From 054dc98805e04b433053d8fdd9a4fad12783dbf8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Thu, 20 May 2021 23:27:39 +0400
Subject: [PATCH 01/29] 1_01_user_with_lombok.patch

---
 pom.xml                                       |  8 +++++++
 .../java/ru/javaops/bootjava/model/Role.java  |  6 +++++
 .../java/ru/javaops/bootjava/model/User.java  | 23 +++++++++++++++++++
 3 files changed, 37 insertions(+)
 create mode 100644 src/main/java/ru/javaops/bootjava/model/Role.java
 create mode 100644 src/main/java/ru/javaops/bootjava/model/User.java

diff --git a/pom.xml b/pom.xml
index ca66a72..5be7a42 100644
--- a/pom.xml
+++ b/pom.xml
@@ -53,6 +53,14 @@
             <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>
+                <configuration>
+                    <excludes>
+                        <exclude>
+                            <groupId>org.projectlombok</groupId>
+                            <artifactId>lombok</artifactId>
+                        </exclude>
+                    </excludes>
+                </configuration>
             </plugin>
         </plugins>
     </build>
diff --git a/src/main/java/ru/javaops/bootjava/model/Role.java b/src/main/java/ru/javaops/bootjava/model/Role.java
new file mode 100644
index 0000000..432dde8
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/model/Role.java
@@ -0,0 +1,6 @@
+package ru.javaops.bootjava.model;
+
+public enum Role {
+    ROLE_USER,
+    ROLE_ADMIN
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
new file mode 100644
index 0000000..b475761
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -0,0 +1,23 @@
+package ru.javaops.bootjava.model;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.Set;
+
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class User {
+
+    private String email;
+
+    private String firstName;
+
+    private String lastName;
+
+    private String password;
+
+    private Set<Role> roles;
+}
\ No newline at end of file

From cf6d88e5ca3f064abdb477409ab4a63ab1731587 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Sun, 23 May 2021 16:26:55 +0400
Subject: [PATCH 02/29] 2_01_data_jpa.patch

---
 pom.xml                                       |  4 +++
 .../bootjava/RestaurantVotingApplication.java | 17 +++++++++-
 .../java/ru/javaops/bootjava/model/User.java  | 33 +++++++++++++++----
 .../bootjava/repository/UserRepository.java   |  7 ++++
 src/main/resources/application.properties     |  9 +++++
 5 files changed, 63 insertions(+), 7 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/repository/UserRepository.java

diff --git a/pom.xml b/pom.xml
index 5be7a42..bf8aa32 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,6 +28,10 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-validation</artifactId>
+        </dependency>
 
         <dependency>
             <groupId>com.h2database</groupId>
diff --git a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
index 3326420..61d8ff8 100644
--- a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
+++ b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
@@ -1,14 +1,29 @@
 package ru.javaops.bootjava;
 
 import lombok.AllArgsConstructor;
+import org.springframework.boot.ApplicationArguments;
+import org.springframework.boot.ApplicationRunner;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import ru.javaops.bootjava.model.Role;
+import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.repository.UserRepository;
+
+import java.util.Set;
 
 @SpringBootApplication
 @AllArgsConstructor
-public class RestaurantVotingApplication {
+public class RestaurantVotingApplication implements ApplicationRunner {
+    private final UserRepository userRepository;
 
     public static void main(String[] args) {
         SpringApplication.run(RestaurantVotingApplication.class, args);
     }
+
+    @Override
+    public void run(ApplicationArguments args) {
+        userRepository.save(new User("user@gmail.com", "User_First", "User_Last", "password", Set.of(Role.ROLE_USER)));
+        userRepository.save(new User("admin@javaops.ru", "Admin_First", "Admin_Last", "admin", Set.of(Role.ROLE_USER, Role.ROLE_ADMIN)));
+        System.out.println(userRepository.findAll());
+    }
 }
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
index b475761..284f632 100644
--- a/src/main/java/ru/javaops/bootjava/model/User.java
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -1,23 +1,44 @@
 package ru.javaops.bootjava.model;
 
-import lombok.AllArgsConstructor;
-import lombok.Data;
-import lombok.NoArgsConstructor;
+import lombok.*;
+import org.springframework.data.jpa.domain.AbstractPersistable;
 
+import javax.persistence.*;
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.Size;
 import java.util.Set;
 
-@Data
-@NoArgsConstructor
+@Entity
+@Table(name = "users")
+@Getter
+@Setter
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
 @AllArgsConstructor
-public class User {
+@ToString(callSuper = true, exclude = {"password"})
+public class User extends AbstractPersistable<Integer> {
 
+    @Column(name = "email", nullable = false, unique = true)
+    @Email
+    @NotEmpty
+    @Size(max = 128)
     private String email;
 
+    @Column(name = "first_name")
+    @Size(max = 128)
     private String firstName;
 
+    @Column(name = "last_name")
+    @Size(max = 128)
     private String lastName;
 
+    @Column(name = "password")
+    @Size(max = 256)
     private String password;
 
+    @Enumerated(EnumType.STRING)
+    @CollectionTable(name = "user_role", joinColumns = @JoinColumn(name = "user_id"), uniqueConstraints = {@UniqueConstraint(columnNames = {"user_id", "role"}, name = "user_roles_unique")})
+    @Column(name = "role")
+    @ElementCollection(fetch = FetchType.EAGER)
     private Set<Role> roles;
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
new file mode 100644
index 0000000..590c614
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -0,0 +1,7 @@
+package ru.javaops.bootjava.repository;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import ru.javaops.bootjava.model.User;
+
+public interface UserRepository extends JpaRepository<User, Integer> {
+}
\ No newline at end of file
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index e69de29..3492ea9 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -0,0 +1,9 @@
+# https://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html
+# JPA
+spring.jpa.show-sql=true
+spring.jpa.open-in-view=false
+#  http://docs.jboss.org/hibernate/orm/5.3/userguide/html_single/Hibernate_User_Guide.html#configurations
+spring.jpa.properties.hibernate.default_batch_fetch_size=20
+spring.jpa.properties.hibernate.format_sql=true
+# https://stackoverflow.com/questions/21257819/what-is-the-difference-between-hibernate-jdbc-fetch-size-and-hibernate-jdbc-batc
+spring.jpa.properties.hibernate.jdbc.batch_size=20

From 3e8fcf2b50895dcfce7e01b7c74620e58464446b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Sun, 23 May 2021 16:32:33 +0400
Subject: [PATCH 03/29] 2_01_data_jpa.patch

---
 .../ru/javaops/bootjava/RestaurantVotingApplication.java    | 6 ------
 1 file changed, 6 deletions(-)

diff --git a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
index 61d8ff8..d3b1792 100644
--- a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
+++ b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
@@ -5,12 +5,8 @@
 import org.springframework.boot.ApplicationRunner;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
-import ru.javaops.bootjava.model.Role;
-import ru.javaops.bootjava.model.User;
 import ru.javaops.bootjava.repository.UserRepository;
 
-import java.util.Set;
-
 @SpringBootApplication
 @AllArgsConstructor
 public class RestaurantVotingApplication implements ApplicationRunner {
@@ -22,8 +18,6 @@ public static void main(String[] args) {
 
     @Override
     public void run(ApplicationArguments args) {
-        userRepository.save(new User("user@gmail.com", "User_First", "User_Last", "password", Set.of(Role.ROLE_USER)));
-        userRepository.save(new User("admin@javaops.ru", "Admin_First", "Admin_Last", "admin", Set.of(Role.ROLE_USER, Role.ROLE_ADMIN)));
         System.out.println(userRepository.findAll());
     }
 }

From 53fa6726a237890e7cd7dfb5aa999d1357e522d2 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Sun, 23 May 2021 16:32:56 +0400
Subject: [PATCH 04/29] 2_02_h2_init.patch

---
 pom.xml                                       |  1 -
 .../ru/javaops/bootjava/config/AppConfig.java | 26 ++++++++++++++++
 src/main/resources/application.properties     |  9 ------
 src/main/resources/application.yaml           | 30 +++++++++++++++++++
 src/main/resources/data.sql                   |  8 +++++
 5 files changed, 64 insertions(+), 10 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/config/AppConfig.java
 delete mode 100644 src/main/resources/application.properties
 create mode 100644 src/main/resources/application.yaml
 create mode 100644 src/main/resources/data.sql

diff --git a/pom.xml b/pom.xml
index bf8aa32..0fe4458 100644
--- a/pom.xml
+++ b/pom.xml
@@ -36,7 +36,6 @@
         <dependency>
             <groupId>com.h2database</groupId>
             <artifactId>h2</artifactId>
-            <scope>runtime</scope>
         </dependency>
         <dependency>
             <groupId>org.projectlombok</groupId>
diff --git a/src/main/java/ru/javaops/bootjava/config/AppConfig.java b/src/main/java/ru/javaops/bootjava/config/AppConfig.java
new file mode 100644
index 0000000..19dbc45
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/config/AppConfig.java
@@ -0,0 +1,26 @@
+package ru.javaops.bootjava.config;
+
+import lombok.extern.slf4j.Slf4j;
+import org.h2.tools.Server;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.sql.SQLException;
+
+@Configuration
+@Slf4j
+public class AppConfig {
+
+/*
+    @Bean(initMethod = "start", destroyMethod = "stop")
+    public Server h2WebServer() throws SQLException {
+        return Server.createWebServer("-web", "-webAllowOthers", "-webPort", "8082");
+    }
+*/
+
+    @Bean(initMethod = "start", destroyMethod = "stop")
+    public Server h2Server() throws SQLException {
+        log.info("Start H2 TCP server");
+        return Server.createTcpServer("-tcp", "-tcpAllowOthers", "-tcpPort", "9092");
+    }
+}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
deleted file mode 100644
index 3492ea9..0000000
--- a/src/main/resources/application.properties
+++ /dev/null
@@ -1,9 +0,0 @@
-# https://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html
-# JPA
-spring.jpa.show-sql=true
-spring.jpa.open-in-view=false
-#  http://docs.jboss.org/hibernate/orm/5.3/userguide/html_single/Hibernate_User_Guide.html#configurations
-spring.jpa.properties.hibernate.default_batch_fetch_size=20
-spring.jpa.properties.hibernate.format_sql=true
-# https://stackoverflow.com/questions/21257819/what-is-the-difference-between-hibernate-jdbc-fetch-size-and-hibernate-jdbc-batc
-spring.jpa.properties.hibernate.jdbc.batch_size=20
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
new file mode 100644
index 0000000..6c6343d
--- /dev/null
+++ b/src/main/resources/application.yaml
@@ -0,0 +1,30 @@
+#  https://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html
+spring:
+  jpa:
+    show-sql: true
+    open-in-view: false
+    hibernate:
+      ddl-auto: create-drop
+    properties:
+      #  http://docs.jboss.org/hibernate/orm/5.3/userguide/html_single/Hibernate_User_Guide.html#configurations
+      hibernate:
+        format_sql: true
+        default_batch_fetch_size: 20
+        # https://stackoverflow.com/questions/21257819/what-is-the-difference-between-hibernate-jdbc-fetch-size-and-hibernate-jdbc-batc
+        jdbc.batch_size: 20
+        id.new_generator_mappings: false
+  datasource:
+    # ImMemory
+    url: jdbc:h2:mem:voting
+    #    tcp: jdbc:h2:tcp://localhost:9092/mem:voting
+    # Absolute path
+    #    url: jdbc:h2:C:/projects/bootjava/restorant-voting/db/voting
+    #    tcp: jdbc:h2:tcp://localhost:9092/C:/projects/bootjava/restorant-voting/db/voting
+    # Relative path form current dir
+    #    url: jdbc:h2:./db/voting
+    # Relative path from home
+    #    url: jdbc:h2:~/voting
+    #    tcp: jdbc:h2:tcp://localhost:9092/~/voting
+    username: sa
+    password:
+  h2.console.enabled: true
\ No newline at end of file
diff --git a/src/main/resources/data.sql b/src/main/resources/data.sql
new file mode 100644
index 0000000..0fe391f
--- /dev/null
+++ b/src/main/resources/data.sql
@@ -0,0 +1,8 @@
+INSERT INTO USERS (EMAIL, FIRST_NAME, LAST_NAME, PASSWORD)
+VALUES ('user@gmail.com', 'User_First', 'User_Last', 'password'),
+       ('admin@javaops.ru', 'Admin_First', 'Admin_Last', 'admin');
+
+INSERT INTO USER_ROLE (ROLE, USER_ID)
+VALUES ('ROLE_USER', 1),
+       ('ROLE_ADMIN', 2),
+       ('ROLE_USER', 2);
\ No newline at end of file

From 3e814a9cf3fb6c291dba77bb582cd6412fb0928a Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Sun, 23 May 2021 17:18:27 +0400
Subject: [PATCH 05/29] 2_01_data_jpa.patch

---
 .../java/ru/javaops/bootjava/RestaurantVotingApplication.java   | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
index d3b1792..fa56af5 100644
--- a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
+++ b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
@@ -18,6 +18,6 @@ public static void main(String[] args) {
 
     @Override
     public void run(ApplicationArguments args) {
-        System.out.println(userRepository.findAll());
+        System.out.println(userRepository.findByLastNameContainingIgnoreCase("last"));
     }
 }

From 6cf05319d85ac9d7dcf756ee35b047bb5faf4a00 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Sun, 23 May 2021 17:19:14 +0400
Subject: [PATCH 06/29] 2_03_model_query.patch

---
 .../ru/javaops/bootjava/model/BaseEntity.java | 52 +++++++++++++++++++
 .../java/ru/javaops/bootjava/model/User.java  |  3 +-
 .../bootjava/repository/UserRepository.java   | 11 ++++
 src/main/resources/application.yaml           |  1 -
 4 files changed, 64 insertions(+), 3 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/model/BaseEntity.java

diff --git a/src/main/java/ru/javaops/bootjava/model/BaseEntity.java b/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
new file mode 100644
index 0000000..4a697e5
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
@@ -0,0 +1,52 @@
+package ru.javaops.bootjava.model;
+
+import lombok.*;
+import org.springframework.data.domain.Persistable;
+import org.springframework.data.util.ProxyUtils;
+import org.springframework.util.Assert;
+
+import javax.persistence.*;
+
+@MappedSuperclass
+//  https://stackoverflow.com/a/6084701/548473
+@Access(AccessType.FIELD)
+@Getter
+@Setter
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
+@AllArgsConstructor(access = AccessLevel.PROTECTED)
+@ToString
+public abstract class BaseEntity implements Persistable<Integer> {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    protected Integer id;
+
+    // doesn't work for hibernate lazy proxy
+    public int id() {
+        Assert.notNull(id, "Entity must have id");
+        return id;
+    }
+
+    @Override
+    public boolean isNew() {
+        return id == null;
+    }
+
+    //    https://stackoverflow.com/questions/1638723
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (o == null || !getClass().equals(ProxyUtils.getUserClass(o))) {
+            return false;
+        }
+        BaseEntity that = (BaseEntity) o;
+        return id != null && id.equals(that.id);
+    }
+
+    @Override
+    public int hashCode() {
+        return id == null ? 0 : id;
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
index 284f632..575aaff 100644
--- a/src/main/java/ru/javaops/bootjava/model/User.java
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -1,7 +1,6 @@
 package ru.javaops.bootjava.model;
 
 import lombok.*;
-import org.springframework.data.jpa.domain.AbstractPersistable;
 
 import javax.persistence.*;
 import javax.validation.constraints.Email;
@@ -16,7 +15,7 @@
 @NoArgsConstructor(access = AccessLevel.PROTECTED)
 @AllArgsConstructor
 @ToString(callSuper = true, exclude = {"password"})
-public class User extends AbstractPersistable<Integer> {
+public class User extends BaseEntity {
 
     @Column(name = "email", nullable = false, unique = true)
     @Email
diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
index 590c614..f5d1f0e 100644
--- a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -1,7 +1,18 @@
 package ru.javaops.bootjava.repository;
 
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.transaction.annotation.Transactional;
 import ru.javaops.bootjava.model.User;
 
+import java.util.List;
+import java.util.Optional;
+
+@Transactional(readOnly = true)
 public interface UserRepository extends JpaRepository<User, Integer> {
+
+    @Query("SELECT u FROM User u WHERE u.email = LOWER(:email)")
+    Optional<User> findByEmailIgnoreCase(String email);
+
+    List<User> findByLastNameContainingIgnoreCase(String lastName);
 }
\ No newline at end of file
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 6c6343d..7a0d777 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -12,7 +12,6 @@ spring:
         default_batch_fetch_size: 20
         # https://stackoverflow.com/questions/21257819/what-is-the-difference-between-hibernate-jdbc-fetch-size-and-hibernate-jdbc-batc
         jdbc.batch_size: 20
-        id.new_generator_mappings: false
   datasource:
     # ImMemory
     url: jdbc:h2:mem:voting

From cb101c517d4612efed2327fcd4c6e7441c2f58e3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Sun, 23 May 2021 17:29:18 +0400
Subject: [PATCH 07/29] 3_01_jpa_data_rest.patch

---
 pom.xml                                              | 12 +++++++++++-
 .../javaops/bootjava/repository/UserRepository.java  |  3 +++
 src/main/resources/application.yaml                  |  7 ++++++-
 3 files changed, 20 insertions(+), 2 deletions(-)

diff --git a/pom.xml b/pom.xml
index 0fe4458..5aabae1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -32,7 +32,17 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-validation</artifactId>
         </dependency>
-
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-rest</artifactId>
+        </dependency>
+        <!--
+                <dependency>
+                    <groupId>org.springframework.data</groupId>
+                    <artifactId>spring-data-rest-hal-browser</artifactId>
+                    <scope>runtime</scope>
+                </dependency>
+        -->
         <dependency>
             <groupId>com.h2database</groupId>
             <artifactId>h2</artifactId>
diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
index f5d1f0e..dc2a413 100644
--- a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -2,6 +2,7 @@
 
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.rest.core.annotation.RestResource;
 import org.springframework.transaction.annotation.Transactional;
 import ru.javaops.bootjava.model.User;
 
@@ -11,8 +12,10 @@
 @Transactional(readOnly = true)
 public interface UserRepository extends JpaRepository<User, Integer> {
 
+    @RestResource(rel = "by-email", path = "by-email")
     @Query("SELECT u FROM User u WHERE u.email = LOWER(:email)")
     Optional<User> findByEmailIgnoreCase(String email);
 
+    @RestResource(rel = "by-lastname", path = "by-lastname")
     List<User> findByLastNameContainingIgnoreCase(String lastName);
 }
\ No newline at end of file
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 7a0d777..98beb56 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -26,4 +26,9 @@ spring:
     #    tcp: jdbc:h2:tcp://localhost:9092/~/voting
     username: sa
     password:
-  h2.console.enabled: true
\ No newline at end of file
+  h2.console.enabled: true
+
+  data.rest:
+    #  https://docs.spring.io/spring-data/rest/docs/current/reference/html/#getting-started.basic-settings
+    basePath: /api
+    returnBodyOnCreate: true
\ No newline at end of file

From 75720542ac0750fc7f78b2489c8337e05d4db4ce Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Sun, 23 May 2021 18:16:23 +0400
Subject: [PATCH 08/29] 3_02_jackson.patch

---
 src/main/java/ru/javaops/bootjava/model/BaseEntity.java | 2 ++
 src/main/resources/application.yaml                     | 9 ++++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/main/java/ru/javaops/bootjava/model/BaseEntity.java b/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
index 4a697e5..72ed0fc 100644
--- a/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
+++ b/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
@@ -1,5 +1,6 @@
 package ru.javaops.bootjava.model;
 
+import com.fasterxml.jackson.annotation.JsonIgnore;
 import lombok.*;
 import org.springframework.data.domain.Persistable;
 import org.springframework.data.util.ProxyUtils;
@@ -27,6 +28,7 @@ public int id() {
         return id;
     }
 
+    @JsonIgnore
     @Override
     public boolean isNew() {
         return id == null;
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 98beb56..9700512 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -31,4 +31,11 @@ spring:
   data.rest:
     #  https://docs.spring.io/spring-data/rest/docs/current/reference/html/#getting-started.basic-settings
     basePath: /api
-    returnBodyOnCreate: true
\ No newline at end of file
+    returnBodyOnCreate: true
+
+# Jackson Serialization Issue Resolver
+#  jackson:
+#    visibility.field: any
+#    visibility.getter: none
+#    visibility.setter: none
+#    visibility.is-getter: none
\ No newline at end of file

From 0768f5e5b82450f91bda44f174a074ab5afe3b98 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 19:41:29 +0400
Subject: [PATCH 09/29] 4_01_add_security.patch

---
 pom.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pom.xml b/pom.xml
index 5aabae1..04dd5c3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -36,6 +36,11 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-data-rest</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+
         <!--
                 <dependency>
                     <groupId>org.springframework.data</groupId>

From 6505b1fd5ebbcb8f2753705ced0bc3fc85cff0b3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 19:42:34 +0400
Subject: [PATCH 10/29] 4_02_default_auth.patch

---
 src/main/resources/application.yaml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 9700512..e789b2b 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -33,6 +33,19 @@ spring:
     basePath: /api
     returnBodyOnCreate: true
 
+    #  https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-application-properties.html#security-properties
+  security:
+    user:
+      name: user
+      password: password
+      roles: USER
+
+logging:
+  level:
+    root: WARN
+    ru.javaops.bootjava: DEBUG
+    org.springframework.security.web.FilterChainProxy: DEBUG
+
 # Jackson Serialization Issue Resolver
 #  jackson:
 #    visibility.field: any

From 2c9778eb9454c74bb25c287aa39e87e846bb0f33 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 19:57:53 +0400
Subject: [PATCH 11/29] 4_03_javaconfig_encoding.patch

---
 .../bootjava/config/WebSecurityConfig.java    | 21 +++++++++++++++++++
 .../bootjava/web/AccountController.java       | 17 +++++++++++++++
 src/main/resources/application.yaml           | 14 ++++++-------
 3 files changed, 45 insertions(+), 7 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
 create mode 100644 src/main/java/ru/javaops/bootjava/web/AccountController.java

diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
new file mode 100644
index 0000000..671e38e
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -0,0 +1,21 @@
+package ru.javaops.bootjava.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        auth.inMemoryAuthentication()
+                .passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder())
+                .withUser("user@gmail.com").password("{noop}password").roles("USER").and()
+                .withUser("admin@javaops.ru").password("{noop}admin").roles("USER", "ADMIN");
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
new file mode 100644
index 0000000..f8e0692
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -0,0 +1,17 @@
+package ru.javaops.bootjava.web;
+
+import org.springframework.http.MediaType;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping(value = "/api/account")
+public class AccountController {
+
+    @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
+    public Object get(@AuthenticationPrincipal Object authUser) {
+        return authUser;
+    }
+}
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index e789b2b..993777a 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -33,18 +33,18 @@ spring:
     basePath: /api
     returnBodyOnCreate: true
 
-    #  https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-application-properties.html#security-properties
-  security:
-    user:
-      name: user
-      password: password
-      roles: USER
+#  https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-application-properties.html#security-properties
+#  security:
+#    user:
+#      name: user
+#      password: password
+#      roles: USER
 
 logging:
   level:
     root: WARN
     ru.javaops.bootjava: DEBUG
-    org.springframework.security.web.FilterChainProxy: DEBUG
+#    org.springframework.security.web.FilterChainProxy: DEBUG
 
 # Jackson Serialization Issue Resolver
 #  jackson:

From fc059b844998162ceb3a0385c4747b4f1f7dc3a6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 20:16:46 +0400
Subject: [PATCH 12/29] 4_04_db_security_auth_user.patch

---
 .../java/ru/javaops/bootjava/AuthUser.java    | 22 ++++++++++++++
 .../bootjava/config/WebSecurityConfig.java    | 30 ++++++++++++++++---
 .../java/ru/javaops/bootjava/model/Role.java  | 11 +++++--
 .../java/ru/javaops/bootjava/model/User.java  |  3 +-
 .../bootjava/web/AccountController.java       |  6 ++--
 src/main/resources/data.sql                   |  4 +--
 6 files changed, 65 insertions(+), 11 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/AuthUser.java

diff --git a/src/main/java/ru/javaops/bootjava/AuthUser.java b/src/main/java/ru/javaops/bootjava/AuthUser.java
new file mode 100644
index 0000000..d4bf023
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/AuthUser.java
@@ -0,0 +1,22 @@
+package ru.javaops.bootjava;
+
+import lombok.Getter;
+import lombok.ToString;
+import org.springframework.lang.NonNull;
+import ru.javaops.bootjava.model.User;
+
+@Getter
+@ToString(of = "user")
+public class AuthUser extends org.springframework.security.core.userdetails.User {
+
+    private final User user;
+
+    public AuthUser(@NonNull User user) {
+        super(user.getEmail(), user.getPassword(), user.getRoles());
+        this.user = user;
+    }
+
+    public int id() {
+        return user.id();
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index 671e38e..fe291a4 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -1,21 +1,43 @@
 package ru.javaops.bootjava.config;
 
+import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import ru.javaops.bootjava.AuthUser;
+import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.repository.UserRepository;
+
+import java.util.Optional;
 
 @Configuration
 @EnableWebSecurity
+@Slf4j
+@AllArgsConstructor
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
+    private final UserRepository userRepository;
+
+    @Bean
+    public UserDetailsService userDetailsService() {
+        return email -> {
+            log.debug("Authenticating '{}'", email);
+            Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email);
+            return new AuthUser(optionalUser.orElseThrow(
+                    () -> new UsernameNotFoundException("User '" + email + "' was not found")));
+        };
+    }
+
     @Autowired
     public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
-        auth.inMemoryAuthentication()
-                .passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder())
-                .withUser("user@gmail.com").password("{noop}password").roles("USER").and()
-                .withUser("admin@javaops.ru").password("{noop}admin").roles("USER", "ADMIN");
+        auth.userDetailsService(userDetailsService())
+                .passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder());
     }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/model/Role.java b/src/main/java/ru/javaops/bootjava/model/Role.java
index 432dde8..665471f 100644
--- a/src/main/java/ru/javaops/bootjava/model/Role.java
+++ b/src/main/java/ru/javaops/bootjava/model/Role.java
@@ -1,6 +1,13 @@
 package ru.javaops.bootjava.model;
 
-public enum Role {
+import org.springframework.security.core.GrantedAuthority;
+
+public enum Role implements GrantedAuthority {
     ROLE_USER,
-    ROLE_ADMIN
+    ROLE_ADMIN;
+
+    @Override
+    public String getAuthority() {
+        return name();
+    }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
index 575aaff..84ff8ad 100644
--- a/src/main/java/ru/javaops/bootjava/model/User.java
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -6,6 +6,7 @@
 import javax.validation.constraints.Email;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.Size;
+import java.io.Serializable;
 import java.util.Set;
 
 @Entity
@@ -15,7 +16,7 @@
 @NoArgsConstructor(access = AccessLevel.PROTECTED)
 @AllArgsConstructor
 @ToString(callSuper = true, exclude = {"password"})
-public class User extends BaseEntity {
+public class User extends BaseEntity implements Serializable {
 
     @Column(name = "email", nullable = false, unique = true)
     @Email
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index f8e0692..a971c85 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -5,13 +5,15 @@
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
+import ru.javaops.bootjava.AuthUser;
+import ru.javaops.bootjava.model.User;
 
 @RestController
 @RequestMapping(value = "/api/account")
 public class AccountController {
 
     @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
-    public Object get(@AuthenticationPrincipal Object authUser) {
-        return authUser;
+    public User get(@AuthenticationPrincipal AuthUser authUser) {
+        return authUser.getUser();
     }
 }
diff --git a/src/main/resources/data.sql b/src/main/resources/data.sql
index 0fe391f..c3541b4 100644
--- a/src/main/resources/data.sql
+++ b/src/main/resources/data.sql
@@ -1,6 +1,6 @@
 INSERT INTO USERS (EMAIL, FIRST_NAME, LAST_NAME, PASSWORD)
-VALUES ('user@gmail.com', 'User_First', 'User_Last', 'password'),
-       ('admin@javaops.ru', 'Admin_First', 'Admin_Last', 'admin');
+VALUES ('user@gmail.com', 'User_First', 'User_Last', '{noop}password'),
+       ('admin@javaops.ru', 'Admin_First', 'Admin_Last', '{noop}admin');
 
 INSERT INTO USER_ROLE (ROLE, USER_ID)
 VALUES ('ROLE_USER', 1),

From 5a7cf1062bfe955335d6cb17a7ee36e763a46805 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 20:25:04 +0400
Subject: [PATCH 13/29] 4_04_db_security_auth_user.patch

---
 src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java | 1 +
 1 file changed, 1 insertion(+)

diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index fe291a4..cd99a46 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -12,6 +12,7 @@
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import ru.javaops.bootjava.AuthUser;
+import ru.javaops.bootjava.model.Role;
 import ru.javaops.bootjava.model.User;
 import ru.javaops.bootjava.repository.UserRepository;
 

From 9645771ed6c81881fcdfb0febd5cb66d2c7784f1 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 20:25:19 +0400
Subject: [PATCH 14/29] 4_05_role_auth.patch

---
 .../javaops/bootjava/RestaurantVotingApplication.java | 11 +----------
 .../ru/javaops/bootjava/config/WebSecurityConfig.java |  9 +++++++++
 src/main/java/ru/javaops/bootjava/model/Role.java     |  7 ++++---
 src/main/resources/data.sql                           |  6 +++---
 4 files changed, 17 insertions(+), 16 deletions(-)

diff --git a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
index fa56af5..3326420 100644
--- a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
+++ b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
@@ -1,23 +1,14 @@
 package ru.javaops.bootjava;
 
 import lombok.AllArgsConstructor;
-import org.springframework.boot.ApplicationArguments;
-import org.springframework.boot.ApplicationRunner;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
-import ru.javaops.bootjava.repository.UserRepository;
 
 @SpringBootApplication
 @AllArgsConstructor
-public class RestaurantVotingApplication implements ApplicationRunner {
-    private final UserRepository userRepository;
+public class RestaurantVotingApplication {
 
     public static void main(String[] args) {
         SpringApplication.run(RestaurantVotingApplication.class, args);
     }
-
-    @Override
-    public void run(ApplicationArguments args) {
-        System.out.println(userRepository.findByLastNameContainingIgnoreCase("last"));
-    }
 }
diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index cd99a46..158a55c 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -6,6 +6,7 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.UserDetailsService;
@@ -41,4 +42,12 @@ public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception
         auth.userDetailsService(userDetailsService())
                 .passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder());
     }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+                .antMatchers("/api/account").hasRole(Role.USER.name())
+                .antMatchers("/api/**").hasRole(Role.ADMIN.name())
+                .and().formLogin();
+    }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/model/Role.java b/src/main/java/ru/javaops/bootjava/model/Role.java
index 665471f..08bc76d 100644
--- a/src/main/java/ru/javaops/bootjava/model/Role.java
+++ b/src/main/java/ru/javaops/bootjava/model/Role.java
@@ -3,11 +3,12 @@
 import org.springframework.security.core.GrantedAuthority;
 
 public enum Role implements GrantedAuthority {
-    ROLE_USER,
-    ROLE_ADMIN;
+    USER,
+    ADMIN;
 
     @Override
     public String getAuthority() {
-        return name();
+        //   https://stackoverflow.com/a/19542316/548473
+        return "ROLE_" + name();
     }
 }
\ No newline at end of file
diff --git a/src/main/resources/data.sql b/src/main/resources/data.sql
index c3541b4..778d2f3 100644
--- a/src/main/resources/data.sql
+++ b/src/main/resources/data.sql
@@ -3,6 +3,6 @@ VALUES ('user@gmail.com', 'User_First', 'User_Last', '{noop}password'),
        ('admin@javaops.ru', 'Admin_First', 'Admin_Last', '{noop}admin');
 
 INSERT INTO USER_ROLE (ROLE, USER_ID)
-VALUES ('ROLE_USER', 1),
-       ('ROLE_ADMIN', 2),
-       ('ROLE_USER', 2);
\ No newline at end of file
+VALUES ('USER', 1),
+       ('ADMIN', 2),
+       ('USER', 2);
\ No newline at end of file

From d4e8794664c98d8f9598e56fa2cc7356617d9ba4 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 20:31:08 +0400
Subject: [PATCH 15/29] 4_05_role_auth.patch

---
 .../java/ru/javaops/bootjava/config/WebSecurityConfig.java    | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index 158a55c..584549c 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -48,6 +48,8 @@ protected void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests()
                 .antMatchers("/api/account").hasRole(Role.USER.name())
                 .antMatchers("/api/**").hasRole(Role.ADMIN.name())
-                .and().formLogin();
+                .and().httpBasic()
+                .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                .and().csrf().disable();
     }
 }
\ No newline at end of file

From d9605c896465aee74ab14b67cab5bf28ace88ac6 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 20:31:23 +0400
Subject: [PATCH 16/29] 4_06_basic_auth_fix.patch

---
 .../bootjava/config/WebSecurityConfig.java    |  5 +++-
 .../java/ru/javaops/bootjava/model/User.java  | 10 ++++++++
 .../bootjava/util/JsonDeserializers.java      | 23 +++++++++++++++++++
 3 files changed, 37 insertions(+), 1 deletion(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java

diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index 584549c..c65c1d3 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -9,9 +9,11 @@
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import ru.javaops.bootjava.AuthUser;
 import ru.javaops.bootjava.model.Role;
 import ru.javaops.bootjava.model.User;
@@ -25,6 +27,7 @@
 @AllArgsConstructor
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
+    public static final PasswordEncoder PASSWORD_ENCODER = PasswordEncoderFactories.createDelegatingPasswordEncoder();
     private final UserRepository userRepository;
 
     @Bean
@@ -40,7 +43,7 @@ public UserDetailsService userDetailsService() {
     @Autowired
     public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
         auth.userDetailsService(userDetailsService())
-                .passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder());
+                .passwordEncoder(PASSWORD_ENCODER);
     }
 
     @Override
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
index 84ff8ad..c61b200 100644
--- a/src/main/java/ru/javaops/bootjava/model/User.java
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -1,6 +1,10 @@
 package ru.javaops.bootjava.model;
 
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 import lombok.*;
+import org.springframework.util.StringUtils;
+import ru.javaops.bootjava.util.JsonDeserializers;
 
 import javax.persistence.*;
 import javax.validation.constraints.Email;
@@ -34,6 +38,8 @@ public class User extends BaseEntity implements Serializable {
 
     @Column(name = "password")
     @Size(max = 256)
+    @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
+    @JsonDeserialize(using = JsonDeserializers.PasswordDeserializer.class)
     private String password;
 
     @Enumerated(EnumType.STRING)
@@ -41,4 +47,8 @@ public class User extends BaseEntity implements Serializable {
     @Column(name = "role")
     @ElementCollection(fetch = FetchType.EAGER)
     private Set<Role> roles;
+
+    public void setEmail(String email) {
+        this.email = StringUtils.hasText(email) ? email.toLowerCase() : null;
+    }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java b/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java
new file mode 100644
index 0000000..a567a40
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java
@@ -0,0 +1,23 @@
+package ru.javaops.bootjava.util;
+
+import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.core.ObjectCodec;
+import com.fasterxml.jackson.databind.DeserializationContext;
+import com.fasterxml.jackson.databind.JsonDeserializer;
+import com.fasterxml.jackson.databind.JsonNode;
+import ru.javaops.bootjava.config.WebSecurityConfig;
+
+import java.io.IOException;
+
+public class JsonDeserializers {
+
+    // https://stackoverflow.com/a/60995048/548473
+    public static class PasswordDeserializer extends JsonDeserializer<String> {
+        public String deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException {
+            ObjectCodec oc = jsonParser.getCodec();
+            JsonNode node = oc.readTree(jsonParser);
+            String rawPassword = node.asText();
+            return WebSecurityConfig.PASSWORD_ENCODER.encode(rawPassword);
+        }
+    }
+}

From 12c4b337e321fe0f328451d0b77c35e7a1605588 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 20:45:31 +0400
Subject: [PATCH 17/29] 4_06_basic_auth_fix.patch

---
 .../ru/javaops/bootjava/web/AccountController.java  | 13 ++++++++++---
 1 file changed, 10 insertions(+), 3 deletions(-)

diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index a971c85..d7fd272 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -2,11 +2,17 @@
 
 import org.springframework.http.MediaType;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
 import ru.javaops.bootjava.AuthUser;
+import ru.javaops.bootjava.model.Role;
 import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.repository.UserRepository;
+import ru.javaops.bootjava.util.ValidationUtil;
+
+import javax.validation.Valid;
+import java.net.URI;
+import java.util.Set;
 
 @RestController
 @RequestMapping(value = "/api/account")
@@ -14,6 +20,7 @@ public class AccountController {
 
     @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public User get(@AuthenticationPrincipal AuthUser authUser) {
+        log.info("get {}", authUser);
         return authUser.getUser();
     }
 }

From 341360465127647e5af7c6dc7a777f86424d3a84 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 20:46:50 +0400
Subject: [PATCH 18/29] 5_01_account_controller.patch

---
 .../bootjava/config/WebSecurityConfig.java    |  1 +
 .../javaops/bootjava/util/ValidationUtil.java | 21 ++++++++++
 .../bootjava/web/AccountController.java       | 41 +++++++++++++++++++
 3 files changed, 63 insertions(+)
 create mode 100644 src/main/java/ru/javaops/bootjava/util/ValidationUtil.java

diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index c65c1d3..b6438fc 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -49,6 +49,7 @@ public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests()
+                .antMatchers("/api/account/register").anonymous()
                 .antMatchers("/api/account").hasRole(Role.USER.name())
                 .antMatchers("/api/**").hasRole(Role.ADMIN.name())
                 .and().httpBasic()
diff --git a/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java b/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
new file mode 100644
index 0000000..33d764e
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
@@ -0,0 +1,21 @@
+package ru.javaops.bootjava.util;
+
+import ru.javaops.bootjava.model.BaseEntity;
+
+public class ValidationUtil {
+
+    public static void checkNew(BaseEntity entity) {
+        if (!entity.isNew()) {
+            throw new IllegalArgumentException(entity + " must be new (id=null)");
+        }
+    }
+
+    //  Conservative when you reply, but accept liberally (http://stackoverflow.com/a/32728226/548473)
+    public static void assureIdConsistent(BaseEntity entity, int id) {
+        if (entity.isNew()) {
+            entity.setId(id);
+        } else if (entity.id() != id) {
+            throw new IllegalArgumentException(entity + " must has id=" + id);
+        }
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index d7fd272..a7c9a40 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -1,6 +1,10 @@
 package ru.javaops.bootjava.web;
 
+import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
@@ -16,11 +20,48 @@
 
 @RestController
 @RequestMapping(value = "/api/account")
+@AllArgsConstructor
+@Slf4j
 public class AccountController {
 
+    private final UserRepository userRepository;
+
     @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public User get(@AuthenticationPrincipal AuthUser authUser) {
         log.info("get {}", authUser);
         return authUser.getUser();
     }
+
+    @DeleteMapping
+    @ResponseStatus(HttpStatus.NO_CONTENT)
+    public void delete(@AuthenticationPrincipal AuthUser authUser) {
+        log.info("delete {}", authUser);
+        userRepository.deleteById(authUser.id());
+    }
+
+    @PostMapping(value = "/register", consumes = MediaType.APPLICATION_JSON_VALUE)
+    @ResponseStatus(value = HttpStatus.CREATED)
+    public ResponseEntity<User> register(@Valid @RequestBody User user) {
+        log.info("register {}", user);
+        ValidationUtil.checkNew(user);
+        user.setRoles(Set.of(Role.USER));
+        user = userRepository.save(user);
+        URI uriOfNewResource = ServletUriComponentsBuilder.fromCurrentContextPath()
+                .path("/api/account")
+                .build().toUri();
+        return ResponseEntity.created(uriOfNewResource).body(user);
+    }
+
+    @PutMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
+    @ResponseStatus(HttpStatus.NO_CONTENT)
+    public void update(@Valid @RequestBody User user, @AuthenticationPrincipal AuthUser authUser) {
+        log.info("update {} to {}", authUser, user);
+        User oldUser = authUser.getUser();
+        ValidationUtil.assureIdConsistent(user, oldUser.id());
+        user.setRoles(oldUser.getRoles());
+        if (user.getPassword() == null) {
+            user.setPassword(oldUser.getPassword());
+        }
+        userRepository.save(user);
+    }
 }

From f21b3c21fdae769ccfd9fd0872ef6d93888731c5 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 20:55:48 +0400
Subject: [PATCH 19/29] 5_02_error_handling.patch

---
 .../javaops/bootjava/error/AppException.java  | 16 +++++++++++
 .../error/IllegalRequestDataException.java    | 12 ++++++++
 .../javaops/bootjava/util/ValidationUtil.java |  5 ++--
 .../web/error/GlobalExceptionHandler.java     | 28 +++++++++++++++++++
 4 files changed, 59 insertions(+), 2 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/error/AppException.java
 create mode 100644 src/main/java/ru/javaops/bootjava/error/IllegalRequestDataException.java
 create mode 100644 src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java

diff --git a/src/main/java/ru/javaops/bootjava/error/AppException.java b/src/main/java/ru/javaops/bootjava/error/AppException.java
new file mode 100644
index 0000000..809caad
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/error/AppException.java
@@ -0,0 +1,16 @@
+package ru.javaops.bootjava.error;
+
+import lombok.Getter;
+import org.springframework.boot.web.error.ErrorAttributeOptions;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.server.ResponseStatusException;
+
+@Getter
+public class AppException extends ResponseStatusException {
+    private final ErrorAttributeOptions options;
+
+    public AppException(HttpStatus status, String message, ErrorAttributeOptions options) {
+        super(status, message);
+        this.options = options;
+    }
+}
diff --git a/src/main/java/ru/javaops/bootjava/error/IllegalRequestDataException.java b/src/main/java/ru/javaops/bootjava/error/IllegalRequestDataException.java
new file mode 100644
index 0000000..cb18581
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/error/IllegalRequestDataException.java
@@ -0,0 +1,12 @@
+package ru.javaops.bootjava.error;
+
+import org.springframework.boot.web.error.ErrorAttributeOptions;
+import org.springframework.http.HttpStatus;
+
+import static org.springframework.boot.web.error.ErrorAttributeOptions.Include.MESSAGE;
+
+public class IllegalRequestDataException extends AppException {
+    public IllegalRequestDataException(String msg) {
+        super(HttpStatus.UNPROCESSABLE_ENTITY, msg, ErrorAttributeOptions.of(MESSAGE));
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java b/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
index 33d764e..5f709d4 100644
--- a/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
+++ b/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
@@ -1,12 +1,13 @@
 package ru.javaops.bootjava.util;
 
+import ru.javaops.bootjava.error.IllegalRequestDataException;
 import ru.javaops.bootjava.model.BaseEntity;
 
 public class ValidationUtil {
 
     public static void checkNew(BaseEntity entity) {
         if (!entity.isNew()) {
-            throw new IllegalArgumentException(entity + " must be new (id=null)");
+            throw new IllegalRequestDataException(entity.getClass().getSimpleName() + " must be new (id=null)");
         }
     }
 
@@ -15,7 +16,7 @@ public static void assureIdConsistent(BaseEntity entity, int id) {
         if (entity.isNew()) {
             entity.setId(id);
         } else if (entity.id() != id) {
-            throw new IllegalArgumentException(entity + " must has id=" + id);
+            throw new IllegalRequestDataException(entity.getClass().getSimpleName() + " must has id=" + id);
         }
     }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java b/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java
new file mode 100644
index 0000000..9a917cb
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java
@@ -0,0 +1,28 @@
+package ru.javaops.bootjava.web.error;
+
+import lombok.AllArgsConstructor;
+import org.springframework.boot.web.servlet.error.ErrorAttributes;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+import org.springframework.web.context.request.WebRequest;
+import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
+import ru.javaops.bootjava.error.AppException;
+
+import java.util.Map;
+
+@RestControllerAdvice
+@AllArgsConstructor
+public class GlobalExceptionHandler extends ResponseEntityExceptionHandler {
+    private final ErrorAttributes errorAttributes;
+
+    @ExceptionHandler(AppException.class)
+    public ResponseEntity<Map<String, Object>> appException(AppException ex, WebRequest request) {
+        Map<String, Object> body = errorAttributes.getErrorAttributes(request, ex.getOptions());
+        HttpStatus status = ex.getStatus();
+        body.put("status", status.value());
+        body.put("error", status.getReasonPhrase());
+        return ResponseEntity.status(status).body(body);
+    }
+}

From bc7cb5a53dde05e60a7e40e9ec49cef0a9ae9cf3 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 21:04:04 +0400
Subject: [PATCH 20/29] 5_01_account_controller.patch

---
 .../bootjava/web/AccountController.java       | 41 +++++++++++++++----
 1 file changed, 34 insertions(+), 7 deletions(-)

diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index a7c9a40..d9fde22 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -2,6 +2,11 @@
 
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.rest.webmvc.RepositoryLinksResource;
+import org.springframework.hateoas.EntityModel;
+import org.springframework.hateoas.MediaTypes;
+import org.springframework.hateoas.server.RepresentationModelProcessor;
+import org.springframework.hateoas.server.mvc.RepresentationModelAssemblerSupport;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
@@ -19,15 +24,23 @@
 import java.util.Set;
 
 @RestController
-@RequestMapping(value = "/api/account")
+@RequestMapping("/api/account")
 @AllArgsConstructor
 @Slf4j
-public class AccountController {
+public class AccountController implements RepresentationModelProcessor<RepositoryLinksResource> {
+    @SuppressWarnings("unchecked")
+    private static final RepresentationModelAssemblerSupport<User, EntityModel<User>> ASSEMBLER =
+            new RepresentationModelAssemblerSupport<>(AccountController.class, (Class<EntityModel<User>>) (Class<?>) EntityModel.class) {
+                @Override
+                public EntityModel<User> toModel(User user) {
+                    return EntityModel.of(user, linkTo(AccountController.class).withSelfRel());
+                }
+            };
 
     private final UserRepository userRepository;
 
-    @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
-    public User get(@AuthenticationPrincipal AuthUser authUser) {
+    @GetMapping(produces = MediaTypes.HAL_JSON_VALUE)
+    public EntityModel<User> get(@AuthenticationPrincipal AuthUser authUser) {
         log.info("get {}", authUser);
         return authUser.getUser();
     }
@@ -39,9 +52,9 @@ public void delete(@AuthenticationPrincipal AuthUser authUser) {
         userRepository.deleteById(authUser.id());
     }
 
-    @PostMapping(value = "/register", consumes = MediaType.APPLICATION_JSON_VALUE)
+    @PostMapping(value = "/register", consumes = MediaTypes.HAL_JSON_VALUE)
     @ResponseStatus(value = HttpStatus.CREATED)
-    public ResponseEntity<User> register(@Valid @RequestBody User user) {
+    public ResponseEntity<EntityModel<User>> register(@Valid @RequestBody User user) {
         log.info("register {}", user);
         ValidationUtil.checkNew(user);
         user.setRoles(Set.of(Role.USER));
@@ -49,7 +62,7 @@ public ResponseEntity<User> register(@Valid @RequestBody User user) {
         URI uriOfNewResource = ServletUriComponentsBuilder.fromCurrentContextPath()
                 .path("/api/account")
                 .build().toUri();
-        return ResponseEntity.created(uriOfNewResource).body(user);
+        return ResponseEntity.created(uriOfNewResource).body(ASSEMBLER.toModel(user));
     }
 
     @PutMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
@@ -64,4 +77,18 @@ public void update(@Valid @RequestBody User user, @AuthenticationPrincipal AuthU
         }
         userRepository.save(user);
     }
+
+/*
+    @GetMapping(value = "/pageDemo", produces = MediaTypes.HAL_JSON_VALUE)
+    public PagedModel<EntityModel<User>> pageDemo(Pageable page, PagedResourcesAssembler<User> pagedAssembler) {
+        Page<User> users = userRepository.findAll(page);
+        return pagedAssembler.toModel(users, ASSEMBLER);
+    }
+*/
+
+    @Override
+    public RepositoryLinksResource process(RepositoryLinksResource resource) {
+        resource.add(linkTo(AccountController.class).withRel("account"));
+        return resource;
+    }
 }

From ce46da041201ebaf370455d09c786124dc2bbbdd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 21:04:22 +0400
Subject: [PATCH 21/29] 5_03_account_hateoas_paging.patch

---
 .../javaops/bootjava/repository/UserRepository.java |  5 +++--
 .../ru/javaops/bootjava/web/AccountController.java  | 13 ++++++++++++-
 src/main/resources/application.yaml                 |  7 +++++++
 3 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
index dc2a413..b808c1d 100644
--- a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -1,12 +1,13 @@
 package ru.javaops.bootjava.repository;
 
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.Pageable;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.rest.core.annotation.RestResource;
 import org.springframework.transaction.annotation.Transactional;
 import ru.javaops.bootjava.model.User;
 
-import java.util.List;
 import java.util.Optional;
 
 @Transactional(readOnly = true)
@@ -17,5 +18,5 @@ public interface UserRepository extends JpaRepository<User, Integer> {
     Optional<User> findByEmailIgnoreCase(String email);
 
     @RestResource(rel = "by-lastname", path = "by-lastname")
-    List<User> findByLastNameContainingIgnoreCase(String lastName);
+    Page<User> findByLastNameContainingIgnoreCase(String lastName, Pageable page);
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index d9fde22..f26e562 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -23,6 +23,17 @@
 import java.net.URI;
 import java.util.Set;
 
+import static org.springframework.hateoas.server.mvc.WebMvcLinkBuilder.linkTo;
+
+/**
+ * Do not use {@link org.springframework.data.rest.webmvc.RepositoryRestController (BasePathAwareController}
+ * Bugs:
+ * NPE with http://localhost:8080/api/account<br>
+ * <a href="https://github.com/spring-projects/spring-hateoas/issues/434">data.rest.base-path missed in HAL links</a><br>
+ * <a href="https://jira.spring.io/browse/DATAREST-748">Two endpoints created</a>
+ * <p>
+ * RequestMapping("/${spring.data.rest.basePath}/account") give "Not enough variable values"
+ */
 @RestController
 @RequestMapping("/api/account")
 @AllArgsConstructor
@@ -42,7 +53,7 @@ public EntityModel<User> toModel(User user) {
     @GetMapping(produces = MediaTypes.HAL_JSON_VALUE)
     public EntityModel<User> get(@AuthenticationPrincipal AuthUser authUser) {
         log.info("get {}", authUser);
-        return authUser.getUser();
+        return ASSEMBLER.toModel(authUser.getUser());
     }
 
     @DeleteMapping
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 993777a..ac07ee9 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -31,6 +31,7 @@ spring:
   data.rest:
     #  https://docs.spring.io/spring-data/rest/docs/current/reference/html/#getting-started.basic-settings
     basePath: /api
+    defaultPageSize: 20
     returnBodyOnCreate: true
 
 #  https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-application-properties.html#security-properties
@@ -46,6 +47,12 @@ logging:
     ru.javaops.bootjava: DEBUG
 #    org.springframework.security.web.FilterChainProxy: DEBUG
 
+server.servlet:
+  encoding:
+    charset: UTF-8 # Charset of HTTP requests and responses. Added to the "Content-Type" header if not set explicitly
+    enabled: true # Enable http encoding support
+    force: true
+
 # Jackson Serialization Issue Resolver
 #  jackson:
 #    visibility.field: any

From 75228dd526bdabda199f09315a66e26dd6912d92 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 21:34:12 +0400
Subject: [PATCH 22/29] 6_01_oas3_swagger.patch

---
 pom.xml                                       | 20 +++++++++-
 .../bootjava/config/OpenApiConfig.java        | 39 +++++++++++++++++++
 .../bootjava/repository/UserRepository.java   |  2 +
 .../bootjava/web/AccountController.java       |  2 +
 4 files changed, 62 insertions(+), 1 deletion(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java

diff --git a/pom.xml b/pom.xml
index 04dd5c3..43ff567 100644
--- a/pom.xml
+++ b/pom.xml
@@ -17,6 +17,7 @@
 
     <properties>
         <java.version>15</java.version>
+        <springdoc.version>1.5.6</springdoc.version>
     </properties>
 
     <dependencies>
@@ -48,6 +49,23 @@
                     <scope>runtime</scope>
                 </dependency>
         -->
+
+        <!--Swagger-->
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-ui</artifactId>
+            <version>${springdoc.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-data-rest</artifactId>
+            <version>${springdoc.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-security</artifactId>
+            <version>${springdoc.version}</version>
+        </dependency>
         <dependency>
             <groupId>com.h2database</groupId>
             <artifactId>h2</artifactId>
@@ -58,7 +76,7 @@
             <optional>true</optional>
         </dependency>
 
-<!--    https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.4-Release-Notes#junit-5s-vintage-engine-removed-from-spring-boot-starter-test-->
+        <!--    https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.4-Release-Notes#junit-5s-vintage-engine-removed-from-spring-boot-starter-test-->
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>
diff --git a/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java b/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java
new file mode 100644
index 0000000..4f6293d
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java
@@ -0,0 +1,39 @@
+package ru.javaops.bootjava.config;
+
+import io.swagger.v3.oas.annotations.OpenAPIDefinition;
+import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
+import io.swagger.v3.oas.annotations.info.Contact;
+import io.swagger.v3.oas.annotations.info.Info;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
+import io.swagger.v3.oas.annotations.security.SecurityScheme;
+import org.springdoc.core.GroupedOpenApi;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+//https://sabljakovich.medium.com/adding-basic-auth-authorization-option-to-openapi-swagger-documentation-java-spring-95abbede27e9
+@SecurityScheme(
+        name = "basicAuth",
+        type = SecuritySchemeType.HTTP,
+        scheme = "basic"
+)
+@OpenAPIDefinition(
+        info = @Info(
+                title = "REST API documentation",
+                version = "1.0",
+                description = "Приложение по <a href='https://javaops.ru/view/bootjava'>курсу BootJava</a>",
+                contact = @Contact(url = "https://javaops.ru/#contacts", name = "Grigory Kislin", email = "admin@javaops.ru")
+        ),
+        security = @SecurityRequirement(name = "basicAuth")
+)
+public class OpenApiConfig {
+
+    @Bean
+    public GroupedOpenApi api() {
+        return GroupedOpenApi.builder()
+                .group("REST API")
+                .pathsToMatch("/api/**")
+                .pathsToExclude("/api/profile/**")
+                .build();
+    }
+}
diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
index b808c1d..5c71376 100644
--- a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -1,5 +1,6 @@
 package ru.javaops.bootjava.repository;
 
+import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.jpa.repository.JpaRepository;
@@ -11,6 +12,7 @@
 import java.util.Optional;
 
 @Transactional(readOnly = true)
+@Tag(name = "User Controller")
 public interface UserRepository extends JpaRepository<User, Integer> {
 
     @RestResource(rel = "by-email", path = "by-email")
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index f26e562..ee5806e 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -1,5 +1,6 @@
 package ru.javaops.bootjava.web;
 
+import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.data.rest.webmvc.RepositoryLinksResource;
@@ -38,6 +39,7 @@
 @RequestMapping("/api/account")
 @AllArgsConstructor
 @Slf4j
+@Tag(name = "Account Controller")
 public class AccountController implements RepresentationModelProcessor<RepositoryLinksResource> {
     @SuppressWarnings("unchecked")
     private static final RepresentationModelAssemblerSupport<User, EntityModel<User>> ASSEMBLER =

From 3b7fd738baf71aefff3def6c367d06bbd6f4a443 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 22:41:20 +0400
Subject: [PATCH 23/29] 4_04_db_security_auth_user.patch

---
 .../java/ru/javaops/bootjava/RestaurantVotingApplication.java   | 2 --
 1 file changed, 2 deletions(-)

diff --git a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
index 3326420..ee6a1ed 100644
--- a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
+++ b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
@@ -1,11 +1,9 @@
 package ru.javaops.bootjava;
 
-import lombok.AllArgsConstructor;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 
 @SpringBootApplication
-@AllArgsConstructor
 public class RestaurantVotingApplication {
 
     public static void main(String[] args) {

From 09df41d314d74422168fbc1f6e480142194ae4fd Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 22:42:19 +0400
Subject: [PATCH 24/29] 6_02_fix_update.patch

---
 pom.xml                                                |  2 +-
 .../ru/javaops/bootjava/util/JsonDeserializers.java    |  2 ++
 .../java/ru/javaops/bootjava/util/ValidationUtil.java  |  2 ++
 .../ru/javaops/bootjava/web/AccountController.java     |  6 +++---
 .../bootjava/web/error/GlobalExceptionHandler.java     | 10 ++++++++++
 src/main/resources/application.yaml                    |  2 +-
 6 files changed, 19 insertions(+), 5 deletions(-)

diff --git a/pom.xml b/pom.xml
index 43ff567..d1ac589 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.4.0</version>
+        <version>2.4.4</version>
         <relativePath/> <!-- lookup parent from repository -->
     </parent>
     <groupId>ru.javaops.bootjava</groupId>
diff --git a/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java b/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java
index a567a40..153afb4 100644
--- a/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java
+++ b/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java
@@ -5,10 +5,12 @@
 import com.fasterxml.jackson.databind.DeserializationContext;
 import com.fasterxml.jackson.databind.JsonDeserializer;
 import com.fasterxml.jackson.databind.JsonNode;
+import lombok.experimental.UtilityClass;
 import ru.javaops.bootjava.config.WebSecurityConfig;
 
 import java.io.IOException;
 
+@UtilityClass
 public class JsonDeserializers {
 
     // https://stackoverflow.com/a/60995048/548473
diff --git a/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java b/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
index 5f709d4..4d5c29c 100644
--- a/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
+++ b/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
@@ -1,8 +1,10 @@
 package ru.javaops.bootjava.util;
 
+import lombok.experimental.UtilityClass;
 import ru.javaops.bootjava.error.IllegalRequestDataException;
 import ru.javaops.bootjava.model.BaseEntity;
 
+@UtilityClass
 public class ValidationUtil {
 
     public static void checkNew(BaseEntity entity) {
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index ee5806e..b05cfb9 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -22,7 +22,7 @@
 
 import javax.validation.Valid;
 import java.net.URI;
-import java.util.Set;
+import java.util.EnumSet;
 
 import static org.springframework.hateoas.server.mvc.WebMvcLinkBuilder.linkTo;
 
@@ -65,12 +65,12 @@ public void delete(@AuthenticationPrincipal AuthUser authUser) {
         userRepository.deleteById(authUser.id());
     }
 
-    @PostMapping(value = "/register", consumes = MediaTypes.HAL_JSON_VALUE)
+    @PostMapping(value = "/register", consumes = MediaType.APPLICATION_JSON_VALUE)
     @ResponseStatus(value = HttpStatus.CREATED)
     public ResponseEntity<EntityModel<User>> register(@Valid @RequestBody User user) {
         log.info("register {}", user);
         ValidationUtil.checkNew(user);
-        user.setRoles(Set.of(Role.USER));
+        user.setRoles(EnumSet.of(Role.USER));
         user = userRepository.save(user);
         URI uriOfNewResource = ServletUriComponentsBuilder.fromCurrentContextPath()
                 .path("/api/account")
diff --git a/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java b/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java
index 9a917cb..d441662 100644
--- a/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java
+++ b/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java
@@ -1,7 +1,9 @@
 package ru.javaops.bootjava.web.error;
 
 import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.web.servlet.error.ErrorAttributes;
+import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ExceptionHandler;
@@ -14,15 +16,23 @@
 
 @RestControllerAdvice
 @AllArgsConstructor
+@Slf4j
 public class GlobalExceptionHandler extends ResponseEntityExceptionHandler {
     private final ErrorAttributes errorAttributes;
 
     @ExceptionHandler(AppException.class)
     public ResponseEntity<Map<String, Object>> appException(AppException ex, WebRequest request) {
+        log.error("Application Exception", ex);
         Map<String, Object> body = errorAttributes.getErrorAttributes(request, ex.getOptions());
         HttpStatus status = ex.getStatus();
         body.put("status", status.value());
         body.put("error", status.getReasonPhrase());
         return ResponseEntity.status(status).body(body);
     }
+
+    @Override
+    protected ResponseEntity<Object> handleExceptionInternal(Exception ex, Object body, HttpHeaders headers, HttpStatus status, WebRequest request) {
+        log.error("Exception", ex);
+        return super.handleExceptionInternal(ex, body, headers, status, request);
+    }
 }
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index ac07ee9..77f94f8 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -4,7 +4,7 @@ spring:
     show-sql: true
     open-in-view: false
     hibernate:
-      ddl-auto: create-drop
+      ddl-auto: create
     properties:
       #  http://docs.jboss.org/hibernate/orm/5.3/userguide/html_single/Hibernate_User_Guide.html#configurations
       hibernate:

From b1aeec405af1f4674989b9862a898820d7286939 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 22:44:08 +0400
Subject: [PATCH 25/29] 6_03_add_tests.patch

---
 pom.xml                                       |  6 ++
 .../bootjava/web/AccountController.java       |  4 +-
 .../RestaurantVotingApplicationTests.java     | 12 ----
 .../ru/javaops/bootjava/UserTestUtil.java     |  8 +++
 .../bootjava/web/AbstractControllerTest.java  | 24 +++++++
 .../bootjava/web/AccountControllerTest.java   | 45 +++++++++++++
 .../bootjava/web/UserControllerTest.java      | 64 +++++++++++++++++++
 7 files changed, 150 insertions(+), 13 deletions(-)
 delete mode 100644 src/test/java/ru/javaops/bootjava/RestaurantVotingApplicationTests.java
 create mode 100644 src/test/java/ru/javaops/bootjava/UserTestUtil.java
 create mode 100644 src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
 create mode 100644 src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
 create mode 100644 src/test/java/ru/javaops/bootjava/web/UserControllerTest.java

diff --git a/pom.xml b/pom.xml
index d1ac589..e7d5855 100644
--- a/pom.xml
+++ b/pom.xml
@@ -82,6 +82,12 @@
             <artifactId>spring-boot-starter-test</artifactId>
             <scope>test</scope>
         </dependency>
+        <!--        https://www.baeldung.com/spring-security-integration-tests        -->
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-test</artifactId>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
     <build>
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index b05cfb9..e13c485 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -36,11 +36,13 @@
  * RequestMapping("/${spring.data.rest.basePath}/account") give "Not enough variable values"
  */
 @RestController
-@RequestMapping("/api/account")
+@RequestMapping(AccountController.URL)
 @AllArgsConstructor
 @Slf4j
 @Tag(name = "Account Controller")
 public class AccountController implements RepresentationModelProcessor<RepositoryLinksResource> {
+    static final String URL = "/api/account";
+
     @SuppressWarnings("unchecked")
     private static final RepresentationModelAssemblerSupport<User, EntityModel<User>> ASSEMBLER =
             new RepresentationModelAssemblerSupport<>(AccountController.class, (Class<EntityModel<User>>) (Class<?>) EntityModel.class) {
diff --git a/src/test/java/ru/javaops/bootjava/RestaurantVotingApplicationTests.java b/src/test/java/ru/javaops/bootjava/RestaurantVotingApplicationTests.java
deleted file mode 100644
index 52bba6d..0000000
--- a/src/test/java/ru/javaops/bootjava/RestaurantVotingApplicationTests.java
+++ /dev/null
@@ -1,12 +0,0 @@
-package ru.javaops.bootjava;
-
-import org.junit.jupiter.api.Test;
-import org.springframework.boot.test.context.SpringBootTest;
-
-@SpringBootTest
-class RestaurantVotingApplicationTests {
-
-	@Test
-	void contextLoads() {
-	}
-}
diff --git a/src/test/java/ru/javaops/bootjava/UserTestUtil.java b/src/test/java/ru/javaops/bootjava/UserTestUtil.java
new file mode 100644
index 0000000..8e2123a
--- /dev/null
+++ b/src/test/java/ru/javaops/bootjava/UserTestUtil.java
@@ -0,0 +1,8 @@
+package ru.javaops.bootjava;
+
+public class UserTestUtil {
+    public static final int USER_ID = 1;
+    public static final int ADMIN_ID = 2;
+    public static final String USER_MAIL = "user@gmail.com";
+    public static final String ADMIN_MAIL = "admin@javaops.ru";
+}
diff --git a/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
new file mode 100644
index 0000000..b5a26c0
--- /dev/null
+++ b/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
@@ -0,0 +1,24 @@
+package ru.javaops.bootjava.web;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.ResultActions;
+import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
+import org.springframework.transaction.annotation.Transactional;
+
+//https://docs.spring.io/spring-boot/docs/current/reference/html/spring-boot-features.html#boot-features-testing-spring-boot-applications
+@SpringBootTest
+@Transactional
+@AutoConfigureMockMvc
+//https://docs.spring.io/spring-boot/docs/current/reference/html/spring-boot-features.html#boot-features-testing-spring-boot-applications-testing-with-mock-environment
+public abstract class AbstractControllerTest {
+
+    @Autowired
+    protected MockMvc mockMvc;
+
+    protected ResultActions perform(MockHttpServletRequestBuilder builder) throws Exception {
+        return mockMvc.perform(builder);
+    }
+}
diff --git a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
new file mode 100644
index 0000000..c977623
--- /dev/null
+++ b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
@@ -0,0 +1,45 @@
+package ru.javaops.bootjava.web;
+
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.hateoas.MediaTypes;
+import org.springframework.security.test.context.support.WithUserDetails;
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import ru.javaops.bootjava.repository.UserRepository;
+
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+import static ru.javaops.bootjava.UserTestUtil.*;
+import static ru.javaops.bootjava.web.AccountController.URL;
+
+class AccountControllerTest extends AbstractControllerTest {
+
+    @Autowired
+    private UserRepository userRepository;
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void get() throws Exception {
+        perform(MockMvcRequestBuilders.get(URL))
+                .andExpect(status().isOk())
+                .andDo(print())
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+    }
+
+    @Test
+    void getUnAuth() throws Exception {
+        perform(MockMvcRequestBuilders.get(URL))
+                .andExpect(status().isUnauthorized());
+    }
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void delete() throws Exception {
+        perform(MockMvcRequestBuilders.delete(URL))
+                .andExpect(status().isNoContent());
+        Assertions.assertFalse(userRepository.findById(USER_ID).isPresent());
+        Assertions.assertTrue(userRepository.findById(ADMIN_ID).isPresent());
+    }
+}
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java b/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
new file mode 100644
index 0000000..c90354e
--- /dev/null
+++ b/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
@@ -0,0 +1,64 @@
+package ru.javaops.bootjava.web;
+
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.hateoas.MediaTypes;
+import org.springframework.security.test.context.support.WithUserDetails;
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import ru.javaops.bootjava.repository.UserRepository;
+
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+import static ru.javaops.bootjava.UserTestUtil.*;
+
+class UserControllerTest extends AbstractControllerTest {
+    static final String URL = "/api/users/";
+
+    @Autowired
+    private UserRepository userRepository;
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void get() throws Exception {
+        perform(MockMvcRequestBuilders.get(URL + USER_ID))
+                .andExpect(status().isOk())
+                .andDo(print())
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void getAll() throws Exception {
+        perform(MockMvcRequestBuilders.get(URL))
+                .andExpect(status().isOk())
+                .andDo(print())
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void getByEmail() throws Exception {
+        perform(MockMvcRequestBuilders.get(URL + "search/by-email?email=" + ADMIN_MAIL))
+                .andExpect(status().isOk())
+                .andDo(print())
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+    }
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void getForbidden() throws Exception {
+        perform(MockMvcRequestBuilders.get(URL))
+                .andExpect(status().isForbidden());
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void delete() throws Exception {
+        perform(MockMvcRequestBuilders.delete(URL + USER_ID))
+                .andExpect(status().isNoContent());
+        Assertions.assertFalse(userRepository.findById(USER_ID).isPresent());
+        Assertions.assertTrue(userRepository.findById(ADMIN_ID).isPresent());
+    }
+}
\ No newline at end of file

From 2d49460923fded447e4309a52bbe1be0fb3bdb6e Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 22:45:43 +0400
Subject: [PATCH 26/29] 6_04_json_support.patch

---
 .../bootjava/config/WebSecurityConfig.java    |  9 ++++++
 .../java/ru/javaops/bootjava/model/User.java  |  6 ++++
 .../ru/javaops/bootjava/util/JsonUtil.java    | 31 +++++++++++++++++++
 .../ru/javaops/bootjava/UserTestUtil.java     | 13 ++++++++
 .../bootjava/web/AccountControllerTest.java   | 24 ++++++++++++++
 .../bootjava/web/UserControllerTest.java      | 24 ++++++++++++++
 6 files changed, 107 insertions(+)
 create mode 100644 src/main/java/ru/javaops/bootjava/util/JsonUtil.java

diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index b6438fc..29fe8ee 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -1,5 +1,6 @@
 package ru.javaops.bootjava.config;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -18,7 +19,9 @@
 import ru.javaops.bootjava.model.Role;
 import ru.javaops.bootjava.model.User;
 import ru.javaops.bootjava.repository.UserRepository;
+import ru.javaops.bootjava.util.JsonUtil;
 
+import javax.annotation.PostConstruct;
 import java.util.Optional;
 
 @Configuration
@@ -29,6 +32,12 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
     public static final PasswordEncoder PASSWORD_ENCODER = PasswordEncoderFactories.createDelegatingPasswordEncoder();
     private final UserRepository userRepository;
+    private final ObjectMapper objectMapper;
+
+    @PostConstruct
+    void setMapper() {
+        JsonUtil.setObjectMapper(objectMapper);
+    }
 
     @Bean
     public UserDetailsService userDetailsService() {
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
index c61b200..effb0b1 100644
--- a/src/main/java/ru/javaops/bootjava/model/User.java
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -11,6 +11,8 @@
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.Size;
 import java.io.Serializable;
+import java.util.Collection;
+import java.util.EnumSet;
 import java.util.Set;
 
 @Entity
@@ -21,6 +23,10 @@
 @AllArgsConstructor
 @ToString(callSuper = true, exclude = {"password"})
 public class User extends BaseEntity implements Serializable {
+    public User(Integer id, String email, String firstName, String lastName, String password, Collection<Role> roles) {
+        this(email, firstName, lastName, password, EnumSet.copyOf(roles));
+        this.id = id;
+    }
 
     @Column(name = "email", nullable = false, unique = true)
     @Email
diff --git a/src/main/java/ru/javaops/bootjava/util/JsonUtil.java b/src/main/java/ru/javaops/bootjava/util/JsonUtil.java
new file mode 100644
index 0000000..336088a
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/util/JsonUtil.java
@@ -0,0 +1,31 @@
+package ru.javaops.bootjava.util;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.ObjectReader;
+import lombok.experimental.UtilityClass;
+
+import java.io.IOException;
+import java.util.List;
+
+@UtilityClass
+public class JsonUtil {
+    private static ObjectMapper objectMapper;
+
+    public static void setObjectMapper(ObjectMapper objectMapper) {
+        JsonUtil.objectMapper = objectMapper;
+    }
+
+    public static <T> List<T> readValues(String json, Class<T> clazz) throws IOException {
+        ObjectReader reader = objectMapper.readerFor(clazz);
+        return reader.<T>readValues(json).readAll();
+    }
+
+    public static <T> T readValue(String json, Class<T> clazz) throws JsonProcessingException {
+        return objectMapper.readValue(json, clazz);
+    }
+
+    public static <T> String writeValue(T obj) throws JsonProcessingException {
+        return objectMapper.writeValueAsString(obj);
+    }
+}
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/UserTestUtil.java b/src/test/java/ru/javaops/bootjava/UserTestUtil.java
index 8e2123a..1a6bb63 100644
--- a/src/test/java/ru/javaops/bootjava/UserTestUtil.java
+++ b/src/test/java/ru/javaops/bootjava/UserTestUtil.java
@@ -1,8 +1,21 @@
 package ru.javaops.bootjava;
 
+import ru.javaops.bootjava.model.Role;
+import ru.javaops.bootjava.model.User;
+
+import java.util.List;
+
 public class UserTestUtil {
     public static final int USER_ID = 1;
     public static final int ADMIN_ID = 2;
     public static final String USER_MAIL = "user@gmail.com";
     public static final String ADMIN_MAIL = "admin@javaops.ru";
+
+    public static User getNew() {
+        return new User(null, "new@gmail.com", "New_First", "New_Last", "newpass", List.of(Role.USER));
+    }
+
+    public static User getUpdated() {
+        return new User(USER_ID, "user_update@gmail.com", "User_First_Update", "User_Last_Update", "password_update", List.of(Role.USER));
+    }
 }
diff --git a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
index c977623..aa6ead2 100644
--- a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
+++ b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
@@ -4,14 +4,18 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.hateoas.MediaTypes;
+import org.springframework.http.MediaType;
 import org.springframework.security.test.context.support.WithUserDetails;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import ru.javaops.bootjava.UserTestUtil;
+import ru.javaops.bootjava.model.User;
 import ru.javaops.bootjava.repository.UserRepository;
 
 import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 import static ru.javaops.bootjava.UserTestUtil.*;
+import static ru.javaops.bootjava.util.JsonUtil.writeValue;
 import static ru.javaops.bootjava.web.AccountController.URL;
 
 class AccountControllerTest extends AbstractControllerTest {
@@ -42,4 +46,24 @@ void delete() throws Exception {
         Assertions.assertFalse(userRepository.findById(USER_ID).isPresent());
         Assertions.assertTrue(userRepository.findById(ADMIN_ID).isPresent());
     }
+
+    @Test
+    void register() throws Exception {
+        User newUser = UserTestUtil.getNew();
+        perform(MockMvcRequestBuilders.post(URL + "/register")
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(writeValue(newUser)))
+                .andExpect(status().isCreated());
+    }
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void update() throws Exception {
+        User updated = UserTestUtil.getUpdated();
+        perform(MockMvcRequestBuilders.put(URL)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(writeValue(updated)))
+                .andDo(print())
+                .andExpect(status().isNoContent());
+    }
 }
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java b/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
index c90354e..9950437 100644
--- a/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
+++ b/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
@@ -4,14 +4,18 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.hateoas.MediaTypes;
+import org.springframework.http.MediaType;
 import org.springframework.security.test.context.support.WithUserDetails;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import ru.javaops.bootjava.UserTestUtil;
+import ru.javaops.bootjava.model.User;
 import ru.javaops.bootjava.repository.UserRepository;
 
 import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 import static ru.javaops.bootjava.UserTestUtil.*;
+import static ru.javaops.bootjava.util.JsonUtil.writeValue;
 
 class UserControllerTest extends AbstractControllerTest {
     static final String URL = "/api/users/";
@@ -61,4 +65,24 @@ void delete() throws Exception {
         Assertions.assertFalse(userRepository.findById(USER_ID).isPresent());
         Assertions.assertTrue(userRepository.findById(ADMIN_ID).isPresent());
     }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void create() throws Exception {
+        User newUser = UserTestUtil.getNew();
+        perform(MockMvcRequestBuilders.post(URL)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(writeValue(newUser)))
+                .andExpect(status().isCreated());
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void update() throws Exception {
+        User updated = UserTestUtil.getUpdated();
+        perform(MockMvcRequestBuilders.put(URL + USER_ID)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(writeValue(updated)))
+                .andExpect(status().isNoContent());
+    }
 }
\ No newline at end of file

From c686e469b174ae3a135dce6d4884290d5373ea7f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 22:47:20 +0400
Subject: [PATCH 27/29] 6_05_test_body_check.patch

---
 .../ru/javaops/bootjava/UserTestUtil.java     | 28 +++++++++++++++++++
 .../bootjava/web/AccountControllerTest.java   | 12 ++++++--
 .../bootjava/web/UserControllerTest.java      | 11 ++++++--
 3 files changed, 45 insertions(+), 6 deletions(-)

diff --git a/src/test/java/ru/javaops/bootjava/UserTestUtil.java b/src/test/java/ru/javaops/bootjava/UserTestUtil.java
index 1a6bb63..c0c5c78 100644
--- a/src/test/java/ru/javaops/bootjava/UserTestUtil.java
+++ b/src/test/java/ru/javaops/bootjava/UserTestUtil.java
@@ -1,15 +1,25 @@
 package ru.javaops.bootjava;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
+import org.springframework.test.web.servlet.MvcResult;
+import org.springframework.test.web.servlet.ResultMatcher;
 import ru.javaops.bootjava.model.Role;
 import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.util.JsonUtil;
 
+import java.io.UnsupportedEncodingException;
 import java.util.List;
+import java.util.function.BiConsumer;
+
+import static org.assertj.core.api.Assertions.assertThat;
 
 public class UserTestUtil {
     public static final int USER_ID = 1;
     public static final int ADMIN_ID = 2;
     public static final String USER_MAIL = "user@gmail.com";
     public static final String ADMIN_MAIL = "admin@javaops.ru";
+    public static final User user = new User(USER_ID, USER_MAIL, "User_First", "User_Last", "password", List.of(Role.USER));
+    public static final User admin = new User(ADMIN_ID, ADMIN_MAIL, "Admin_First", "Admin_Last", "admin", List.of(Role.ADMIN, Role.USER));
 
     public static User getNew() {
         return new User(null, "new@gmail.com", "New_First", "New_Last", "newpass", List.of(Role.USER));
@@ -18,4 +28,22 @@ public static User getNew() {
     public static User getUpdated() {
         return new User(USER_ID, "user_update@gmail.com", "User_First_Update", "User_Last_Update", "password_update", List.of(Role.USER));
     }
+
+    public static void assertEquals(User actual, User expected) {
+        assertThat(actual).usingRecursiveComparison().ignoringFields("password").isEqualTo(expected);
+    }
+
+    // No id in HATEOAS answer
+    public static void assertNoIdEquals(User actual, User expected) {
+        assertThat(actual).usingRecursiveComparison().ignoringFields("id", "password").isEqualTo(expected);
+    }
+
+    public static User asUser(MvcResult mvcResult) throws UnsupportedEncodingException, JsonProcessingException {
+        String jsonActual = mvcResult.getResponse().getContentAsString();
+        return JsonUtil.readValue(jsonActual, User.class);
+    }
+
+    public static ResultMatcher jsonMatcher(User expected, BiConsumer<User, User> equalsAssertion) {
+        return mvcResult -> equalsAssertion.accept(asUser(mvcResult), expected);
+    }
 }
diff --git a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
index aa6ead2..9185be8 100644
--- a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
+++ b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
@@ -29,7 +29,8 @@ void get() throws Exception {
         perform(MockMvcRequestBuilders.get(URL))
                 .andExpect(status().isOk())
                 .andDo(print())
-                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE))
+                .andExpect(jsonMatcher(user, UserTestUtil::assertEquals));
     }
 
     @Test
@@ -50,10 +51,14 @@ void delete() throws Exception {
     @Test
     void register() throws Exception {
         User newUser = UserTestUtil.getNew();
-        perform(MockMvcRequestBuilders.post(URL + "/register")
+        User registered = asUser(perform(MockMvcRequestBuilders.post(URL + "/register")
                 .contentType(MediaType.APPLICATION_JSON)
                 .content(writeValue(newUser)))
-                .andExpect(status().isCreated());
+                .andExpect(status().isCreated()).andReturn());
+        int newId = registered.id();
+        newUser.setId(newId);
+        UserTestUtil.assertEquals(registered, newUser);
+        UserTestUtil.assertEquals(registered, userRepository.findById(newId).orElseThrow());
     }
 
     @Test
@@ -65,5 +70,6 @@ void update() throws Exception {
                 .content(writeValue(updated)))
                 .andDo(print())
                 .andExpect(status().isNoContent());
+        UserTestUtil.assertEquals(updated, userRepository.findById(USER_ID).orElseThrow());
     }
 }
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java b/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
index 9950437..9295ca0 100644
--- a/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
+++ b/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
@@ -29,12 +29,14 @@ void get() throws Exception {
         perform(MockMvcRequestBuilders.get(URL + USER_ID))
                 .andExpect(status().isOk())
                 .andDo(print())
-                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE))
+                .andExpect(jsonMatcher(user, UserTestUtil::assertNoIdEquals));
     }
 
     @Test
     @WithUserDetails(value = ADMIN_MAIL)
     void getAll() throws Exception {
+        // TODO check content yourself
         perform(MockMvcRequestBuilders.get(URL))
                 .andExpect(status().isOk())
                 .andDo(print())
@@ -47,7 +49,8 @@ void getByEmail() throws Exception {
         perform(MockMvcRequestBuilders.get(URL + "search/by-email?email=" + ADMIN_MAIL))
                 .andExpect(status().isOk())
                 .andDo(print())
-                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE))
+                .andExpect(jsonMatcher(admin, UserTestUtil::assertNoIdEquals));
     }
 
     @Test
@@ -73,7 +76,8 @@ void create() throws Exception {
         perform(MockMvcRequestBuilders.post(URL)
                 .contentType(MediaType.APPLICATION_JSON)
                 .content(writeValue(newUser)))
-                .andExpect(status().isCreated());
+                .andExpect(status().isCreated())
+                .andExpect(jsonMatcher(newUser, UserTestUtil::assertNoIdEquals));
     }
 
     @Test
@@ -84,5 +88,6 @@ void update() throws Exception {
                 .contentType(MediaType.APPLICATION_JSON)
                 .content(writeValue(updated)))
                 .andExpect(status().isNoContent());
+        UserTestUtil.assertEquals(updated, userRepository.findById(USER_ID).orElseThrow());
     }
 }
\ No newline at end of file

From a960d8a5f5f5e315bdf0380cb2669f3b40223027 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 22:48:56 +0400
Subject: [PATCH 28/29] 6_06_add_cache.patch

---
 pom.xml                                               | 11 +++++++++++
 .../java/ru/javaops/bootjava/config/AppConfig.java    |  2 ++
 .../ru/javaops/bootjava/config/WebSecurityConfig.java |  2 +-
 .../javaops/bootjava/repository/UserRepository.java   |  2 ++
 .../ru/javaops/bootjava/web/AccountController.java    |  8 ++++++--
 5 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/pom.xml b/pom.xml
index e7d5855..a78d752 100644
--- a/pom.xml
+++ b/pom.xml
@@ -66,6 +66,17 @@
             <artifactId>springdoc-openapi-security</artifactId>
             <version>${springdoc.version}</version>
         </dependency>
+
+        <!--cache-->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-cache</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.github.ben-manes.caffeine</groupId>
+            <artifactId>caffeine</artifactId>
+        </dependency>
+
         <dependency>
             <groupId>com.h2database</groupId>
             <artifactId>h2</artifactId>
diff --git a/src/main/java/ru/javaops/bootjava/config/AppConfig.java b/src/main/java/ru/javaops/bootjava/config/AppConfig.java
index 19dbc45..4a9742b 100644
--- a/src/main/java/ru/javaops/bootjava/config/AppConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/AppConfig.java
@@ -2,6 +2,7 @@
 
 import lombok.extern.slf4j.Slf4j;
 import org.h2.tools.Server;
+import org.springframework.cache.annotation.EnableCaching;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
@@ -9,6 +10,7 @@
 
 @Configuration
 @Slf4j
+@EnableCaching
 public class AppConfig {
 
 /*
diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index 29fe8ee..2e18324 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -43,7 +43,7 @@ void setMapper() {
     public UserDetailsService userDetailsService() {
         return email -> {
             log.debug("Authenticating '{}'", email);
-            Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email);
+            Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email.toLowerCase());
             return new AuthUser(optionalUser.orElseThrow(
                     () -> new UsernameNotFoundException("User '" + email + "' was not found")));
         };
diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
index 5c71376..b676a7f 100644
--- a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -1,6 +1,7 @@
 package ru.javaops.bootjava.repository;
 
 import io.swagger.v3.oas.annotations.tags.Tag;
+import org.springframework.cache.annotation.Cacheable;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.jpa.repository.JpaRepository;
@@ -17,6 +18,7 @@ public interface UserRepository extends JpaRepository<User, Integer> {
 
     @RestResource(rel = "by-email", path = "by-email")
     @Query("SELECT u FROM User u WHERE u.email = LOWER(:email)")
+    @Cacheable("users")
     Optional<User> findByEmailIgnoreCase(String email);
 
     @RestResource(rel = "by-lastname", path = "by-lastname")
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index e13c485..a43eb3e 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -3,6 +3,8 @@
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.cache.annotation.CacheEvict;
+import org.springframework.cache.annotation.CachePut;
 import org.springframework.data.rest.webmvc.RepositoryLinksResource;
 import org.springframework.hateoas.EntityModel;
 import org.springframework.hateoas.MediaTypes;
@@ -62,6 +64,7 @@ public EntityModel<User> get(@AuthenticationPrincipal AuthUser authUser) {
 
     @DeleteMapping
     @ResponseStatus(HttpStatus.NO_CONTENT)
+    @CacheEvict(value = "users", key = "#authUser.username")
     public void delete(@AuthenticationPrincipal AuthUser authUser) {
         log.info("delete {}", authUser);
         userRepository.deleteById(authUser.id());
@@ -82,7 +85,8 @@ public ResponseEntity<EntityModel<User>> register(@Valid @RequestBody User user)
 
     @PutMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
     @ResponseStatus(HttpStatus.NO_CONTENT)
-    public void update(@Valid @RequestBody User user, @AuthenticationPrincipal AuthUser authUser) {
+    @CachePut(value = "users", key = "#authUser.username")
+    public User update(@Valid @RequestBody User user, @AuthenticationPrincipal AuthUser authUser) {
         log.info("update {} to {}", authUser, user);
         User oldUser = authUser.getUser();
         ValidationUtil.assureIdConsistent(user, oldUser.id());
@@ -90,7 +94,7 @@ public void update(@Valid @RequestBody User user, @AuthenticationPrincipal AuthU
         if (user.getPassword() == null) {
             user.setPassword(oldUser.getPassword());
         }
-        userRepository.save(user);
+        return userRepository.save(user);
     }
 
 /*

From 3ac538bec149689bfc454013004474f99755da7b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?=D0=92=D0=B0=D0=BB=D0=B5=D0=BD=D1=82=D0=B8=D0=BD?=
 <moysait1984@yandex.ru>
Date: Mon, 24 May 2021 22:50:08 +0400
Subject: [PATCH 29/29] 6_07_update_cache.patch

---
 .../bootjava/repository/UserRepository.java   | 21 +++++++++++++++++++
 .../bootjava/web/AbstractControllerTest.java  |  2 ++
 src/test/resources/application-test.yaml      |  1 +
 3 files changed, 24 insertions(+)
 create mode 100644 src/test/resources/application-test.yaml

diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
index b676a7f..a579ae6 100644
--- a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -1,10 +1,13 @@
 package ru.javaops.bootjava.repository;
 
 import io.swagger.v3.oas.annotations.tags.Tag;
+import org.springframework.cache.annotation.CacheEvict;
+import org.springframework.cache.annotation.CachePut;
 import org.springframework.cache.annotation.Cacheable;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Modifying;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.rest.core.annotation.RestResource;
 import org.springframework.transaction.annotation.Transactional;
@@ -23,4 +26,22 @@ public interface UserRepository extends JpaRepository<User, Integer> {
 
     @RestResource(rel = "by-lastname", path = "by-lastname")
     Page<User> findByLastNameContainingIgnoreCase(String lastName, Pageable page);
+
+    @Override
+    @Modifying
+    @Transactional
+    @CachePut(value = "users", key = "#user.email")
+    User save(User user);
+
+    @Override
+    @Modifying
+    @Transactional
+    @CacheEvict(value = "users", key = "#user.email")
+    void delete(User user);
+
+    @Override
+    @Modifying
+    @Transactional
+    @CacheEvict(value = "users", allEntries = true)
+    void deleteById(Integer integer);
 }
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
index b5a26c0..68cf79c 100644
--- a/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
+++ b/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
@@ -3,6 +3,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.ResultActions;
 import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
@@ -12,6 +13,7 @@
 @SpringBootTest
 @Transactional
 @AutoConfigureMockMvc
+@ActiveProfiles("test")
 //https://docs.spring.io/spring-boot/docs/current/reference/html/spring-boot-features.html#boot-features-testing-spring-boot-applications-testing-with-mock-environment
 public abstract class AbstractControllerTest {
 
diff --git a/src/test/resources/application-test.yaml b/src/test/resources/application-test.yaml
new file mode 100644
index 0000000..be16632
--- /dev/null
+++ b/src/test/resources/application-test.yaml
@@ -0,0 +1 @@
+spring.cache.type: none
\ No newline at end of file