diff --git a/backlib/pom.xml b/backlib/pom.xml
index b1a2995..7a6f0f6 100644
--- a/backlib/pom.xml
+++ b/backlib/pom.xml
@@ -132,33 +132,4 @@
-
- BackLib
-
-
-
- org.apache.maven.plugins
- maven-shade-plugin
- 3.5.3
-
-
- package
-
- shade
-
-
- false
-
-
- net.miarma.backlib.MainVerticle
-
-
-
-
-
-
-
-
-
diff --git a/backlib/src/main/java/net/miarma/api/backlib/middlewares/AbstractAuthGuard.java b/backlib/src/main/java/net/miarma/api/backlib/middlewares/AbstractAuthGuard.java
index b6963b2..e45bffa 100644
--- a/backlib/src/main/java/net/miarma/api/backlib/middlewares/AbstractAuthGuard.java
+++ b/backlib/src/main/java/net/miarma/api/backlib/middlewares/AbstractAuthGuard.java
@@ -30,18 +30,6 @@ public abstract class AbstractAuthGuard & IUserRole> {
}
int userId = JWTManager.getInstance().extractUserId(token);
- String roleStr = JWTManager.getInstance().extractRole(token);
-
- R role;
- try {
- role = parseRole(roleStr);
- } catch (Exception e) {
- JsonUtil.sendJson(ctx, ApiStatus.UNAUTHORIZED, "Invalid role");
- return;
- }
-
- ctx.put("userId", userId);
- ctx.put("role", role);
getUserEntity(userId, ctx, entity -> {
if (entity == null) {
@@ -49,7 +37,9 @@ public abstract class AbstractAuthGuard & IUserRole> {
return;
}
- if (allowedRoles.length == 0 || isRoleAllowed(role, allowedRoles)) {
+ R userRole = extractRoleFromEntity(entity);
+
+ if (allowedRoles.length == 0 || hasPermission(entity, userRole, allowedRoles)) {
ctx.put("userEntity", entity);
ctx.next();
} else {
@@ -58,12 +48,19 @@ public abstract class AbstractAuthGuard & IUserRole> {
});
};
}
-
+
+<<<<<<< HEAD
protected boolean isRoleAllowed(R role, R... allowedRoles) {
for (R allowed : allowedRoles) {
if (role == allowed) return true;
+=======
+ protected R extractRoleFromEntity(U user) {
+ try {
+ return (R) user.getClass().getMethod("getRole").invoke(user);
+ } catch (Exception e) {
+ return null;
+>>>>>>> refs/remotes/origin/dev
}
- return false;
}
protected String extractToken(RoutingContext ctx) {
diff --git a/backlib/src/main/java/net/miarma/api/backlib/security/JWTManager.java b/backlib/src/main/java/net/miarma/api/backlib/security/JWTManager.java
index bc2b5a5..8d90128 100644
--- a/backlib/src/main/java/net/miarma/api/backlib/security/JWTManager.java
+++ b/backlib/src/main/java/net/miarma/api/backlib/security/JWTManager.java
@@ -1,14 +1,15 @@
package net.miarma.api.backlib.security;
+import java.util.Date;
+
import com.auth0.jwt.JWT;
import com.auth0.jwt.algorithms.Algorithm;
import com.auth0.jwt.interfaces.DecodedJWT;
import com.auth0.jwt.interfaces.JWTVerifier;
+
import net.miarma.api.backlib.ConfigManager;
import net.miarma.api.backlib.Constants;
-import net.miarma.api.backlib.Constants.CoreUserRole;
-
-import java.util.Date;
+import net.miarma.api.backlib.interfaces.IUserRole;
/**
* Clase de gestión de JSON Web Tokens (JWT).
@@ -49,7 +50,7 @@ public class JWTManager {
* @param keepLoggedIn Indica si el token debe tener una duración prolongada.
* @return El token JWT generado.
*/
- public String generateToken(String user_name, Integer user_id, CoreUserRole role, boolean keepLoggedIn) {
+ public String generateToken(String user_name, Integer user_id, IUserRole role, boolean keepLoggedIn) {
final long EXPIRATION_TIME_MS = 1000L * (keepLoggedIn ? config.getIntProperty("jwt.expiration") : config.getIntProperty("jwt.expiration.short"));
return JWT.create()
.withSubject(user_name)
diff --git a/bootstrap/pom.xml b/bootstrap/pom.xml
index 4237c4f..ed796cc 100644
--- a/bootstrap/pom.xml
+++ b/bootstrap/pom.xml
@@ -62,7 +62,7 @@
- MiarmaEcosystem
+ MiarmaBackend
org.apache.maven.plugins
diff --git a/microservices/core/pom.xml b/microservices/core/pom.xml
index 03e99d1..f366763 100644
--- a/microservices/core/pom.xml
+++ b/microservices/core/pom.xml
@@ -21,34 +21,7 @@
net.miarma.api
backlib
1.2.1
-
+
-
-
- ME-Core
-
-
-
- org.apache.maven.plugins
- maven-shade-plugin
- 3.5.3
-
-
- package
-
- shade
-
-
- false
-
-
- net.miarma.api.microservices.core.verticles.CoreMainVerticle
-
-
-
-
-
-
-
-
-
\ No newline at end of file
+
+
diff --git a/microservices/core/src/main/java/net/miarma/api/microservices/core/routing/middlewares/CoreAuthGuard.java b/microservices/core/src/main/java/net/miarma/api/microservices/core/routing/middlewares/CoreAuthGuard.java
index 0d8ee21..3e67edb 100644
--- a/microservices/core/src/main/java/net/miarma/api/microservices/core/routing/middlewares/CoreAuthGuard.java
+++ b/microservices/core/src/main/java/net/miarma/api/microservices/core/routing/middlewares/CoreAuthGuard.java
@@ -29,7 +29,10 @@ public class CoreAuthGuard extends AbstractAuthGuard {
}
@Override
- protected boolean hasPermission(UserEntity user, CoreUserRole role) {
- return user.getGlobal_role() == CoreUserRole.ADMIN;
+ protected boolean hasPermission(UserEntity member, CoreUserRole userRole, CoreUserRole... allowedRoles) {
+ if (member == null) return false;
+ if (member.getGlobal_role() == CoreUserRole.ADMIN) return true;
+ return false;
}
+
}
diff --git a/microservices/huertos/pom.xml b/microservices/huertos/pom.xml
index 29b22c7..98efc1c 100644
--- a/microservices/huertos/pom.xml
+++ b/microservices/huertos/pom.xml
@@ -21,35 +21,7 @@
net.miarma.api
backlib
1.2.1
-
+
-
- ME-Huertos
-
-
-
- org.apache.maven.plugins
- maven-shade-plugin
- 3.5.3
-
-
- package
-
- shade
-
-
- false
-
-
- net.miarma.api.microservices.huertos.HuertosMainVerticle
-
-
-
-
-
-
-
-
-
diff --git a/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/HuertosDataRouter.java b/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/HuertosDataRouter.java
index 0563718..22b32fd 100644
--- a/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/HuertosDataRouter.java
+++ b/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/HuertosDataRouter.java
@@ -33,44 +33,44 @@ public class HuertosDataRouter {
router.get(HuertosEndpoints.ANNOUNCES).handler(authGuard.check()).handler(hAnnounceData::getAll);
router.get(HuertosEndpoints.ANNOUNCE).handler(authGuard.check()).handler(hAnnounceData::getById);
- router.post(HuertosEndpoints.ANNOUNCES).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hAnnounceData::create);
- router.put(HuertosEndpoints.ANNOUNCE).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hAnnounceData::update);
- router.delete(HuertosEndpoints.ANNOUNCE).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hAnnounceData::delete);
+ router.post(HuertosEndpoints.ANNOUNCES).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hAnnounceData::create);
+ router.put(HuertosEndpoints.ANNOUNCE).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hAnnounceData::update);
+ router.delete(HuertosEndpoints.ANNOUNCE).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hAnnounceData::delete);
- router.get(HuertosEndpoints.BALANCE).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hBalanceData::getBalance);
- router.post(HuertosEndpoints.BALANCE).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hBalanceData::update);
- router.delete(HuertosEndpoints.BALANCE).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hBalanceData::create);
+ router.get(HuertosEndpoints.BALANCE).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hBalanceData::getBalance);
+ router.post(HuertosEndpoints.BALANCE).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hBalanceData::update);
+ router.delete(HuertosEndpoints.BALANCE).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hBalanceData::create);
- router.get(HuertosEndpoints.EXPENSES).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hExpenseData::getAll);
- router.get(HuertosEndpoints.EXPENSE).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hExpenseData::getById);
- router.post(HuertosEndpoints.EXPENSES).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hExpenseData::create);
- router.put(HuertosEndpoints.EXPENSE).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hExpenseData::update);
- router.delete(HuertosEndpoints.EXPENSE).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hExpenseData::delete);
+ router.get(HuertosEndpoints.EXPENSES).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hExpenseData::getAll);
+ router.get(HuertosEndpoints.EXPENSE).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hExpenseData::getById);
+ router.post(HuertosEndpoints.EXPENSES).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hExpenseData::create);
+ router.put(HuertosEndpoints.EXPENSE).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hExpenseData::update);
+ router.delete(HuertosEndpoints.EXPENSE).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hExpenseData::delete);
- router.get(HuertosEndpoints.INCOMES).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hIncomeData::getAll);
- router.get(HuertosEndpoints.INCOME).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hIncomeData::getById);
- router.post(HuertosEndpoints.INCOMES).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hIncomeData::create);
- router.put(HuertosEndpoints.INCOME).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hIncomeData::update);
- router.delete(HuertosEndpoints.INCOME).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hIncomeData::delete);
- router.get(HuertosEndpoints.INCOMES_WITH_NAMES).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hIncomeData::getIncomesWithNames);
+ router.get(HuertosEndpoints.INCOMES).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hIncomeData::getAll);
+ router.get(HuertosEndpoints.INCOME).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hIncomeData::getById);
+ router.post(HuertosEndpoints.INCOMES).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hIncomeData::create);
+ router.put(HuertosEndpoints.INCOME).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hIncomeData::update);
+ router.delete(HuertosEndpoints.INCOME).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hIncomeData::delete);
+ router.get(HuertosEndpoints.INCOMES_WITH_NAMES).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hIncomeData::getIncomesWithNames);
- router.get(HuertosEndpoints.MEMBERS).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hMemberData::getAll);
- router.get(HuertosEndpoints.MEMBER).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hMemberData::getById);
- router.post(HuertosEndpoints.MEMBERS).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hMemberData::create);
- router.put(HuertosEndpoints.MEMBER).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hMemberData::update);
- router.delete(HuertosEndpoints.MEMBER).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hMemberData::delete);
+ router.get(HuertosEndpoints.MEMBERS).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMemberData::getAll);
+ router.get(HuertosEndpoints.MEMBER).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMemberData::getById);
+ router.post(HuertosEndpoints.MEMBERS).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMemberData::create);
+ router.put(HuertosEndpoints.MEMBER).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMemberData::update);
+ router.delete(HuertosEndpoints.MEMBER).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMemberData::delete);
- router.get(HuertosEndpoints.PRE_USERS).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hPreUserData::getAll);
- router.get(HuertosEndpoints.PRE_USER).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hPreUserData::getById);
+ router.get(HuertosEndpoints.PRE_USERS).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hPreUserData::getAll);
+ router.get(HuertosEndpoints.PRE_USER).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hPreUserData::getById);
router.post(HuertosEndpoints.PRE_USERS).handler(hPreUserData::create);
- router.put(HuertosEndpoints.PRE_USER).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hPreUserData::update);
- router.delete(HuertosEndpoints.PRE_USER).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hPreUserData::delete);
+ router.put(HuertosEndpoints.PRE_USER).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hPreUserData::update);
+ router.delete(HuertosEndpoints.PRE_USER).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hPreUserData::delete);
- router.get(HuertosEndpoints.REQUESTS).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hRequestData::getAll);
- router.get(HuertosEndpoints.REQUEST).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hRequestData::getById);
+ router.get(HuertosEndpoints.REQUESTS).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hRequestData::getAll);
+ router.get(HuertosEndpoints.REQUEST).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hRequestData::getById);
router.post(HuertosEndpoints.REQUESTS).handler(hRequestData::create);
- router.put(HuertosEndpoints.REQUEST).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hRequestData::update);
- router.delete(HuertosEndpoints.REQUEST).handler(authGuard.check(HuertosUserRole.ADMIN)).handler(hRequestData::delete);
+ router.put(HuertosEndpoints.REQUEST).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hRequestData::update);
+ router.delete(HuertosEndpoints.REQUEST).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hRequestData::delete);
}
}
diff --git a/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/HuertosLogicRouter.java b/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/HuertosLogicRouter.java
index a138d50..2be3ba1 100644
--- a/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/HuertosLogicRouter.java
+++ b/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/HuertosLogicRouter.java
@@ -4,7 +4,7 @@ import io.vertx.core.Vertx;
import io.vertx.ext.web.Router;
import io.vertx.ext.web.handler.BodyHandler;
import io.vertx.sqlclient.Pool;
-import net.miarma.api.backlib.util.RouterUtil;
+import net.miarma.api.backlib.Constants.HuertosUserRole;
import net.miarma.api.microservices.huertos.handlers.BalanceLogicHandler;
import net.miarma.api.microservices.huertos.handlers.IncomeLogicHandler;
import net.miarma.api.microservices.huertos.handlers.MailHandler;
@@ -26,34 +26,34 @@ public class HuertosLogicRouter {
router.route().handler(BodyHandler.create());
router.post(HuertosEndpoints.LOGIN).handler(hMemberLogic::login);
- router.get(HuertosEndpoints.MEMBER_BY_NUMBER).handler(authGuard.check()).handler(hMemberLogic::getByMemberNumber);
- router.get(HuertosEndpoints.MEMBER_BY_PLOT).handler(authGuard.check()).handler(hMemberLogic::getByPlotNumber);
- router.get(HuertosEndpoints.MEMBER_BY_DNI).handler(authGuard.check()).handler(hMemberLogic::getByDni);
- router.get(HuertosEndpoints.MEMBER_PAYMENTS).handler(authGuard.check()).handler(hMemberLogic::getUserPayments);
- router.get(HuertosEndpoints.MEMBER_HAS_PAID).handler(authGuard.check()).handler(hMemberLogic::hasPaid);
- router.get(HuertosEndpoints.MEMBER_WAITLIST).handler(authGuard.check()).handler(hMemberLogic::getWaitlist);
+ router.get(HuertosEndpoints.MEMBER_BY_NUMBER).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMemberLogic::getByMemberNumber);
+ router.get(HuertosEndpoints.MEMBER_BY_PLOT).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMemberLogic::getByPlotNumber);
+ router.get(HuertosEndpoints.MEMBER_BY_DNI).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMemberLogic::getByDni);
+ router.get(HuertosEndpoints.MEMBER_PAYMENTS).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMemberLogic::getUserPayments);
+ router.get(HuertosEndpoints.MEMBER_HAS_PAID).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMemberLogic::hasPaid);
+ router.get(HuertosEndpoints.MEMBER_WAITLIST).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMemberLogic::getWaitlist);
router.get(HuertosEndpoints.MEMBER_LIMITED_WAITLIST).handler(hMemberLogic::getLimitedWaitlist);
router.get(HuertosEndpoints.LAST_MEMBER_NUMBER).handler(hMemberLogic::getLastMemberNumber);
- router.get(HuertosEndpoints.BALANCE_WITH_TOTALS).handler(authGuard.check()).handler(hBalanceLogic::getBalanceWithTotals);
- router.get(HuertosEndpoints.REQUESTS_WITH_PRE_USERS).handler(authGuard.check()).handler(hRequestLogic::getRequestsWithPreUsers);
- router.get(HuertosEndpoints.REQUEST_WITH_PRE_USER).handler(authGuard.check()).handler(hRequestLogic::getRequestWithPreUser);
+ router.get(HuertosEndpoints.BALANCE_WITH_TOTALS).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hBalanceLogic::getBalanceWithTotals);
+ router.get(HuertosEndpoints.REQUESTS_WITH_PRE_USERS).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hRequestLogic::getRequestsWithPreUsers);
+ router.get(HuertosEndpoints.REQUEST_WITH_PRE_USER).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hRequestLogic::getRequestWithPreUser);
router.get(HuertosEndpoints.MEMBER_PROFILE).handler(hMemberLogic::getProfile);
- router.get(HuertosEndpoints.REQUEST_COUNT).handler(authGuard.check()).handler(hRequestLogic::getRequestCount);
+ router.get(HuertosEndpoints.REQUEST_COUNT).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hRequestLogic::getRequestCount);
router.get(HuertosEndpoints.MY_INCOMES).handler(authGuard.check()).handler(hIncomeLogic::getMyIncomes);
router.get(HuertosEndpoints.MY_REQUESTS).handler(authGuard.check()).handler(hRequestLogic::getMyRequests);
- router.put(HuertosEndpoints.ACCEPT_REQUEST).handler(authGuard.check()).handler(hRequestLogic::acceptRequest);
- router.put(HuertosEndpoints.REJECT_REQUEST).handler(authGuard.check()).handler(hRequestLogic::rejectRequest);
- router.put(HuertosEndpoints.CHANGE_MEMBER_STATUS).handler(authGuard.check()).handler(hMemberLogic::changeMemberStatus);
- router.put(HuertosEndpoints.CHANGE_MEMBER_TYPE).handler(authGuard.check()).handler(hMemberLogic::changeMemberType);
+ router.put(HuertosEndpoints.ACCEPT_REQUEST).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hRequestLogic::acceptRequest);
+ router.put(HuertosEndpoints.REJECT_REQUEST).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hRequestLogic::rejectRequest);
+ router.put(HuertosEndpoints.CHANGE_MEMBER_STATUS).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMemberLogic::changeMemberStatus);
+ router.put(HuertosEndpoints.CHANGE_MEMBER_TYPE).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMemberLogic::changeMemberType);
router.get(HuertosEndpoints.MEMBER_HAS_COLLABORATOR).handler(authGuard.check()).handler(hMemberLogic::hasCollaborator);
router.get(HuertosEndpoints.MEMBER_HAS_COLLABORATOR_REQUEST).handler(authGuard.check()).handler(hMemberLogic::hasCollaboratorRequest);
router.get(HuertosEndpoints.MEMBER_HAS_GREENHOUSE).handler(authGuard.check()).handler(hMemberLogic::hasGreenHouse);
router.get(HuertosEndpoints.MEMBER_HAS_GREENHOUSE_REQUEST).handler(authGuard.check()).handler(hMemberLogic::hasGreenHouseRequest);
router.post(HuertosEndpoints.PRE_USER_VALIDATE).handler(hMemberLogic::validatePreUser);
- router.get(HuertosEndpoints.MAILS).handler(hMail::getFolder);
- router.get(HuertosEndpoints.MAIL).handler(hMail::getMail);
- router.post(HuertosEndpoints.SEND_MAIL).handler(hMail::sendMail);
+ router.get(HuertosEndpoints.MAILS).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMail::getFolder);
+ router.get(HuertosEndpoints.MAIL).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMail::getMail);
+ router.post(HuertosEndpoints.SEND_MAIL).handler(authGuard.check(HuertosUserRole.ADMIN, HuertosUserRole.DEV)).handler(hMail::sendMail);
}
diff --git a/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/middlewares/HuertosAuthGuard.java b/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/middlewares/HuertosAuthGuard.java
index 9aaf4dc..cfb0213 100644
--- a/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/middlewares/HuertosAuthGuard.java
+++ b/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/middlewares/HuertosAuthGuard.java
@@ -34,8 +34,14 @@ public class HuertosAuthGuard extends AbstractAuthGuard>>>>>> refs/remotes/origin/dev
}
+
}
diff --git a/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/services/MemberService.java b/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/services/MemberService.java
index 31795de..6d27bf7 100644
--- a/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/services/MemberService.java
+++ b/microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/services/MemberService.java
@@ -56,7 +56,6 @@ public class MemberService {
return Future.failedFuture(new ForbiddenException("User is not active"));
}
-
return userMetadataDAO.getById(user.getUser_id()).compose(metadata -> {
if (metadata.getStatus() != HuertosUserStatus.ACTIVE) {
return Future.failedFuture(new ForbiddenException("User is not active"));
diff --git a/microservices/huertosdecine/pom.xml b/microservices/huertosdecine/pom.xml
index a5ba200..dbe228f 100644
--- a/microservices/huertosdecine/pom.xml
+++ b/microservices/huertosdecine/pom.xml
@@ -24,32 +24,4 @@
-
- ME-HuertosDeCine
-
-
-
- org.apache.maven.plugins
- maven-shade-plugin
- 3.5.3
-
-
- package
-
- shade
-
-
- false
-
-
- net.miarma.api.microservices.huertosdecine.CineMainVerticle
-
-
-
-
-
-
-
-
-
diff --git a/microservices/huertosdecine/src/main/java/net/miarma/api/microservices/huertosdecine/routing/middlewares/CineAuthGuard.java b/microservices/huertosdecine/src/main/java/net/miarma/api/microservices/huertosdecine/routing/middlewares/CineAuthGuard.java
index 4ddcdd9..02f3736 100644
--- a/microservices/huertosdecine/src/main/java/net/miarma/api/microservices/huertosdecine/routing/middlewares/CineAuthGuard.java
+++ b/microservices/huertosdecine/src/main/java/net/miarma/api/microservices/huertosdecine/routing/middlewares/CineAuthGuard.java
@@ -29,7 +29,13 @@ public class CineAuthGuard extends AbstractAuthGuard
}
@Override
- protected boolean hasPermission(ViewerEntity user, CineUserRole role) {
- return user.getRole() == CineUserRole.ADMIN;
+ protected boolean hasPermission(ViewerEntity member, CineUserRole userRole, CineUserRole... allowedRoles) {
+ if (member == null) return false;
+ if (member.getRole() == CineUserRole.ADMIN) return true;
+ for (CineUserRole role : allowedRoles) {
+ if (member.getRole() == role) return true;
+ }
+ return false;
}
+
}
diff --git a/microservices/miarmacraft/pom.xml b/microservices/miarmacraft/pom.xml
index 948a8a1..8123021 100644
--- a/microservices/miarmacraft/pom.xml
+++ b/microservices/miarmacraft/pom.xml
@@ -24,32 +24,4 @@
-
- ME-MiarmaCraft
-
-
-
- org.apache.maven.plugins
- maven-shade-plugin
- 3.5.3
-
-
- package
-
- shade
-
-
- false
-
-
- net.miarma.api.microservices.miarmacraft.MMCMainVerticle
-
-
-
-
-
-
-
-
-
diff --git a/microservices/miarmacraft/src/main/java/net/miarma/api/microservices/miarmacraft/routing/middlewares/MMCAuthGuard.java b/microservices/miarmacraft/src/main/java/net/miarma/api/microservices/miarmacraft/routing/middlewares/MMCAuthGuard.java
index 09b52b3..6a1b3b4 100644
--- a/microservices/miarmacraft/src/main/java/net/miarma/api/microservices/miarmacraft/routing/middlewares/MMCAuthGuard.java
+++ b/microservices/miarmacraft/src/main/java/net/miarma/api/microservices/miarmacraft/routing/middlewares/MMCAuthGuard.java
@@ -29,8 +29,13 @@ public class MMCAuthGuard extends AbstractAuthGuard {
}
@Override
- protected boolean hasPermission(PlayerEntity user, MMCUserRole role) {
- return user.getRole() == MMCUserRole.ADMIN;
+ protected boolean hasPermission(PlayerEntity member, MMCUserRole userRole, MMCUserRole... allowedRoles) {
+ if (member == null) return false;
+ if (member.getRole() == MMCUserRole.ADMIN) return true;
+ for (MMCUserRole role : allowedRoles) {
+ if (member.getRole() == role) return true;
+ }
+ return false;
}
}
diff --git a/microservices/mpaste/pom.xml b/microservices/mpaste/pom.xml
index ca6a85c..e344b2e 100644
--- a/microservices/mpaste/pom.xml
+++ b/microservices/mpaste/pom.xml
@@ -24,32 +24,4 @@
-
- ME-MPaste
-
-
-
- org.apache.maven.plugins
- maven-shade-plugin
- 3.5.3
-
-
- package
-
- shade
-
-
- false
-
-
- net.miarma.api.microservices.mpaste.MPasteMainVerticle
-
-
-
-
-
-
-
-
-
diff --git a/pom.xml b/pom.xml
index c4f339e..a237905 100644
--- a/pom.xml
+++ b/pom.xml
@@ -51,33 +51,4 @@
-
- ME-Core
-
-
- org.apache.maven.plugins
- maven-shade-plugin
- 3.5.3
-
-
- package
-
- shade
-
-
- false
-
-
-
- net.miarma.api.microservices.core.verticles.CoreMainVerticle
-
-
-
-
-
-
-
-
-