Gallardo7761/miarma-backend
1
1
Fork 0
Code Issues Pull Requests Actions Packages Releases 2 Activity

Compare commits

base: Gallardo7761:f372cbe8ab1a5e722c00390433678d46a5e45236
Branches Tags
Gallardo7761:main Gallardo7761:dev Gallardo7761:feature/rest
Gallardo7761:v1.2.1-r Gallardo7761:v1.2.0-r
...
compare: Gallardo7761:main
Branches Tags
Gallardo7761:dev Gallardo7761:feature/rest Gallardo7761:main
Gallardo7761:v1.2.1-r Gallardo7761:v1.2.0-r

6 Commits
f372cbe8ab ... main

Author SHA1 Message Date
Jose
18c2f0f00b hotfix: merge <<< HEAD ---- >>> SHA1 messages stood on the code somehow 2025-11-14 19:55:18 +01:00
Jose
3a194f2616 Merge pull request 'release 1.2.1' (#3) from dev into main 
Reviewed-on: #3
 2025-11-14 19:31:00 +01:00
Jose
2611ab62d5 Merge remote-tracking branch 'refs/remotes/origin/dev' into dev 2025-11-14 19:26:44 +01:00
Jose
748feabf24 add: generic JWT token extraction 
refactor: change project and POMs' names accordingly
 2025-11-14 19:21:31 +01:00
Jose
14ea92dab9 Merge pull request 'fix: huertos admin permissions; improve: abstract auth guard' (#2) from hotfix/huertos-admin-permissions into main 
Reviewed-on: #2
 2025-11-14 19:11:55 +01:00
Jose
92847e87aa fix: huertos admin permissions; improve: abstract auth guard 2025-11-14 19:10:20 +01:00
13 changed files with 90 additions and 66 deletions
Expand all files Collapse all files

2
backlib/pom.xml
View File

@@ -4,7 +4,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>net.miarma.api</groupId>
<artifactId>backlib</artifactId>
<version>1.2.0</version>
<version>1.2.1</version>
<properties>
<maven.compiler.source>23</maven.compiler.source>

36
backlib/src/main/java/net/miarma/api/backlib/middlewares/AbstractAuthGuard.java
View File

@@ -14,13 +14,13 @@ import net.miarma.api.backlib.util.JsonUtil;
* Maneja extracción de JWT y verificación básica.
* Los microservicios solo implementan getUserEntity y hasPermission.
*/
@SuppressWarnings("unchecked") // arreglar el warning de heap pollution de los arrays de genéricos
@SuppressWarnings("unchecked")
public abstract class AbstractAuthGuard<U, R extends Enum<R> & IUserRole> {
protected abstract R parseRole(String roleStr);
protected abstract R parseRole(String roleStr);
protected abstract void getUserEntity(int userId, RoutingContext ctx, Consumer<U> callback);
protected abstract boolean hasPermission(U user, R role, R... allowedRoles);
protected abstract boolean hasPermission(U user, R role);
public Handler<RoutingContext> check(R... allowedRoles) {
return ctx -> {
String token = extractToken(ctx);
@@ -30,16 +30,26 @@ public abstract class AbstractAuthGuard<U, R extends Enum<R> & IUserRole> {
}
int userId = JWTManager.getInstance().extractUserId(token);
String roleStr = JWTManager.getInstance().extractRole(token);
R role;
try {
role = parseRole(roleStr);
} catch (Exception e) {
JsonUtil.sendJson(ctx, ApiStatus.UNAUTHORIZED, "Invalid role");
return;
}
ctx.put("userId", userId);
ctx.put("role", role);
getUserEntity(userId, ctx, entity -> {
if (entity == null) {
JsonUtil.sendJson(ctx, ApiStatus.UNAUTHORIZED, "User not found");
return;
}
R userRole = extractRoleFromEntity(entity);
if (allowedRoles.length == 0 || hasPermission(entity, userRole, allowedRoles)) {
if (allowedRoles.length == 0 || isRoleAllowed(role, allowedRoles)) {
ctx.put("userEntity", entity);
ctx.next();
} else {
@@ -49,15 +59,11 @@ public abstract class AbstractAuthGuard<U, R extends Enum<R> & IUserRole> {
};
}
protected R extractRoleFromEntity(U user) {
try {
return (R) user.getClass().getMethod("getRole").invoke(user);
} catch (Exception e) {
return null;
}
protected boolean isRoleAllowed(R role, R... allowedRoles) {
for (R allowed : allowedRoles) if (role == allowed) return true; return false;
}
private String extractToken(RoutingContext ctx) {
protected String extractToken(RoutingContext ctx) {
String authHeader = ctx.request().getHeader("Authorization");
if (authHeader != null && authHeader.startsWith("Bearer ")) {
return authHeader.substring(7);

4
bootstrap/pom.xml
View File

@@ -5,8 +5,8 @@
<parent>
<groupId>net.miarma.api</groupId>
<artifactId>miarma-backend</artifactId>
<version>1.2.0</version>
<artifactId>miarma-ecosystem</artifactId>
<version>1.2.1</version>
</parent>
<artifactId>bootstrap</artifactId>

11
microservices/core/pom.xml
View File

@@ -2,7 +2,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>net.miarma.api</groupId>
<artifactId>core</artifactId>
<version>1.2.0</version>
<version>1.2.1</version>
<properties>
<maven.compiler.source>23</maven.compiler.source>
@@ -20,9 +20,8 @@
<dependency>
<groupId>net.miarma.api</groupId>
<artifactId>backlib</artifactId>
<version>1.2.0</version>
<scope>provided</scope>
</dependency>
<version>1.2.1</version>
</dependency>
</dependencies>
</project>
</project>

6
microservices/core/src/main/java/net/miarma/api/microservices/core/routing/middlewares/CoreAuthGuard.java
View File

@@ -29,10 +29,8 @@ public class CoreAuthGuard extends AbstractAuthGuard<UserEntity, CoreUserRole> {
}
@Override
protected boolean hasPermission(UserEntity member, CoreUserRole userRole, CoreUserRole... allowedRoles) {
if (member == null) return false;
if (member.getGlobal_role() == CoreUserRole.ADMIN) return true;
return false;
protected boolean hasPermission(UserEntity user, CoreUserRole userRole) {
return user.getGlobal_role() == CoreUserRole.ADMIN;
}
}

7
microservices/huertos/pom.xml
View File

@@ -2,7 +2,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>net.miarma.api</groupId>
<artifactId>huertos</artifactId>
<version>1.2.0</version>
<version>1.2.1</version>
<properties>
<maven.compiler.source>23</maven.compiler.source>
@@ -20,9 +20,8 @@
<dependency>
<groupId>net.miarma.api</groupId>
<artifactId>backlib</artifactId>
<version>1.2.0</version>
<scope>provided</scope>
</dependency>
<version>1.2.1</version>
</dependency>
</dependencies>
</project>

53
microservices/huertos/src/main/java/net/miarma/api/microservices/huertos/routing/middlewares/HuertosAuthGuard.java
View File

@@ -2,14 +2,19 @@ package net.miarma.api.microservices.huertos.routing.middlewares;
import java.util.function.Consumer;
import io.vertx.core.Handler;
import io.vertx.ext.web.RoutingContext;
import net.miarma.api.backlib.Constants.HuertosUserRole;
import net.miarma.api.backlib.http.ApiStatus;
import net.miarma.api.backlib.middlewares.AbstractAuthGuard;
import net.miarma.api.backlib.security.JWTManager;
import net.miarma.api.backlib.util.JsonUtil;
import net.miarma.api.microservices.huertos.entities.MemberEntity;
import net.miarma.api.microservices.huertos.services.MemberService;
public class HuertosAuthGuard extends AbstractAuthGuard<MemberEntity, HuertosUserRole> {
private final MemberService memberService;
private final MemberService memberService;
public HuertosAuthGuard(MemberService memberService) {
this.memberService = memberService;
@@ -22,20 +27,50 @@ public class HuertosAuthGuard extends AbstractAuthGuard<MemberEntity, HuertosUse
@Override
protected void getUserEntity(int userId, RoutingContext ctx, Consumer<MemberEntity> callback) {
memberService.getById(userId).onComplete(ar -> {
memberService.getById(userId).onComplete(ar -> {
if (ar.succeeded()) callback.accept(ar.result());
else callback.accept(null);
});
}
@Override
protected boolean hasPermission(MemberEntity member, HuertosUserRole userRole, HuertosUserRole... allowedRoles) {
if (member == null) return false;
if (member.getRole() == HuertosUserRole.ADMIN || member.getRole() == HuertosUserRole.DEV) return true;
for (HuertosUserRole role : allowedRoles) {
if (member.getRole() == role) return true;
}
return false;
protected boolean hasPermission(MemberEntity member, HuertosUserRole userRole) {
return member.getRole() == HuertosUserRole.ADMIN;
}
@Override
public Handler<RoutingContext> check(HuertosUserRole... allowedRoles) {
return ctx -> {
String token = extractToken(ctx);
if (token == null || !JWTManager.getInstance().isValid(token)) {
JsonUtil.sendJson(ctx, ApiStatus.UNAUTHORIZED, "Invalid or missing token");
return;
}
int userId = JWTManager.getInstance().extractUserId(token);
getUserEntity(userId, ctx, member -> {
if (member == null) {
JsonUtil.sendJson(ctx, ApiStatus.UNAUTHORIZED, "User not found");
return;
}
HuertosUserRole role = HuertosUserRole.USER;
if (member.getRole() != null) {
role = member.getRole();
}
ctx.put("userId", userId);
ctx.put("role", role);
ctx.put("userEntity", member);
if (allowedRoles.length == 0 || isRoleAllowed(role, allowedRoles)) {
ctx.next();
} else {
JsonUtil.sendJson(ctx, ApiStatus.FORBIDDEN, "Forbidden");
}
});
};
}
}

5
microservices/huertosdecine/pom.xml
View File

@@ -2,7 +2,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>net.miarma.api</groupId>
<artifactId>huertosdecine</artifactId>
<version>1.2.0</version>
<version>1.2.1</version>
<properties>
<maven.compiler.source>23</maven.compiler.source>
@@ -20,8 +20,7 @@
<dependency>
<groupId>net.miarma.api</groupId>
<artifactId>backlib</artifactId>
<version>1.2.0</version>
<scope>provided</scope>
<version>1.2.1</version>
</dependency>
</dependencies>

9
microservices/huertosdecine/src/main/java/net/miarma/api/microservices/huertosdecine/routing/middlewares/CineAuthGuard.java
View File

@@ -29,13 +29,8 @@ public class CineAuthGuard extends AbstractAuthGuard<ViewerEntity, CineUserRole>
}
@Override
protected boolean hasPermission(ViewerEntity member, CineUserRole userRole, CineUserRole... allowedRoles) {
if (member == null) return false;
if (member.getRole() == CineUserRole.ADMIN) return true;
for (CineUserRole role : allowedRoles) {
if (member.getRole() == role) return true;
}
return false;
protected boolean hasPermission(ViewerEntity user, CineUserRole userRole) {
return user.getRole() == CineUserRole.ADMIN;
}
}

5
microservices/miarmacraft/pom.xml
View File

@@ -2,7 +2,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>net.miarma.api</groupId>
<artifactId>miarmacraft</artifactId>
<version>1.2.0</version>
<version>1.2.1</version>
<properties>
<maven.compiler.source>23</maven.compiler.source>
@@ -20,8 +20,7 @@
<dependency>
<groupId>net.miarma.api</groupId>
<artifactId>backlib</artifactId>
<version>1.2.0</version>
<scope>provided</scope>
<version>1.2.1</version>
</dependency>
</dependencies>

9
microservices/miarmacraft/src/main/java/net/miarma/api/microservices/miarmacraft/routing/middlewares/MMCAuthGuard.java
View File

@@ -29,13 +29,8 @@ public class MMCAuthGuard extends AbstractAuthGuard<PlayerEntity, MMCUserRole> {
}
@Override
protected boolean hasPermission(PlayerEntity member, MMCUserRole userRole, MMCUserRole... allowedRoles) {
if (member == null) return false;
if (member.getRole() == MMCUserRole.ADMIN) return true;
for (MMCUserRole role : allowedRoles) {
if (member.getRole() == role) return true;
}
return false;
protected boolean hasPermission(PlayerEntity user, MMCUserRole userRole) {
return user.getRole() == MMCUserRole.ADMIN;
}
}

5
microservices/mpaste/pom.xml
View File

@@ -2,7 +2,7 @@
<modelVersion>4.0.0</modelVersion>
<groupId>net.miarma.api</groupId>
<artifactId>mpaste</artifactId>
<version>1.2.0</version>
<version>1.2.1</version>
<properties>
<maven.compiler.source>23</maven.compiler.source>
@@ -20,8 +20,7 @@
<dependency>
<groupId>net.miarma.api</groupId>
<artifactId>backlib</artifactId>
<version>1.2.0</version>
<scope>provided</scope>
<version>1.2.1</version>
</dependency>
</dependencies>

4
pom.xml
View File

@@ -4,8 +4,8 @@
<modelVersion>4.0.0</modelVersion>
<groupId>net.miarma.api</groupId>
<artifactId>miarma-backend</artifactId>
<version>1.2.0</version>
<artifactId>miarma-ecosystem</artifactId>
<version>1.2.1</version>
<packaging>pom</packaging>
<modules>