Refactor HTML structure and update security configuration for role-based access

2025-03-25 19:21:12 +01:00 · 2025-03-25 19:21:12 +01:00 · 096efe5866
parent d58b92cd37
commit 096efe5866
6 changed files with 54 additions and 45 deletions
--- a/src/main/java/com/ieslamar/GestionInventario/SecurityConfig.java
+++ b/src/main/java/com/ieslamar/GestionInventario/SecurityConfig.java
@ -27,7 +27,8 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
            .requestMatchers("/css/**", "/js/**", "/images/**").permitAll() // 🔹 Permitir acceso a CSS, JS e imágenes
            .requestMatchers("/admin/**").hasRole("ADMIN")
            .requestMatchers("/user/**").hasAnyRole("USER", "ADMIN")
-            .requestMatchers("/", "/login", "/register").permitAll()
+            .requestMatchers("/register").hasRole("ADMIN")
+            .requestMatchers("/", "/login").permitAll()
            .anyRequest().authenticated()
        )
        .formLogin(login -> login
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@ -17,10 +17,4 @@ spring.jpa.database-platform=org.hibernate.dialect.MySQL8Dialect
 spring.jpa.hibernate.ddl-auto=update


-# Para inicializar datos en la base de datos (opcional)
-spring.sql.init.mode=always
-spring.security.user.name=admin
-spring.security.user.password=admin123
-spring.security.user.roles=ADMIN
-

--- a/src/main/resources/static/css/style.css
+++ b/src/main/resources/static/css/style.css
@ -17,7 +17,16 @@ p {
    margin-bottom: 20px;
 }

-form {
+.register_form{
+    background-color: #fff;
+    padding: 20px;
+    border-radius: 8px;
+    box-shadow: 0 0 10px rgba(0, 0, 0, 0.1);
+    width: 100%;
+    max-width: 400px;
+    box-sizing: border-box;
+}
+.container1{
    background-color: #fff;
    padding: 20px;
    border-radius: 8px;
@ -26,7 +35,6 @@ form {
    max-width: 400px;
    box-sizing: border-box;
 }
-
 .input-group {
    margin-bottom: 15px;
 }
@ -57,21 +65,6 @@ button {
 button:hover {
    background-color: #0056b3;
 }
-
-#button1 {
-    width: 100%;
-    padding: 10px;
-    background-color: #007bff;
-    color: #fff;
-    border: none;
-    border-radius: 4px;
-    cursor: pointer;
-
-}
-#button1:hover{
-    background-color: #0056b3;
-}
-
 #message {
    margin-top: 15px;
    text-align: center;
--- a/src/main/resources/templates/Home.html
+++ b/src/main/resources/templates/Home.html
@ -1,15 +1,27 @@
 <!DOCTYPE html>
-<html xmlns:th="http://www.thymeleaf.org">
+<html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.w3.org/1999/xhtml">
 <head>
    <title>Home</title>
+    <link rel="stylesheet" th:href="@{/css/style.css}">
+
 </head>
 <body>
    <h2 th:text="${message}"></h2>
-    <!-- Formulario de Logout (POST) -->
-    <form th:action="@{/logout}" method="post">
-        <button type="submit">Cerrar Sesión</button>
-        <!-- Token CSRF (obligatorio) -->
-        <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"/>
-    </form>
+    <div class="container1">
+        <!-- Formulario de Logout (POST) -->
+        <form th:action="@{/logout}" method="post">
+            <button type="submit">Cerrar Sesión</button>
+            <!-- Token CSRF (obligatorio) -->
+            <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"/>
+        </form>
+        <!-- Botón visible solo para Administradores -->
+        <div sec:authorize="hasRole('ADMIN')">
+            <br>
+            <br>
+            <a href="/Inventario/register">
+                <button>Registrar Nuevo Usuario</button>
+            </a>
+        </div>
+    </div>
 </body>
 </html>
--- a/src/main/resources/templates/Login.html
+++ b/src/main/resources/templates/Login.html
@ -6,7 +6,7 @@
    <link rel="stylesheet" th:href="@{/css/style.css}">
 </head>
 <body>
-    <div class="container_login">
+    <div class="container1">
        <h2>Iniciar Sesión</h2>

        <form id="loginForm" th:action="@{/login}" method="post">
--- a/src/main/resources/templates/Register.html
+++ b/src/main/resources/templates/Register.html
@ -2,21 +2,30 @@
 <html xmlns:th="http://www.thymeleaf.org">
    <head>
        <title>Registro</title>
+        <link rel="stylesheet" th:href="@{/css/style.css}">
    </head>
    <body>
        <h2>Registro</h2>
-        <form th:action="@{/register}" method="post">
-            <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"/>
-            <label>Usuario:</label>
-            <input type="text" name="username" required>
-            <label>Contraseña:</label>
-            <input type="password" name="password" required>
-            <label>Rol:</label>
-            <select name="role">
-                <option value="USER">Usuario</option>
-                <option value="ADMIN">Administrador</option>
-            </select>
-            <button type="submit">Registrar</button>
-        </form>
+        <div class="register_form">
+            <form th:action="@{/register}" method="post">
+                <input type="hidden" th:name="${_csrf.parameterName}" th:value="${_csrf.token}"/>
+                <label>Usuario:</label>
+                <input type="text" name="username" required>
+                <br>
+                <br>
+                <label>Contraseña:</label>
+                <input type="password" name="password" required>
+                <br>
+                <br>
+                <label>Rol:</label>
+                <select name="role">
+                    <option value="USER">Usuario</option>
+                    <option value="ADMIN">Administrador</option>
+                </select>
+                <br>
+                <br>
+                <button type="submit">Registrar</button>
+            </form>
+        </div>
    </body>
 </html>