Add 403 error page, update security configuration, and implement user management features

2025-03-28 16:16:00 +01:00 · 2025-03-28 16:16:00 +01:00 · 995a0cb2d4
parent 4d8ad412ee
commit 995a0cb2d4
10 changed files with 109 additions and 30 deletions
--- a/src/main/java/com/ieslamar/GestionInventario/SecurityConfig.java
+++ b/src/main/java/com/ieslamar/GestionInventario/SecurityConfig.java
@ -1,6 +1,5 @@
 package com.ieslamar.GestionInventario;

-
 import com.ieslamar.GestionInventario.services.UserDetailsServiceImpl;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
@ -21,16 +20,16 @@ public class SecurityConfig {
    }

    @Bean
-public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
-
+    public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
        http.authorizeHttpRequests(auth -> auth
-            .requestMatchers("/css/**", "/js/**", "/images/**").permitAll() // 🔹 Permitir acceso a CSS, JS e imágenes
+                .requestMatchers("/css/**", "/js/**", "/images/**").permitAll() // Permitir acceso a CSS, JS e imágenes
                .requestMatchers("/admin/**").hasRole("ADMIN")
                .requestMatchers("/user/**").hasAnyRole("USER", "ADMIN")
-            .requestMatchers("/register").hasRole("ADMIN")
+                .requestMatchers("/management", "/user_management", "/register").hasRole("ADMIN")
                .requestMatchers("/", "/login").permitAll()
                .anyRequest().authenticated()
            )
+            .exceptionHandling(ex -> ex.accessDeniedPage("/error/403")) // Manejo de error 403
            .formLogin(login -> login
                .loginPage("/login")
                .defaultSuccessUrl("/home", true)
@ -39,13 +38,12 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
            .logout(logout -> logout
                .logoutUrl("/logout")
                .logoutSuccessUrl("/login?logout=true")
-            .invalidateHttpSession(true) // Invalida la sesión después de logout
-            .clearAuthentication(true) // Limpia la autenticación
+                .invalidateHttpSession(true)
+                .clearAuthentication(true)
                .permitAll()
            );
        return http.build();
-}
-
+    }

    @Bean
    public PasswordEncoder passwordEncoder() {
--- a/src/main/java/com/ieslamar/GestionInventario/controllers/AuthController.java
+++ b/src/main/java/com/ieslamar/GestionInventario/controllers/AuthController.java
@ -14,7 +14,7 @@ public class AuthController {
        this.userService = userService;
    }

-    @PostMapping("/register")
+    @PostMapping("/regisater")
    public ResponseEntity<String> register(@RequestParam String username, @RequestParam String password, @RequestParam String role, @RequestParam String mail) {
        userService.registerUser(username, password, role, mail);
        return ResponseEntity.ok("User registered successfully");
--- a/src/main/java/com/ieslamar/GestionInventario/controllers/ErrorController.java
+++ b/src/main/java/com/ieslamar/GestionInventario/controllers/ErrorController.java
@ -0,0 +1,13 @@
+package com.ieslamar.GestionInventario.controllers;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.GetMapping;
+
+@Controller
+public class ErrorController {
+
+    @GetMapping("/error/403")
+    public String error403() {
+        return "error/403"; // Asegura que devuelve la vista correcta
+    }
+}
--- a/src/main/java/com/ieslamar/GestionInventario/controllers/UserController.java
+++ b/src/main/java/com/ieslamar/GestionInventario/controllers/UserController.java
@ -38,4 +38,13 @@ public class UserController {
        userService.registerUser(username, password, role, mail);
        return "redirect:/login?success";  // Redirige al login tras registrarse
    }
+    @GetMapping("/management")
+    public String managementPage(){
+        return "management";
+    }
+    @GetMapping("/user_managemment")
+    public String userManagementPage(){
+        return "user_management";
+    }
+
 }
--- a/src/main/resources/templates/error/403.html
+++ b/src/main/resources/templates/error/403.html
@ -0,0 +1,24 @@
+<!DOCTYPE html>
+<html lang="es" xmlns:th="http://www.thymeleaf.org">
+<head>
+    <meta charset="UTF-8">
+    <meta name="viewport" content="width=device-width, initial-scale=1.0">
+    <title>403 - Acceso Prohibido</title>
+    <style>
+        body { text-align: center; background-color: #f8d7da; color: #721c24; padding: 50px; font-family: Arial, sans-serif; }
+        .container { max-width: 600px; margin: auto; padding: 20px; background: white; border-radius: 10px; box-shadow: 0 0 10px rgba(0, 0, 0, 0.1); }
+        h1 { font-size: 50px; }
+        p { font-size: 18px; }
+        a { display: inline-block; margin-top: 20px; padding: 10px 20px; background-color: #721c24; color: white; text-decoration: none; border-radius: 5px; }
+        a:hover { background-color: #a71d2a; }
+    </style>
+</head>
+<body>
+    <div class="container">
+        <h1>403</h1>
+        <h2>Acceso Prohibido</h2>
+        <p>No tienes permisos para acceder a esta página.</p>
+        <a th:href="@{/home}">Volver al inicio</a>
+    </div>
+</body>
+</html>
--- a/src/main/resources/templates/home.html
+++ b/src/main/resources/templates/home.html
@ -3,7 +3,6 @@
 <head>
    <title>Home</title>
    <link rel="stylesheet" th:href="@{/css/style.css}">
-
 </head>
 <body>
    <h2 th:text="${message}"></h2>
@ -18,8 +17,8 @@
        <div sec:authorize="hasRole('ADMIN')">
            <br>
            <br>
-            <a href="/Inventario/register">
-                <button>Registrar Nuevo Usuario</button>
+            <a href="/Inventario/management">
+                <button>Gestión</button>
            </a>
        </div>
    </div>
--- a/src/main/resources/templates/login.html
+++ b/src/main/resources/templates/login.html
--- a/src/main/resources/templates/management.html
+++ b/src/main/resources/templates/management.html
@ -0,0 +1,15 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.w3.org/1999/xhtml">
+<head>
+    <title>Gestión</title>
+    <link rel="stylesheet" th:href="@{/css/style.css}">
+</head>
+<body>
+    <h2 th:text="'Gestión'"></h2>
+    <div class="container1">
+        <a href="/Inventario/user_managemment">
+            <button>Gestión de Usuarios</button>
+        </a>
+    </div>
+</body>
+</html>
--- a/src/main/resources/templates/register.html
+++ b/src/main/resources/templates/register.html
@ -17,6 +17,10 @@
                <input type="password" name="password" required>
                <br>
                <br>
+                <label>Mail:</label>
+                <input type="text" name="mail" required>
+                <br>
+                <br>
                <label>Rol:</label>
                <select name="role">
                    <option value="USER">Usuario</option>
--- a/src/main/resources/templates/user_management.html
+++ b/src/main/resources/templates/user_management.html
@ -0,0 +1,17 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org" xmlns:sec="http://www.w3.org/1999/xhtml">
+    <head>
+        <title>User management</title>
+        <link rel="stylesheet" th:href="@{/css/style.css}">
+    </head>
+    <body>
+        <h2 th:text="'Gestión de usuarios'"></h2>
+        <div class="container1">
+            <a href="/Inventario/register">
+                <button>Registrar usuario</button>
+            </a>
+        </div>
+    </body>
+</html>
+
+