diff --git a/Deliverables/v4-ASVS-checklist-en.xlsx b/Deliverables/v4-ASVS-checklist-en.xlsx index 6fce1002..5d8c9a9f 100644 Binary files a/Deliverables/v4-ASVS-checklist-en.xlsx and b/Deliverables/v4-ASVS-checklist-en.xlsx differ diff --git a/database_backups_script.sh b/database_backups_script.sh new file mode 100644 index 00000000..500820d9 --- /dev/null +++ b/database_backups_script.sh @@ -0,0 +1,30 @@ +#!/bin/bash + +if [ -f .env ]; then + source .env +fi + +DATE=$(date +%F-%H%M%S) + +# Backup directory on the host +BACKUP_DIR="/var/backups/database_backups" + +# Database credentials and details +DB_HOST="${DESOFS_DB_HOST}" #name of the mysql container +DB_USER="${DESOFS_DB_USER}" +DB_PASSWORD="${DESOFS_DB_PASS}" +DB_NAME="${DESOFS_DB_DEV_DB_NAME}" +NETWORK="cozinha_na_cozinha" #name of the network where mysql container is running. You can check the list of the docker neworks using doocker network ls + +# Docker image version of MySQL +MYSQL_IMAGE="mysql:latest" + +# Backup filename +BACKUP_FILENAME="$BACKUP_DIR/$DB_NAME-$DATE.sql" + +# Run mysqldump within a new Docker container +docker run --rm --network $NETWORK $MYSQL_IMAGE \\ + /usr/bin/mysqldump -h $DB_HOST -u $DB_USER -p$DB_PASSWORD $DB_NAME > $BACKUP_FILENAME + +# Compress the backup file +gzip $BACKUP_FILENAME \ No newline at end of file diff --git a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Controllers/UserController.java b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Controllers/UserController.java index 76385a18..7ce2309c 100644 --- a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Controllers/UserController.java +++ b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Controllers/UserController.java @@ -2,22 +2,25 @@ import isep.ipp.pt.api.desofs.Dto.UserDTO.ControllerLayer.UserDTOResponse; import isep.ipp.pt.api.desofs.Mapper.UserMapper.UserMapper; +import isep.ipp.pt.api.desofs.Model.UserModel.SignInRequest; import isep.ipp.pt.api.desofs.Model.UserModel.User; import isep.ipp.pt.api.desofs.Service.UserService.UserService; +import jakarta.validation.Valid; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.GetMapping; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RestController; +import org.springframework.security.authentication.AuthenticationManager; +import org.springframework.security.authentication.UsernamePasswordAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.web.bind.annotation.*; @RestController @RequestMapping("/user") public class UserController { @Autowired private UserService userService; - + @Autowired + private AuthenticationManager authenticationManager; @Autowired private UserMapper userMapper; @@ -26,4 +29,13 @@ public ResponseEntity getUserInfo(@PathVariable Long userId){ if(userId < 0) return ResponseEntity.badRequest().build(); return ResponseEntity.ok(userMapper.fromUserToUserDTOResponse(userService.getUserById(userId))); } + @DeleteMapping("/delete/data") + public ResponseEntity deleteUser(@RequestBody @Valid final SignInRequest request){ + final Authentication authentication = authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(request.username(), request.password())); + + if (authentication == null) return ResponseEntity.status(HttpStatus.UNAUTHORIZED).build(); + + userService.deleteUser(request.username()); + return ResponseEntity.ok().build(); + } } diff --git a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Implementation/EncomendaServiceImpl.java b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Implementation/EncomendaServiceImpl.java index 461c9a56..cda2642c 100644 --- a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Implementation/EncomendaServiceImpl.java +++ b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Implementation/EncomendaServiceImpl.java @@ -63,4 +63,9 @@ public List findEncHistory(Long userId) { return null; } } + + @Override + public void deleteEncomendaByUserName(String userId) { + encomendaRepo.deleteEncomendaByUserName(userId); + } } diff --git a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Implementation/ReviewServiceImpl.java b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Implementation/ReviewServiceImpl.java index 91639b60..34dd6dc6 100644 --- a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Implementation/ReviewServiceImpl.java +++ b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Implementation/ReviewServiceImpl.java @@ -49,4 +49,9 @@ public List getReviewsByUserId(Long userId) { public void deleteAll() { reviewRepo.deleteAll(); } + + @Override + public void deleteReviewsByUserName(String username) { + reviewRepo.deleteReviewsByUserName(username); + } } diff --git a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Implementation/UserRepoImpl.java b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Implementation/UserRepoImpl.java index 45367b22..bee57dbb 100644 --- a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Implementation/UserRepoImpl.java +++ b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Implementation/UserRepoImpl.java @@ -2,6 +2,8 @@ import isep.ipp.pt.api.desofs.Model.UserModel.User; import isep.ipp.pt.api.desofs.Repository.Interface.UserServiceRepo; +import isep.ipp.pt.api.desofs.Repository.Repo.EncomendaRepo; +import isep.ipp.pt.api.desofs.Repository.Repo.ReviewRepo; import isep.ipp.pt.api.desofs.Repository.Repo.UserRepo; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.security.core.userdetails.UserDetails; @@ -14,6 +16,10 @@ public class UserRepoImpl implements UserServiceRepo { @Autowired private UserRepo userRepo; + @Autowired + private ReviewRepo reviewRepo; + @Autowired + private EncomendaRepo encomendaRepo; @Override public User getUserById(Long userId) { @@ -50,4 +56,11 @@ public User validateUser(String username, String password) { return userRepo.validateUser(username, password); } + @Override + public void deleteUser(String username) { + reviewRepo.deleteReviewsByUserName(username); + encomendaRepo.deleteEncomendaByUserName(username); + userRepo.deleteUser(username); + } + } diff --git a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Interface/EncomendaServiceRepo.java b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Interface/EncomendaServiceRepo.java index e0c16cf9..0db1d622 100644 --- a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Interface/EncomendaServiceRepo.java +++ b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Interface/EncomendaServiceRepo.java @@ -20,4 +20,5 @@ public interface EncomendaServiceRepo { void deleteAll(); List findEncHistory(Long userId); + void deleteEncomendaByUserName(String userId); } diff --git a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Interface/ReviewServiceRepo.java b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Interface/ReviewServiceRepo.java index 6eb41c54..55f2b344 100644 --- a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Interface/ReviewServiceRepo.java +++ b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Interface/ReviewServiceRepo.java @@ -12,4 +12,5 @@ public interface ReviewServiceRepo { public List getReviewsByPacoteId(Long pacoteId); public List getReviewsByUserId(Long userId); public void deleteAll(); + public void deleteReviewsByUserName(String username); } diff --git a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Interface/UserServiceRepo.java b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Interface/UserServiceRepo.java index 324afb86..2e7a3c6a 100644 --- a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Interface/UserServiceRepo.java +++ b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Interface/UserServiceRepo.java @@ -13,5 +13,6 @@ public interface UserServiceRepo { public void deleteAll(); public User saveUser(User user); public User validateUser(String username, String password); + public void deleteUser(String username); } diff --git a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Repo/EncomendaRepo.java b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Repo/EncomendaRepo.java index ec07f9e7..d7d3bafb 100644 --- a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Repo/EncomendaRepo.java +++ b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Repo/EncomendaRepo.java @@ -15,5 +15,8 @@ public interface EncomendaRepo extends CrudRepository { @Query("SELECT e FROM Encomenda e WHERE e.user.userId = ?1 AND e.pacote.pacoteId = ?2 AND e.dataEncomenda = ?3") Encomenda findByDateUserPackage(Long userId, Long pacoteId, LocalDateTime dataEncomenda); + + @Query("DELETE FROM Encomenda e WHERE e.user.username = ?1") + void deleteEncomendaByUserName(String username); } diff --git a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Repo/ReviewRepo.java b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Repo/ReviewRepo.java index c7dd5f4b..6232e0e0 100644 --- a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Repo/ReviewRepo.java +++ b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Repo/ReviewRepo.java @@ -16,4 +16,8 @@ public interface ReviewRepo extends CrudRepository{ @Query("SELECT r FROM Review r WHERE r.user.userId = ?1") public List getReviewsByUserId(Long userId); + @Query("DELETE FROM Review r WHERE r.user.username = ?1") + public void deleteReviewsByUserName(String username); + + } diff --git a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Repo/UserRepo.java b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Repo/UserRepo.java index ca0b76df..50592257 100644 --- a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Repo/UserRepo.java +++ b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Repository/Repo/UserRepo.java @@ -16,4 +16,7 @@ public interface UserRepo extends CrudRepository { @Query("SELECT u FROM User u WHERE u.userId = ?1") public User getUserById(Long userId); + + @Query("DELETE FROM User u WHERE u.username = ?1") + public void deleteUser(String username); } diff --git a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/SecurityConfig.java b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/SecurityConfig.java index 5e041b8c..bff9788f 100644 --- a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/SecurityConfig.java +++ b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/SecurityConfig.java @@ -90,7 +90,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti .cors(cors -> cors.configurationSource(request -> { CorsConfiguration config = new CorsConfiguration(); config.setAllowedOriginPatterns(Arrays.asList("*")); - config.setAllowedMethods(Arrays.asList("*")); + config.setAllowedMethods(Arrays.asList("GET", "POST", "DELETE", "OPTIONS")); config.setAllowedHeaders(Arrays.asList("*")); config.setExposedHeaders(Arrays.asList(HttpHeaders.AUTHORIZATION)); config.setAllowCredentials(true); @@ -113,6 +113,7 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti .requestMatchers("/encomenda/**").authenticated() .requestMatchers("/user/info/**").authenticated() .requestMatchers("/encomenda/**").authenticated() + .requestMatchers("/user/delete/data").authenticated() .requestMatchers("/tipoReceita/**").authenticated() .requestMatchers("/api-docs/**").permitAll() .requestMatchers("/swagger-ui/**").permitAll() diff --git a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Service/UserService/UserService.java b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Service/UserService/UserService.java index e77e23b4..caa9a03a 100644 --- a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Service/UserService/UserService.java +++ b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Service/UserService/UserService.java @@ -21,4 +21,5 @@ public interface UserService { public void deleteAll(); public void saveUser(User user); + public void deleteUser(String username); } diff --git a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Service/UserService/UserServiceImpl.java b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Service/UserService/UserServiceImpl.java index e8770617..c4b3e8a3 100644 --- a/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Service/UserService/UserServiceImpl.java +++ b/desofsApi/src/main/java/isep/ipp/pt/api/desofs/Service/UserService/UserServiceImpl.java @@ -79,4 +79,9 @@ public void deleteAll() { public void saveUser(User user) { userRepo.saveUser(user); } + + @Override + public void deleteUser(String username) { + userRepo.deleteUser(username); + } }