Initial Commit

- Add Task manager REST API
- Secure endpoints with spring security
- Add global exception handling
- Add role based access management
- Add project and task management using MySQL and JPA
- Add basic documentation readme.md

Author: ssmtariq

.gitignore

@@ -0,0 +1,33 @@
+HELP.md
+target/
+!.mvn/wrapper/maven-wrapper.jar
+!**/src/main/**/target/
+!**/src/test/**/target/
+
+### STS ###
+.apt_generated
+.classpath
+.factorypath
+.project
+.settings
+.springBeans
+.sts4-cache
+
+### IntelliJ IDEA ###
+.idea
+*.iws
+*.iml
+*.ipr
+
+### NetBeans ###
+/nbproject/private/
+/nbbuild/
+/dist/
+/nbdist/
+/.nb-gradle/
+build/
+!**/src/main/**/build/
+!**/src/test/**/build/
+
+### VS Code ###
+.vscode/

README.md

@@ -0,0 +1,38 @@
+# Task Manager REST API
+
+## Pre-requisite
+1. Java 11
+1. Maven 3.6.0
+1. MySQL 5.7.33
+
+## Build Locally. Follow the steps one after the other.
+ 1.Download dependency
+
+2.Go to project directory
+
+3.Build project with test:
+> mvn clean package
+
+4.Build project without test:
+> mvn clean package -DskipTests
+
+5.Running the project with the JAR:
+
+## GET
+	http://localhost:8080/task
+
+## GET By ID
+	http://localhost:8080/task/1
+
+## POST
+	http://localhost:8080/task
+
+# PUT
+	http://localhost:8080/task
+
+# DELETE
+	http://localhost:8080/task/1
+
+# Requests
+
+

pom.xml

@@ -0,0 +1,78 @@
+<?xml version="1.0" encoding="UTF-8"?>
+<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
+	xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
+	<modelVersion>4.0.0</modelVersion>
+	<parent>
+		<groupId>org.springframework.boot</groupId>
+		<artifactId>spring-boot-starter-parent</artifactId>
+		<version>2.4.2</version>
+		<relativePath/> <!-- lookup parent from repository -->
+	</parent>
+	<groupId>com.ssmtariq</groupId>
+	<artifactId>taskmanager-rest-api-spring-security-jpa</artifactId>
+	<version>0.0.1-SNAPSHOT</version>
+	<name>taskmanager-rest-api-spring-security-jpa</name>
+	<description>Task Management Application using Spring Boot, Security, JPA</description>
+	<properties>
+		<java.version>11</java.version>
+	</properties>
+	<dependencies>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-data-jpa</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-security</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-web</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-mail</artifactId>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-devtools</artifactId>
+			<scope>runtime</scope>
+			<optional>true</optional>
+		</dependency>
+		<dependency>
+			<groupId>mysql</groupId>
+			<artifactId>mysql-connector-java</artifactId>
+			<scope>runtime</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.boot</groupId>
+			<artifactId>spring-boot-starter-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.springframework.security</groupId>
+			<artifactId>spring-security-test</artifactId>
+			<scope>test</scope>
+		</dependency>
+		<dependency>
+			<groupId>org.projectlombok</groupId>
+			<artifactId>lombok</artifactId>
+			<scope>provided</scope>
+		</dependency>
+		<dependency>
+			<groupId>com.sun.jersey</groupId>
+			<artifactId>jersey-json</artifactId>
+			<version>1.4</version>
+		</dependency>
+	</dependencies>
+
+	<build>
+		<plugins>
+			<plugin>
+				<groupId>org.springframework.boot</groupId>
+				<artifactId>spring-boot-maven-plugin</artifactId>
+			</plugin>
+		</plugins>
+	</build>
+
+</project>

src/main/java/com/ssmtariq/taskmanager/TaskManagerApplication.java

@@ -0,0 +1,14 @@
+package com.ssmtariq.taskmanager;
+
+import org.springframework.boot.SpringApplication;
+import org.springframework.boot.autoconfigure.SpringBootApplication;
+import org.springframework.data.jpa.repository.config.EnableJpaRepositories;
+
+@SpringBootApplication
+@EnableJpaRepositories(basePackages = "com.ssmtariq.taskmanager.repository")
+public class TaskManagerApplication {
+
+	public static void main(String[] args) {
+		SpringApplication.run(TaskManagerApplication.class, args);
+	}
+}

src/main/java/com/ssmtariq/taskmanager/component/RequestValidator.java

@@ -0,0 +1,124 @@
+package com.ssmtariq.taskmanager.component;
+
+import static com.ssmtariq.taskmanager.constant.TaskManagerApiConstants.DATE_FORMAT;
+import static com.ssmtariq.taskmanager.constant.TaskManagerApiConstants.EMPTY;
+import static com.ssmtariq.taskmanager.constant.TaskManagerApiConstants.ERROR_INVALID_REQUEST_BODY_APPLICATION_EXCEPTION;
+import static com.ssmtariq.taskmanager.constant.TaskManagerApiConstants.ERROR_MISSING_REQUIRED_PARAM_APPLICATION_EXCEPTION;
+import static com.ssmtariq.taskmanager.constant.TaskManagerApiConstants.ERROR_WRONG_DATE_FIELD_APPLICATION_EXCEPTION;
+import static com.ssmtariq.taskmanager.constant.TaskManagerApiConstants.ERROR_WRONG_PARAM_APPLICATION_EXCEPTION;
+
+import java.io.IOException;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.stream.Collectors;
+import java.util.stream.Stream;
+
+import org.springframework.stereotype.Component;
+
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.ssmtariq.taskmanager.exception.ApiError;
+import com.ssmtariq.taskmanager.exception.ApplicationException;
+import com.ssmtariq.taskmanager.model.RequestParameterEnum;
+import com.ssmtariq.taskmanager.model.StatusEnum;
+
+/**
+ * @author SSM Tariq
+ */
+
+@Component
+public class RequestValidator {
+
+	public void validate(String requestBody) {
+		if (hasInvalidParam(requestBody)) {
+			throw new ApplicationException(new ApiError(ERROR_WRONG_PARAM_APPLICATION_EXCEPTION));
+		}
+		validateRequiredParams(requestBody);
+		if (!isValidDateType(requestBody)) {
+			throw new ApplicationException(new ApiError(ERROR_WRONG_DATE_FIELD_APPLICATION_EXCEPTION));
+		}
+	}
+
+	@SuppressWarnings("unchecked")
+	private static boolean hasInvalidParam(String requestBody) {
+		try {
+			var requestMap = (Map<String, Object>) parseRequestBody(requestBody, Map.class);
+			var paramKeys = new ArrayList<String>((requestMap.keySet()));
+			List<String> possibleParams = Stream.of(RequestParameterEnum.values())
+                    .map(RequestParameterEnum::getValue)
+                    .collect(Collectors.toList());
+			for (String param : paramKeys) {
+				if (!possibleParams.contains(param)) {
+					return true;
+				}
+			}
+			String status = (String) requestMap.get(RequestParameterEnum.STATUS.getValue());
+			List<String> possibleStatus = Stream.of(StatusEnum.values())
+                    .map(StatusEnum::getValue)
+                    .collect(Collectors.toList());
+			if (!possibleStatus.contains(status.toLowerCase())) {
+				return true;
+			}
+			return false;
+		} catch (Exception e) {
+			return true;
+		}
+	}
+
+	@SuppressWarnings("unchecked")
+	private static void validateRequiredParams(String jsonInString) {
+		var requestMap = (Map<String, Object>) parseRequestBody(jsonInString, Map.class);
+		var requiredParamMap = getRequiredParams(requestMap);
+		if(requiredParamMap.containsValue(EMPTY)) {
+			throw new ApplicationException(new ApiError(ERROR_INVALID_REQUEST_BODY_APPLICATION_EXCEPTION));
+		}
+		if (!requiredParamMap.isEmpty()) {
+			requiredParamMap.forEach((k, v) -> {
+				if (v == null) {
+					var apiError = new ApiError(String.format(ERROR_MISSING_REQUIRED_PARAM_APPLICATION_EXCEPTION));
+					apiError.setMessage(String.format(apiError.getMessage(), k));
+					throw new ApplicationException(apiError);
+				}
+			});
+		}
+	}
+
+	@SuppressWarnings("unchecked")
+	private static boolean isValidDateType(String jsonInString) {
+		var requestMap = (Map<String, Object>) parseRequestBody(jsonInString, Map.class);
+		try {
+			String dueDate = String.valueOf(requestMap.get(RequestParameterEnum.DUE_DATE.getValue()));
+			if (dueDate.isEmpty()) {
+				return false;
+			}
+			var simpleDateFormat = new SimpleDateFormat(DATE_FORMAT);
+			simpleDateFormat.setLenient(false);
+			simpleDateFormat.parse(dueDate);
+			return true;
+		} catch (ParseException | IllegalArgumentException ex) {
+			return false;
+		}
+	}
+
+	private static Object parseRequestBody(String jsonInString, Class<?> classname) {
+		try {
+			final ObjectMapper mapper = new ObjectMapper();
+			Object requestObject = mapper.readValue(jsonInString, classname);
+			return requestObject;
+		} catch (IOException e) {
+			throw new ApplicationException(new ApiError(ERROR_INVALID_REQUEST_BODY_APPLICATION_EXCEPTION));
+		}
+	}
+
+	private static Map<String, Object> getRequiredParams(Map<String, Object> paramMap) {
+		var requiredParamMap = new HashMap<String, Object>();
+		requiredParamMap.put(RequestParameterEnum.DESCRIPTION.getValue(), paramMap.get(RequestParameterEnum.DESCRIPTION.getValue()));
+		requiredParamMap.put(RequestParameterEnum.STATUS.getValue(), paramMap.get(RequestParameterEnum.STATUS.getValue()));
+		requiredParamMap.put(RequestParameterEnum.PROJECT.getValue(), paramMap.get(RequestParameterEnum.PROJECT.getValue()));
+		return requiredParamMap;
+	}
+
+}

src/main/java/com/ssmtariq/taskmanager/configuration/AuthenticationEntryPointConfig.java

@@ -0,0 +1,39 @@
+package com.ssmtariq.taskmanager.configuration;
+import static com.ssmtariq.taskmanager.constant.TaskManagerApiConstants.CONTENT_TYPE_APPLICATION_JSON_UTF_8;
+import static com.ssmtariq.taskmanager.constant.TaskManagerApiConstants.ERROR_RESPONSE_TEMPLATE;
+
+import java.io.IOException;
+import java.text.MessageFormat;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.codehaus.jettison.json.JSONException;
+import org.codehaus.jettison.json.JSONObject;
+import org.springframework.security.core.AuthenticationException;
+import org.springframework.security.web.authentication.www.BasicAuthenticationEntryPoint;
+import org.springframework.stereotype.Component;
+
+@Component
+public class AuthenticationEntryPointConfig extends BasicAuthenticationEntryPoint {
+
+	@Override
+	public void commence(HttpServletRequest request, HttpServletResponse response,
+			AuthenticationException authException) throws IOException {
+		try {
+			response.addHeader("WWW-Authenticate", "Basic Realm - " + getRealmName());
+			response.setStatus(HttpServletResponse.SC_UNAUTHORIZED);
+			response.setContentType(CONTENT_TYPE_APPLICATION_JSON_UTF_8);
+			response.getWriter()
+					.println(new JSONObject(MessageFormat.format(ERROR_RESPONSE_TEMPLATE, 401, authException.getMessage())));
+		} catch (JSONException e) {
+			e.printStackTrace();
+		}
+	}
+
+	@Override
+	public void afterPropertiesSet() {
+		setRealmName("ssmtariq");
+		super.afterPropertiesSet();
+	}
+}

src/main/java/com/ssmtariq/taskmanager/configuration/SecurityConfiguration.java

@@ -0,0 +1,46 @@
+package com.ssmtariq.taskmanager.configuration;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
+import org.springframework.security.web.AuthenticationEntryPoint;
+
+import static com.ssmtariq.taskmanager.constant.TaskManagerApiConstants.ROLE_ADMIN;
+import static com.ssmtariq.taskmanager.constant.TaskManagerApiConstants.ROLE_USER;
+
+@Configuration
+@EnableWebSecurity
+public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
+
+	@Autowired
+	private AuthenticationEntryPoint entryPoint;
+
+	@Autowired
+	private UserDetailsService userDetailsService;
+
+	@Override
+	protected void configure(AuthenticationManagerBuilder auth) throws Exception {
+		auth.userDetailsService(userDetailsService).passwordEncoder(new BCryptPasswordEncoder());
+	}
+
+	@Override
+	protected void configure(HttpSecurity http) throws Exception {
+		http.csrf().disable().authorizeRequests()
+			    .antMatchers("/prepare/demo/**").permitAll()
+			    .antMatchers("/projects/user/{id}").hasRole(ROLE_ADMIN)
+			    .antMatchers("/project/**").hasRole(ROLE_USER)
+			    .antMatchers("/projects/**").hasRole(ROLE_USER)
+			    .antMatchers("/tasks/user/{id}").hasRole(ROLE_ADMIN)
+			    .antMatchers("/task/**").hasRole(ROLE_USER)
+			    .antMatchers("/tasks/**").hasRole(ROLE_USER)
+			    .and().httpBasic()
+				.authenticationEntryPoint(entryPoint)
+				.and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS);
+	}
+}