From 2cd2f9c7a3eee55d7c6d09fa100e02341ae27070 Mon Sep 17 00:00:00 2001 From: Antoine Rey Date: Fri, 21 Dec 2018 08:29:48 +0100 Subject: [PATCH] Upgrade to Spring Boot 2.1.5 --- pom.xml | 94 +++++++++---------- readme.md | 6 +- .../petclinic/PetClinicApplication.java | 8 +- .../samples/petclinic/model/NamedEntity.java | 2 +- .../samples/petclinic/model/Owner.java | 2 +- .../samples/petclinic/model/Person.java | 2 +- .../samples/petclinic/model/Visit.java | 2 +- .../jpa/JpaOwnerRepositoryImpl.java | 4 +- .../jpa/JpaPetTypeRepositoryImpl.java | 12 +-- .../jpa/JpaSpecialtyRepositoryImpl.java | 2 +- .../jpa/JpaVisitRepositoryImpl.java | 6 +- .../springdatajpa/PetRepositoryOverride.java | 2 +- .../PetTypeRepositoryOverride.java | 2 +- .../SpecialtyRepositoryOverride.java | 2 +- .../SpringDataOwnerRepository.java | 4 +- .../SpringDataPetRepositoryImpl.java | 3 + .../SpringDataPetTypeRepositoryImpl.java | 13 ++- .../SpringDataSpecialtyRepositoryImpl.java | 3 +- .../SpringDataVisitRepositoryImpl.java | 3 + .../VisitRepositoryOverride.java | 2 +- ...er.java => BasicAuthenticationConfig.java} | 29 ++++-- .../security/DisableSecurityConfig.java | 27 ++++++ src/main/resources/application.properties | 5 +- src/main/resources/db/hsqldb/populateDB.sql | 2 +- src/main/resources/db/mysql/populateDB.sql | 2 +- .../resources/db/postgresql/populateDB.sql | 2 +- .../petclinic/model/ValidatorTests.java | 2 +- .../AbstractClinicServiceTests.java | 20 ++-- 28 files changed, 145 insertions(+), 118 deletions(-) rename src/main/java/org/springframework/samples/petclinic/security/{BasicAuthenticationAdapter.java => BasicAuthenticationConfig.java} (62%) create mode 100644 src/main/java/org/springframework/samples/petclinic/security/DisableSecurityConfig.java diff --git a/pom.xml b/pom.xml index 0fc0b3f97..d286a90bc 100644 --- a/pom.xml +++ b/pom.xml @@ -4,30 +4,23 @@ 4.0.0 org.springframework.samples - spring-petclinic - 1.5.2 - war + spring-petclinic-rest + 2.1.5 - petclinic - Spring petclinic project + REST version of the Spring Petclinic sample application + https://spring-petclinic.github.io/ org.springframework.boot spring-boot-starter-parent - 1.5.2.RELEASE - + 2.1.5.RELEASE + - UTF-8 - UTF-8 - 1.8 - 1.2.1.RELEASE - 2.7 - - org.springframework.samples.petclinic.PetClinicApplication - + 2.6.1 + 0.8.2 @@ -96,11 +89,6 @@ - - org.springframework.boot - spring-boot-starter-tomcat - provided - org.springframework.boot spring-boot-starter-test @@ -129,12 +117,12 @@ io.springfox springfox-swagger2 - 2.6.1 + ${springfox-swagger.version} io.springfox springfox-swagger-ui - 2.6.1 + ${springfox-swagger.version} @@ -143,13 +131,6 @@ test - - org.hamcrest - hamcrest-all - 1.3 - test - - javax.xml.bind jaxb-api @@ -162,25 +143,44 @@ org.springframework.boot spring-boot-maven-plugin + + + + + build-info + + + + ${project.build.sourceEncoding} + ${project.reporting.outputEncoding} + ${maven.compiler.source} + ${maven.compiler.target} + + + + - - - - - + - org.codehaus.mojo - cobertura-maven-plugin - ${cobertura.version} - - - - cobertura - - - + org.jacoco + jacoco-maven-plugin + ${jacoco.version} + + + + prepare-agent + + + + report + prepare-package + + report + + + - - - demopetclinic + + diff --git a/readme.md b/readme.md index 98e7babf1..907390a97 100644 --- a/readme.md +++ b/readme.md @@ -86,7 +86,7 @@ In its default configuration, Petclinic doesn't have authentication and authoriz ### Basic Authentication In order to use the basic authentication functionality, turn in on from the application.properties file ``` -basic.authentication.enabled=true +petclinic.security.enable=true ``` This will secure all APIs and in order to access them, basic authentication is required. Apart from authentication, APIs also require authorization. This is done via roles that a user can have. @@ -95,7 +95,7 @@ The existing roles are listed below with the corresponding permissions * VET_ADMIN -> PetTypeController, SpecialityController, VetController * ADMIN -> UserController -There is an existing user with the username admin and password admin that has access to all APIs. +There is an existing user with the username `admin` and password `admin` that has access to all APIs. In order to add a new user, please use the following API: ``` POST /api/users @@ -139,7 +139,7 @@ File -> Import -> Maven -> Existing Maven project |--|--| | REST API controllers | [REST folder](src/main/java/org/springframework/samples/petclinic/rest) | | Service | [ClinicServiceImpl.java](src/main/java/org/springframework/samples/petclinic/service/ClinicServiceImpl.java) | -|JDBC | [jdbc folder](src/main/java/org/springframework/samples/petclinic/repository/jdb) | +| JDBC | [jdbc folder](src/main/java/org/springframework/samples/petclinic/repository/jdbc) | | JPA | [jpa folder](src/main/java/org/springframework/samples/petclinic/repository/jpa) | | Spring Data JPA | [springdatajpa folder](src/main/java/org/springframework/samples/petclinic/repository/springdatajpa) | | Tests | [AbstractClinicServiceTests.java](src/test/java/org/springframework/samples/petclinic/service/AbstractClinicServiceTests.java) | diff --git a/src/main/java/org/springframework/samples/petclinic/PetClinicApplication.java b/src/main/java/org/springframework/samples/petclinic/PetClinicApplication.java index a9b889779..e218be11b 100644 --- a/src/main/java/org/springframework/samples/petclinic/PetClinicApplication.java +++ b/src/main/java/org/springframework/samples/petclinic/PetClinicApplication.java @@ -2,16 +2,10 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; -import org.springframework.boot.builder.SpringApplicationBuilder; -import org.springframework.boot.web.support.SpringBootServletInitializer; +import org.springframework.boot.web.servlet.support.SpringBootServletInitializer; @SpringBootApplication public class PetClinicApplication extends SpringBootServletInitializer { - - @Override - protected SpringApplicationBuilder configure(SpringApplicationBuilder application) { - return application.sources(PetClinicApplication.class); - } public static void main(String[] args) { SpringApplication.run(PetClinicApplication.class, args); diff --git a/src/main/java/org/springframework/samples/petclinic/model/NamedEntity.java b/src/main/java/org/springframework/samples/petclinic/model/NamedEntity.java index e96be5b11..f97dd52b1 100644 --- a/src/main/java/org/springframework/samples/petclinic/model/NamedEntity.java +++ b/src/main/java/org/springframework/samples/petclinic/model/NamedEntity.java @@ -18,7 +18,7 @@ import javax.persistence.Column; import javax.persistence.MappedSuperclass; -import org.hibernate.validator.constraints.NotEmpty; +import javax.validation.constraints.NotEmpty; /** diff --git a/src/main/java/org/springframework/samples/petclinic/model/Owner.java b/src/main/java/org/springframework/samples/petclinic/model/Owner.java index eb68ced10..e957e86ae 100644 --- a/src/main/java/org/springframework/samples/petclinic/model/Owner.java +++ b/src/main/java/org/springframework/samples/petclinic/model/Owner.java @@ -28,8 +28,8 @@ import javax.persistence.OneToMany; import javax.persistence.Table; import javax.validation.constraints.Digits; +import javax.validation.constraints.NotEmpty; -import org.hibernate.validator.constraints.NotEmpty; import org.springframework.beans.support.MutableSortDefinition; import org.springframework.beans.support.PropertyComparator; import org.springframework.core.style.ToStringCreator; diff --git a/src/main/java/org/springframework/samples/petclinic/model/Person.java b/src/main/java/org/springframework/samples/petclinic/model/Person.java index d3e03c0dd..a0da6f697 100644 --- a/src/main/java/org/springframework/samples/petclinic/model/Person.java +++ b/src/main/java/org/springframework/samples/petclinic/model/Person.java @@ -18,7 +18,7 @@ import javax.persistence.Column; import javax.persistence.MappedSuperclass; -import org.hibernate.validator.constraints.NotEmpty; +import javax.validation.constraints.NotEmpty; /** * Simple JavaBean domain object representing an person. diff --git a/src/main/java/org/springframework/samples/petclinic/model/Visit.java b/src/main/java/org/springframework/samples/petclinic/model/Visit.java index bdf24b140..05a39cdc1 100644 --- a/src/main/java/org/springframework/samples/petclinic/model/Visit.java +++ b/src/main/java/org/springframework/samples/petclinic/model/Visit.java @@ -25,7 +25,7 @@ import javax.persistence.Temporal; import javax.persistence.TemporalType; -import org.hibernate.validator.constraints.NotEmpty; +import javax.validation.constraints.NotEmpty; import org.springframework.format.annotation.DateTimeFormat; import org.springframework.samples.petclinic.rest.JacksonCustomVisitDeserializer; import org.springframework.samples.petclinic.rest.JacksonCustomVisitSerializer; diff --git a/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaOwnerRepositoryImpl.java b/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaOwnerRepositoryImpl.java index 98e3dcf08..e4620c77d 100644 --- a/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaOwnerRepositoryImpl.java +++ b/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaOwnerRepositoryImpl.java @@ -23,7 +23,7 @@ import org.springframework.context.annotation.Profile; import org.springframework.dao.DataAccessException; -import org.springframework.orm.hibernate3.support.OpenSessionInViewFilter; +import org.springframework.orm.hibernate5.support.OpenSessionInViewFilter; import org.springframework.samples.petclinic.model.Owner; import org.springframework.samples.petclinic.repository.OwnerRepository; import org.springframework.stereotype.Repository; @@ -80,7 +80,7 @@ public void save(Owner owner) { } } - + @SuppressWarnings("unchecked") @Override public Collection findAll() throws DataAccessException { diff --git a/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaPetTypeRepositoryImpl.java b/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaPetTypeRepositoryImpl.java index dc0b0d486..2bfd1c78c 100644 --- a/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaPetTypeRepositoryImpl.java +++ b/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaPetTypeRepositoryImpl.java @@ -68,17 +68,15 @@ public void save(PetType petType) throws DataAccessException { @Override public void delete(PetType petType) throws DataAccessException { this.em.remove(this.em.contains(petType) ? petType : this.em.merge(petType)); - String petTypeId = petType.getId().toString(); + Integer petTypeId = petType.getId(); - List pets = new ArrayList(); - pets = this.em.createQuery("SELECT pet FROM Pet pet WHERE type_id=" + petTypeId).getResultList(); + List pets = this.em.createQuery("SELECT pet FROM Pet pet WHERE type_id=" + petTypeId).getResultList(); for (Pet pet : pets){ - List visits = new ArrayList(); - visits = pet.getVisits(); + List visits = pet.getVisits(); for (Visit visit : visits){ - this.em.createQuery("DELETE FROM Visit visit WHERE id=" + visit.getId().toString()).executeUpdate(); + this.em.createQuery("DELETE FROM Visit visit WHERE id=" + visit.getId()).executeUpdate(); } - this.em.createQuery("DELETE FROM Pet pet WHERE id=" + pet.getId().toString()).executeUpdate(); + this.em.createQuery("DELETE FROM Pet pet WHERE id=" + pet.getId()).executeUpdate(); } this.em.createQuery("DELETE FROM PetType pettype WHERE id=" + petTypeId).executeUpdate(); } diff --git a/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaSpecialtyRepositoryImpl.java b/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaSpecialtyRepositoryImpl.java index 54248caf3..e6ae41bb2 100644 --- a/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaSpecialtyRepositoryImpl.java +++ b/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaSpecialtyRepositoryImpl.java @@ -62,7 +62,7 @@ public void save(Specialty specialty) throws DataAccessException { @Override public void delete(Specialty specialty) throws DataAccessException { this.em.remove(this.em.contains(specialty) ? specialty : this.em.merge(specialty)); - String specId = specialty.getId().toString(); + Integer specId = specialty.getId(); this.em.createNativeQuery("DELETE FROM vet_specialties WHERE specialty_id=" + specId).executeUpdate(); this.em.createQuery("DELETE FROM Specialty specialty WHERE id=" + specId).executeUpdate(); } diff --git a/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaVisitRepositoryImpl.java b/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaVisitRepositoryImpl.java index e5f911c7b..f6779341a 100644 --- a/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaVisitRepositoryImpl.java +++ b/src/main/java/org/springframework/samples/petclinic/repository/jpa/JpaVisitRepositoryImpl.java @@ -78,11 +78,7 @@ public Collection findAll() throws DataAccessException { @Override public void delete(Visit visit) throws DataAccessException { - String visitId = visit.getId().toString(); - this.em.createQuery("DELETE FROM Visit visit WHERE id=" + visitId).executeUpdate(); - if (em.contains(visit)) { - em.remove(visit); - } + this.em.remove(this.em.contains(visit) ? visit : this.em.merge(visit)); } } diff --git a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/PetRepositoryOverride.java b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/PetRepositoryOverride.java index b269da83e..78c02b008 100644 --- a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/PetRepositoryOverride.java +++ b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/PetRepositoryOverride.java @@ -27,6 +27,6 @@ @Profile("spring-data-jpa") public interface PetRepositoryOverride { - public void delete(Pet pet); + void delete(Pet pet); } diff --git a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/PetTypeRepositoryOverride.java b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/PetTypeRepositoryOverride.java index 6414b7759..a3b19e90d 100644 --- a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/PetTypeRepositoryOverride.java +++ b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/PetTypeRepositoryOverride.java @@ -27,6 +27,6 @@ @Profile("spring-data-jpa") public interface PetTypeRepositoryOverride { - public void delete(PetType petType); + void delete(PetType petType); } diff --git a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpecialtyRepositoryOverride.java b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpecialtyRepositoryOverride.java index 39b195506..656d8efea 100644 --- a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpecialtyRepositoryOverride.java +++ b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpecialtyRepositoryOverride.java @@ -27,6 +27,6 @@ @Profile("spring-data-jpa") public interface SpecialtyRepositoryOverride { - public void delete(Specialty specialty); + void delete(Specialty specialty); } diff --git a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataOwnerRepository.java b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataOwnerRepository.java index 09a698895..78c0093b7 100644 --- a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataOwnerRepository.java +++ b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataOwnerRepository.java @@ -36,9 +36,9 @@ public interface SpringDataOwnerRepository extends OwnerRepository, Repository findByLastName(@Param("lastName") String lastName); + Collection findByLastName(@Param("lastName") String lastName); @Override @Query("SELECT owner FROM Owner owner left join fetch owner.pets WHERE owner.id =:id") - public Owner findById(@Param("id") int id); + Owner findById(@Param("id") int id); } diff --git a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataPetRepositoryImpl.java b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataPetRepositoryImpl.java index 753f9c95e..23b7a68b2 100644 --- a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataPetRepositoryImpl.java +++ b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataPetRepositoryImpl.java @@ -38,6 +38,9 @@ public void delete(Pet pet) { String petId = pet.getId().toString(); this.em.createQuery("DELETE FROM Visit visit WHERE pet_id=" + petId).executeUpdate(); this.em.createQuery("DELETE FROM Pet pet WHERE id=" + petId).executeUpdate(); + if (em.contains(pet)) { + em.remove(pet); + } } } diff --git a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataPetTypeRepositoryImpl.java b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataPetTypeRepositoryImpl.java index a9f86296a..a02f9a447 100644 --- a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataPetTypeRepositoryImpl.java +++ b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataPetTypeRepositoryImpl.java @@ -41,17 +41,16 @@ public class SpringDataPetTypeRepositoryImpl implements PetTypeRepositoryOverrid @SuppressWarnings("unchecked") @Override public void delete(PetType petType) { - String petTypeId = petType.getId().toString(); + this.em.remove(this.em.contains(petType) ? petType : this.em.merge(petType)); + Integer petTypeId = petType.getId(); - List pets = new ArrayList(); - pets = this.em.createQuery("SELECT pet FROM Pet pet WHERE type_id=" + petTypeId).getResultList(); + List pets = this.em.createQuery("SELECT pet FROM Pet pet WHERE type_id=" + petTypeId).getResultList(); for (Pet pet : pets){ - List visits = new ArrayList(); - visits = pet.getVisits(); + List visits = pet.getVisits(); for (Visit visit : visits){ - this.em.createQuery("DELETE FROM Visit visit WHERE id=" + visit.getId().toString()).executeUpdate(); + this.em.createQuery("DELETE FROM Visit visit WHERE id=" + visit.getId()).executeUpdate(); } - this.em.createQuery("DELETE FROM Pet pet WHERE id=" + pet.getId().toString()).executeUpdate(); + this.em.createQuery("DELETE FROM Pet pet WHERE id=" + pet.getId()).executeUpdate(); } this.em.createQuery("DELETE FROM PetType pettype WHERE id=" + petTypeId).executeUpdate(); } diff --git a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataSpecialtyRepositoryImpl.java b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataSpecialtyRepositoryImpl.java index f0eb20e26..012eb0ef4 100644 --- a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataSpecialtyRepositoryImpl.java +++ b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataSpecialtyRepositoryImpl.java @@ -35,7 +35,8 @@ public class SpringDataSpecialtyRepositoryImpl implements SpecialtyRepositoryOve @Override public void delete(Specialty specialty) { - String specId = specialty.getId().toString(); + this.em.remove(this.em.contains(specialty) ? specialty : this.em.merge(specialty)); + Integer specId = specialty.getId(); this.em.createNativeQuery("DELETE FROM vet_specialties WHERE specialty_id=" + specId).executeUpdate(); this.em.createQuery("DELETE FROM Specialty specialty WHERE id=" + specId).executeUpdate(); } diff --git a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataVisitRepositoryImpl.java b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataVisitRepositoryImpl.java index a62ddb77c..52b08968a 100644 --- a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataVisitRepositoryImpl.java +++ b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/SpringDataVisitRepositoryImpl.java @@ -38,6 +38,9 @@ public class SpringDataVisitRepositoryImpl implements VisitRepositoryOverride { public void delete(Visit visit) throws DataAccessException { String visitId = visit.getId().toString(); this.em.createQuery("DELETE FROM Visit visit WHERE id=" + visitId).executeUpdate(); + if (em.contains(visit)) { + em.remove(visit); + } } diff --git a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/VisitRepositoryOverride.java b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/VisitRepositoryOverride.java index e4b9aa441..7a622f3ed 100644 --- a/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/VisitRepositoryOverride.java +++ b/src/main/java/org/springframework/samples/petclinic/repository/springdatajpa/VisitRepositoryOverride.java @@ -27,6 +27,6 @@ @Profile("spring-data-jpa") public interface VisitRepositoryOverride { - public void delete(Visit visit); + void delete(Visit visit); } diff --git a/src/main/java/org/springframework/samples/petclinic/security/BasicAuthenticationAdapter.java b/src/main/java/org/springframework/samples/petclinic/security/BasicAuthenticationConfig.java similarity index 62% rename from src/main/java/org/springframework/samples/petclinic/security/BasicAuthenticationAdapter.java rename to src/main/java/org/springframework/samples/petclinic/security/BasicAuthenticationConfig.java index b9c9dfb09..8e18b4f12 100644 --- a/src/main/java/org/springframework/samples/petclinic/security/BasicAuthenticationAdapter.java +++ b/src/main/java/org/springframework/samples/petclinic/security/BasicAuthenticationConfig.java @@ -4,38 +4,47 @@ import org.springframework.beans.factory.annotation.Autowired; import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.context.annotation.Bean; import org.springframework.context.annotation.Configuration; import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.crypto.factory.PasswordEncoderFactories; +import org.springframework.security.crypto.password.PasswordEncoder; @Configuration -@EnableWebSecurity -@EnableGlobalMethodSecurity(prePostEnabled = true) -@ConditionalOnProperty( "basic.authentication.enabled" ) -public class BasicAuthenticationAdapter extends WebSecurityConfigurerAdapter { +@EnableGlobalMethodSecurity(prePostEnabled = true) // Enable @PreAuthorize method-level security +@ConditionalOnProperty(name = "petclinic.security.enable", havingValue = "true") +public class BasicAuthenticationConfig extends WebSecurityConfigurerAdapter { @Autowired private DataSource dataSource; @Override protected void configure(HttpSecurity http) throws Exception { - http.authorizeRequests() - .antMatchers("/securityNone").permitAll() - .anyRequest().authenticated() - .and() - .httpBasic().and() - .csrf().disable(); + // @formatter:off + http + .authorizeRequests() + .anyRequest() + .authenticated() + .and() + .httpBasic() + .and() + .csrf() + .disable(); + // @formatter:on } @Autowired public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception { + // @formatter:off auth .jdbcAuthentication() .dataSource(dataSource) .usersByUsernameQuery("select username,password,enabled from users where username=?") .authoritiesByUsernameQuery("select username,role from roles where username=?"); + // @formatter:on } } diff --git a/src/main/java/org/springframework/samples/petclinic/security/DisableSecurityConfig.java b/src/main/java/org/springframework/samples/petclinic/security/DisableSecurityConfig.java new file mode 100644 index 000000000..8504a5c02 --- /dev/null +++ b/src/main/java/org/springframework/samples/petclinic/security/DisableSecurityConfig.java @@ -0,0 +1,27 @@ +package org.springframework.samples.petclinic.security; + +import org.springframework.boot.autoconfigure.condition.ConditionalOnProperty; +import org.springframework.context.annotation.Configuration; +import org.springframework.security.config.annotation.web.builders.HttpSecurity; +import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; + +/** + * Starting from Spring Boot 2, if Spring Security is present, endpoints are secured by default + * using Spring Security’s content-negotiation strategy. + */ +@Configuration +@ConditionalOnProperty(name = "petclinic.security.enable", havingValue = "false") +public class DisableSecurityConfig extends WebSecurityConfigurerAdapter { + + @Override + protected void configure(HttpSecurity http) throws Exception { + // @formatter:off + http + .authorizeRequests() + .anyRequest().permitAll() + .and() + .csrf() + .disable(); + // @formatter:on + } +} diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 77f1022a6..46c07b0c7 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -21,7 +21,7 @@ spring.profiles.active=hsqldb,spring-data-jpa # ------------------------------------------------ server.port=9966 -server.context-path=/petclinic/ +server.servlet.context-path=/petclinic/ spring.messages.basename=messages/messages @@ -33,5 +33,4 @@ logging.level.org.springframework=INFO # enable the desired authentication type # by default the authentication is disabled -security.ignored=/** -basic.authentication.enabled=false +petclinic.security.enable=false diff --git a/src/main/resources/db/hsqldb/populateDB.sql b/src/main/resources/db/hsqldb/populateDB.sql index 01a0f404c..e5ee7b90f 100644 --- a/src/main/resources/db/hsqldb/populateDB.sql +++ b/src/main/resources/db/hsqldb/populateDB.sql @@ -52,7 +52,7 @@ INSERT INTO visits VALUES (2, 8, '2013-01-02', 'rabies shot'); INSERT INTO visits VALUES (3, 8, '2013-01-03', 'neutered'); INSERT INTO visits VALUES (4, 7, '2013-01-04', 'spayed'); -INSERT INTO users(username,password,enabled) VALUES ('admin','admin', true); +INSERT INTO users(username,password,enabled) VALUES ('admin','{noop}admin', true); INSERT INTO roles (username, role) VALUES ('admin', 'ROLE_OWNER_ADMIN'); INSERT INTO roles (username, role) VALUES ('admin', 'ROLE_VET_ADMIN'); diff --git a/src/main/resources/db/mysql/populateDB.sql b/src/main/resources/db/mysql/populateDB.sql index 48a354697..0bbcf4a87 100644 --- a/src/main/resources/db/mysql/populateDB.sql +++ b/src/main/resources/db/mysql/populateDB.sql @@ -52,7 +52,7 @@ INSERT IGNORE INTO visits VALUES (2, 8, '2011-03-04', 'rabies shot'); INSERT IGNORE INTO visits VALUES (3, 8, '2009-06-04', 'neutered'); INSERT IGNORE INTO visits VALUES (4, 7, '2008-09-04', 'spayed'); -INSERT IGNORE INTO users(username,password,enabled) VALUES ('admin','admin', true); +INSERT IGNORE INTO users(username,password,enabled) VALUES ('admin','{noop}admin', true); INSERT IGNORE INTO roles (username, role) VALUES ('admin', 'ROLE_OWNER_ADMIN'); INSERT IGNORE INTO roles (username, role) VALUES ('admin', 'ROLE_VET_ADMIN'); diff --git a/src/main/resources/db/postgresql/populateDB.sql b/src/main/resources/db/postgresql/populateDB.sql index 2c429485a..b1dfda8b4 100644 --- a/src/main/resources/db/postgresql/populateDB.sql +++ b/src/main/resources/db/postgresql/populateDB.sql @@ -52,7 +52,7 @@ INSERT INTO visits VALUES (2, 8, '2011-03-04', 'rabies shot') ON CONFLICT DO NOT INSERT INTO visits VALUES (3, 8, '2009-06-04', 'neutered') ON CONFLICT DO NOTHING; INSERT INTO visits VALUES (4, 7, '2008-09-04', 'spayed') ON CONFLICT DO NOTHING; -INSERT INTO users(username,password,enabled) VALUES ('admin','admin', true) ON CONFLICT DO NOTHING; +INSERT INTO users(username,password,enabled) VALUES ('admin','{noop}admin', true) ON CONFLICT DO NOTHING; INSERT INTO roles (username, role) VALUES ('admin', 'ROLE_OWNER_ADMIN') ON CONFLICT DO NOTHING; INSERT INTO roles (username, role) VALUES ('admin', 'ROLE_VET_ADMIN') ON CONFLICT DO NOTHING; diff --git a/src/test/java/org/springframework/samples/petclinic/model/ValidatorTests.java b/src/test/java/org/springframework/samples/petclinic/model/ValidatorTests.java index b836d0cc2..75c3f32eb 100644 --- a/src/test/java/org/springframework/samples/petclinic/model/ValidatorTests.java +++ b/src/test/java/org/springframework/samples/petclinic/model/ValidatorTests.java @@ -39,7 +39,7 @@ public void shouldNotValidateWhenFirstNameEmpty() { assertThat(constraintViolations.size()).isEqualTo(1); ConstraintViolation violation = constraintViolations.iterator().next(); assertThat(violation.getPropertyPath().toString()).isEqualTo("firstName"); - assertThat(violation.getMessage()).isEqualTo("may not be empty"); + assertThat(violation.getMessage()).isEqualTo("must not be empty"); } } diff --git a/src/test/java/org/springframework/samples/petclinic/service/clinicService/AbstractClinicServiceTests.java b/src/test/java/org/springframework/samples/petclinic/service/clinicService/AbstractClinicServiceTests.java index 506558958..a312deced 100644 --- a/src/test/java/org/springframework/samples/petclinic/service/clinicService/AbstractClinicServiceTests.java +++ b/src/test/java/org/springframework/samples/petclinic/service/clinicService/AbstractClinicServiceTests.java @@ -20,9 +20,7 @@ import java.util.Collection; import java.util.Date; -import org.junit.Before; import org.junit.Test; -import org.mockito.MockitoAnnotations; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.samples.petclinic.model.Owner; import org.springframework.samples.petclinic.model.Pet; @@ -60,11 +58,6 @@ public abstract class AbstractClinicServiceTests { @Autowired protected ClinicService clinicService; - @Before - public void init() { - MockitoAnnotations.initMocks(this); - } - @Test public void shouldFindOwnersByLastName() { Collection owners = this.clinicService.findOwnerByLastName("Davis"); @@ -224,7 +217,7 @@ public void shouldDeletePet(){ Pet pet = this.clinicService.findPetById(1); this.clinicService.deletePet(pet); try { - pet = this.clinicService.findPetById(1); + pet = this.clinicService.findPetById(1); } catch (Exception e) { pet = null; } @@ -466,10 +459,16 @@ public void shouldUpdateSpecialty(){ @Test @Transactional public void shouldDeleteSpecialty(){ - Specialty specialty = this.clinicService.findSpecialtyById(1); + Specialty specialty = new Specialty(); + specialty.setName("test"); + this.clinicService.saveSpecialty(specialty); + Integer specialtyId = specialty.getId(); + assertThat(specialtyId).isNotNull(); + specialty = this.clinicService.findSpecialtyById(specialtyId); + assertThat(specialty).isNotNull(); this.clinicService.deleteSpecialty(specialty); try { - specialty = this.clinicService.findSpecialtyById(1); + specialty = this.clinicService.findSpecialtyById(specialtyId); } catch (Exception e) { specialty = null; } @@ -477,5 +476,4 @@ public void shouldDeleteSpecialty(){ } - }