Secured admin account

2024-04-25 16:31:52 +07:00 · 2024-04-25 16:31:52 +07:00 · 02d71c7138
commit 02d71c7138
parent 426e60c716
5 changed files with 59 additions and 2 deletions
--- a/client-api/src/main/java/ru/dragonestia/picker/api/exception/ConstantAdminParamsException.java
+++ b/client-api/src/main/java/ru/dragonestia/picker/api/exception/ConstantAdminParamsException.java
@ -0,0 +1,16 @@
+package ru.dragonestia.picker.api.exception;
+
+import java.util.Map;
+
+public class ConstantAdminParamsException extends ApiException {
+
+    public static final String ERROR_ID = "err.account.admin.modification";
+
+    @Override
+    public String getErrorId() {
+        return ERROR_ID;
+    }
+
+    @Override
+    public void appendDetailsToErrorResponse(Map<String, String> details) {}
+}
--- a/client-api/src/main/java/ru/dragonestia/picker/api/exception/ExceptionFactory.java
+++ b/client-api/src/main/java/ru/dragonestia/picker/api/exception/ExceptionFactory.java
@ -27,6 +27,7 @@ public class ExceptionFactory {
        factory.put(NotPersistedNodeException.ERROR_ID, NotPersistedNodeException::new);
        factory.put(AccountDoesNotExistsException.ERROR_ID, AccountDoesNotExistsException::new);
        factory.put(PermissionNotFoundException.ERROR_ID, PermissionNotFoundException::new);
+        factory.put(ConstantAdminParamsException.ERROR_ID, err -> new ConstantAdminParamsException());

        return factory;
    }
--- a/server/src/main/java/ru/dragonestia/picker/config/RoomPickerServerConfig.java
+++ b/server/src/main/java/ru/dragonestia/picker/config/RoomPickerServerConfig.java
@ -0,0 +1,22 @@
+package ru.dragonestia.picker.config;
+
+import org.springframework.beans.factory.annotation.Value;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+public class RoomPickerServerConfig {
+
+    @Value("${ROOMPICKER_ADMIN_USERNAME:admin}")
+    private String adminUsername;
+
+    @Value("${ROOMPICKER_ADMIN_PASSWORD:qwerty123}")
+    private String adminPassword;
+
+    @Bean
+    AdminCredentials adminCredentials() {
+        return new AdminCredentials(adminUsername, adminPassword);
+    }
+
+    public record AdminCredentials(String username, String password) {}
+}
--- a/server/src/main/java/ru/dragonestia/picker/controller/ExceptionHandlerController.java
+++ b/server/src/main/java/ru/dragonestia/picker/controller/ExceptionHandlerController.java
@ -71,6 +71,11 @@ public class ExceptionHandlerController {
        return create(400, ex);
    }

+    @ExceptionHandler({ConstantAdminParamsException.class})
+    ResponseEntity<?> constantAdminParams(ConstantAdminParamsException ex) {
+        return create(401, ex);
+    }
+
    private ResponseEntity<ErrorResponse> create(int code, ApiException ex) {
        var details = new HashMap<String, String>();
        ex.appendDetailsToErrorResponse(details);
--- a/server/src/main/java/ru/dragonestia/picker/service/impl/AccountServiceImpl.java
+++ b/server/src/main/java/ru/dragonestia/picker/service/impl/AccountServiceImpl.java
@ -6,6 +6,8 @@ import org.jetbrains.annotations.NotNull;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
+import ru.dragonestia.picker.api.exception.ConstantAdminParamsException;
+import ru.dragonestia.picker.config.RoomPickerServerConfig;
 import ru.dragonestia.picker.model.Account;
 import ru.dragonestia.picker.model.Permission;
 import ru.dragonestia.picker.service.AccountService;
@ -22,12 +24,13 @@ import java.util.stream.Collectors;
 public class AccountServiceImpl implements AccountService {

    private final PasswordEncoder passwordEncoder;
+    private final RoomPickerServerConfig.AdminCredentials adminCredentials;

    private final Map<String, Account> accounts = new ConcurrentHashMap<>();

    @PostConstruct
    void init() {
-        var account = createNewAccount("admin", "qwerty123");
+        var account = createNewAccount(adminCredentials.username(), adminCredentials.password());
        account.setAuthorities(Arrays.stream(Permission.values()).collect(Collectors.toSet()));

        createNewAccount("test", "qwerty123");
@ -46,17 +49,21 @@ public class AccountServiceImpl implements AccountService {

    @Override
    public @NotNull Collection<Account> allAccounts() {
-        return accounts.values();
+        return accounts.values().stream()
+                .filter(account -> !adminCredentials.username().equals(account.getUsername()))
+                .toList();
    }

    @Override
    public void removeAccount(@NotNull Account account) {
+        checkAdmin(account.getUsername());
        accounts.remove(account.getUsername());
        account.setEnabled(false);
    }

    @Override
    public void updateState(@NotNull Account account) {
+        checkAdmin(account.getUsername());
        // TODO: save data to local storage
    }

@ -69,4 +76,10 @@ public class AccountServiceImpl implements AccountService {

        throw new UsernameNotFoundException("User '" + username + "' does not exists");
    }
+
+    private void checkAdmin(String accountId) {
+        if (adminCredentials.username().equals(accountId)) {
+            throw new ConstantAdminParamsException();
+        }
+    }
 }