From c86404d612561797e2328a1388e0fc9c709bcf3e Mon Sep 17 00:00:00 2001
From: William Harrington <kb0iic@berzerkula.org>
Date: Tue, 18 Feb 2025 09:37:43 -0600
Subject: Create WHITELIST, ADMINLIST, CLIENTLIST and adjust dashboard test for
 client and admin. Remove some empty lines in register.html.

---
 .../org/berzerkula/builddb/config/SecurityConfig.java     | 15 +++++++--------
 src/main/resources/templates/register.html                |  5 -----
 .../controllers/BuilddbDashboardControllerTest.java       |  4 ++--
 3 files changed, 9 insertions(+), 15 deletions(-)

diff --git a/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java b/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
index 8d8b4b7..36229e3 100644
--- a/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
+++ b/src/main/java/org/berzerkula/builddb/config/SecurityConfig.java
@@ -15,20 +15,19 @@ import org.springframework.security.web.SecurityFilterChain;
 @EnableMethodSecurity
 public class SecurityConfig {
 
+	private static final String[] ADMINLIST = {"/admin", "/actuator/beans", "/actuator/env", "actuator/metrics", "/actuator/shutdown"};
+	private static final String[] CLIENTLIST = {"/client", "/pkgs/**"};
+	private static final String[] WHITELIST = {"/", "/register", "/login", "/actuator/health", "/actuator/info", "/contact"};
+
 	@Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         return http
 				.securityMatcher("/**")
 				//.requiresChannel(channel -> channel.anyRequest().requiresSecure())
                 .authorizeHttpRequests( auth -> auth
-                		.requestMatchers("/").permitAll()
-						.requestMatchers("/actuator/health","/actuator/info").permitAll()
-						.requestMatchers("/actuator/beans", "/actuator/env", "actuator/metrics", "/actuator/shutdown").hasRole(BuilddbConstants.ROLE_ADMIN)
-						.requestMatchers("/contact").permitAll()
-	                    .requestMatchers("/pkgs/**").hasRole(BuilddbConstants.ROLE_CLIENT)
-	                    .requestMatchers("/register").permitAll()
-	                    .requestMatchers("/login").permitAll()
-	                    .requestMatchers("/logout").authenticated()
+                		.requestMatchers(WHITELIST).permitAll()
+						.requestMatchers(ADMINLIST).hasRole(BuilddbConstants.ROLE_ADMIN)
+	                    .requestMatchers(CLIENTLIST).hasRole(BuilddbConstants.ROLE_CLIENT)
 	                    .anyRequest().authenticated()
                 )
 				.csrf(csrf -> csrf
diff --git a/src/main/resources/templates/register.html b/src/main/resources/templates/register.html
index 31f240b..41175d5 100644
--- a/src/main/resources/templates/register.html
+++ b/src/main/resources/templates/register.html
@@ -14,8 +14,6 @@
             <h2 class="text-center mb-4">Register</h2>
             <hr />
 
-
-
             <div th:if="${success}"
                  class="alert alert-success alert-dismissible fade show" role="alert">
 
@@ -25,13 +23,10 @@
                         aria-label="Close"></button>
             </div>
 
-
             <form method="post" th:object="${registerDto}">
                 <input type="hidden" th:name="${_csrf.parameterName}"
                        th:value="${_csrf.token}" />
 
-
-
                 <div class="row mb-3">
                     <label class="col-sm-4 col-form-label">First Name*</label>
                     <div class="col-sm-8">
diff --git a/src/test/java/org/berzerkula/builddb/controllers/BuilddbDashboardControllerTest.java b/src/test/java/org/berzerkula/builddb/controllers/BuilddbDashboardControllerTest.java
index c0860e3..d0e5496 100644
--- a/src/test/java/org/berzerkula/builddb/controllers/BuilddbDashboardControllerTest.java
+++ b/src/test/java/org/berzerkula/builddb/controllers/BuilddbDashboardControllerTest.java
@@ -33,7 +33,7 @@ class BuilddbDashboardControllerTest {
     }
 
     @Test
-    @WithMockUser
+    @WithMockUser(roles="admin")
     void shouldReturnAdminView() throws Exception {
         this.mockMvc.perform(get("/admin"))
                 .andExpect(status().isOk())
@@ -42,7 +42,7 @@ class BuilddbDashboardControllerTest {
     }
 
     @Test
-    @WithMockUser
+    @WithMockUser(roles="client")
     void shouldReturnClientView() throws Exception {
         this.mockMvc.perform(get("/client"))
                 .andExpect(status().isOk())
-- 
cgit v1.2.3-54-g00ecf