isTokenExpired(token: String): Boolean {

src/main/kotlin/org/octopus/lorca_core/web/controllers/AdminController.kt

@@ -16,7 +16,7 @@ import org.springframework.web.bind.annotation.RestController
 class AdminController(val adminService: AdminService) {
 
     @PutMapping("/modifyRoles")
-    fun addRoles(@Valid @RequestBody addRoleDto: AddRoleDto): WebResponse<Nothing> {
+    fun addRoles(@Valid @RequestBody addRoleDto: AddRoleDto): WebResponse<Unit> {
         adminService.modifyRoles(addRoleDto.username, addRoleDto.roles)
         return WebResponse.ok()
     }

src/main/kotlin/org/octopus/lorca_core/web/controllers/AuthController.kt

@@ -20,7 +20,7 @@ class AuthController(
 ) {
 
     @PostMapping("/register")
-    fun register(@Valid @RequestBody registerUserDto: UserAuthDto): WebResponse<Nothing> {
+    fun register(@Valid @RequestBody registerUserDto: UserAuthDto): WebResponse<Unit> {
         authenticationService.register(registerUserDto)
         return WebResponse.ok()
     }

src/main/kotlin/org/octopus/lorca_core/web/controllers/WorkerController.kt

@@ -40,7 +40,7 @@ class WorkerController(
     }
 
     @PostMapping("/test")
-    fun createTestData(): WebResponse<Nothing> {
+    fun createTestData(): WebResponse<Unit> {
 //        workerService.createTestData()
         return WebResponse.ok()
     }

src/main/kotlin/org/octopus/lorca_core/web/utils/BaseAdvice.kt

@@ -21,7 +21,7 @@ class BaseAdvice {
     fun handleLorcaBusinessException(
         ex: LorcaException,
         request: WebRequest
-    ): WebResponse<Nothing> {
+    ): WebResponse<Unit> {
         return WebResponse.ko(
             deductStatus(ex.ex),
             ex.message
@@ -42,7 +42,7 @@ class BaseAdvice {
     fun handleNumberFormatException(
         ex: NumberFormatException,
         request: WebRequest
-    ): WebResponse<Nothing> {
+    ): WebResponse<Unit> {
         return WebResponse.ko(
             HttpStatus.BAD_REQUEST,
             "${HttpStatus.BAD_REQUEST.reasonPhrase}: ${ex.message}"
@@ -54,7 +54,7 @@ class BaseAdvice {
     fun handleNoResourceFoundException(
         ex: NoResourceFoundException,
         request: WebRequest
-    ): WebResponse<Nothing> {
+    ): WebResponse<Unit> {
         return WebResponse.ko(
             HttpStatus.NOT_FOUND,
             "${HttpStatus.NOT_FOUND.reasonPhrase}: ${(request as ServletWebRequest).request.requestURI}"
@@ -66,7 +66,7 @@ class BaseAdvice {
     fun handleHttpRequestMethodNotSupportedException(
         ex: HttpRequestMethodNotSupportedException,
         request: WebRequest
-    ): WebResponse<Nothing> {
+    ): WebResponse<Unit> {
         return WebResponse.ko(
             HttpStatus.METHOD_NOT_ALLOWED,
             "${HttpStatus.METHOD_NOT_ALLOWED.reasonPhrase}: ${(request as ServletWebRequest).request.requestURI}"
@@ -79,7 +79,7 @@ class BaseAdvice {
     fun handleMethodArgumentNotValidException(
         ex: MethodArgumentNotValidException,
         request: WebRequest
-    ): WebResponse<Nothing> {
+    ): WebResponse<Unit> {
         val errors =
             ex.bindingResult.fieldErrors.map {
                 "${it.field} - ${it.defaultMessage}"
@@ -95,7 +95,7 @@ class BaseAdvice {
     fun handleHttpMessageNotReadableException(
         ex: HttpMessageNotReadableException,
         request: WebRequest
-    ): WebResponse<Nothing> {
+    ): WebResponse<Unit> {
         return WebResponse.ko(
             HttpStatus.NOT_ACCEPTABLE,
             "${HttpStatus.NOT_ACCEPTABLE.reasonPhrase}: JSON parse error"
@@ -107,7 +107,7 @@ class BaseAdvice {
     fun handleAuthorizationDeniedException(
         ex: AuthorizationDeniedException,
         request: WebRequest
-    ): WebResponse<Nothing> {
+    ): WebResponse<Unit> {
         return WebResponse.ko(
             HttpStatus.FORBIDDEN,
             "${HttpStatus.FORBIDDEN.reasonPhrase}: ${ex.message}"
@@ -120,7 +120,7 @@ class BaseAdvice {
     fun handleException(
         ex: Exception,
         request: WebRequest
-    ): WebResponse<Nothing> {
+    ): WebResponse<Unit> {
         return WebResponse.ko(
             HttpStatus.INTERNAL_SERVER_ERROR,
             ex.message

src/main/kotlin/org/octopus/lorca_core/web/utils/dtos/ClientDto.kt

@@ -17,7 +17,8 @@ data class ClientDto(
     val phone: String,
     @field:ExpValidator.Validate
     val numExp: String,
+    @field:ExpValidator.Validate
     val numUser: String,
     val dateOfBirth: Date,
-    val deactivated: Boolean
+    val deactivated: Boolean? = false
 )

src/main/kotlin/org/octopus/lorca_core/web/utils/dtos/validators/B64Validator.kt

@@ -15,7 +15,7 @@ class B64Validator : ConstraintValidator<B64Validator.Validate, String> {
         }
 
         context.disableDefaultConstraintViolation()
-        context.buildConstraintViolationWithTemplate("Invalid value '$value' : Only 4 to 16 lowercase letters are allowed")
+        context.buildConstraintViolationWithTemplate("Invalid value '$value' : this is not b64")
             .addConstraintViolation()
 
         return false

src/main/kotlin/org/octopus/lorca_core/web/utils/dtos/validators/ExpValidator.kt

@@ -9,14 +9,14 @@ import kotlin.reflect.KClass
 
 class ExpValidator : ConstraintValidator<ExpValidator.Validate, String> {
     override fun isValid(value: String?, context: ConstraintValidatorContext): Boolean {
-        val pattern = Regex("")
+        val pattern = Regex("\\d+/[0-9]{4}")
 
         if (value == null || value.matches(pattern)) {
             return true
         }
 
         context.disableDefaultConstraintViolation()
-        context.buildConstraintViolationWithTemplate("Invalid value '$value' : 8 numbers and a letter are expected.")
+        context.buildConstraintViolationWithTemplate("Invalid value '$value' : digits/full_year is expected")
             .addConstraintViolation()
 
         return false

src/main/kotlin/org/octopus/lorca_core/web/utils/responses/WebResponse.kt

@@ -10,7 +10,7 @@ data class WebResponse<T>(
 ) {
 
     companion object {
-        fun <T> ok(): WebResponse<T> {
+        fun ok(): WebResponse<Unit> {
             return WebResponse(status = HttpStatus.OK)
         }
 

testSuite/fullRegisterCinematic/0_register_user.sh

@@ -1,3 +1,8 @@
+#curl -X POST http://localhost:8080/api/auth/register \
+#    -H "Content-Type: application/json" \
+#    -d '{"username":"test","password":"cGFzc3dvcmQ="}'
+
+
 curl -X POST http://localhost:8080/api/auth/register \
     -H "Content-Type: application/json" \
-    -d '{"username":"test","password":"cGFzc3dvcmQ="}'
+    -d '{"username":"newtest","password":"cGFzc3dvcmQ="}'

testSuite/fullRegisterCinematic/0b_newtest_list_all.sh

@@ -0,0 +1,21 @@
+TOKEN=$(curl -s -X POST http://localhost:8080/api/auth/login \
+    -H "Content-Type: application/json" \
+    -d '{"username":"newtest","password":"cGFzc3dvcmQ="}' | sed -n 's/.*"token":"\([^"]*\)".*/\1/p')
+
+
+curl -X GET http://localhost:8080/api/workers \
+    -H "Authorization: Bearer $TOKEN" \
+    -H "Content-Type: application/json"
+
+
+# UNCOMMENT BELOW TO REGISTER USER
+#
+#curl -X POST http://localhost:8080/api/workers/register \
+#    -H "Authorization: Bearer $TOKEN" \
+#    -H "Content-Type: application/json" \
+#    -d '{"name": "TestTest","surname": "TestTest","dni": "12345678B","dateOfBirth": "1990-05-15","email": "example@domain.org","category":"FISIO"}'
+#
+#
+#curl -X GET http://localhost:8080/api/workers \
+#    -H "Authorization: Bearer $TOKEN" \
+#    -H "Content-Type: application/json"

testSuite/fullRegisterCinematic/2_register_client.sh

@@ -0,0 +1,8 @@
+TOKEN=$(curl -s -X POST http://localhost:8080/api/auth/login \
+    -H "Content-Type: application/json" \
+    -d '{"username":"test","password":"cGFzc3dvcmQ="}' | sed -n 's/.*"token":"\([^"]*\)".*/\1/p')
+
+curl -X POST http://localhost:8080/api/clients \
+    -H "Authorization: Bearer $TOKEN" \
+    -H "Content-Type: application/json" \
+    -d '{"name": "TestClient","surname": "TestClient","dni": "87654321Z","dateOfBirth": "1990-05-15","email": "client_one@mailbox.org", "deactivated":false, "phone":"665872262","numExp":"4/2024", "numUser":"100/2025"}'