Merge pull request #11 from alwinsimon/v1

alwinsimon · web-flow · commit e8422ac27011 · 2023-12-11T14:09:45.000+05:30
V1 - Final Configuration completed..
diff --git a/README.md b/README.md
@@ -1 +1,63 @@
-# User-Management-JavaSpringBoot
+# User Management - Java Spring Boot
+
+This is a simple Java Spring Boot project designed for User Management with two types of user roles: USER and ADMIN. Authentication is implemented using JSON Web Tokens (JWT), and the default port for the application is 8080. Maven is used as the build tool, and Postgres SQL is the chosen database with JPA for database access.
+
+## Features
+
+- User Management with roles: USER and ADMIN
+- JWT Authentication
+- Database: Postgres SQL with JPA
+- Default Port: 8080
+
+---
+
+## Getting Started
+
+### Prerequisites
+
+Make sure you have the following installed:
+
+- Java Development Kit (JDK)
+- Maven
+- Postgres SQL
+
+### Installation
+
+1. **Clone the repository:**
+
+    ```
+    git clone https://github.com/alwinsimon/User-Management-JavaSpringBoot.git
+    ```
+
+2. **Navigate to the project directory:**
+
+    ```
+    cd User-Management-JavaSpringBoot
+    ```
+
+3. **Build the project using Maven:**
+
+
+
+4. **Run the application:**
+
+
+The application will start on the default port: [http://localhost:8080](http://localhost:8080).
+
+---
+
+## API Documentation
+
+Explore the API endpoints using the [Postman live API Documentation](https://documenter.getpostman.com/view/27773540/2s9Ykhgj5q).
+
+## Contributing
+
+Feel free to contribute to the project by creating issues or submitting pull requests.
+
+## License
+
+This project is licensed under the [Apache License](LICENSE).
+
+---
+
+**Repository:** [https://github.com/alwinsimon/User-Management-JavaSpringBoot](https://github.com/alwinsimon/User-Management-JavaSpringBoot)
diff --git a/src/main/java/com/alwinsimon/UserManagementJavaSpringBoot/Config/SecurityConfig.java b/src/main/java/com/alwinsimon/UserManagementJavaSpringBoot/Config/SecurityConfig.java
@@ -7,6 +7,7 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationProvider;
+import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
@@ -16,6 +17,7 @@
 @Configuration
 @EnableWebSecurity
 @RequiredArgsConstructor
+@EnableMethodSecurity(securedEnabled = true, prePostEnabled = true)
 public class SecurityConfig {
 
     private final JwtAuthenticationFilter jwtAuthenticationFilter;
diff --git a/src/main/java/com/alwinsimon/UserManagementJavaSpringBoot/Controller/AdminController.java b/src/main/java/com/alwinsimon/UserManagementJavaSpringBoot/Controller/AdminController.java
@@ -2,11 +2,10 @@
 
 import com.alwinsimon.UserManagementJavaSpringBoot.Model.User;
 import com.alwinsimon.UserManagementJavaSpringBoot.Service.AdminService;
-import com.alwinsimon.UserManagementJavaSpringBoot.Service.UserService;
 import lombok.RequiredArgsConstructor;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
-import org.springframework.security.access.prepost.PreAuthorize;
+import org.springframework.security.access.annotation.Secured;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
@@ -18,7 +17,9 @@
 public class AdminController {
 
     private final AdminService adminService;
+
     @GetMapping("/get-users")
+    @Secured("ADMIN")
     public ResponseEntity<List<User>> getAllUsers() {
 
         // API Endpoint to get the LoggedIn User Details using Token received in the Request Header.
@@ -28,11 +29,12 @@ public ResponseEntity<List<User>> getAllUsers() {
     }
 
     @DeleteMapping("/delete-user/{email}")
-    public ResponseEntity<String> deleteUser(@PathVariable("email")String email){
+    @Secured("ADMIN")
+    public ResponseEntity<String> deleteUser(@PathVariable("email") String email) {
         try {
             adminService.deleteUserByEmail(email);
             return ResponseEntity.ok("User deleted.");
-        }catch (Exception e){
+        } catch (Exception e) {
             return ResponseEntity.status(HttpStatus.NOT_FOUND).body("User deletion Failed.");
         }
     }
