Giters

Rahman2001 / Account_Service

This project focuses on Spring Security in Spring Boot. The goal of this project is to show API restrictions to various users and their functionality.

Repository from Github https://github.comRahman2001/Account_ServiceRepository from Github https://github.comRahman2001/Account_Service

Account_Service

This project focuses on Spring Security in Spring Boot. The goal of this project is to show API restrictions to various users and their functionality.

APIs of application and permissions for users by their roles.

Below are APIs with their restrictions according to user's role. (Example, if a user is "ADMINISTRATOR", then he can can access certain APIs as below table shows).

Anonymous User Accountant Administrator
POST api/auth/signup + + + +
POST api/auth/changepass + + +
GET api/empl/payment - + + -
POST api/acct/payments - - + -
PUT api/acct/payments - - + -
GET api/admin/user - - - +
DELETE api/admin/user/{email} - - - +
PUT api/admin/user/role - - - +



Features of APIs.

  1. POST api/auth/signup for registration of a user.
  2. POST api/auth/changepass for updating password
  3. GET api/empl/payment to view payments of employees (if there is any).
  4. POST api/acct/payments to upload payment of employee (for particular period if there is no such).
  5. PUT api/acct/payments to change a salary of employee in particular period (if there is such period).
  6. GET api/admin/user to view all users in database with their role. (e.g. "ROLE_USER", "ROLE_ADMINISTRATOR", etc.)
  7. DELETE api/admin/user/{email} to delete a user from database.
  8. PUT api/admin/user/role to grant or remove any role from user.

Examples of sending correct JSON data to APIs.

  1. POST api/auth/signup : 

    {
  "name":"Rahman",
  "lastname":"Rejepov",
  "email":"rahman@acme.com",
  "password":"rahmanGaziUniversity"
}

    In example above, sent JSON data will be processed for verification.
    i. If email has already been registered before, it will throw exception.
    ii. If password does not support all the conditions in PasswordAuthentication.java, it will throw exception.

  2. POST api/auth/changepass : 

    {
   "new_password": "your new Password" (for updating your password, you must be authenticated, first)
}

  1. GET api/empl/payment:
    GET request for api/empl/payment with the correct authentication for johndoe@acme.com :
    In case of successful authentication, application will return all the payrolls of that employee: 
        [
       {
          "name": "John",
          "lastname": "Doe",
          "period": "March-2021",
          "salary": "1234 dollar(s) 56 cent(s)"
       },
       {
          "name": "John",
          "lastname": "Doe",
          "period": "February-2021",
          "salary": "1234 dollar(s) 56 cent(s)"
       },
       {
          "name": "John",
          "lastname": "Doe",
          "period": "January-2021",
          "salary": "1234 dollar(s) 56 cent(s)"
       }
   ]

  2. POST api/acct/payments:
    If a user wants to upload employee payrolls, then JSON data should be like this:
    [
    {
        "employee": "johndoe@acme.com",
        "period": "01-2021",
        "salary": 123456
    },
    {
        "employee": "johndoe@acme.com",
        "period": "01-2021",
        "salary": 123456
    }
]

  1. PUT api/acct/payments:
    If there is an employee with uploaded payment such as: 

    {
 "employee": "johndoe@acme.com",
 "period": "01-2021", (period existing in database)
 "salary": 123457  (updated salary for that period)
}

    Then, in case of successful update, the response will be like: 

    {
"status": "Updated successfully!"
}

  2. GET api/admin/user:
    Shows all the users in database with their granted roles (for example): 

    [
   {
       "id": 1,
       "name": "John",
       "lastname": "Doe",
       "email": "johndoe@acme.com",
       "roles": [
           "ROLE_ADMINISTRATOR"
       ]
   },
   {
       "id": 2,
       "name": "Ivan",
       "lastname": "Ivanov",
       "email": "ivanivanov@acme.com",
       "roles": [
           "ROLE_ACCOUNTANT",
           "ROLE_USER"
       ]
   }
]

    In example above, in order to get user list, user must be authenticated and authorized as ADMINISTRATOR.

  3. DELETE api/admin/user/{email}:
    In {email} , there must be existing user email to be able to delete that user as ADMINISTRATOR :
    Example: Requested DELETE api/admin/user/johndoe@acme.com to delete a user with email johndoe@acme.com :
    Response: (in case of successful deletion):

    {
"user": "ivanivanov@acme.com",
"status": "Deleted successfully!"
}

  4. PUT api/admin/user/role:
    In case of successful authentication and authorization as ADMINISTRATOR of a user, a user can grant or remove role of requested user: 

     {
 "user": "ivanivanov@acme.com",
 "role": "ACCOUNTANT",
 "operation": "REMOVE"
 }

    In case of successful romoval of a role from the user, the response will be like:

     {
    "id": 2,
    "name": "Ivan",
    "lastname": "Ivanov",
    "email": "ivanivanov@acme.com",
    "roles": [
        "ROLE_USER"
    ]
 }

    The same process is applied for grant operation.

About

This project focuses on Spring Security in Spring Boot. The goal of this project is to show API restrictions to various users and their functionality.

Languages

Language:Java 100.0%