diff --git a/MySQL_conf_pbx/test1/Rest-API-Postman/CezenPBX_API.postman_collection_Security.json b/MySQL_conf_pbx/test1/Rest-API-Postman/CezenPBX_API.postman_collection_Security.json index 1ce2ce3..2c66ad7 100644 --- a/MySQL_conf_pbx/test1/Rest-API-Postman/CezenPBX_API.postman_collection_Security.json +++ b/MySQL_conf_pbx/test1/Rest-API-Postman/CezenPBX_API.postman_collection_Security.json @@ -62,7 +62,190 @@ ] } }, - "response": [] + "response": [ + { + "name": "1005", + "originalRequest": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"context\": \"default\",\n \"extension\": \"1005\",\n \"priority\": 1,\n \"app\": \"Dial\",\n \"appdata\": \"PJSIP/1005,20,m(default)\"\n}\n", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://localhost:8081/cezen/add_extension", + "protocol": "http", + "host": [ + "localhost" + ], + "port": "8081", + "path": [ + "cezen", + "add_extension" + ] + } + }, + "status": "OK", + "code": 200, + "_postman_previewlanguage": "json", + "header": [ + { + "key": "Vary", + "value": "Origin" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Method" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Headers" + }, + { + "key": "X-Content-Type-Options", + "value": "nosniff" + }, + { + "key": "X-XSS-Protection", + "value": "0" + }, + { + "key": "Cache-Control", + "value": "no-cache, no-store, max-age=0, must-revalidate" + }, + { + "key": "Pragma", + "value": "no-cache" + }, + { + "key": "Expires", + "value": "0" + }, + { + "key": "X-Frame-Options", + "value": "DENY" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Transfer-Encoding", + "value": "chunked" + }, + { + "key": "Date", + "value": "Thu, 15 May 2025 10:20:09 GMT" + }, + { + "key": "Keep-Alive", + "value": "timeout=60" + }, + { + "key": "Connection", + "value": "keep-alive" + } + ], + "cookie": [], + "body": "{\n \"status\": false,\n \"message\": \"Data likely already exists or DB issue\",\n \"exceptionMessage\": \"could not execute statement [(conn=482) Duplicate entry '1005-PJSIP/1005,20,m(default)-1' for key 'extension_table_unique_val'] [insert into extensions_table (app,appdata,context,exten,priority) values (?,?,?,?,?)]; SQL [insert into extensions_table (app,appdata,context,exten,priority) values (?,?,?,?,?)]; constraint [extension_table_unique_val]\"\n}" + }, + { + "name": "test1", + "originalRequest": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"context\": \"default\",\n \"extension\": \"test1\",\n \"priority\": 1,\n \"app\": \"Dial\",\n \"appdata\": \"test123rf\"\n}\n", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://localhost:8081/cezen/add_extension", + "protocol": "http", + "host": [ + "localhost" + ], + "port": "8081", + "path": [ + "cezen", + "add_extension" + ] + } + }, + "status": "OK", + "code": 200, + "_postman_previewlanguage": "json", + "header": [ + { + "key": "Vary", + "value": "Origin" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Method" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Headers" + }, + { + "key": "X-Content-Type-Options", + "value": "nosniff" + }, + { + "key": "X-XSS-Protection", + "value": "0" + }, + { + "key": "Cache-Control", + "value": "no-cache, no-store, max-age=0, must-revalidate" + }, + { + "key": "Pragma", + "value": "no-cache" + }, + { + "key": "Expires", + "value": "0" + }, + { + "key": "X-Frame-Options", + "value": "DENY" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Transfer-Encoding", + "value": "chunked" + }, + { + "key": "Date", + "value": "Thu, 15 May 2025 10:21:06 GMT" + }, + { + "key": "Keep-Alive", + "value": "timeout=60" + }, + { + "key": "Connection", + "value": "keep-alive" + } + ], + "cookie": [], + "body": "{\n \"status\": true,\n \"message\": \"test1 Persisted \",\n \"exceptionMessage\": \"\"\n}" + } + ] }, { "name": "set_password", @@ -91,7 +274,99 @@ ] } }, - "response": [] + "response": [ + { + "name": "set_password", + "originalRequest": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"1005\",\n \"authType\": \"userpass\",\n \"userName\": \"1005\",\n \"password\": \"12345\",\n \"md5Cred\": null,\n \"realm\": null\n}\n", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://localhost:8081/cezen/set_password", + "protocol": "http", + "host": [ + "localhost" + ], + "port": "8081", + "path": [ + "cezen", + "set_password" + ] + } + }, + "status": "OK", + "code": 200, + "_postman_previewlanguage": "json", + "header": [ + { + "key": "Vary", + "value": "Origin" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Method" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Headers" + }, + { + "key": "X-Content-Type-Options", + "value": "nosniff" + }, + { + "key": "X-XSS-Protection", + "value": "0" + }, + { + "key": "Cache-Control", + "value": "no-cache, no-store, max-age=0, must-revalidate" + }, + { + "key": "Pragma", + "value": "no-cache" + }, + { + "key": "Expires", + "value": "0" + }, + { + "key": "X-Frame-Options", + "value": "DENY" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Transfer-Encoding", + "value": "chunked" + }, + { + "key": "Date", + "value": "Thu, 15 May 2025 10:21:54 GMT" + }, + { + "key": "Keep-Alive", + "value": "timeout=60" + }, + { + "key": "Connection", + "value": "keep-alive" + } + ], + "cookie": [], + "body": "{\n \"status\": false,\n \"message\": \"Endpoint and password already set \",\n \"exceptionMessage\": \"could not execute statement [(conn=482) Duplicate entry '1005' for key 'PRIMARY'] [insert into ps_auths (auth_type,md5_cred,password,realm,username,id) values (?,?,?,?,?,?)]; SQL [insert into ps_auths (auth_type,md5_cred,password,realm,username,id) values (?,?,?,?,?,?)]; constraint [PRIMARY]\"\n}" + } + ] }, { "name": "SetAORS", @@ -120,7 +395,99 @@ ] } }, - "response": [] + "response": [ + { + "name": "SetAORS", + "originalRequest": { + "method": "POST", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"id\": \"1005\",\n \"maxContacts\": 1\n}", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://localhost:8081/cezen/set_aors", + "protocol": "http", + "host": [ + "localhost" + ], + "port": "8081", + "path": [ + "cezen", + "set_aors" + ] + } + }, + "status": "OK", + "code": 200, + "_postman_previewlanguage": "json", + "header": [ + { + "key": "Vary", + "value": "Origin" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Method" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Headers" + }, + { + "key": "X-Content-Type-Options", + "value": "nosniff" + }, + { + "key": "X-XSS-Protection", + "value": "0" + }, + { + "key": "Cache-Control", + "value": "no-cache, no-store, max-age=0, must-revalidate" + }, + { + "key": "Pragma", + "value": "no-cache" + }, + { + "key": "Expires", + "value": "0" + }, + { + "key": "X-Frame-Options", + "value": "DENY" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Transfer-Encoding", + "value": "chunked" + }, + { + "key": "Date", + "value": "Thu, 15 May 2025 10:22:12 GMT" + }, + { + "key": "Keep-Alive", + "value": "timeout=60" + }, + { + "key": "Connection", + "value": "keep-alive" + } + ], + "cookie": [], + "body": "{\n \"status\": true,\n \"message\": \"1005 Persisted \",\n \"exceptionMessage\": \"\"\n}" + } + ] }, { "name": "DeleteExtension", @@ -146,7 +513,96 @@ ] } }, - "response": [] + "response": [ + { + "name": "DeleteExtension", + "originalRequest": { + "method": "DELETE", + "header": [], + "url": { + "raw": "http://localhost:8081/cezen/delete_extension?sipNumber=1005", + "protocol": "http", + "host": [ + "localhost" + ], + "port": "8081", + "path": [ + "cezen", + "delete_extension" + ], + "query": [ + { + "key": "sipNumber", + "value": "1005" + } + ] + } + }, + "status": "OK", + "code": 200, + "_postman_previewlanguage": "json", + "header": [ + { + "key": "Vary", + "value": "Origin" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Method" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Headers" + }, + { + "key": "X-Content-Type-Options", + "value": "nosniff" + }, + { + "key": "X-XSS-Protection", + "value": "0" + }, + { + "key": "Cache-Control", + "value": "no-cache, no-store, max-age=0, must-revalidate" + }, + { + "key": "Pragma", + "value": "no-cache" + }, + { + "key": "Expires", + "value": "0" + }, + { + "key": "X-Frame-Options", + "value": "DENY" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Transfer-Encoding", + "value": "chunked" + }, + { + "key": "Date", + "value": "Thu, 15 May 2025 10:22:35 GMT" + }, + { + "key": "Keep-Alive", + "value": "timeout=60" + }, + { + "key": "Connection", + "value": "keep-alive" + } + ], + "cookie": [], + "body": "true" + } + ] }, { "name": "Add_a_global_extension_feature", @@ -175,10 +631,102 @@ ] } }, - "response": [] + "response": [ + { + "name": "Add_a_global_extension_feature", + "originalRequest": { + "method": "PUT", + "header": [], + "body": { + "mode": "raw", + "raw": "{\n \"context\": \"default\",\n \"extension\": \"w\",\n \"priority\": 5,\n \"app\": \"Dial\",\n \"appdata\": \"W conf\"\n}\n", + "options": { + "raw": { + "language": "json" + } + } + }, + "url": { + "raw": "http://localhost:8081/cezen/add_feature", + "protocol": "http", + "host": [ + "localhost" + ], + "port": "8081", + "path": [ + "cezen", + "add_feature" + ] + } + }, + "status": "OK", + "code": 200, + "_postman_previewlanguage": "json", + "header": [ + { + "key": "Vary", + "value": "Origin" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Method" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Headers" + }, + { + "key": "X-Content-Type-Options", + "value": "nosniff" + }, + { + "key": "X-XSS-Protection", + "value": "0" + }, + { + "key": "Cache-Control", + "value": "no-cache, no-store, max-age=0, must-revalidate" + }, + { + "key": "Pragma", + "value": "no-cache" + }, + { + "key": "Expires", + "value": "0" + }, + { + "key": "X-Frame-Options", + "value": "DENY" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Transfer-Encoding", + "value": "chunked" + }, + { + "key": "Date", + "value": "Thu, 15 May 2025 10:53:48 GMT" + }, + { + "key": "Keep-Alive", + "value": "timeout=60" + }, + { + "key": "Connection", + "value": "keep-alive" + } + ], + "cookie": [], + "body": "{\n \"status\": false,\n \"message\": \"w configured as default Already exists\",\n \"exceptionMessage\": \"jakarta.persistence.TransactionRequiredException: No EntityManager with actual transaction available for current thread - cannot reliably process 'persist' call\"\n}" + } + ] }, { - "name": "login", + "name": "signup", "request": { "auth": { "type": "noauth" @@ -208,6 +756,158 @@ } }, "response": [] + }, + { + "name": "login", + "protocolProfileBehavior": { + "disableBodyPruning": true + }, + "request": { + "auth": { + "type": "basic", + "basic": [ + { + "key": "password", + "value": "1234", + "type": "string" + }, + { + "key": "username", + "value": "mathew", + "type": "string" + } + ] + }, + "method": "GET", + "header": [], + "body": { + "mode": "raw", + "raw": "" + }, + "url": { + "raw": "http://localhost:8081/open/login", + "protocol": "http", + "host": [ + "localhost" + ], + "port": "8081", + "path": [ + "open", + "login" + ] + } + }, + "response": [ + { + "name": "login", + "originalRequest": { + "method": "GET", + "header": [], + "body": { + "mode": "raw", + "raw": "" + }, + "url": { + "raw": "http://localhost:8081/open/login", + "protocol": "http", + "host": [ + "localhost" + ], + "port": "8081", + "path": [ + "open", + "login" + ] + } + }, + "status": "OK", + "code": 200, + "_postman_previewlanguage": "json", + "header": [ + { + "key": "Vary", + "value": "Origin" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Method" + }, + { + "key": "Vary", + "value": "Access-Control-Request-Headers" + }, + { + "key": "Set-Cookie", + "value": "Authorization=eyJhbGciOiJIUzI1NiJ9.eyJpc3MiOiJNYXRoZXcgRnJhbmNpcyIsInN1YiI6IkpXVF9Ub2tlbiIsInVzZXJuYW1lIjoiY29tLmV4YW1wbGUuY2V6ZW5QQlguZW50aXR5LnVzZXIuVXNlckVudGl0eUAzMGI5ZjFlOCIsImF1dGhvcml0aWVzIjoiUk9MRV9hZG1pbiIsImlhdCI6MTc0NzI5MDAyMCwiZXhwIjoxNzQ3MzIwMDIwfQ.kjyArki3Cbc90Jjf68pl5iPeg61GWaxb6yT6ivTNXes; Path=/; Secure; HttpOnly" + }, + { + "key": "X-Content-Type-Options", + "value": "nosniff" + }, + { + "key": "X-XSS-Protection", + "value": "0" + }, + { + "key": "Cache-Control", + "value": "no-cache, no-store, max-age=0, must-revalidate" + }, + { + "key": "Pragma", + "value": "no-cache" + }, + { + "key": "Expires", + "value": "0" + }, + { + "key": "X-Frame-Options", + "value": "DENY" + }, + { + "key": "Content-Type", + "value": "application/json" + }, + { + "key": "Transfer-Encoding", + "value": "chunked" + }, + { + "key": "Date", + "value": "Thu, 15 May 2025 06:20:20 GMT" + }, + { + "key": "Keep-Alive", + "value": "timeout=60" + }, + { + "key": "Connection", + "value": "keep-alive" + } + ], + "cookie": [], + "body": "{\n \"status\": false,\n \"message\": \"Login not yet implemented\",\n \"exceptionMessage\": \"Login not yet implemented\"\n}" + } + ] + }, + { + "name": "logout", + "request": { + "method": "POST", + "header": [], + "url": { + "raw": "http://localhost:8081/logout", + "protocol": "http", + "host": [ + "localhost" + ], + "port": "8081", + "path": [ + "logout" + ] + } + }, + "response": [] } ] } \ No newline at end of file diff --git a/MySQL_conf_pbx/test1/mariadb_data/ib_logfile0 b/MySQL_conf_pbx/test1/mariadb_data/ib_logfile0 index db57855..b245549 100644 Binary files a/MySQL_conf_pbx/test1/mariadb_data/ib_logfile0 and b/MySQL_conf_pbx/test1/mariadb_data/ib_logfile0 differ diff --git a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DAO/BasicAsteriskOpsDAO.java b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DAO/BasicAsteriskOpsDAO.java index 34920d3..0f026b9 100644 --- a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DAO/BasicAsteriskOpsDAO.java +++ b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/DAO/BasicAsteriskOpsDAO.java @@ -8,6 +8,7 @@ import jakarta.persistence.TypedQuery; import jakarta.transaction.Transactional; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Repository; +import org.springframework.transaction.UnexpectedRollbackException; @Repository public class BasicAsteriskOpsDAO implements CezenPbxOpsDAO { @@ -114,21 +115,21 @@ public class BasicAsteriskOpsDAO implements CezenPbxOpsDAO { } @Override - @Transactional public ReturnStatus saveAnExtensionByCharacters(ExtensionsTable extensionsTable) { - - try{ - - this.entityManager.persist(extensionsTable); - + try { + this.doPersist(extensionsTable); // calls @Transactional method return new ReturnStatus(true, extensionsTable.getExtension() +" configured as "+ extensionsTable.getContext() +" added", ""); - - }catch (Exception e){ + } catch (Exception e) { return new ReturnStatus(false, extensionsTable.getExtension() +" configured as "+ extensionsTable.getContext() +" Already exists", e.toString()); } } + + @Transactional + public void doPersist(ExtensionsTable extensionsTable) { + entityManager.persist(extensionsTable); + } } diff --git a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/config/CezenLoginSecurityChain.java b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/config/CezenLoginSecurityChain.java index 6e2d1a6..fec13ba 100644 --- a/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/config/CezenLoginSecurityChain.java +++ b/MySQL_conf_pbx/test1/springCezenPBX/src/main/java/com/example/cezenPBX/config/CezenLoginSecurityChain.java @@ -82,12 +82,15 @@ public class CezenLoginSecurityChain { //only admin can use this rout //user roles :- ROLE_admin ROLE_employee ROLE_manager ROLE_user .requestMatchers( - "/admin/get_all_users", - "/admin/list_all_branches_with_manager" + "/cezen/add_user", + "/cezen/add_feature", + "/cezen/delete_extension", + "/cezen/set_aors", + "/cezen/set_password", + "/cezen/add_extension" ).hasAnyRole("admin") //any one who is authenticated can access /logout .requestMatchers("/open/login", "/user/getXSRfToken", "/logout").authenticated() - .requestMatchers("/bankUser/**").hasAnyRole("user") //all the rest are open to public .requestMatchers("/open/signup").permitAll() //.requestMatchers(HttpMethod.POST, "/open/**").permitAll()