From cb3b7710b9e32df408b3a38383aca049fa98214e Mon Sep 17 00:00:00 2001 From: Gunther6070 Date: Mon, 24 Mar 2025 21:17:33 -0400 Subject: Fixed various bugs and began fixing auth system. Also started implementing checkout method in cupboardService --- .../java/com/ufund/api/ufundapi/controller/UserController.java | 7 ++++--- 1 file changed, 4 insertions(+), 3 deletions(-) (limited to 'ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java') diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java index dfaad3a..b0dbd1d 100644 --- a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java +++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java @@ -99,12 +99,13 @@ public class UserController { * @param key The authentication key of the user * @return OK response and the user if it was successful, or * INTERNAL_SERVER_ERROR if there was an issue + * @throws IllegalAccessException */ @PutMapping("/{username}") - public ResponseEntity updateUser(@RequestBody User user, @PathVariable String username, @RequestHeader("jelly-api-key") String key) { - LOG.log(Level.INFO,"PUT: " + user + " " + username + " " + key.toString()); + public ResponseEntity updateUser(@RequestHeader("jelly-api-key") String key, @RequestBody User user, @PathVariable String username) throws IllegalAccessException { + LOG.log(Level.INFO,"PUT: " + user + " " + username + " " + key); try { - //authService.authenticate(username, key); + authService.authenticate(username, key); user = userService.updateUser(user, username); if (user != null) { return new ResponseEntity<>(user, HttpStatus.OK); -- cgit v1.2.3 From c15aa3daab0cf9a640945d4e634d1327fb55d2db Mon Sep 17 00:00:00 2001 From: sowgro Date: Tue, 25 Mar 2025 00:03:45 -0400 Subject: Greatly improve logging and other backend clean up --- .../api/ufundapi/controller/UserController.java | 38 ++++++++++++++-------- 1 file changed, 24 insertions(+), 14 deletions(-) (limited to 'ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java') diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java index b0dbd1d..cd340ef 100644 --- a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java +++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java @@ -23,6 +23,8 @@ import com.ufund.api.ufundapi.model.User; import com.ufund.api.ufundapi.service.AuthService; import com.ufund.api.ufundapi.service.UserService; +import static java.util.List.of; + @RestController @RequestMapping("users") public class UserController { @@ -43,6 +45,7 @@ public class UserController { */ @PostMapping("") public ResponseEntity createUser(@RequestBody Map params) { + LOG.log(Level.INFO, "POST /users body: {0}", params); String username = params.get("username"); String password = params.get("password"); @@ -54,8 +57,10 @@ public class UserController { return new ResponseEntity<>(HttpStatus.CONFLICT); } } catch (DuplicateKeyException ex) { + LOG.log(Level.WARNING, ex.getLocalizedMessage()); return new ResponseEntity<>(HttpStatus.CONFLICT); } catch (IOException ex) { + LOG.log(Level.SEVERE, ex.getLocalizedMessage()); return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); } } @@ -72,7 +77,7 @@ public class UserController { */ @GetMapping("/{username}") public ResponseEntity getUser(@PathVariable String username, @RequestHeader("jelly-api-key") String key) { - LOG.log(Level.INFO, "GET /user/{0}", username); + LOG.log(Level.INFO, "GET /user/{0} key: {1}", of(username, key)); try { authService.authenticate(username, key); @@ -83,9 +88,10 @@ public class UserController { return new ResponseEntity<>(HttpStatus.NOT_FOUND); } } catch (IllegalAccessException ex) { + LOG.log(Level.WARNING, ex.getLocalizedMessage()); return new ResponseEntity<>(HttpStatus.UNAUTHORIZED); - } catch (IOException e) { - LOG.log(Level.SEVERE, e.getLocalizedMessage()); + } catch (IOException ex) { + LOG.log(Level.SEVERE, ex.getLocalizedMessage()); return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); } @@ -99,11 +105,10 @@ public class UserController { * @param key The authentication key of the user * @return OK response and the user if it was successful, or * INTERNAL_SERVER_ERROR if there was an issue - * @throws IllegalAccessException */ @PutMapping("/{username}") - public ResponseEntity updateUser(@RequestHeader("jelly-api-key") String key, @RequestBody User user, @PathVariable String username) throws IllegalAccessException { - LOG.log(Level.INFO,"PUT: " + user + " " + username + " " + key); + public ResponseEntity updateUser(@RequestBody User user, @PathVariable String username, @RequestHeader("jelly-api-key") String key) { + LOG.log(Level.INFO,"PUT /users/{0} body: {1} key: {2}", of(user, username, key)); try { authService.authenticate(username, key); user = userService.updateUser(user, username); @@ -113,13 +118,15 @@ public class UserController { return new ResponseEntity<>(HttpStatus.NOT_FOUND); } } catch (InvalidParameterException ex) { + LOG.log(Level.WARNING, ex.getLocalizedMessage()); return new ResponseEntity<>(HttpStatus.BAD_REQUEST); - } catch (IOException e) { + } catch (IllegalAccessException ex) { + LOG.log(Level.WARNING, ex.getLocalizedMessage()); + return new ResponseEntity<>(HttpStatus.UNAUTHORIZED); + } catch (IOException ex) { + LOG.log(Level.SEVERE, ex.getLocalizedMessage()); return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); - } - // catch (IllegalAccessException e) { - // return new ResponseEntity<>(HttpStatus.UNAUTHORIZED); - // } + } } /** @@ -132,6 +139,7 @@ public class UserController { */ @DeleteMapping("/{username}") public ResponseEntity deleteUser(@PathVariable String username, @RequestHeader("jelly-api-key") String key) { + LOG.log(Level.INFO, "DELETE /users/{0} id: {1}", of(username, key)); try { authService.authenticate(username, key); @@ -140,10 +148,12 @@ public class UserController { } else { return new ResponseEntity<>(HttpStatus.NOT_FOUND); } - } catch (IOException e) { - return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); - } catch (IllegalAccessException e) { + } catch (IllegalAccessException ex) { + LOG.log(Level.WARNING, ex.getLocalizedMessage()); return new ResponseEntity<>(HttpStatus.UNAUTHORIZED); + } catch (IOException ex) { + LOG.log(Level.SEVERE, ex.getLocalizedMessage()); + return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR); } } -- cgit v1.2.3 From a2f35f6c35b96e3103d8eb6c2bdefc7c081f72f2 Mon Sep 17 00:00:00 2001 From: sowgro Date: Tue, 25 Mar 2025 09:05:23 -0400 Subject: Tweak logging --- .../java/com/ufund/api/ufundapi/controller/UserController.java | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java') diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java index cd340ef..d2f3f28 100644 --- a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java +++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java @@ -45,7 +45,7 @@ public class UserController { */ @PostMapping("") public ResponseEntity createUser(@RequestBody Map params) { - LOG.log(Level.INFO, "POST /users body: {0}", params); + LOG.log(Level.INFO, "POST /users body={0}", params); String username = params.get("username"); String password = params.get("password"); @@ -77,7 +77,7 @@ public class UserController { */ @GetMapping("/{username}") public ResponseEntity getUser(@PathVariable String username, @RequestHeader("jelly-api-key") String key) { - LOG.log(Level.INFO, "GET /user/{0} key: {1}", of(username, key)); + LOG.log(Level.INFO, "GET /user/{0} key={1}", of(username, key)); try { authService.authenticate(username, key); @@ -108,7 +108,7 @@ public class UserController { */ @PutMapping("/{username}") public ResponseEntity updateUser(@RequestBody User user, @PathVariable String username, @RequestHeader("jelly-api-key") String key) { - LOG.log(Level.INFO,"PUT /users/{0} body: {1} key: {2}", of(user, username, key)); + LOG.log(Level.INFO,"PUT /users/{0} body={1} key={2}", of(username, user, key)); try { authService.authenticate(username, key); user = userService.updateUser(user, username); @@ -139,7 +139,7 @@ public class UserController { */ @DeleteMapping("/{username}") public ResponseEntity deleteUser(@PathVariable String username, @RequestHeader("jelly-api-key") String key) { - LOG.log(Level.INFO, "DELETE /users/{0} id: {1}", of(username, key)); + LOG.log(Level.INFO, "DELETE /users/{0} id={1}", of(username, key)); try { authService.authenticate(username, key); -- cgit v1.2.3 From 5f03e80712f7a18370b5118fde5327bde1b6fbbf Mon Sep 17 00:00:00 2001 From: sowgro Date: Tue, 25 Mar 2025 10:17:55 -0400 Subject: Fix tests and more cleanup --- .../main/java/com/ufund/api/ufundapi/controller/UserController.java | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java') diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java index d2f3f28..c2d9e06 100644 --- a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java +++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java @@ -1,7 +1,6 @@ package com.ufund.api.ufundapi.controller; import java.io.IOException; -import java.security.InvalidParameterException; import java.util.Map; import java.util.logging.Level; import java.util.logging.Logger; @@ -117,7 +116,7 @@ public class UserController { } else { return new ResponseEntity<>(HttpStatus.NOT_FOUND); } - } catch (InvalidParameterException ex) { + } catch (IllegalArgumentException ex) { LOG.log(Level.WARNING, ex.getLocalizedMessage()); return new ResponseEntity<>(HttpStatus.BAD_REQUEST); } catch (IllegalAccessException ex) { -- cgit v1.2.3 From ab35efb06b926e8a3aee5cfc8d1fa908aa4a4707 Mon Sep 17 00:00:00 2001 From: sowgro Date: Wed, 26 Mar 2025 18:14:47 -0400 Subject: Fix cupboard access checking and logging --- .../com/ufund/api/ufundapi/controller/UserController.java | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) (limited to 'ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java') diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java index c2d9e06..33d2e4f 100644 --- a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java +++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/UserController.java @@ -22,8 +22,6 @@ import com.ufund.api.ufundapi.model.User; import com.ufund.api.ufundapi.service.AuthService; import com.ufund.api.ufundapi.service.UserService; -import static java.util.List.of; - @RestController @RequestMapping("users") public class UserController { @@ -79,7 +77,7 @@ public class UserController { LOG.log(Level.INFO, "GET /user/{0} key={1}", of(username, key)); try { - authService.authenticate(username, key); + authService.keyHasAccessToUser(username, key); User user = userService.getUser(username); if (user != null) { return new ResponseEntity<>(user.withoutPasswordHash(), HttpStatus.OK); @@ -109,7 +107,7 @@ public class UserController { public ResponseEntity updateUser(@RequestBody User user, @PathVariable String username, @RequestHeader("jelly-api-key") String key) { LOG.log(Level.INFO,"PUT /users/{0} body={1} key={2}", of(username, user, key)); try { - authService.authenticate(username, key); + authService.keyHasAccessToUser(username, key); user = userService.updateUser(user, username); if (user != null) { return new ResponseEntity<>(user, HttpStatus.OK); @@ -141,7 +139,7 @@ public class UserController { LOG.log(Level.INFO, "DELETE /users/{0} id={1}", of(username, key)); try { - authService.authenticate(username, key); + authService.keyHasAccessToUser(username, key); if (userService.deleteUser(username)) { return new ResponseEntity<>(HttpStatus.OK); } else { @@ -156,4 +154,8 @@ public class UserController { } } + private Object[] of(Object ...params) { + return params; + } + } -- cgit v1.2.3