Fix: CORS.

core/pom.xml

@@ -83,7 +83,7 @@
 		<dependency>
 			<groupId>net.miarma</groupId>
 			<artifactId>backlib</artifactId>
-			<version>1.0.1</version>
+			<version>1.1.0</version>
 		</dependency>
 	</dependencies>
 

core/src/main/java/net/miarma/backend/core/config/CorsConfig.java

@@ -1,28 +0,0 @@
-package net.miarma.backend.core.config;
-
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-import org.springframework.web.servlet.config.annotation.CorsRegistry;
-import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
-
-@Configuration
-public class CorsConfig {
-
-    @Bean
-    public WebMvcConfigurer corsConfigurer() {
-        return new WebMvcConfigurer() {
-            @Override
-            public void addCorsMappings(CorsRegistry registry) {
-                registry.addMapping("/**")
-                        .allowedOrigins(
-                            "http://localhost:3000",
-                            "http://localhost:8081",
-                            "http://huertos:8081"
-                        )
-                        .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS")
-                        .allowedHeaders("*")
-                        .allowCredentials(true);
-            }
-        };
-    }
-}

core/src/main/java/net/miarma/backend/core/config/SecurityConfig.java

@@ -5,22 +5,13 @@ import net.miarma.backlib.http.RestAccessDeniedHandler;
 import net.miarma.backlib.http.RestAuthEntryPoint;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
-import org.springframework.security.authentication.AuthenticationManager;
 import org.springframework.security.config.Customizer;
-import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.http.SessionCreationPolicy;
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.SecurityFilterChain;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
-import org.springframework.web.cors.CorsConfiguration;
-import org.springframework.web.cors.CorsConfigurationSource;
-import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
-
-import java.util.List;
 
 @Configuration
 @EnableWebSecurity
@@ -40,23 +31,9 @@ public class SecurityConfig {
         this.accessDeniedHandler = accessDeniedHandler;
     }
 
-    @Bean
-    public CorsConfigurationSource corsConfigurationSource() {
-        CorsConfiguration config = new CorsConfiguration();
-        config.setAllowedOrigins(List.of("http://localhost:3000"));
-        config.setAllowedMethods(List.of("GET","POST","PUT","DELETE","OPTIONS"));
-        config.setAllowedHeaders(List.of("*"));
-        config.setAllowCredentials(true);
-
-        UrlBasedCorsConfigurationSource source = new UrlBasedCorsConfigurationSource();
-        source.registerCorsConfiguration("/**", config);
-        return source;
-    }
-
     @Bean
     public SecurityFilterChain filterChain(HttpSecurity http) throws Exception {
         http
-            .cors(Customizer.withDefaults())
             .csrf(csrf -> csrf.disable())
             .sessionManagement(sm -> sm.sessionCreationPolicy(SessionCreationPolicy.STATELESS))
             .exceptionHandling(ex -> ex

core/src/main/java/net/miarma/backend/core/controller/FileController.java

@@ -44,33 +44,44 @@ public class FileController {
         return ResponseEntity.ok(files);
     }
 
-    @GetMapping("/{fileId}")
-    @PreAuthorize("hasRole('ADMIN') or @fileService.isOwner(#fileId, authentication.principal.userId)")
+    @GetMapping("/{file_id}")
+    @PreAuthorize("hasRole('ADMIN') or @fileService.isOwner(#file_id, authentication.principal.userId)")
     public ResponseEntity<File> getById(@PathVariable("file_id") UUID fileId) {
         File file = fileService.getById(fileId);
         return ResponseEntity.ok(file);
     }
 
-    @PostMapping
+    @PostMapping(consumes = "multipart/form-data")
     @PreAuthorize("hasRole('ADMIN') or #uploadedBy == authentication.principal.userId")
     public ResponseEntity<FileDto.Response> create(
-            @RequestBody FileDto.Request dto,
-            @RequestPart("file") MultipartFile file
+            @RequestPart("file") MultipartFile file,
+            @RequestPart("fileName") String fileName,
+            @RequestPart("mimeType") String mimeType,
+            @RequestPart("uploadedBy") UUID uploadedBy,
+            @RequestPart("context") Integer context
     ) throws IOException {
-        File created = fileService.create(FileMapper.toEntity(dto), file.getBytes());
-        return ResponseEntity.status(HttpStatus.CREATED).body(FileMapper.toResponse(created));
+
+        File entity = new File();
+        entity.setFileName(fileName);
+        entity.setMimeType(mimeType);
+        entity.setUploadedBy(uploadedBy);
+        entity.setContext(context.byteValue());
+
+        File created = fileService.create(entity, file.getBytes());
+        return ResponseEntity.status(HttpStatus.CREATED)
+                .body(FileMapper.toResponse(created));
     }
 
-    @PutMapping("/{fileId}")
-    @PreAuthorize("hasRole('ADMIN') or @fileService.isOwner(#fileId, authentication.principal.userId)")
-    public ResponseEntity<File> update(@PathVariable("fileId") UUID fileId, @RequestBody FileDto.Request request) {
+    @PutMapping("/{file_id}")
+    @PreAuthorize("hasRole('ADMIN') or @fileService.isOwner(#file_id, authentication.principal.userId)")
+    public ResponseEntity<File> update(@PathVariable("file_id") UUID fileId, @RequestBody FileDto.Request request) {
         File updated = fileService.update(fileId, FileMapper.toEntity(request));
         return ResponseEntity.ok(updated);
     }
 
-    @DeleteMapping("/{fileId}")
-    @PreAuthorize("hasRole('ADMIN') or @fileService.isOwner(#fileId, authentication.principal.userId)")
-    public ResponseEntity<Void> delete(@PathVariable("fileId") UUID fileId, @RequestBody Map<String,String> body) throws IOException {
+    @DeleteMapping("/{file_id}")
+    @PreAuthorize("hasRole('ADMIN') or @fileService.isOwner(#file_id, authentication.principal.userId)")
+    public ResponseEntity<Void> delete(@PathVariable("file_id") UUID fileId, @RequestBody Map<String,String> body) throws IOException {
         String filePath = body.get("file_path");
         Files.deleteIfExists(Paths.get(filePath));
         fileService.delete(fileId);