Skip to content

S
SkuciSe
Commit b4e26dd9 by Bogdan Andjelkovic
Options

dodat ProfileController, dodate zabrane pristupa ako nije logged

parent 9cf212aa
Showing with 82 additions and 49 deletions
SkuciSe/src/main/java/com/example/SkuciSe/configuration/WebSecurityConfig.java
...@@ -41,7 +41,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter ...@@ -41,7 +41,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter
@Override @Override
protected void configure(HttpSecurity http) throws Exception { protected void configure(HttpSecurity http) throws Exception {
http.authorizeRequests() http.authorizeRequests()
.antMatchers("/proba").authenticated() .antMatchers("/profile/**","/moji-oglasi/**","/moji-zahtevi/**","/lista-korisnika").authenticated()
.anyRequest().permitAll() .anyRequest().permitAll()
.and().formLogin().loginPage("/login").permitAll() .and().formLogin().loginPage("/login").permitAll()
.usernameParameter("email") .usernameParameter("email")
......
SkuciSe/src/main/java/com/example/SkuciSe/controller/AdminController.java
...@@ -14,7 +14,6 @@ import org.springframework.web.bind.annotation.PostMapping; ...@@ -14,7 +14,6 @@ import org.springframework.web.bind.annotation.PostMapping;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.List; import java.util.List;
import java.util.Objects;
@Controller @Controller
public class AdminController public class AdminController
...@@ -27,7 +26,7 @@ public class AdminController ...@@ -27,7 +26,7 @@ public class AdminController
@GetMapping("/lista-korisnika") @GetMapping("/lista-korisnika")
public String getListaKorisnika(Model model, @AuthenticationPrincipal KorisnikDetails loggedUser) public String getListaKorisnika(Model model, @AuthenticationPrincipal KorisnikDetails loggedUser)
{ {
if( !kRepo.findRoleById( loggedUser.getKorisnik().getTipId()).equals( "Administrator") ) if( !kRepo.findRoleById( loggedUser.getKorisnik().getTipId()).equals( "Administrator"))
{ {
return "redirect:/index"; return "redirect:/index";
} }
...@@ -38,9 +37,10 @@ public class AdminController ...@@ -38,9 +37,10 @@ public class AdminController
list.add(kRepo.findCity(k.getGradId())); list.add(kRepo.findCity(k.getGradId()));
} }
model.addAttribute("gradovi", list); model.addAttribute("gradovi", list);
return "listaProfilaAdmin"; return "lista-korisnika";
} }
@PostMapping("/delete-user/{id}")
@PostMapping ("/delete-user/{id}")
public String deleteUser(@PathVariable("id") Integer id, @AuthenticationPrincipal KorisnikDetails loggedUser, Model model){ public String deleteUser(@PathVariable("id") Integer id, @AuthenticationPrincipal KorisnikDetails loggedUser, Model model){
kRepo.deleteUser(id); kRepo.deleteUser(id);
List<String> list = new ArrayList<String>(); List<String> list = new ArrayList<String>();
...@@ -50,6 +50,6 @@ public class AdminController ...@@ -50,6 +50,6 @@ public class AdminController
model.addAttribute("korisnici", kRepo.findAll()); model.addAttribute("korisnici", kRepo.findAll());
model.addAttribute("loggedUser", loggedUser); model.addAttribute("loggedUser", loggedUser);
model.addAttribute("gradovi", list); model.addAttribute("gradovi", list);
return "listaProfilaAdminDelete"; return "lista-korisnika-delete";
} }
} }
SkuciSe/src/main/java/com/example/SkuciSe/controller/AppController.java
...@@ -51,41 +51,7 @@ public class AppController ...@@ -51,41 +51,7 @@ public class AppController
public String postRegisterProccess(@ModelAttribute Korisnik korisnik, @RequestParam("image") MultipartFile multipartFile) public String postRegisterProccess(@ModelAttribute Korisnik korisnik, @RequestParam("image") MultipartFile multipartFile)
{ {
System.out.println(korisnik); System.out.println(korisnik);
try { kRepo.insert( korisnik, multipartFile);
kRepo.insert( korisnik, multipartFile);
} catch (IOException e) {
throw new RuntimeException(e);
}
return("redirect:/login"); return("redirect:/login");
} }
@GetMapping("/profile")
public String getProfile(Model model, @AuthenticationPrincipal KorisnikDetails loggedUser)
{
model.addAttribute("loggedUser", loggedUser);
model.addAttribute("editUser", loggedUser.getKorisnik());
model.addAttribute("profileRole", kRepo.findRoleById( loggedUser.getKorisnik().getTipId()));
model.addAttribute("grad", lRepo.findById( loggedUser.getKorisnik().getGradId()));
model.addAttribute("lokacije", lRepo.findAll());
return("profile");
}
@PostMapping("/profile-update")
public String postProfileEdit(Model model, @ModelAttribute Korisnik korisnik, @AuthenticationPrincipal KorisnikDetails loggedUser)
{
kRepo.update( korisnik);
System.out.println( korisnik.toString());
loggedUser.setKorisnik( korisnik);
return "redirect:/profile";
}
@PostMapping("/picture-update")
public String izmeniSliku(@AuthenticationPrincipal KorisnikDetails loggedUser,@RequestParam("image") MultipartFile file) {
kRepo.updateSlika(loggedUser.getKorisnik(),file);
try {
loggedUser.setKorisnikSlika( Base64.getEncoder().encodeToString(file.getBytes()));
} catch (IOException e) {
throw new RuntimeException(e);
}
return "redirect:/profile";
}
} }
SkuciSe/src/main/java/com/example/SkuciSe/controller/ProfileController.java 0 → 100644
package com.example.SkuciSe.controller;
import com.example.SkuciSe.model.korisnik.Korisnik;
import com.example.SkuciSe.model.korisnik.KorisnikDetails;
import com.example.SkuciSe.repository.KorisnikRepository;
import com.example.SkuciSe.repository.LokacijaRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.multipart.MultipartFile;
import java.io.IOException;
import java.util.Base64;
@Controller
public class ProfileController
{
@Autowired
KorisnikRepository kRepo;
@Autowired
LokacijaRepository lRepo;
@GetMapping("/profile")
public String getProfile(Model model, @AuthenticationPrincipal KorisnikDetails loggedUser)
{
model.addAttribute("loggedUser", loggedUser);
model.addAttribute("editUser", loggedUser.getKorisnik());
model.addAttribute("profileRole", kRepo.findRoleById( loggedUser.getKorisnik().getTipId()));
model.addAttribute("grad", lRepo.findById( loggedUser.getKorisnik().getGradId()));
model.addAttribute("lokacije", lRepo.findAll());
return("profile");
}
@PostMapping("/profile-update")
public String postProfileEdit(Model model, @ModelAttribute Korisnik korisnik, @AuthenticationPrincipal KorisnikDetails loggedUser)
{
kRepo.update( korisnik);
System.out.println( korisnik.toString());
loggedUser.setKorisnik( korisnik);
return "redirect:/profile";
}
@PostMapping("/profile-picture-update")
public String izmeniSliku(@AuthenticationPrincipal KorisnikDetails loggedUser,@RequestParam("image") MultipartFile file) {
kRepo.updateSlika(loggedUser.getKorisnik(),file);
try {
loggedUser.setKorisnikSlika( Base64.getEncoder().encodeToString(file.getBytes()));
} catch (IOException e) {
throw new RuntimeException(e);
}
return "redirect:/profile";
}
}
SkuciSe/src/main/java/com/example/SkuciSe/repository/KorisnikRepository.java
...@@ -18,14 +18,19 @@ public class KorisnikRepository ...@@ -18,14 +18,19 @@ public class KorisnikRepository
@Autowired @Autowired
LokacijaRepository lRepo; LokacijaRepository lRepo;
public void insert( Korisnik korisnik, MultipartFile multipartFile) throws IOException public void insert( Korisnik korisnik, MultipartFile multipartFile)
{ {
String slika = Base64.getEncoder().encodeToString(multipartFile.getBytes()); if( this.findByEmail( korisnik.getEmail()) == null)
String sql = "insert into korisnik( ime, prezime, telefon, email, sifra, tipId, slika, gradid) values('"+korisnik.getIme()+"','"+korisnik.getPrezime()+"','"+korisnik.getTelefon()+"','"+korisnik.getEmail()+"','"+new BCryptPasswordEncoder().encode(korisnik.getSifra())+"',1, '"+ slika +"', "+korisnik.getGradId()+")"; {
try { try {
dataBase.statement.executeUpdate( sql); String slika = Base64.getEncoder().encodeToString(multipartFile.getBytes());
} catch (SQLException e) { String sql = "insert into korisnik( ime, prezime, telefon, email, sifra, tipId, slika, gradid) values('"+korisnik.getIme()+"','"+korisnik.getPrezime()+"','"+korisnik.getTelefon()+"','"+korisnik.getEmail()+"','"+new BCryptPasswordEncoder().encode(korisnik.getSifra())+"',1, '"+ slika +"', "+korisnik.getGradId()+")";
throw new RuntimeException(e); dataBase.statement.executeUpdate( sql);
} catch (SQLException e) {
throw new RuntimeException(e);
} catch (IOException e) {
throw new RuntimeException(e);
}
} }
} }
...@@ -78,6 +83,7 @@ public class KorisnikRepository ...@@ -78,6 +83,7 @@ public class KorisnikRepository
} }
return( null); return( null);
} }
public Korisnik findById(Integer id){ public Korisnik findById(Integer id){
String sql = "select * from korisnik where KorisnikId = "+id; String sql = "select * from korisnik where KorisnikId = "+id;
ResultSet rs = null; ResultSet rs = null;
...@@ -125,6 +131,7 @@ public class KorisnikRepository ...@@ -125,6 +131,7 @@ public class KorisnikRepository
throw new RuntimeException(e); throw new RuntimeException(e);
} }
} }
public String findCity(Integer id){ public String findCity(Integer id){
String sql = "select Naziv from lokacija where LokacijaID = "+id; String sql = "select Naziv from lokacija where LokacijaID = "+id;
ResultSet rs = null; ResultSet rs = null;
...@@ -137,6 +144,7 @@ public class KorisnikRepository ...@@ -137,6 +144,7 @@ public class KorisnikRepository
} }
return "Nema grada"; return "Nema grada";
} }
public void deleteUser(Integer id){ public void deleteUser(Integer id){
String sql = "delete from korisnik where KorisnikId = "+id; String sql = "delete from korisnik where KorisnikId = "+id;
try { try {
......
SkuciSe/src/main/resources/templates/profile.html
...@@ -153,7 +153,7 @@ ...@@ -153,7 +153,7 @@
</div> </div>
</div> </div>
</div> </div>
<form id="formaSlika" method="POST" th:object="${loggedUser}" th:action="@{/picture-update}" <form id="formaSlika" method="POST" th:object="${loggedUser}" th:action="@{/profile-picture-update}"
style="display: none" enctype="multipart/form-data"> style="display: none" enctype="multipart/form-data">
<input type="file" name="image" accept="image/png, image/jpeg" id="inputSlika" style="display: none" <input type="file" name="image" accept="image/png, image/jpeg" id="inputSlika" style="display: none"
onchange="document.getElementById('formaSlika').submit();return false;"/> onchange="document.getElementById('formaSlika').submit();return false;"/>
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment