From 65feafca3f4d16e2650f3a431e601ba860f14b5d Mon Sep 17 00:00:00 2001 From: rajesh Date: Thu, 22 Aug 2024 17:29:15 +0530 Subject: [PATCH] added cors config --- .../TendermanagementApplication.java | 14 +++++++ .../config/SecurityConfig.java | 2 + .../gepafin/tendermanagement/dao/CallDao.java | 37 ++++++++++--------- .../web/rest/api/CallApi.java | 2 + .../web/rest/api/RoleApi.java | 10 ++--- .../api/errors/GlobalExceptionHandler.java | 3 +- 6 files changed, 44 insertions(+), 24 deletions(-) diff --git a/src/main/java/net/gepafin/tendermanagement/TendermanagementApplication.java b/src/main/java/net/gepafin/tendermanagement/TendermanagementApplication.java index 07a51505..943dd254 100644 --- a/src/main/java/net/gepafin/tendermanagement/TendermanagementApplication.java +++ b/src/main/java/net/gepafin/tendermanagement/TendermanagementApplication.java @@ -4,8 +4,11 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.domain.EntityScan; import org.springframework.context.annotation.ComponentScan; +import org.springframework.context.annotation.Configuration; import org.springframework.data.jpa.repository.config.EnableJpaRepositories; import org.springframework.scheduling.annotation.EnableScheduling; +import org.springframework.web.servlet.config.annotation.CorsRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @EnableScheduling @ComponentScan(basePackages = {"net.gepafin.tendermanagement"}) @@ -18,6 +21,17 @@ public class TendermanagementApplication { SpringApplication.run(TendermanagementApplication.class, args); System.out.println("Spring Boot started"); } + + @Configuration + public class CorsConfig implements WebMvcConfigurer { + + @Override + public void addCorsMappings(CorsRegistry registry) { + + registry.addMapping("/**").allowedOrigins("http://localhost:3000") + .allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD").allowCredentials(true); + } + } } diff --git a/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java b/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java index 1c97a2de..62ec6911 100644 --- a/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java +++ b/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java @@ -14,6 +14,7 @@ import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; +import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; @@ -32,6 +33,7 @@ import org.springframework.web.servlet.handler.HandlerMappingIntrospector; @Configuration @EnableWebSecurity +@EnableMethodSecurity(prePostEnabled = true) public class SecurityConfig { private final TokenProvider tokenProvider; diff --git a/src/main/java/net/gepafin/tendermanagement/dao/CallDao.java b/src/main/java/net/gepafin/tendermanagement/dao/CallDao.java index 470c0819..b4987c81 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/CallDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/CallDao.java @@ -50,24 +50,25 @@ public class CallDao { @Autowired private UserRepository userRepository; - public CreateCallResponseBean createCall(CreateCallRequest createCallRequest, Long userId) { - try { - CreateCallResponseBean createCallResponseBean=null; - CallEntity callEntity = convertToCallEntity(createCallRequest); - List evaluationCriteriaEntities = convertToEvaluationCriteriaEntities(createCallRequest.getCriteria(), callEntity); - List documentEntities = convertToDocumentEntities(createCallRequest.getDocs(), callEntity); - List imageEntities=convertToDocumentEntities(createCallRequest.getImages(),callEntity); - List faqEntities = convertToFaqEntities(createCallRequest.getFaq(), callEntity, userId); - List amiedTo=convertLookUpDataEntities(createCallRequest.getAimedTo(),callEntity,LookUpDataTypeEnum.AIMED_TO); - List checkList=convertLookUpDataEntities(createCallRequest.getAimedTo(),callEntity,LookUpDataTypeEnum.CHECKLIST); - createCallResponseBean= assembleCreateCallResponseBean(callEntity, evaluationCriteriaEntities, documentEntities, faqEntities,imageEntities); - createCallResponseBean.setAimedTo(amiedTo); - createCallResponseBean.setCheckList(checkList); - return createCallResponseBean; - } catch (Exception e) { - throw new RuntimeException("Error processing create call request", e); - } - } + public CreateCallResponseBean createCall(CreateCallRequest createCallRequest, Long userId) { + CreateCallResponseBean createCallResponseBean = null; + CallEntity callEntity = convertToCallEntity(createCallRequest); + List evaluationCriteriaEntities = convertToEvaluationCriteriaEntities( + createCallRequest.getCriteria(), callEntity); + List documentEntities = convertToDocumentEntities(createCallRequest.getDocs(), callEntity); + List imageEntities = convertToDocumentEntities(createCallRequest.getImages(), callEntity); + List faqEntities = convertToFaqEntities(createCallRequest.getFaq(), callEntity, userId); + List amiedTo = convertLookUpDataEntities(createCallRequest.getAimedTo(), callEntity, + LookUpDataTypeEnum.AIMED_TO); + List checkList = convertLookUpDataEntities(createCallRequest.getAimedTo(), callEntity, + LookUpDataTypeEnum.CHECKLIST); + createCallResponseBean = assembleCreateCallResponseBean(callEntity, evaluationCriteriaEntities, + documentEntities, faqEntities, imageEntities); + createCallResponseBean.setAimedTo(amiedTo); + createCallResponseBean.setCheckList(checkList); + return createCallResponseBean; + + } public CallEntity convertToCallEntity(CreateCallRequest createCallRequest) { diff --git a/src/main/java/net/gepafin/tendermanagement/web/rest/api/CallApi.java b/src/main/java/net/gepafin/tendermanagement/web/rest/api/CallApi.java index 18bb89c8..b2b335de 100644 --- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/CallApi.java +++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/CallApi.java @@ -13,6 +13,7 @@ import net.gepafin.tendermanagement.model.util.Response; import net.gepafin.tendermanagement.web.rest.api.errors.ErrorConstants; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; @@ -30,6 +31,7 @@ public interface CallApi { @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) }) @PostMapping(value = "", produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE) + @PreAuthorize("hasRole('SUPER_ADMIN')") public ResponseEntity> createCall(HttpServletRequest request, @Parameter(description = "Call request object", required = true) @Valid @RequestBody CreateCallRequest createCallRequest); diff --git a/src/main/java/net/gepafin/tendermanagement/web/rest/api/RoleApi.java b/src/main/java/net/gepafin/tendermanagement/web/rest/api/RoleApi.java index 2f94be9e..7225d87e 100644 --- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/RoleApi.java +++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/RoleApi.java @@ -21,7 +21,7 @@ import java.util.List; @Validated public interface RoleApi { - @Operation(summary = "API to create role", + @Operation(summary = "Api to create role", responses = { @ApiResponse(responseCode = "200", description = "OK"), @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = { @@ -36,7 +36,7 @@ public interface RoleApi { @Parameter(description = " Role request object", required = true) @Valid @RequestBody RoleReq roleReq); - @Operation(summary = "API to update role", + @Operation(summary = "Api to update role", responses = { @ApiResponse(responseCode = "200", description = "OK"), @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = { @@ -51,7 +51,7 @@ public interface RoleApi { @Parameter(description = "The role ID", required = true) @PathVariable("roleId") Long roleId, @Parameter(description = "Role request object", required = true) @Valid @RequestBody RoleReq roleReq); - @Operation(summary = "API to get role by id", + @Operation(summary = "Api to get role by id", responses = { @ApiResponse(responseCode = "200", description = "OK"), @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = { @@ -65,7 +65,7 @@ public interface RoleApi { ResponseEntity> getRoleById( @Parameter(description = "The role ID", required = true) @PathVariable("roleId") Long roleId); - @Operation(summary = "API to get all roles", + @Operation(summary = "Api to get all roles", responses = { @ApiResponse(responseCode = "200", description = "OK"), @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = { @@ -78,7 +78,7 @@ public interface RoleApi { produces = { "application/json" }) ResponseEntity>> getAllRoles(); - @Operation(summary = "API to delete role", + @Operation(summary = "Api to delete role", responses = { @ApiResponse(responseCode = "200", description = "OK"), @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = { diff --git a/src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/GlobalExceptionHandler.java b/src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/GlobalExceptionHandler.java index bf5d7123..addb9a99 100644 --- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/GlobalExceptionHandler.java +++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/GlobalExceptionHandler.java @@ -16,6 +16,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.http.ResponseEntity; import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authorization.AuthorizationDeniedException; import org.springframework.security.core.AuthenticationException; import org.springframework.validation.FieldError; import org.springframework.validation.ObjectError; @@ -59,7 +60,7 @@ public class GlobalExceptionHandler { } @ResponseStatus(value = HttpStatus.UNAUTHORIZED) - @ExceptionHandler(UnauthorizedAccessException.class) + @ExceptionHandler({ UnauthorizedAccessException.class, AuthorizationDeniedException.class }) @ResponseBody public Response unauthorizedAccessException(final Throwable ex) { log.error(ex.getMessage());