diff --git a/spring-security-rest/pom.xml b/spring-security-rest/pom.xml index 5973f8fa5e..9e2620c098 100644 --- a/spring-security-rest/pom.xml +++ b/spring-security-rest/pom.xml @@ -1,4 +1,5 @@ - + 4.0.0 com.baeldung spring-security-rest @@ -76,14 +77,13 @@ spring-webmvc ${org.springframework.version} - + - - - org.springframework.hateoas - spring-hateoas - 0.19.0.RELEASE - + + org.springframework.hateoas + spring-hateoas + 0.19.0.RELEASE + @@ -100,13 +100,13 @@ ${jstl.version} runtime - + - javax.validation - validation-api - ${javax.validation.version} - - + javax.validation + validation-api + ${javax.validation.version} + + @@ -160,14 +160,14 @@ ${org.springframework.version} test - + - org.springframework.security - spring-security-test - ${org.springframework.security.version} - - - + org.springframework.security + spring-security-test + ${org.springframework.security.version} + + + com.jayway.restassured rest-assured @@ -180,7 +180,7 @@ - + junit junit @@ -269,7 +269,6 @@ cargo-maven2-plugin ${cargo-maven2-plugin.version} - true jetty8x embedded @@ -309,7 +308,7 @@ 1.2 2.2.2 2.2.2 - + 19.0 3.4 diff --git a/spring-security-rest/src/main/java/org/baeldung/spring/SecurityJavaConfig.java b/spring-security-rest/src/main/java/org/baeldung/spring/SecurityJavaConfig.java index bb51f5fd17..23c8155491 100644 --- a/spring-security-rest/src/main/java/org/baeldung/spring/SecurityJavaConfig.java +++ b/spring-security-rest/src/main/java/org/baeldung/spring/SecurityJavaConfig.java @@ -43,7 +43,6 @@ public class SecurityJavaConfig extends WebSecurityConfigurerAdapter { .and() .authorizeRequests() .antMatchers("/api/csrfAttacker*").permitAll() - .antMatchers("/api/customers**").permitAll() .antMatchers("/api/customer/**").permitAll() .antMatchers("/api/**").authenticated() .and() diff --git a/spring-security-rest/src/main/java/org/baeldung/web/controller/CustomerController.java b/spring-security-rest/src/main/java/org/baeldung/web/controller/CustomerController.java index 3a14094440..0582c94498 100644 --- a/spring-security-rest/src/main/java/org/baeldung/web/controller/CustomerController.java +++ b/spring-security-rest/src/main/java/org/baeldung/web/controller/CustomerController.java @@ -1,20 +1,23 @@ package org.baeldung.web.controller; -import java.util.List; - import org.baeldung.persistence.model.Customer; import org.baeldung.persistence.model.Order; import org.baeldung.web.service.CustomerService; import org.baeldung.web.service.OrderService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.hateoas.Link; -import org.springframework.hateoas.mvc.ControllerLinkBuilder; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestMethod; import org.springframework.web.bind.annotation.RestController; +import java.util.List; + +import static org.springframework.hateoas.mvc.ControllerLinkBuilder.linkTo; +import static org.springframework.hateoas.mvc.ControllerLinkBuilder.methodOn; + @RestController +@RequestMapping(value = "/customer") public class CustomerController { @Autowired private CustomerService customerService; @@ -22,34 +25,36 @@ public class CustomerController { @Autowired private OrderService orderService; - @RequestMapping(value = "/customer/{customerId}", method = RequestMethod.GET) + @RequestMapping(value = "/{customerId}", method = RequestMethod.GET) public Customer getCustomerById(@PathVariable final String customerId) { return customerService.getCustomerDetail(customerId); } - @RequestMapping(value = "/customer/{customerId}/{orderId}", method = RequestMethod.GET) + @RequestMapping(value = "/{customerId}/{orderId}", method = RequestMethod.GET) public Order getOrderById(@PathVariable final String customerId, @PathVariable final String orderId) { return orderService.getOrderByIdForCustomer(customerId, orderId); } - @RequestMapping(value = "/customer/{customerId}/orders", method = RequestMethod.GET) + @RequestMapping(value = "/{customerId}/orders", method = RequestMethod.GET) public List getOrdersForCustomer(@PathVariable final String customerId) { final List orders = orderService.getAllOrdersForCustomer(customerId); for (final Order order : orders) { - final Link selfLink = ControllerLinkBuilder.linkTo(ControllerLinkBuilder.methodOn(CustomerController.class).getOrderById(customerId, order.getOrderId())).withSelfRel(); + final Link selfLink = linkTo(methodOn(CustomerController.class).getOrderById(customerId, order.getOrderId())).withSelfRel(); order.add(selfLink); } return orders; } - @RequestMapping(value = "/customers", method = RequestMethod.GET) + @RequestMapping(method = RequestMethod.GET) public List getAllCustomers() { final List allCustomers = customerService.allCustomers(); for (final Customer customer : allCustomers) { - final Link selfLink = ControllerLinkBuilder.linkTo(ControllerLinkBuilder.methodOn(CustomerController.class).getCustomerById(customer.getCustomerId())).withSelfRel(); + String customerId = customer.getCustomerId(); + Link selfLink = linkTo(CustomerController.class).slash(customerId).withSelfRel(); customer.add(selfLink); - if (orderService.getAllOrdersForCustomer(customer.getCustomerId()).size() > 0) { - final Link ordersLink = ControllerLinkBuilder.linkTo(ControllerLinkBuilder.methodOn(CustomerController.class).getOrdersForCustomer(customer.getCustomerId())).withRel("allOrders"); + if (orderService.getAllOrdersForCustomer(customerId).size() > 0) { + List methodLinkBuilder = methodOn(CustomerController.class).getOrdersForCustomer(customerId); + final Link ordersLink = linkTo(methodLinkBuilder).withRel("allOrders"); customer.add(ordersLink); }