Added some updates for SecurityConfig

OKaluzny · OKaluzny · commit f192d2673bcb · 2023-08-19T13:52:27.000+03:00
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -36,7 +36,7 @@ services:
     # Use the Docker Image postgres. This will pull the 14 version.
     #image: postgres:14-alpine
     #healthcheck:
-     # test: [ "CMD", "pg_isready", "-q", "-d", "postgres", "-U", "root" ]
+     # test: [ "CMD", "pg_isready", "-q", "-d", "postgres", "-U" ]
       #timeout: 45s
       #interval: 10s
       #retries: 10
@@ -99,7 +99,7 @@ services:
     networks:
       - keycloak
     healthcheck:
-      test: [ "CMD", "pg_isready", "-q", "-d", "postgres", "-U", "root" ]
+      test: [ "CMD", "pg_isready", "-q", "-d", "postgres", "-U" ]
       timeout: 45s
       interval: 10s
       retries: 10
diff --git a/src/main/java/com/kaluzny/demo/config/SecurityConfig.java b/src/main/java/com/kaluzny/demo/config/SecurityConfig.java
@@ -1,6 +1,5 @@
 package com.kaluzny.demo.config;
 
-import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.http.HttpMethod;
@@ -17,18 +16,19 @@
 
 @Configuration
 @EnableWebSecurity
-//@EnableMethodSecurity
+@EnableMethodSecurity
 class SecurityConfig {
 
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws Exception {
 
         httpSecurity
-                .authorizeHttpRequests(registry -> registry
-                        .requestMatchers(HttpMethod.GET,"/api/**").hasRole("USER")
-                        .requestMatchers(HttpMethod.POST,"/api/**").hasRole("PERSON")
+                //TODO: security without @PreAuthorize
+                /* .authorizeHttpRequests(registry -> registry
+                        .requestMatchers(HttpMethod.GET, "/api/**").hasRole("USER")
+                        .requestMatchers(HttpMethod.POST, "/api/**").hasRole("PERSON")
                         .anyRequest().authenticated()
-                )
+                )*/
                 .oauth2ResourceServer(oauth2Configurer -> oauth2Configurer
                         .jwt(jwtConfigurer -> jwtConfigurer
                                 .jwtAuthenticationConverter(jwt -> {
diff --git a/src/main/java/com/kaluzny/demo/web/AutomobileRestController.java b/src/main/java/com/kaluzny/demo/web/AutomobileRestController.java
@@ -57,7 +57,7 @@ public Automobile saveAutomobile(@Valid @RequestBody Automobile automobile) {
     @GetMapping("/automobiles")
     @ResponseStatus(HttpStatus.OK)
     //@Cacheable(value = "automobile", sync = true)
-    @PreAuthorize("hasRole('ADMIN')")
+    @PreAuthorize("hasRole('USER')")
     public Collection<Automobile> getAllAutomobiles() {
         log.info("getAllAutomobiles() - start");
         Collection<Automobile> collection = repository.findAll();
@@ -68,6 +68,8 @@ public Collection<Automobile> getAllAutomobiles() {
     @GetMapping("/automobiles/{id}")
     @ResponseStatus(HttpStatus.OK)
     //@Cacheable(value = "automobile", sync = true)
+    //TODO: We do not have PERSON on the user map
+    @PreAuthorize("hasRole('PERSON')")
     public Automobile getAutomobileById(@PathVariable Long id) {
         log.info("getAutomobileById() - start: id = {}", id);
         Automobile receivedAutomobile = repository.findById(id)
