From 995a0cb2d46ea3bf1453df1151bcabf7ad766529 Mon Sep 17 00:00:00 2001
From: jon ander <jonander2233@gmail.com>
Date: Fri, 28 Mar 2025 16:16:00 +0100
Subject: [PATCH] Add 403 error page, update security configuration, and
 implement user management features

---
 .../GestionInventario/SecurityConfig.java     | 50 +++++++++----------
 .../controllers/AuthController.java           |  2 +-
 .../controllers/ErrorController.java          | 13 +++++
 .../controllers/UserController.java           |  9 ++++
 src/main/resources/templates/error/403.html   | 24 +++++++++
 .../templates/{Home.html => home.html}        |  5 +-
 .../templates/{Login.html => login.html}      |  0
 src/main/resources/templates/management.html  | 15 ++++++
 .../{Register.html => register.html}          |  4 ++
 .../resources/templates/user_management.html  | 17 +++++++
 10 files changed, 109 insertions(+), 30 deletions(-)
 create mode 100644 src/main/java/com/ieslamar/GestionInventario/controllers/ErrorController.java
 create mode 100644 src/main/resources/templates/error/403.html
 rename src/main/resources/templates/{Home.html => home.html} (87%)
 rename src/main/resources/templates/{Login.html => login.html} (100%)
 create mode 100644 src/main/resources/templates/management.html
 rename src/main/resources/templates/{Register.html => register.html} (88%)
 create mode 100644 src/main/resources/templates/user_management.html

diff --git a/src/main/java/com/ieslamar/GestionInventario/SecurityConfig.java b/src/main/java/com/ieslamar/GestionInventario/SecurityConfig.java
index 12bf602..6c36a3d 100644
--- a/src/main/java/com/ieslamar/GestionInventario/SecurityConfig.java
+++ b/src/main/java/com/ieslamar/GestionInventario/SecurityConfig.java
@@ -1,6 +1,5 @@
 package com.ieslamar.GestionInventario;
 
-
 import com.ieslamar.GestionInventario.services.UserDetailsServiceImpl;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -21,31 +20,30 @@ public class SecurityConfig {
     }
 
     @Bean
-public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-
-    http.authorizeHttpRequests(auth -> auth
-            .requestMatchers("/css/**", "/js/**", "/images/**").permitAll() // 🔹 Permitir acceso a CSS, JS e imágenes
-            .requestMatchers("/admin/**").hasRole("ADMIN")
-            .requestMatchers("/user/**").hasAnyRole("USER", "ADMIN")
-            .requestMatchers("/register").hasRole("ADMIN")
-            .requestMatchers("/", "/login").permitAll()
-            .anyRequest().authenticated()
-        )
-        .formLogin(login -> login
-            .loginPage("/login")
-            .defaultSuccessUrl("/home", true)
-            .permitAll()
-        )
-        .logout(logout -> logout
-            .logoutUrl("/logout")
-            .logoutSuccessUrl("/login?logout=true")
-            .invalidateHttpSession(true) // Invalida la sesión después de logout
-            .clearAuthentication(true) // Limpia la autenticación
-            .permitAll()
-        );
-    return http.build();
-}
-
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+        http.authorizeHttpRequests(auth -> auth
+                .requestMatchers("/css/**", "/js/**", "/images/**").permitAll() // Permitir acceso a CSS, JS e imágenes
+                .requestMatchers("/admin/**").hasRole("ADMIN")
+                .requestMatchers("/user/**").hasAnyRole("USER", "ADMIN")
+                .requestMatchers("/management", "/user_management", "/register").hasRole("ADMIN")
+                .requestMatchers("/", "/login").permitAll()
+                .anyRequest().authenticated()
+            )
+            .exceptionHandling(ex -> ex.accessDeniedPage("/error/403")) // Manejo de error 403
+            .formLogin(login -> login
+                .loginPage("/login")
+                .defaultSuccessUrl("/home", true)
+                .permitAll()
+            )
+            .logout(logout -> logout
+                .logoutUrl("/logout")
+                .logoutSuccessUrl("/login?logout=true")
+                .invalidateHttpSession(true)
+                .clearAuthentication(true)
+                .permitAll()
+            );
+        return http.build();
+    }
 
     @Bean
     public PasswordEncoder passwordEncoder() {
diff --git a/src/main/java/com/ieslamar/GestionInventario/controllers/AuthController.java b/src/main/java/com/ieslamar/GestionInventario/controllers/AuthController.java
index f937944..24d85b7 100644
--- a/src/main/java/com/ieslamar/GestionInventario/controllers/AuthController.java
+++ b/src/main/java/com/ieslamar/GestionInventario/controllers/AuthController.java
@@ -14,7 +14,7 @@ public class AuthController {
         this.userService = userService;
     }
 
-    @PostMapping("/register")
+    @PostMapping("/regisater")
     public ResponseEntity<String> register(@RequestParam String username, @RequestParam String password, @RequestParam String role, @RequestParam String mail) {
         userService.registerUser(username, password, role, mail);
         return ResponseEntity.ok("User registered successfully");
diff --git a/src/main/java/com/ieslamar/GestionInventario/controllers/ErrorController.java b/src/main/java/com/ieslamar/GestionInventario/controllers/ErrorController.java
new file mode 100644
index 0000000..fec97ee
--- /dev/null
+++ b/src/main/java/com/ieslamar/GestionInventario/controllers/ErrorController.java
@@ -0,0 +1,13 @@
+package com.ieslamar.GestionInventario.controllers;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class ErrorController {
+
+    @GetMapping("/error/403")
+    public String error403() {
+        return "error/403"; // Asegura que devuelve la vista correcta
+    }
+}
diff --git a/src/main/java/com/ieslamar/GestionInventario/controllers/UserController.java b/src/main/java/com/ieslamar/GestionInventario/controllers/UserController.java
index 46ed7c4..3982f37 100644
--- a/src/main/java/com/ieslamar/GestionInventario/controllers/UserController.java
+++ b/src/main/java/com/ieslamar/GestionInventario/controllers/UserController.java
@@ -38,4 +38,13 @@ public class UserController {
         userService.registerUser(username, password, role, mail);
         return "redirect:/login?success";  // Redirige al login tras registrarse
     }
+    @GetMapping("/management")
+    public String managementPage(){
+        return "management";
+    }
+    @GetMapping("/user_managemment")
+    public String userManagementPage(){
+        return "user_management";
+    }
+
 }
diff --git a/src/main/resources/templates/error/403.html b/src/main/resources/templates/error/403.html
new file mode 100644
index 0000000..78a026f
--- /dev/null
+++ b/src/main/resources/templates/error/403.html
@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<html lang="es" xmlns:th="http://www.thymeleaf.org">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>403 - Acceso Prohibido</title>
+    <style>
+        body { text-align: center; background-color: #f8d7da; color: #721c24; padding: 50px; font-family: Arial, sans-serif; }
+        .container { max-width: 600px; margin: auto; padding: 20px; background: white; border-radius: 10px; box-shadow: 0 0 10px rgba(0, 0, 0, 0.1); }
+        h1 { font-size: 50px; }
+        p { font-size: 18px; }
+        a { display: inline-block; margin-top: 20px; padding: 10px 20px; background-color: #721c24; color: white; text-decoration: none; border-radius: 5px; }
+        a:hover { background-color: #a71d2a; }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>403</h1>
+        <h2>Acceso Prohibido</h2>
+        <p>No tienes permisos para acceder a esta página.</p>
+        <a th:href="@{/home}">Volver al inicio</a>
+    </div>
+</body>
+</html>
diff --git a/src/main/resources/templates/Home.html b/src/main/resources/templates/home.html
similarity index 87%
rename from src/main/resources/templates/Home.html
rename to src/main/resources/templates/home.html
index 190cda5..ba86cfe 100644
--- a/src/main/resources/templates/Home.html
+++ b/src/main/resources/templates/home.html
@@ -3,7 +3,6 @@
 <head>
     <title>Home</title>
     <link rel="stylesheet" th:href="@{/css/style.css}">
-
 </head>
 <body>
     <h2 th:text="${message}"></h2>
@@ -18,8 +17,8 @@
         <div sec:authorize="hasRole('ADMIN')">
             <br>
             <br>
-            <a href="/Inventario/register">
-                <button>Registrar Nuevo Usuario</button>
+            <a href="/Inventario/management">
+                <button>Gestión</button>
             </a>
         </div>
     </div>
diff --git a/src/main/resources/templates/Login.html b/src/main/resources/templates/login.html
similarity index 100%
rename from src/main/resources/templates/Login.html
rename to src/main/resources/templates/login.html
diff --git a/src/main/resources/templates/management.html b/src/main/resources/templates/management.html
new file mode 100644
index 0000000..582b972
--- /dev/null
+++ b/src/main/resources/templates/management.html
@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.w3.org/1999/xhtml">
+<head>
+    <title>Gestión</title>
+    <link rel="stylesheet" th:href="@{/css/style.css}">
+</head>
+<body>
+    <h2 th:text="'Gestión'"></h2>
+    <div class="container1">
+        <a href="/Inventario/user_managemment">
+            <button>Gestión de Usuarios</button>
+        </a>
+    </div>
+</body>
+</html>
\ No newline at end of file
diff --git a/src/main/resources/templates/Register.html b/src/main/resources/templates/register.html
similarity index 88%
rename from src/main/resources/templates/Register.html
rename to src/main/resources/templates/register.html
index cb2c316..e49b935 100644
--- a/src/main/resources/templates/Register.html
+++ b/src/main/resources/templates/register.html
@@ -17,6 +17,10 @@
                 <input type="password" name="password" required>
                 <br>
                 <br>
+                <label>Mail:</label>
+                <input type="text" name="mail" required>
+                <br>
+                <br>
                 <label>Rol:</label>
                 <select name="role">
                     <option value="USER">Usuario</option>
diff --git a/src/main/resources/templates/user_management.html b/src/main/resources/templates/user_management.html
new file mode 100644
index 0000000..527495b
--- /dev/null
+++ b/src/main/resources/templates/user_management.html
@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.w3.org/1999/xhtml">
+    <head>
+        <title>User management</title>
+        <link rel="stylesheet" th:href="@{/css/style.css}">
+    </head>
+    <body>
+        <h2 th:text="'Gestión de usuarios'"></h2>
+        <div class="container1">
+            <a href="/Inventario/register">
+                <button>Registrar usuario</button>
+            </a>
+        </div>
+    </body>
+</html>
+
+