From 313de12d511976d96dd75697d9d25dd77026d03d Mon Sep 17 00:00:00 2001
From: Chantha <chanthapro99@gmail.com>
Date: Fri, 8 May 2020 17:50:25 +0700
Subject: [PATCH] add PreAthourized to memomry

---
 .../com/chantha/mini/config/WebSecurityConfig.kt |  4 +++-
 .../chantha/mini/controller/UserController.kt    | 16 +++++++++-------
 .../kotlin/com/chantha/mini/repo/UserRepo.kt     |  3 ++-
 .../com/chantha/mini/service/UserService.kt      |  4 ++--
 4 files changed, 16 insertions(+), 11 deletions(-)

diff --git a/mini/src/main/kotlin/com/chantha/mini/config/WebSecurityConfig.kt b/mini/src/main/kotlin/com/chantha/mini/config/WebSecurityConfig.kt
index 3b05fea..5b85cac 100644
--- a/mini/src/main/kotlin/com/chantha/mini/config/WebSecurityConfig.kt
+++ b/mini/src/main/kotlin/com/chantha/mini/config/WebSecurityConfig.kt
@@ -2,6 +2,7 @@ package com.chantha.mini.config
 
 import org.springframework.context.annotation.Configuration
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
+import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
 import org.springframework.security.config.annotation.web.builders.HttpSecurity
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter
@@ -10,11 +11,12 @@ import org.springframework.security.web.util.matcher.AntPathRequestMatcher
 
 @Configuration
 @EnableWebSecurity
+@EnableGlobalMethodSecurity(prePostEnabled = true)
 class WebSecurityConfig : WebSecurityConfigurerAdapter() {
     @Throws(Exception::class)
     override fun configure(auth: AuthenticationManagerBuilder) {
         auth.inMemoryAuthentication().withUser("admin").password("{noop}admin").roles("ADMIN")
-                .and().withUser("dba").password("dba").roles("DBA")
+                .and().withUser("dba").password("{noop}dba").roles("DBA")
                 .and().withUser("user").password("user").roles("USER")
     }
 
diff --git a/mini/src/main/kotlin/com/chantha/mini/controller/UserController.kt b/mini/src/main/kotlin/com/chantha/mini/controller/UserController.kt
index 735d524..b971ddb 100644
--- a/mini/src/main/kotlin/com/chantha/mini/controller/UserController.kt
+++ b/mini/src/main/kotlin/com/chantha/mini/controller/UserController.kt
@@ -4,28 +4,30 @@ import com.chantha.mini.dto.UserDto
 import com.chantha.mini.service.UserService
 import com.fasterxml.jackson.annotation.JsonRootName
 import org.springframework.beans.factory.annotation.Autowired
+import org.springframework.security.access.prepost.PreAuthorize
 import org.springframework.stereotype.Controller
-import org.springframework.web.bind.annotation.GetMapping
-import org.springframework.web.bind.annotation.PathVariable
-import org.springframework.web.bind.annotation.RestController
+import org.springframework.web.bind.annotation.*
+import java.util.*
 
 @RestController
 class UserController @Autowired constructor(private val userService: UserService){
 
     @GetMapping("/api/user/name/{firstName}/{lastName}")
     fun findByFirstNameAndLastName(@PathVariable firstName:String ?="",@PathVariable lastName:String?=""):UserDto{
-       println(lastName+" "+firstName)
        return userService.findByFirstNameAndLastName(firstName,lastName)
     }
 
 
+    @PreAuthorize("hasRole('ADMIN')")
     @GetMapping("/api/user")
     fun findAllRecord():List<UserDto>{
         return userService.findAllRecord().orEmpty()
     }
 
-    @GetMapping("/api/user/id/{id}")
-    fun findById(@PathVariable Id:Long ):UserDto{
-        return userService.findById(Id)
+    @RequestMapping("/api/user/{id}")
+    fun findByOneRecord(@PathVariable uid:String): List<UserDto> {
+        //error Path Varaible Missing URI
+        print(uid)
+        return userService.findByOneRecord(1)
     }
 }
\ No newline at end of file
diff --git a/mini/src/main/kotlin/com/chantha/mini/repo/UserRepo.kt b/mini/src/main/kotlin/com/chantha/mini/repo/UserRepo.kt
index 5b27ca7..1f392b5 100644
--- a/mini/src/main/kotlin/com/chantha/mini/repo/UserRepo.kt
+++ b/mini/src/main/kotlin/com/chantha/mini/repo/UserRepo.kt
@@ -4,6 +4,7 @@ import com.chantha.mini.dto.UserDto
 import org.springframework.stereotype.Repository
 import org.springframework.data.jpa.repository.JpaRepository
 import org.springframework.data.jpa.repository.Query
+import java.util.*
 
 @Repository
 interface UserRepo : JpaRepository<UserDto,Long> {
@@ -13,5 +14,5 @@ interface UserRepo : JpaRepository<UserDto,Long> {
     @Query("SELECT * FROM user_dto",nativeQuery = true)
     fun findAllRecord():List<UserDto>
     @Query("SELECT * FROM user_dto WHERE id=?1",nativeQuery = true)
-    fun findById(Id :Long ?= 0):UserDto
+    fun findByOneRecord(Id :Long ): List<UserDto>
 }
\ No newline at end of file
diff --git a/mini/src/main/kotlin/com/chantha/mini/service/UserService.kt b/mini/src/main/kotlin/com/chantha/mini/service/UserService.kt
index fe2ace9..f2b155a 100644
--- a/mini/src/main/kotlin/com/chantha/mini/service/UserService.kt
+++ b/mini/src/main/kotlin/com/chantha/mini/service/UserService.kt
@@ -19,7 +19,7 @@ class UserService @Autowired constructor(private val userRepo: UserRepo) {
         return userRepo.findAllRecord()
     }
 
-    fun findById(Id : Long? = 0): UserDto {
-        return userRepo.findById(Id)
+    fun findByOneRecord(Id : Long ): List<UserDto> {
+        return userRepo.findByOneRecord(Id)
     }
 }
\ No newline at end of file