navalcode
diff --git a/‎.gitignore‎
Lines changed: 1 addition & 0 deletions b/‎.gitignore‎
Lines changed: 1 addition & 0 deletions
diff --git a/‎pom.xml‎
Lines changed: 5 additions & 0 deletions b/‎pom.xml‎
Lines changed: 5 additions & 0 deletions
diff --git a/‎src/main/java/com/sopromadze/blogapi/config/SecutiryConfig.java‎
Lines changed: 9 additions & 8 deletions b/‎src/main/java/com/sopromadze/blogapi/config/SecutiryConfig.java‎
Lines changed: 9 additions & 8 deletions
diff --git a/‎src/main/java/com/sopromadze/blogapi/config/WebMvcConfig.java‎
Lines changed: 8 additions & 2 deletions b/‎src/main/java/com/sopromadze/blogapi/config/WebMvcConfig.java‎
Lines changed: 8 additions & 2 deletions
diff --git a/‎src/main/java/com/sopromadze/blogapi/controller/AlbumController.java‎
Lines changed: 6 additions & 3 deletions b/‎src/main/java/com/sopromadze/blogapi/controller/AlbumController.java‎
Lines changed: 6 additions & 3 deletions
diff --git a/‎src/main/java/com/sopromadze/blogapi/controller/AuthController.java‎
Lines changed: 35 additions & 30 deletions b/‎src/main/java/com/sopromadze/blogapi/controller/AuthController.java‎
Lines changed: 35 additions & 30 deletions
diff --git a/‎src/main/java/com/sopromadze/blogapi/controller/CategoryController.java‎
Lines changed: 7 additions & 5 deletions b/‎src/main/java/com/sopromadze/blogapi/controller/CategoryController.java‎
Lines changed: 7 additions & 5 deletions
diff --git a/‎src/main/java/com/sopromadze/blogapi/controller/CommentController.java‎
Lines changed: 28 additions & 10 deletions b/‎src/main/java/com/sopromadze/blogapi/controller/CommentController.java‎
Lines changed: 28 additions & 10 deletions
@@ -9,6 +9,7 @@
 .settings
 .springBeans
 .sts4-cache
+/bin/
 
 ### IntelliJ IDEA ###
 .idea
 
@@ -41,6 +41,11 @@
 			<groupId>org.springframework.boot</groupId>
 			<artifactId>spring-boot-starter-web</artifactId>
 		</dependency>
+		
+		<dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-aop</artifactId>
+        </dependency>
 
 		<!-- https://mvnrepository.com/artifact/org.springframework.boot/spring-boot-starter-test -->
 		<dependency>
 
@@ -1,9 +1,5 @@
 package com.sopromadze.blogapi.config;
 
-import com.sopromadze.blogapi.repository.UserRepository;
-import com.sopromadze.blogapi.security.JwtAuthenticationEntryPoint;
-import com.sopromadze.blogapi.security.JwtAuthenticationFilter;
-import com.sopromadze.blogapi.service.CustomUserDetailsService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -20,27 +16,32 @@
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
+import com.sopromadze.blogapi.repository.UserRepository;
+import com.sopromadze.blogapi.security.JwtAuthenticationEntryPoint;
+import com.sopromadze.blogapi.security.JwtAuthenticationFilter;
+import com.sopromadze.blogapi.service.impl.CustomUserDetailsServiceImpl;
+
 @Configuration
 @EnableWebSecurity
 @EnableGlobalMethodSecurity(
         securedEnabled = true,
         jsr250Enabled = true,
         prePostEnabled = true)
 public class SecutiryConfig extends WebSecurityConfigurerAdapter {
-    private final CustomUserDetailsService customUserDetailsService;
+    private final CustomUserDetailsServiceImpl customUserDetailsService;
     private final JwtAuthenticationEntryPoint unauthorizedHandler;
     private final JwtAuthenticationFilter jwtAuthenticationFilter;
 
     @Autowired
-    public SecutiryConfig(UserRepository userRepository, CustomUserDetailsService customUserDetailsService, JwtAuthenticationEntryPoint unauthorizedHandler,  JwtAuthenticationFilter jwtAuthenticationFilter) {
+    public SecutiryConfig(UserRepository userRepository, CustomUserDetailsServiceImpl customUserDetailsService, JwtAuthenticationEntryPoint unauthorizedHandler,  JwtAuthenticationFilter jwtAuthenticationFilter) {
         this.customUserDetailsService = customUserDetailsService;
         this.unauthorizedHandler = unauthorizedHandler;
         this.jwtAuthenticationFilter = jwtAuthenticationFilter;
-        ;
     }
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
+    	
         http.cors().and().csrf().disable()
                 .exceptionHandling()
                     .authenticationEntryPoint(unauthorizedHandler)
@@ -50,7 +51,7 @@ protected void configure(HttpSecurity http) throws Exception {
                     .and()
                 .authorizeRequests()
                     .antMatchers(HttpMethod.GET, "/api/**").permitAll()
-                    .antMatchers("/api/auth/**").permitAll()
+                    .antMatchers(HttpMethod.POST, "/api/auth/**").permitAll()
                     .antMatchers(HttpMethod.GET, "/api/users/checkUsernameAvailability", "/api/users/checkEmailAvailability").permitAll()
                 .anyRequest().authenticated();
 
 
@@ -1,17 +1,23 @@
 package com.sopromadze.blogapi.config;
 
+import org.springframework.beans.factory.annotation.Value;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 @Configuration
 public class WebMvcConfig implements WebMvcConfigurer {
-    private final long MAX_AGE_SECS = 3600;
+	
+	@Value("cors.allowedOrings")
+	private String allowedOrigins;
 
     public void addCorsMappings(CorsRegistry registry){
+    	final long MAX_AGE_SECS = 3600;
+    	
         registry.addMapping("/**")
-                .allowedOrigins("*")
+                .allowedOrigins(allowedOrigins)
                 .allowedMethods("GET", "POST", "PUT", "DELETE")
+                .allowedHeaders("*")
                 .maxAge(MAX_AGE_SECS);
     }
 }
@@ -21,12 +21,14 @@
 import com.sopromadze.blogapi.payload.AlbumResponse;
 import com.sopromadze.blogapi.payload.ApiResponse;
 import com.sopromadze.blogapi.payload.PagedResponse;
+import com.sopromadze.blogapi.payload.PhotoResponse;
 import com.sopromadze.blogapi.payload.request.AlbumRequest;
 import com.sopromadze.blogapi.security.CurrentUser;
 import com.sopromadze.blogapi.security.UserPrincipal;
 import com.sopromadze.blogapi.service.AlbumService;
 import com.sopromadze.blogapi.service.PhotoService;
 import com.sopromadze.blogapi.utils.AppConstants;
+import com.sopromadze.blogapi.utils.AppUtils;
 
 @RestController
 @RequestMapping("/api/albums")
@@ -46,6 +48,7 @@ public ResponseEntity<ApiResponse> handleExceptions(ResponseEntityErrorException
 	public PagedResponse<AlbumResponse> getAllAlbums(
 			@RequestParam(name = "page", required = false, defaultValue = AppConstants.DEFAULT_PAGE_NUMBER) Integer page,
 			@RequestParam(name = "size", required = false, defaultValue = AppConstants.DEFAULT_PAGE_SIZE) Integer size) {
+		AppUtils.validatePageNumberAndSize(page, size);
 
 		return albumService.getAllAlbums(page, size);
 	}
@@ -57,7 +60,7 @@ public ResponseEntity<Album> addAlbum(@Valid @RequestBody AlbumRequest albumRequ
 	}
 
 	@GetMapping("/{id}")
-	public ResponseEntity<?> getAlbum(@PathVariable(name = "id") Long id) {
+	public ResponseEntity<Album> getAlbum(@PathVariable(name = "id") Long id) {
 		return albumService.getAlbum(id);
 	}
 
@@ -70,12 +73,12 @@ public ResponseEntity<AlbumResponse> updateAlbum(@PathVariable(name = "id") Long
 
 	@DeleteMapping("/{id}")
 	@PreAuthorize("hasRole('USER') or hasRole('ADMIN')")
-	public ResponseEntity<?> deleteAlbum(@PathVariable(name = "id") Long id, @CurrentUser UserPrincipal currentUser) {
+	public ResponseEntity<ApiResponse> deleteAlbum(@PathVariable(name = "id") Long id, @CurrentUser UserPrincipal currentUser) {
 		return albumService.deleteAlbum(id, currentUser);
 	}
 
 	@GetMapping("/{id}/photos")
-	public PagedResponse<?> getAllPhotosByAlbum(@PathVariable(name = "id") Long id,
+	public PagedResponse<PhotoResponse> getAllPhotosByAlbum(@PathVariable(name = "id") Long id,
 			@RequestParam(name = "page", required = false, defaultValue = AppConstants.DEFAULT_PAGE_NUMBER) Integer page,
 			@RequestParam(name = "size", required = false, defaultValue = AppConstants.DEFAULT_PAGE_SIZE) Integer size) {
 		return photoService.getAllPhotosByAlbum(id, page, size);
 
@@ -1,16 +1,11 @@
 package com.sopromadze.blogapi.controller;
 
-import com.sopromadze.blogapi.exception.AppException;
-import com.sopromadze.blogapi.model.role.Role;
-import com.sopromadze.blogapi.model.role.RoleName;
-import com.sopromadze.blogapi.model.user.User;
-import com.sopromadze.blogapi.payload.ApiResponse;
-import com.sopromadze.blogapi.payload.JwtAuthenticationResponse;
-import com.sopromadze.blogapi.payload.LoginRequest;
-import com.sopromadze.blogapi.payload.SignUpRequest;
-import com.sopromadze.blogapi.repository.RoleRepository;
-import com.sopromadze.blogapi.repository.UserRepository;
-import com.sopromadze.blogapi.security.JwtTokenProvider;
+import java.net.URI;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.validation.Valid;
+
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -25,14 +20,24 @@
 import org.springframework.web.bind.annotation.RestController;
 import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
 
-import javax.validation.Valid;
-import java.net.URI;
-import java.util.ArrayList;
-import java.util.List;
+import com.sopromadze.blogapi.exception.AppException;
+import com.sopromadze.blogapi.exception.BlogapiException;
+import com.sopromadze.blogapi.model.role.Role;
+import com.sopromadze.blogapi.model.role.RoleName;
+import com.sopromadze.blogapi.model.user.User;
+import com.sopromadze.blogapi.payload.ApiResponse;
+import com.sopromadze.blogapi.payload.JwtAuthenticationResponse;
+import com.sopromadze.blogapi.payload.LoginRequest;
+import com.sopromadze.blogapi.payload.SignUpRequest;
+import com.sopromadze.blogapi.repository.RoleRepository;
+import com.sopromadze.blogapi.repository.UserRepository;
+import com.sopromadze.blogapi.security.JwtTokenProvider;
 
 @RestController
 @RequestMapping("/api/auth")
 public class AuthController {
+	private static final String USER_ROLE_NOT_SET = "User role not set";
+
 	@Autowired
 	private AuthenticationManager authenticationManager;
 
@@ -49,7 +54,7 @@ public class AuthController {
 	private JwtTokenProvider jwtTokenProvider;
 
 	@PostMapping("/signin")
-	public ResponseEntity<?> authenticateUser(@Valid @RequestBody LoginRequest loginRequest) {
+	public ResponseEntity<JwtAuthenticationResponse> authenticateUser(@Valid @RequestBody LoginRequest loginRequest) {
 		Authentication authentication = authenticationManager.authenticate(
 				new UsernamePasswordAuthenticationToken(loginRequest.getUsernameOrEmail(), loginRequest.getPassword()));
 
@@ -60,37 +65,37 @@ public ResponseEntity<?> authenticateUser(@Valid @RequestBody LoginRequest login
 	}
 
 	@PostMapping("/signup")
-	public ResponseEntity<?> registerUser(@Valid @RequestBody SignUpRequest signUpRequest) {
+	public ResponseEntity<ApiResponse> registerUser(@Valid @RequestBody SignUpRequest signUpRequest) {
 		if (userRepository.existsByUsername(signUpRequest.getUsername())) {
-			return new ResponseEntity<>(new ApiResponse(false, "Username is already taken"), HttpStatus.BAD_REQUEST);
+			throw new BlogapiException(HttpStatus.BAD_REQUEST, "Username is already taken");
 		}
 
 		if (userRepository.existsByEmail(signUpRequest.getEmail())) {
-			return new ResponseEntity<>(new ApiResponse(false, "Email is already taken"), HttpStatus.BAD_REQUEST);
+			throw new BlogapiException(HttpStatus.BAD_REQUEST, "Email is already taken");
 		}
-		String firstName = signUpRequest.getFirstName().substring(0, 1).toUpperCase()
-				+ signUpRequest.getFirstName().substring(1).toLowerCase();
+		
+		String firstName = signUpRequest.getFirstName().toLowerCase();
 
-		String lastName = signUpRequest.getLastName().substring(0, 1).toUpperCase()
-				+ signUpRequest.getLastName().substring(1).toLowerCase();
+		String lastName = signUpRequest.getLastName().toLowerCase();
 
 		String username = signUpRequest.getUsername().toLowerCase();
 
 		String email = signUpRequest.getEmail().toLowerCase();
+		
+		String password = passwordEncoder.encode(signUpRequest.getPassword());
 
-		User user = new User(firstName, lastName, username, email, signUpRequest.getPassword());
-
-		user.setPassword(passwordEncoder.encode(user.getPassword()));
+		User user = new User(firstName, lastName, username, email, password);
 
 		List<Role> roles = new ArrayList<>();
+		
 		if (userRepository.count() == 0) {
 			roles.add(roleRepository.findByName(RoleName.ROLE_USER)
-					.orElseThrow(() -> new AppException("User role not set")));
+					.orElseThrow(() -> new AppException(USER_ROLE_NOT_SET)));
 			roles.add(roleRepository.findByName(RoleName.ROLE_ADMIN)
-					.orElseThrow(() -> new AppException("User role not set")));
+					.orElseThrow(() -> new AppException(USER_ROLE_NOT_SET)));
 		} else {
 			roles.add(roleRepository.findByName(RoleName.ROLE_USER)
-					.orElseThrow(() -> new AppException("User role not set")));
+					.orElseThrow(() -> new AppException(USER_ROLE_NOT_SET)));
 		}
 
 		user.setRoles(roles);
@@ -100,6 +105,6 @@ public ResponseEntity<?> registerUser(@Valid @RequestBody SignUpRequest signUpRe
 		URI location = ServletUriComponentsBuilder.fromCurrentContextPath().path("/api/users/{userId}")
 				.buildAndExpand(result.getId()).toUri();
 
-		return ResponseEntity.created(location).body(new ApiResponse(true, "User registered successfully"));
+		return ResponseEntity.created(location).body(new ApiResponse(Boolean.TRUE, "User registered successfully"));
 	}
 }
@@ -15,7 +15,9 @@
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
+import com.sopromadze.blogapi.exception.UnathorizedException;
 import com.sopromadze.blogapi.model.category.Category;
+import com.sopromadze.blogapi.payload.ApiResponse;
 import com.sopromadze.blogapi.payload.PagedResponse;
 import com.sopromadze.blogapi.security.CurrentUser;
 import com.sopromadze.blogapi.security.UserPrincipal;
@@ -29,32 +31,32 @@ public class CategoryController {
     private CategoryService categoryService;
 
     @GetMapping
-    public PagedResponse<?> getAllCategories(
+    public PagedResponse<Category> getAllCategories(
             @RequestParam(name = "page", required = false, defaultValue = AppConstants.DEFAULT_PAGE_NUMBER) Integer page,
             @RequestParam(name = "size", required = false, defaultValue = AppConstants.DEFAULT_PAGE_SIZE) Integer size){
         return categoryService.getAllCategories(page, size);
     }
 
     @PostMapping
     @PreAuthorize("hasRole('USER')")
-    public ResponseEntity<?> addCategory(@Valid @RequestBody Category category, @CurrentUser UserPrincipal currentUser){
+    public ResponseEntity<Category> addCategory(@Valid @RequestBody Category category, @CurrentUser UserPrincipal currentUser){
         return categoryService.addCategory(category, currentUser);
     }
 
     @GetMapping("/{id}")
-    public ResponseEntity<?> getCategory(@PathVariable(name = "id") Long id){
+    public ResponseEntity<Category> getCategory(@PathVariable(name = "id") Long id){
         return categoryService.getCategory(id);
     }
 
     @PutMapping("/{id}")
     @PreAuthorize("hasRole('USER') or hasRole('ADMIN')")
-    public ResponseEntity<?> updateCategory(@PathVariable(name = "id") Long id, @Valid @RequestBody Category category, @CurrentUser UserPrincipal currentUser){
+    public ResponseEntity<Category> updateCategory(@PathVariable(name = "id") Long id, @Valid @RequestBody Category category, @CurrentUser UserPrincipal currentUser) throws UnathorizedException{
         return categoryService.updateCategory(id, category, currentUser);
     }
 
     @DeleteMapping("/{id}")
     @PreAuthorize("hasRole('USER') or hasRole('ADMIN')")
-    public ResponseEntity<?> deleteCategory(@PathVariable(name = "id") Long id, @CurrentUser UserPrincipal currentUser){
+    public ResponseEntity<ApiResponse> deleteCategory(@PathVariable(name = "id") Long id, @CurrentUser UserPrincipal currentUser) throws UnathorizedException{
         return categoryService.deleteCategory(id, currentUser);
     }
 
 
@@ -3,6 +3,7 @@
 import javax.validation.Valid;
 
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.DeleteMapping;
@@ -15,6 +16,8 @@
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
 
+import com.sopromadze.blogapi.model.comment.Comment;
+import com.sopromadze.blogapi.payload.ApiResponse;
 import com.sopromadze.blogapi.payload.CommentRequest;
 import com.sopromadze.blogapi.payload.PagedResponse;
 import com.sopromadze.blogapi.security.CurrentUser;
@@ -29,38 +32,53 @@ public class CommentController {
 	private CommentService commentService;
 
 	@GetMapping
-	public PagedResponse<?> getAllComments(@PathVariable(name = "postId") Long postId,
+	public ResponseEntity<PagedResponse<Comment>> getAllComments(@PathVariable(name = "postId") Long postId,
 			@RequestParam(name = "page", required = false, defaultValue = AppConstants.DEFAULT_PAGE_NUMBER) Integer page,
 			@RequestParam(name = "size", required = false, defaultValue = AppConstants.DEFAULT_PAGE_SIZE) Integer size) {
-		return commentService.getAllComments(postId, page, size);
+		
+		PagedResponse<Comment> allComments = commentService.getAllComments(postId, page, size);
+		
+		return new ResponseEntity<PagedResponse<Comment>>(allComments, HttpStatus.OK);
 	}
 
 	@PostMapping
 	@PreAuthorize("hasRole('USER')")
-	public ResponseEntity<?> addComment(@Valid @RequestBody CommentRequest commentRequest,
+	public ResponseEntity<Comment> addComment(@Valid @RequestBody CommentRequest commentRequest,
 			@PathVariable(name = "postId") Long postId, @CurrentUser UserPrincipal currentUser) {
-		return commentService.addComment(commentRequest, postId, currentUser);
+		Comment newComment = commentService.addComment(commentRequest, postId, currentUser);
+		
+		return new ResponseEntity<Comment>(newComment, HttpStatus.CREATED);
 	}
 
 	@GetMapping("/{id}")
-	public ResponseEntity<?> getComment(@PathVariable(name = "postId") Long postId,
+	public ResponseEntity<Comment> getComment(@PathVariable(name = "postId") Long postId,
 			@PathVariable(name = "id") Long id) {
-		return commentService.getComment(postId, id);
+		Comment comment = commentService.getComment(postId, id);
+		
+		return new ResponseEntity<Comment>(comment, HttpStatus.OK);
 	}
 
 	@PutMapping("/{id}")
 	@PreAuthorize("hasRole('USER') or hasRole('ADMIN')")
-	public ResponseEntity<?> updateComment(@PathVariable(name = "postId") Long postId,
+	public ResponseEntity<Comment> updateComment(@PathVariable(name = "postId") Long postId,
 			@PathVariable(name = "id") Long id, @Valid @RequestBody CommentRequest commentRequest,
 			@CurrentUser UserPrincipal currentUser) {
-		return commentService.updateComment(postId, id, commentRequest, currentUser);
+		
+		Comment updatedComment = commentService.updateComment(postId, id, commentRequest, currentUser);
+		
+		return new ResponseEntity<Comment>(updatedComment, HttpStatus.OK);
 	}
 
 	@DeleteMapping("/{id}")
 	@PreAuthorize("hasRole('USER') or hasRole('ADMIN')")
-	public ResponseEntity<?> deleteComment(@PathVariable(name = "postId") Long postId,
+	public ResponseEntity<ApiResponse> deleteComment(@PathVariable(name = "postId") Long postId,
 			@PathVariable(name = "id") Long id, @CurrentUser UserPrincipal currentUser) {
-		return commentService.deleteComment(postId, id, currentUser);
+		
+		ApiResponse response = commentService.deleteComment(postId, id, currentUser);
+		
+		HttpStatus status = response.getSuccess() ? HttpStatus.OK : HttpStatus.BAD_REQUEST;
+		
+		return new ResponseEntity<ApiResponse>(response, status);
 	}
 
 }