Add 403 error page, update security configuration, and implement user management features

src/main/java/com/ieslamar/GestionInventario/SecurityConfig.java

@@ -1,6 +1,5 @@
 package com.ieslamar.GestionInventario;
 
-
 import com.ieslamar.GestionInventario.services.UserDetailsServiceImpl;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@@ -21,31 +20,30 @@ public class SecurityConfig {
     }
 
     @Bean
-public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-
+        http.authorizeHttpRequests(auth -> auth
-    http.authorizeHttpRequests(auth -> auth
+                .requestMatchers("/css/**", "/js/**", "/images/**").permitAll() // Permitir acceso a CSS, JS e imágenes
-            .requestMatchers("/css/**", "/js/**", "/images/**").permitAll() // 🔹 Permitir acceso a CSS, JS e imágenes
+                .requestMatchers("/admin/**").hasRole("ADMIN")
-            .requestMatchers("/admin/**").hasRole("ADMIN")
+                .requestMatchers("/user/**").hasAnyRole("USER", "ADMIN")
-            .requestMatchers("/user/**").hasAnyRole("USER", "ADMIN")
+                .requestMatchers("/management", "/user_management", "/register").hasRole("ADMIN")
-            .requestMatchers("/register").hasRole("ADMIN")
+                .requestMatchers("/", "/login").permitAll()
-            .requestMatchers("/", "/login").permitAll()
+                .anyRequest().authenticated()
-            .anyRequest().authenticated()
+            )
-        )
+            .exceptionHandling(ex -> ex.accessDeniedPage("/error/403")) // Manejo de error 403
-        .formLogin(login -> login
+            .formLogin(login -> login
-            .loginPage("/login")
+                .loginPage("/login")
-            .defaultSuccessUrl("/home", true)
+                .defaultSuccessUrl("/home", true)
-            .permitAll()
+                .permitAll()
-        )
+            )
-        .logout(logout -> logout
+            .logout(logout -> logout
-            .logoutUrl("/logout")
+                .logoutUrl("/logout")
-            .logoutSuccessUrl("/login?logout=true")
+                .logoutSuccessUrl("/login?logout=true")
-            .invalidateHttpSession(true) // Invalida la sesión después de logout
+                .invalidateHttpSession(true)
-            .clearAuthentication(true) // Limpia la autenticación
+                .clearAuthentication(true)
-            .permitAll()
+                .permitAll()
-        );
+            );
-    return http.build();
+        return http.build();
-}
+    }
-
 
     @Bean
     public PasswordEncoder passwordEncoder() {

src/main/java/com/ieslamar/GestionInventario/controllers/AuthController.java

@@ -14,7 +14,7 @@ public class AuthController {
         this.userService = userService;
     }
 
-    @PostMapping("/register")
+    @PostMapping("/regisater")
     public ResponseEntity<String> register(@RequestParam String username, @RequestParam String password, @RequestParam String role, @RequestParam String mail) {
         userService.registerUser(username, password, role, mail);
         return ResponseEntity.ok("User registered successfully");

src/main/java/com/ieslamar/GestionInventario/controllers/ErrorController.java

@@ -0,0 +1,13 @@
+package com.ieslamar.GestionInventario.controllers;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class ErrorController {
+
+    @GetMapping("/error/403")
+    public String error403() {
+        return "error/403"; // Asegura que devuelve la vista correcta
+    }
+}

src/main/java/com/ieslamar/GestionInventario/controllers/UserController.java

@@ -38,4 +38,13 @@ public class UserController {
         userService.registerUser(username, password, role, mail);
         return "redirect:/login?success";  // Redirige al login tras registrarse
     }
+    @GetMapping("/management")
+    public String managementPage(){
+        return "management";
+    }
+    @GetMapping("/user_managemment")
+    public String userManagementPage(){
+        return "user_management";
+    }
+
 }

src/main/resources/templates/error/403.html

@@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<html lang="es" xmlns:th="http://www.thymeleaf.org">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>403 - Acceso Prohibido</title>
+    <style>
+        body { text-align: center; background-color: #f8d7da; color: #721c24; padding: 50px; font-family: Arial, sans-serif; }
+        .container { max-width: 600px; margin: auto; padding: 20px; background: white; border-radius: 10px; box-shadow: 0 0 10px rgba(0, 0, 0, 0.1); }
+        h1 { font-size: 50px; }
+        p { font-size: 18px; }
+        a { display: inline-block; margin-top: 20px; padding: 10px 20px; background-color: #721c24; color: white; text-decoration: none; border-radius: 5px; }
+        a:hover { background-color: #a71d2a; }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>403</h1>
+        <h2>Acceso Prohibido</h2>
+        <p>No tienes permisos para acceder a esta página.</p>
+        <a th:href="@{/home}">Volver al inicio</a>
+    </div>
+</body>
+</html>

src/main/resources/templates/home.html

@@ -3,7 +3,6 @@
 <head>
     <title>Home</title>
     <link rel="stylesheet" th:href="@{/css/style.css}">
-
 </head>
 <body>
     <h2 th:text="${message}"></h2>
@@ -18,8 +17,8 @@
         <div sec:authorize="hasRole('ADMIN')">
             <br>
             <br>
-            <a href="/Inventario/register">
+            <a href="/Inventario/management">
-                <button>Registrar Nuevo Usuario</button>
+                <button>Gestión</button>
             </a>
         </div>
     </div>

src/main/resources/templates/management.html

@@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.w3.org/1999/xhtml">
+<head>
+    <title>Gestión</title>
+    <link rel="stylesheet" th:href="@{/css/style.css}">
+</head>
+<body>
+    <h2 th:text="'Gestión'"></h2>
+    <div class="container1">
+        <a href="/Inventario/user_managemment">
+            <button>Gestión de Usuarios</button>
+        </a>
+    </div>
+</body>
+</html>

src/main/resources/templates/register.html

@@ -17,6 +17,10 @@
                 <input type="password" name="password" required>
                 <br>
                 <br>
+                <label>Mail:</label>
+                <input type="text" name="mail" required>
+                <br>
+                <br>
                 <label>Rol:</label>
                 <select name="role">
                     <option value="USER">Usuario</option>

src/main/resources/templates/user_management.html

@@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.w3.org/1999/xhtml">
+    <head>
+        <title>User management</title>
+        <link rel="stylesheet" th:href="@{/css/style.css}">
+    </head>
+    <body>
+        <h2 th:text="'Gestión de usuarios'"></h2>
+        <div class="container1">
+            <a href="/Inventario/register">
+                <button>Registrar usuario</button>
+            </a>
+        </div>
+    </body>
+</html>
+
+