| 1 | package edu.gjoko.schedlr.services;
|
|---|
| 2 |
|
|---|
| 3 | import edu.gjoko.schedlr.entity.Business;
|
|---|
| 4 | import edu.gjoko.schedlr.entity.BusinessStatus;
|
|---|
| 5 | import edu.gjoko.schedlr.entity.Stakeholder;
|
|---|
| 6 | import edu.gjoko.schedlr.entity.StakeholderType;
|
|---|
| 7 | import edu.gjoko.schedlr.repositories.BusinessRepository;
|
|---|
| 8 | import edu.gjoko.schedlr.repositories.StakeholderRepository;
|
|---|
| 9 | import lombok.RequiredArgsConstructor;
|
|---|
| 10 | import org.springframework.security.access.AccessDeniedException;
|
|---|
| 11 | import org.springframework.security.core.GrantedAuthority;
|
|---|
| 12 | import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
|---|
| 13 | import org.springframework.security.core.userdetails.User;
|
|---|
| 14 | import org.springframework.security.core.userdetails.UserDetails;
|
|---|
| 15 | import org.springframework.security.core.userdetails.UserDetailsService;
|
|---|
| 16 | import org.springframework.security.core.userdetails.UsernameNotFoundException;
|
|---|
| 17 | import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
|
|---|
| 18 | import org.springframework.stereotype.Service;
|
|---|
| 19 |
|
|---|
| 20 | import java.util.HashSet;
|
|---|
| 21 | import java.util.Set;
|
|---|
| 22 |
|
|---|
| 23 | @Service
|
|---|
| 24 | @RequiredArgsConstructor
|
|---|
| 25 | public class PostgresUserDetailsService implements UserDetailsService {
|
|---|
| 26 |
|
|---|
| 27 | private final StakeholderRepository stakeholderRepository;
|
|---|
| 28 | private final BCryptPasswordEncoder bCryptPasswordEncoder;
|
|---|
| 29 |
|
|---|
| 30 | private final BusinessRepository businessRepository;
|
|---|
| 31 |
|
|---|
| 32 | @Override
|
|---|
| 33 | public UserDetails loadUserByUsername(String username) throws UsernameNotFoundException {
|
|---|
| 34 | Stakeholder user = stakeholderRepository.findStakeholderByUsername(username);
|
|---|
| 35 | if(user == null) {
|
|---|
| 36 | throw new UsernameNotFoundException("Non existing user");
|
|---|
| 37 | }
|
|---|
| 38 |
|
|---|
| 39 | if(user.getStakeholderType() == StakeholderType.BUSINESS_OWNER) {
|
|---|
| 40 | Business business = businessRepository.findBusinessByOwner(user);
|
|---|
| 41 | if (business.getBusinessStatus() != BusinessStatus.ACTIVE) {
|
|---|
| 42 | throw new SecurityException("User not approved by admin");
|
|---|
| 43 | }
|
|---|
| 44 | }
|
|---|
| 45 | Set<GrantedAuthority> grantedAuthorities = new HashSet<>();
|
|---|
| 46 | grantedAuthorities.add(new SimpleGrantedAuthority(user.getStakeholderType().name()));
|
|---|
| 47 |
|
|---|
| 48 | return new User(user.getUsername(), user.getPassword(), grantedAuthorities);
|
|---|
| 49 | }
|
|---|
| 50 |
|
|---|
| 51 | public Long loadStakeholderId(String username) {
|
|---|
| 52 | return stakeholderRepository.findStakeholderByUsername(username).getId();
|
|---|
| 53 | }
|
|---|
| 54 | }
|
|---|
