From d0ac767dde56ab697ae11c9843dd379769156bca Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Mon, 25 Apr 2022 22:00:31 +0300
Subject: [PATCH 01/26] 0_00_add patches to gitignore

---
 .gitignore | 1 +
 1 file changed, 1 insertion(+)

diff --git a/.gitignore b/.gitignore
index a5d9a78..4c6870b 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1,5 +1,6 @@
 HELP.md
 /target/
+patches
 
 ### IntelliJ IDEA ###
 .idea

From a14d83bbf441ddea4db412665ef0f323d2f835ea Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Mon, 25 Apr 2022 23:24:11 +0300
Subject: [PATCH 02/26] 1_01_user_with_lombok

---
 pom.xml                                       | 10 +++++++-
 .../java/ru/javaops/bootjava/model/Role.java  |  6 +++++
 .../java/ru/javaops/bootjava/model/User.java  | 23 +++++++++++++++++++
 3 files changed, 38 insertions(+), 1 deletion(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/model/Role.java
 create mode 100644 src/main/java/ru/javaops/bootjava/model/User.java

diff --git a/pom.xml b/pom.xml
index ca66a72..5fc00d1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.4.0</version>
+        <version>2.6.7</version>
         <relativePath/> <!-- lookup parent from repository -->
     </parent>
     <groupId>ru.javaops.bootjava</groupId>
@@ -53,6 +53,14 @@
             <plugin>
                 <groupId>org.springframework.boot</groupId>
                 <artifactId>spring-boot-maven-plugin</artifactId>
+                <configuration>
+                    <excludes>
+                        <exclude>
+                            <groupId>org.projectlombok</groupId>
+                            <artifactId>lombok</artifactId>
+                        </exclude>
+                    </excludes>
+                </configuration>
             </plugin>
         </plugins>
     </build>
diff --git a/src/main/java/ru/javaops/bootjava/model/Role.java b/src/main/java/ru/javaops/bootjava/model/Role.java
new file mode 100644
index 0000000..432dde8
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/model/Role.java
@@ -0,0 +1,6 @@
+package ru.javaops.bootjava.model;
+
+public enum Role {
+    ROLE_USER,
+    ROLE_ADMIN
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
new file mode 100644
index 0000000..b475761
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -0,0 +1,23 @@
+package ru.javaops.bootjava.model;
+
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+
+import java.util.Set;
+
+@Data
+@NoArgsConstructor
+@AllArgsConstructor
+public class User {
+
+    private String email;
+
+    private String firstName;
+
+    private String lastName;
+
+    private String password;
+
+    private Set<Role> roles;
+}
\ No newline at end of file

From e54a66be3599021e6d663e68e16a49caf8d2ca49 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Tue, 26 Apr 2022 20:36:08 +0300
Subject: [PATCH 03/26] 2_01_data_jpa

---
 pom.xml                                       |  4 +++
 .../bootjava/RestaurantVotingApplication.java | 17 +++++++++-
 .../java/ru/javaops/bootjava/model/User.java  | 33 +++++++++++++++----
 .../bootjava/repository/UserRepository.java   |  7 ++++
 src/main/resources/application.properties     |  9 +++++
 5 files changed, 63 insertions(+), 7 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/repository/UserRepository.java

diff --git a/pom.xml b/pom.xml
index 5fc00d1..8ac21f3 100644
--- a/pom.xml
+++ b/pom.xml
@@ -28,6 +28,10 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-validation</artifactId>
+        </dependency>
 
         <dependency>
             <groupId>com.h2database</groupId>
diff --git a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
index 3326420..61d8ff8 100644
--- a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
+++ b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
@@ -1,14 +1,29 @@
 package ru.javaops.bootjava;
 
 import lombok.AllArgsConstructor;
+import org.springframework.boot.ApplicationArguments;
+import org.springframework.boot.ApplicationRunner;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
+import ru.javaops.bootjava.model.Role;
+import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.repository.UserRepository;
+
+import java.util.Set;
 
 @SpringBootApplication
 @AllArgsConstructor
-public class RestaurantVotingApplication {
+public class RestaurantVotingApplication implements ApplicationRunner {
+    private final UserRepository userRepository;
 
     public static void main(String[] args) {
         SpringApplication.run(RestaurantVotingApplication.class, args);
     }
+
+    @Override
+    public void run(ApplicationArguments args) {
+        userRepository.save(new User("user@gmail.com", "User_First", "User_Last", "password", Set.of(Role.ROLE_USER)));
+        userRepository.save(new User("admin@javaops.ru", "Admin_First", "Admin_Last", "admin", Set.of(Role.ROLE_USER, Role.ROLE_ADMIN)));
+        System.out.println(userRepository.findAll());
+    }
 }
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
index b475761..284f632 100644
--- a/src/main/java/ru/javaops/bootjava/model/User.java
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -1,23 +1,44 @@
 package ru.javaops.bootjava.model;
 
-import lombok.AllArgsConstructor;
-import lombok.Data;
-import lombok.NoArgsConstructor;
+import lombok.*;
+import org.springframework.data.jpa.domain.AbstractPersistable;
 
+import javax.persistence.*;
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.Size;
 import java.util.Set;
 
-@Data
-@NoArgsConstructor
+@Entity
+@Table(name = "users")
+@Getter
+@Setter
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
 @AllArgsConstructor
-public class User {
+@ToString(callSuper = true, exclude = {"password"})
+public class User extends AbstractPersistable<Integer> {
 
+    @Column(name = "email", nullable = false, unique = true)
+    @Email
+    @NotEmpty
+    @Size(max = 128)
     private String email;
 
+    @Column(name = "first_name")
+    @Size(max = 128)
     private String firstName;
 
+    @Column(name = "last_name")
+    @Size(max = 128)
     private String lastName;
 
+    @Column(name = "password")
+    @Size(max = 256)
     private String password;
 
+    @Enumerated(EnumType.STRING)
+    @CollectionTable(name = "user_role", joinColumns = @JoinColumn(name = "user_id"), uniqueConstraints = {@UniqueConstraint(columnNames = {"user_id", "role"}, name = "user_roles_unique")})
+    @Column(name = "role")
+    @ElementCollection(fetch = FetchType.EAGER)
     private Set<Role> roles;
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
new file mode 100644
index 0000000..590c614
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -0,0 +1,7 @@
+package ru.javaops.bootjava.repository;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import ru.javaops.bootjava.model.User;
+
+public interface UserRepository extends JpaRepository<User, Integer> {
+}
\ No newline at end of file
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
index e69de29..3492ea9 100644
--- a/src/main/resources/application.properties
+++ b/src/main/resources/application.properties
@@ -0,0 +1,9 @@
+# https://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html
+# JPA
+spring.jpa.show-sql=true
+spring.jpa.open-in-view=false
+#  http://docs.jboss.org/hibernate/orm/5.3/userguide/html_single/Hibernate_User_Guide.html#configurations
+spring.jpa.properties.hibernate.default_batch_fetch_size=20
+spring.jpa.properties.hibernate.format_sql=true
+# https://stackoverflow.com/questions/21257819/what-is-the-difference-between-hibernate-jdbc-fetch-size-and-hibernate-jdbc-batc
+spring.jpa.properties.hibernate.jdbc.batch_size=20

From 1a380332d218f9826b43aa80fa4747e8e00a4df3 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Tue, 26 Apr 2022 22:31:23 +0300
Subject: [PATCH 04/26] 2_02_h2_init

---
 pom.xml                                       |  1 -
 .../bootjava/RestaurantVotingApplication.java |  6 ----
 .../ru/javaops/bootjava/config/AppConfig.java | 26 ++++++++++++++++
 src/main/resources/application.properties     |  9 ------
 src/main/resources/application.yaml           | 31 +++++++++++++++++++
 src/main/resources/data.sql                   |  8 +++++
 6 files changed, 65 insertions(+), 16 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/config/AppConfig.java
 delete mode 100644 src/main/resources/application.properties
 create mode 100644 src/main/resources/application.yaml
 create mode 100644 src/main/resources/data.sql

diff --git a/pom.xml b/pom.xml
index 8ac21f3..f5a95b1 100644
--- a/pom.xml
+++ b/pom.xml
@@ -36,7 +36,6 @@
         <dependency>
             <groupId>com.h2database</groupId>
             <artifactId>h2</artifactId>
-            <scope>runtime</scope>
         </dependency>
         <dependency>
             <groupId>org.projectlombok</groupId>
diff --git a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
index 61d8ff8..d3b1792 100644
--- a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
+++ b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
@@ -5,12 +5,8 @@
 import org.springframework.boot.ApplicationRunner;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
-import ru.javaops.bootjava.model.Role;
-import ru.javaops.bootjava.model.User;
 import ru.javaops.bootjava.repository.UserRepository;
 
-import java.util.Set;
-
 @SpringBootApplication
 @AllArgsConstructor
 public class RestaurantVotingApplication implements ApplicationRunner {
@@ -22,8 +18,6 @@ public static void main(String[] args) {
 
     @Override
     public void run(ApplicationArguments args) {
-        userRepository.save(new User("user@gmail.com", "User_First", "User_Last", "password", Set.of(Role.ROLE_USER)));
-        userRepository.save(new User("admin@javaops.ru", "Admin_First", "Admin_Last", "admin", Set.of(Role.ROLE_USER, Role.ROLE_ADMIN)));
         System.out.println(userRepository.findAll());
     }
 }
diff --git a/src/main/java/ru/javaops/bootjava/config/AppConfig.java b/src/main/java/ru/javaops/bootjava/config/AppConfig.java
new file mode 100644
index 0000000..19dbc45
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/config/AppConfig.java
@@ -0,0 +1,26 @@
+package ru.javaops.bootjava.config;
+
+import lombok.extern.slf4j.Slf4j;
+import org.h2.tools.Server;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+import java.sql.SQLException;
+
+@Configuration
+@Slf4j
+public class AppConfig {
+
+/*
+    @Bean(initMethod = "start", destroyMethod = "stop")
+    public Server h2WebServer() throws SQLException {
+        return Server.createWebServer("-web", "-webAllowOthers", "-webPort", "8082");
+    }
+*/
+
+    @Bean(initMethod = "start", destroyMethod = "stop")
+    public Server h2Server() throws SQLException {
+        log.info("Start H2 TCP server");
+        return Server.createTcpServer("-tcp", "-tcpAllowOthers", "-tcpPort", "9092");
+    }
+}
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
deleted file mode 100644
index 3492ea9..0000000
--- a/src/main/resources/application.properties
+++ /dev/null
@@ -1,9 +0,0 @@
-# https://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html
-# JPA
-spring.jpa.show-sql=true
-spring.jpa.open-in-view=false
-#  http://docs.jboss.org/hibernate/orm/5.3/userguide/html_single/Hibernate_User_Guide.html#configurations
-spring.jpa.properties.hibernate.default_batch_fetch_size=20
-spring.jpa.properties.hibernate.format_sql=true
-# https://stackoverflow.com/questions/21257819/what-is-the-difference-between-hibernate-jdbc-fetch-size-and-hibernate-jdbc-batc
-spring.jpa.properties.hibernate.jdbc.batch_size=20
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
new file mode 100644
index 0000000..9a85145
--- /dev/null
+++ b/src/main/resources/application.yaml
@@ -0,0 +1,31 @@
+#  https://docs.spring.io/spring-boot/docs/current/reference/html/common-application-properties.html
+spring:
+  jpa:
+    show-sql: true
+    open-in-view: false
+    hibernate:
+      ddl-auto: create-drop
+    properties:
+      #  http://docs.jboss.org/hibernate/orm/5.3/userguide/html_single/Hibernate_User_Guide.html#configurations
+      hibernate:
+        format_sql: true
+        default_batch_fetch_size: 20
+        # https://stackoverflow.com/questions/21257819/what-is-the-difference-between-hibernate-jdbc-fetch-size-and-hibernate-jdbc-batc
+        jdbc.batch_size: 20
+        id.new_generator_mappings: false
+    defer-datasource-initialization: true
+  datasource:
+    # ImMemory
+    url: jdbc:h2:mem:voting
+    #    tcp: jdbc:h2:tcp://localhost:9092/mem:voting
+    # Absolute path
+    #    url: jdbc:h2:C:/projects/bootjava/restorant-voting/db/voting
+    #    tcp: jdbc:h2:tcp://localhost:9092/C:/projects/bootjava/restorant-voting/db/voting
+    # Relative path form current dir
+    #    url: jdbc:h2:./db/voting
+    # Relative path from home
+    #    url: jdbc:h2:~/voting
+    #    tcp: jdbc:h2:tcp://localhost:9092/~/voting
+    username: sa
+    password:
+  h2.console.enabled: true
\ No newline at end of file
diff --git a/src/main/resources/data.sql b/src/main/resources/data.sql
new file mode 100644
index 0000000..0fe391f
--- /dev/null
+++ b/src/main/resources/data.sql
@@ -0,0 +1,8 @@
+INSERT INTO USERS (EMAIL, FIRST_NAME, LAST_NAME, PASSWORD)
+VALUES ('user@gmail.com', 'User_First', 'User_Last', 'password'),
+       ('admin@javaops.ru', 'Admin_First', 'Admin_Last', 'admin');
+
+INSERT INTO USER_ROLE (ROLE, USER_ID)
+VALUES ('ROLE_USER', 1),
+       ('ROLE_ADMIN', 2),
+       ('ROLE_USER', 2);
\ No newline at end of file

From c59f43c01b0d8a4f620a93e3319148fd025da210 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Tue, 26 Apr 2022 23:38:26 +0300
Subject: [PATCH 05/26] 2_03_model_query

---
 .../bootjava/RestaurantVotingApplication.java |  2 +-
 .../ru/javaops/bootjava/model/BaseEntity.java | 52 +++++++++++++++++++
 .../java/ru/javaops/bootjava/model/User.java  |  3 +-
 .../bootjava/repository/UserRepository.java   | 11 ++++
 src/main/resources/application.yaml           |  1 -
 5 files changed, 65 insertions(+), 4 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/model/BaseEntity.java

diff --git a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
index d3b1792..fa56af5 100644
--- a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
+++ b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
@@ -18,6 +18,6 @@ public static void main(String[] args) {
 
     @Override
     public void run(ApplicationArguments args) {
-        System.out.println(userRepository.findAll());
+        System.out.println(userRepository.findByLastNameContainingIgnoreCase("last"));
     }
 }
diff --git a/src/main/java/ru/javaops/bootjava/model/BaseEntity.java b/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
new file mode 100644
index 0000000..4a697e5
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
@@ -0,0 +1,52 @@
+package ru.javaops.bootjava.model;
+
+import lombok.*;
+import org.springframework.data.domain.Persistable;
+import org.springframework.data.util.ProxyUtils;
+import org.springframework.util.Assert;
+
+import javax.persistence.*;
+
+@MappedSuperclass
+//  https://stackoverflow.com/a/6084701/548473
+@Access(AccessType.FIELD)
+@Getter
+@Setter
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
+@AllArgsConstructor(access = AccessLevel.PROTECTED)
+@ToString
+public abstract class BaseEntity implements Persistable<Integer> {
+
+    @Id
+    @GeneratedValue(strategy = GenerationType.IDENTITY)
+    protected Integer id;
+
+    // doesn't work for hibernate lazy proxy
+    public int id() {
+        Assert.notNull(id, "Entity must have id");
+        return id;
+    }
+
+    @Override
+    public boolean isNew() {
+        return id == null;
+    }
+
+    //    https://stackoverflow.com/questions/1638723
+    @Override
+    public boolean equals(Object o) {
+        if (this == o) {
+            return true;
+        }
+        if (o == null || !getClass().equals(ProxyUtils.getUserClass(o))) {
+            return false;
+        }
+        BaseEntity that = (BaseEntity) o;
+        return id != null && id.equals(that.id);
+    }
+
+    @Override
+    public int hashCode() {
+        return id == null ? 0 : id;
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
index 284f632..575aaff 100644
--- a/src/main/java/ru/javaops/bootjava/model/User.java
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -1,7 +1,6 @@
 package ru.javaops.bootjava.model;
 
 import lombok.*;
-import org.springframework.data.jpa.domain.AbstractPersistable;
 
 import javax.persistence.*;
 import javax.validation.constraints.Email;
@@ -16,7 +15,7 @@
 @NoArgsConstructor(access = AccessLevel.PROTECTED)
 @AllArgsConstructor
 @ToString(callSuper = true, exclude = {"password"})
-public class User extends AbstractPersistable<Integer> {
+public class User extends BaseEntity {
 
     @Column(name = "email", nullable = false, unique = true)
     @Email
diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
index 590c614..f5d1f0e 100644
--- a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -1,7 +1,18 @@
 package ru.javaops.bootjava.repository;
 
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.transaction.annotation.Transactional;
 import ru.javaops.bootjava.model.User;
 
+import java.util.List;
+import java.util.Optional;
+
+@Transactional(readOnly = true)
 public interface UserRepository extends JpaRepository<User, Integer> {
+
+    @Query("SELECT u FROM User u WHERE u.email = LOWER(:email)")
+    Optional<User> findByEmailIgnoreCase(String email);
+
+    List<User> findByLastNameContainingIgnoreCase(String lastName);
 }
\ No newline at end of file
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 9a85145..26eb999 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -12,7 +12,6 @@ spring:
         default_batch_fetch_size: 20
         # https://stackoverflow.com/questions/21257819/what-is-the-difference-between-hibernate-jdbc-fetch-size-and-hibernate-jdbc-batc
         jdbc.batch_size: 20
-        id.new_generator_mappings: false
     defer-datasource-initialization: true
   datasource:
     # ImMemory

From f30106e23aa5d7d287d8939604d3e2e59120aef0 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Wed, 27 Apr 2022 22:10:38 +0300
Subject: [PATCH 06/26] 3_01_jpa_data_rest

---
 pom.xml                                            | 14 ++++++++++++--
 .../bootjava/repository/UserRepository.java        |  3 +++
 src/main/resources/application.yaml                |  7 ++++++-
 3 files changed, 21 insertions(+), 3 deletions(-)

diff --git a/pom.xml b/pom.xml
index f5a95b1..cc96994 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,7 +5,7 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.6.7</version>
+        <version>2.5.0</version>
         <relativePath/> <!-- lookup parent from repository -->
     </parent>
     <groupId>ru.javaops.bootjava</groupId>
@@ -32,7 +32,17 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-validation</artifactId>
         </dependency>
-
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-data-rest</artifactId>
+        </dependency>
+        <!--
+                <dependency>
+                    <groupId>org.springframework.data</groupId>
+                    <artifactId>spring-data-rest-hal-browser</artifactId>
+                    <scope>runtime</scope>
+                </dependency>
+        -->
         <dependency>
             <groupId>com.h2database</groupId>
             <artifactId>h2</artifactId>
diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
index f5d1f0e..dc2a413 100644
--- a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -2,6 +2,7 @@
 
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.rest.core.annotation.RestResource;
 import org.springframework.transaction.annotation.Transactional;
 import ru.javaops.bootjava.model.User;
 
@@ -11,8 +12,10 @@
 @Transactional(readOnly = true)
 public interface UserRepository extends JpaRepository<User, Integer> {
 
+    @RestResource(rel = "by-email", path = "by-email")
     @Query("SELECT u FROM User u WHERE u.email = LOWER(:email)")
     Optional<User> findByEmailIgnoreCase(String email);
 
+    @RestResource(rel = "by-lastname", path = "by-lastname")
     List<User> findByLastNameContainingIgnoreCase(String lastName);
 }
\ No newline at end of file
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 26eb999..1b44c33 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -27,4 +27,9 @@ spring:
     #    tcp: jdbc:h2:tcp://localhost:9092/~/voting
     username: sa
     password:
-  h2.console.enabled: true
\ No newline at end of file
+  h2.console.enabled: true
+
+  data.rest:
+    #  https://docs.spring.io/spring-data/rest/docs/current/reference/html/#getting-started.basic-settings
+    basePath: /api
+    returnBodyOnCreate: true
\ No newline at end of file

From 57b5b6cb28a2439eaf762305924d18758a292e26 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Sun, 1 May 2022 09:12:49 +0300
Subject: [PATCH 07/26] 3_02_jackson

---
 src/main/java/ru/javaops/bootjava/model/BaseEntity.java | 2 ++
 src/main/resources/application.yaml                     | 9 ++++++++-
 2 files changed, 10 insertions(+), 1 deletion(-)

diff --git a/src/main/java/ru/javaops/bootjava/model/BaseEntity.java b/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
index 4a697e5..72ed0fc 100644
--- a/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
+++ b/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
@@ -1,5 +1,6 @@
 package ru.javaops.bootjava.model;
 
+import com.fasterxml.jackson.annotation.JsonIgnore;
 import lombok.*;
 import org.springframework.data.domain.Persistable;
 import org.springframework.data.util.ProxyUtils;
@@ -27,6 +28,7 @@ public int id() {
         return id;
     }
 
+    @JsonIgnore
     @Override
     public boolean isNew() {
         return id == null;
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 1b44c33..6fb75a0 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -32,4 +32,11 @@ spring:
   data.rest:
     #  https://docs.spring.io/spring-data/rest/docs/current/reference/html/#getting-started.basic-settings
     basePath: /api
-    returnBodyOnCreate: true
\ No newline at end of file
+    returnBodyOnCreate: true
+
+# Jackson Serialization Issue Resolver
+#  jackson:
+#    visibility.field: any
+#    visibility.getter: none
+#    visibility.setter: none
+#    visibility.is-getter: none
\ No newline at end of file

From d3840787bf9f2ba0f179657ae7fc45ae06a7f579 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Sun, 1 May 2022 11:19:03 +0300
Subject: [PATCH 08/26] 4_01_add_security

---
 pom.xml | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/pom.xml b/pom.xml
index cc96994..be60e0c 100644
--- a/pom.xml
+++ b/pom.xml
@@ -36,6 +36,11 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-data-rest</artifactId>
         </dependency>
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
+
         <!--
                 <dependency>
                     <groupId>org.springframework.data</groupId>

From 94cf759274b058b1c4becaf4ca008cf4efcec317 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Sun, 1 May 2022 11:20:18 +0300
Subject: [PATCH 09/26] 4_02_default_auth

---
 src/main/resources/application.yaml | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 6fb75a0..a77f985 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -34,6 +34,19 @@ spring:
     basePath: /api
     returnBodyOnCreate: true
 
+    #  https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-application-properties.html#security-properties
+  security:
+    user:
+      name: user
+      password: password
+      roles: USER
+
+logging:
+  level:
+    root: WARN
+    ru.javaops.bootjava: DEBUG
+    org.springframework.security.web.FilterChainProxy: DEBUG
+
 # Jackson Serialization Issue Resolver
 #  jackson:
 #    visibility.field: any

From 1127f6b3b132297b268f5288936c219a0f7cd12c Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Sun, 1 May 2022 12:44:05 +0300
Subject: [PATCH 10/26] 4_03_javaconfig_encoding

---
 .../bootjava/config/WebSecurityConfig.java    | 21 +++++++++++++++++++
 .../bootjava/web/AccountController.java       | 17 +++++++++++++++
 src/main/resources/application.yaml           | 14 ++++++-------
 3 files changed, 45 insertions(+), 7 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
 create mode 100644 src/main/java/ru/javaops/bootjava/web/AccountController.java

diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
new file mode 100644
index 0000000..671e38e
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -0,0 +1,21 @@
+package ru.javaops.bootjava.config;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+
+@Configuration
+@EnableWebSecurity
+public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Autowired
+    public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
+        auth.inMemoryAuthentication()
+                .passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder())
+                .withUser("user@gmail.com").password("{noop}password").roles("USER").and()
+                .withUser("admin@javaops.ru").password("{noop}admin").roles("USER", "ADMIN");
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
new file mode 100644
index 0000000..f8e0692
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -0,0 +1,17 @@
+package ru.javaops.bootjava.web;
+
+import org.springframework.http.MediaType;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+@RestController
+@RequestMapping(value = "/api/account")
+public class AccountController {
+
+    @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
+    public Object get(@AuthenticationPrincipal Object authUser) {
+        return authUser;
+    }
+}
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index a77f985..6021c18 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -34,18 +34,18 @@ spring:
     basePath: /api
     returnBodyOnCreate: true
 
-    #  https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-application-properties.html#security-properties
-  security:
-    user:
-      name: user
-      password: password
-      roles: USER
+#  https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-application-properties.html#security-properties
+#  security:
+#    user:
+#      name: user
+#      password: password
+#      roles: USER
 
 logging:
   level:
     root: WARN
     ru.javaops.bootjava: DEBUG
-    org.springframework.security.web.FilterChainProxy: DEBUG
+#    org.springframework.security.web.FilterChainProxy: DEBUG
 
 # Jackson Serialization Issue Resolver
 #  jackson:

From 047a225e84dbfee89c9bed8675c7e2a4c746c29b Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Sun, 1 May 2022 13:04:40 +0300
Subject: [PATCH 11/26] 4_04_db_security_auth_user

---
 .../java/ru/javaops/bootjava/AuthUser.java    | 22 ++++++++++++++
 .../bootjava/config/WebSecurityConfig.java    | 30 ++++++++++++++++---
 .../java/ru/javaops/bootjava/model/Role.java  | 11 +++++--
 .../java/ru/javaops/bootjava/model/User.java  |  3 +-
 .../bootjava/web/AccountController.java       |  6 ++--
 src/main/resources/data.sql                   |  4 +--
 6 files changed, 65 insertions(+), 11 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/AuthUser.java

diff --git a/src/main/java/ru/javaops/bootjava/AuthUser.java b/src/main/java/ru/javaops/bootjava/AuthUser.java
new file mode 100644
index 0000000..d4bf023
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/AuthUser.java
@@ -0,0 +1,22 @@
+package ru.javaops.bootjava;
+
+import lombok.Getter;
+import lombok.ToString;
+import org.springframework.lang.NonNull;
+import ru.javaops.bootjava.model.User;
+
+@Getter
+@ToString(of = "user")
+public class AuthUser extends org.springframework.security.core.userdetails.User {
+
+    private final User user;
+
+    public AuthUser(@NonNull User user) {
+        super(user.getEmail(), user.getPassword(), user.getRoles());
+        this.user = user;
+    }
+
+    public int id() {
+        return user.id();
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index 671e38e..fe291a4 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -1,21 +1,43 @@
 package ru.javaops.bootjava.config;
 
+import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.core.userdetails.UserDetailsService;
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import ru.javaops.bootjava.AuthUser;
+import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.repository.UserRepository;
+
+import java.util.Optional;
 
 @Configuration
 @EnableWebSecurity
+@Slf4j
+@AllArgsConstructor
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
+    private final UserRepository userRepository;
+
+    @Bean
+    public UserDetailsService userDetailsService() {
+        return email -> {
+            log.debug("Authenticating '{}'", email);
+            Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email);
+            return new AuthUser(optionalUser.orElseThrow(
+                    () -> new UsernameNotFoundException("User '" + email + "' was not found")));
+        };
+    }
+
     @Autowired
     public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
-        auth.inMemoryAuthentication()
-                .passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder())
-                .withUser("user@gmail.com").password("{noop}password").roles("USER").and()
-                .withUser("admin@javaops.ru").password("{noop}admin").roles("USER", "ADMIN");
+        auth.userDetailsService(userDetailsService())
+                .passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder());
     }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/model/Role.java b/src/main/java/ru/javaops/bootjava/model/Role.java
index 432dde8..665471f 100644
--- a/src/main/java/ru/javaops/bootjava/model/Role.java
+++ b/src/main/java/ru/javaops/bootjava/model/Role.java
@@ -1,6 +1,13 @@
 package ru.javaops.bootjava.model;
 
-public enum Role {
+import org.springframework.security.core.GrantedAuthority;
+
+public enum Role implements GrantedAuthority {
     ROLE_USER,
-    ROLE_ADMIN
+    ROLE_ADMIN;
+
+    @Override
+    public String getAuthority() {
+        return name();
+    }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
index 575aaff..84ff8ad 100644
--- a/src/main/java/ru/javaops/bootjava/model/User.java
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -6,6 +6,7 @@
 import javax.validation.constraints.Email;
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.Size;
+import java.io.Serializable;
 import java.util.Set;
 
 @Entity
@@ -15,7 +16,7 @@
 @NoArgsConstructor(access = AccessLevel.PROTECTED)
 @AllArgsConstructor
 @ToString(callSuper = true, exclude = {"password"})
-public class User extends BaseEntity {
+public class User extends BaseEntity implements Serializable {
 
     @Column(name = "email", nullable = false, unique = true)
     @Email
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index f8e0692..a971c85 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -5,13 +5,15 @@
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
+import ru.javaops.bootjava.AuthUser;
+import ru.javaops.bootjava.model.User;
 
 @RestController
 @RequestMapping(value = "/api/account")
 public class AccountController {
 
     @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
-    public Object get(@AuthenticationPrincipal Object authUser) {
-        return authUser;
+    public User get(@AuthenticationPrincipal AuthUser authUser) {
+        return authUser.getUser();
     }
 }
diff --git a/src/main/resources/data.sql b/src/main/resources/data.sql
index 0fe391f..c3541b4 100644
--- a/src/main/resources/data.sql
+++ b/src/main/resources/data.sql
@@ -1,6 +1,6 @@
 INSERT INTO USERS (EMAIL, FIRST_NAME, LAST_NAME, PASSWORD)
-VALUES ('user@gmail.com', 'User_First', 'User_Last', 'password'),
-       ('admin@javaops.ru', 'Admin_First', 'Admin_Last', 'admin');
+VALUES ('user@gmail.com', 'User_First', 'User_Last', '{noop}password'),
+       ('admin@javaops.ru', 'Admin_First', 'Admin_Last', '{noop}admin');
 
 INSERT INTO USER_ROLE (ROLE, USER_ID)
 VALUES ('ROLE_USER', 1),

From 0ac7685adffbcc35840dcfd2de814f9f89f2caeb Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Sun, 1 May 2022 13:54:51 +0300
Subject: [PATCH 12/26] 4_05_role_auth

---
 .../javaops/bootjava/RestaurantVotingApplication.java | 11 +----------
 .../ru/javaops/bootjava/config/WebSecurityConfig.java | 10 ++++++++++
 src/main/java/ru/javaops/bootjava/model/Role.java     |  7 ++++---
 src/main/resources/data.sql                           |  6 +++---
 4 files changed, 18 insertions(+), 16 deletions(-)

diff --git a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
index fa56af5..3326420 100644
--- a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
+++ b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
@@ -1,23 +1,14 @@
 package ru.javaops.bootjava;
 
 import lombok.AllArgsConstructor;
-import org.springframework.boot.ApplicationArguments;
-import org.springframework.boot.ApplicationRunner;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
-import ru.javaops.bootjava.repository.UserRepository;
 
 @SpringBootApplication
 @AllArgsConstructor
-public class RestaurantVotingApplication implements ApplicationRunner {
-    private final UserRepository userRepository;
+public class RestaurantVotingApplication {
 
     public static void main(String[] args) {
         SpringApplication.run(RestaurantVotingApplication.class, args);
     }
-
-    @Override
-    public void run(ApplicationArguments args) {
-        System.out.println(userRepository.findByLastNameContainingIgnoreCase("last"));
-    }
 }
diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index fe291a4..158a55c 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -6,12 +6,14 @@
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import ru.javaops.bootjava.AuthUser;
+import ru.javaops.bootjava.model.Role;
 import ru.javaops.bootjava.model.User;
 import ru.javaops.bootjava.repository.UserRepository;
 
@@ -40,4 +42,12 @@ public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception
         auth.userDetailsService(userDetailsService())
                 .passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder());
     }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http.authorizeRequests()
+                .antMatchers("/api/account").hasRole(Role.USER.name())
+                .antMatchers("/api/**").hasRole(Role.ADMIN.name())
+                .and().formLogin();
+    }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/model/Role.java b/src/main/java/ru/javaops/bootjava/model/Role.java
index 665471f..08bc76d 100644
--- a/src/main/java/ru/javaops/bootjava/model/Role.java
+++ b/src/main/java/ru/javaops/bootjava/model/Role.java
@@ -3,11 +3,12 @@
 import org.springframework.security.core.GrantedAuthority;
 
 public enum Role implements GrantedAuthority {
-    ROLE_USER,
-    ROLE_ADMIN;
+    USER,
+    ADMIN;
 
     @Override
     public String getAuthority() {
-        return name();
+        //   https://stackoverflow.com/a/19542316/548473
+        return "ROLE_" + name();
     }
 }
\ No newline at end of file
diff --git a/src/main/resources/data.sql b/src/main/resources/data.sql
index c3541b4..778d2f3 100644
--- a/src/main/resources/data.sql
+++ b/src/main/resources/data.sql
@@ -3,6 +3,6 @@ VALUES ('user@gmail.com', 'User_First', 'User_Last', '{noop}password'),
        ('admin@javaops.ru', 'Admin_First', 'Admin_Last', '{noop}admin');
 
 INSERT INTO USER_ROLE (ROLE, USER_ID)
-VALUES ('ROLE_USER', 1),
-       ('ROLE_ADMIN', 2),
-       ('ROLE_USER', 2);
\ No newline at end of file
+VALUES ('USER', 1),
+       ('ADMIN', 2),
+       ('USER', 2);
\ No newline at end of file

From f67465769301e34197a8f1fd6ec5abd5f82bb56f Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Sun, 1 May 2022 15:31:43 +0300
Subject: [PATCH 13/26] 4_06_basic_auth_fix

---
 .../bootjava/config/WebSecurityConfig.java    |  9 ++++++--
 .../java/ru/javaops/bootjava/model/User.java  | 10 ++++++++
 .../bootjava/util/JsonDeserializers.java      | 23 +++++++++++++++++++
 3 files changed, 40 insertions(+), 2 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java

diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index 158a55c..c65c1d3 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -9,9 +9,11 @@
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import org.springframework.security.crypto.password.PasswordEncoder;
 import ru.javaops.bootjava.AuthUser;
 import ru.javaops.bootjava.model.Role;
 import ru.javaops.bootjava.model.User;
@@ -25,6 +27,7 @@
 @AllArgsConstructor
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
+    public static final PasswordEncoder PASSWORD_ENCODER = PasswordEncoderFactories.createDelegatingPasswordEncoder();
     private final UserRepository userRepository;
 
     @Bean
@@ -40,7 +43,7 @@ public UserDetailsService userDetailsService() {
     @Autowired
     public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
         auth.userDetailsService(userDetailsService())
-                .passwordEncoder(PasswordEncoderFactories.createDelegatingPasswordEncoder());
+                .passwordEncoder(PASSWORD_ENCODER);
     }
 
     @Override
@@ -48,6 +51,8 @@ protected void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests()
                 .antMatchers("/api/account").hasRole(Role.USER.name())
                 .antMatchers("/api/**").hasRole(Role.ADMIN.name())
-                .and().formLogin();
+                .and().httpBasic()
+                .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
+                .and().csrf().disable();
     }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
index 84ff8ad..c61b200 100644
--- a/src/main/java/ru/javaops/bootjava/model/User.java
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -1,6 +1,10 @@
 package ru.javaops.bootjava.model;
 
+import com.fasterxml.jackson.annotation.JsonProperty;
+import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
 import lombok.*;
+import org.springframework.util.StringUtils;
+import ru.javaops.bootjava.util.JsonDeserializers;
 
 import javax.persistence.*;
 import javax.validation.constraints.Email;
@@ -34,6 +38,8 @@ public class User extends BaseEntity implements Serializable {
 
     @Column(name = "password")
     @Size(max = 256)
+    @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
+    @JsonDeserialize(using = JsonDeserializers.PasswordDeserializer.class)
     private String password;
 
     @Enumerated(EnumType.STRING)
@@ -41,4 +47,8 @@ public class User extends BaseEntity implements Serializable {
     @Column(name = "role")
     @ElementCollection(fetch = FetchType.EAGER)
     private Set<Role> roles;
+
+    public void setEmail(String email) {
+        this.email = StringUtils.hasText(email) ? email.toLowerCase() : null;
+    }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java b/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java
new file mode 100644
index 0000000..a567a40
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java
@@ -0,0 +1,23 @@
+package ru.javaops.bootjava.util;
+
+import com.fasterxml.jackson.core.JsonParser;
+import com.fasterxml.jackson.core.ObjectCodec;
+import com.fasterxml.jackson.databind.DeserializationContext;
+import com.fasterxml.jackson.databind.JsonDeserializer;
+import com.fasterxml.jackson.databind.JsonNode;
+import ru.javaops.bootjava.config.WebSecurityConfig;
+
+import java.io.IOException;
+
+public class JsonDeserializers {
+
+    // https://stackoverflow.com/a/60995048/548473
+    public static class PasswordDeserializer extends JsonDeserializer<String> {
+        public String deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException {
+            ObjectCodec oc = jsonParser.getCodec();
+            JsonNode node = oc.readTree(jsonParser);
+            String rawPassword = node.asText();
+            return WebSecurityConfig.PASSWORD_ENCODER.encode(rawPassword);
+        }
+    }
+}

From 3b4a827125a7847533c4c70f11c88c3bfd38c4d3 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Sun, 1 May 2022 16:06:25 +0300
Subject: [PATCH 14/26] 5_01_account_controller

---
 .../bootjava/config/WebSecurityConfig.java    |  1 +
 .../javaops/bootjava/util/ValidationUtil.java | 21 ++++++++
 .../bootjava/web/AccountController.java       | 54 +++++++++++++++++--
 3 files changed, 73 insertions(+), 3 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/util/ValidationUtil.java

diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index c65c1d3..b6438fc 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -49,6 +49,7 @@ public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests()
+                .antMatchers("/api/account/register").anonymous()
                 .antMatchers("/api/account").hasRole(Role.USER.name())
                 .antMatchers("/api/**").hasRole(Role.ADMIN.name())
                 .and().httpBasic()
diff --git a/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java b/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
new file mode 100644
index 0000000..33d764e
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
@@ -0,0 +1,21 @@
+package ru.javaops.bootjava.util;
+
+import ru.javaops.bootjava.model.BaseEntity;
+
+public class ValidationUtil {
+
+    public static void checkNew(BaseEntity entity) {
+        if (!entity.isNew()) {
+            throw new IllegalArgumentException(entity + " must be new (id=null)");
+        }
+    }
+
+    //  Conservative when you reply, but accept liberally (http://stackoverflow.com/a/32728226/548473)
+    public static void assureIdConsistent(BaseEntity entity, int id) {
+        if (entity.isNew()) {
+            entity.setId(id);
+        } else if (entity.id() != id) {
+            throw new IllegalArgumentException(entity + " must has id=" + id);
+        }
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index a971c85..a7c9a40 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -1,19 +1,67 @@
 package ru.javaops.bootjava.web;
 
+import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
 import ru.javaops.bootjava.AuthUser;
+import ru.javaops.bootjava.model.Role;
 import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.repository.UserRepository;
+import ru.javaops.bootjava.util.ValidationUtil;
+
+import javax.validation.Valid;
+import java.net.URI;
+import java.util.Set;
 
 @RestController
 @RequestMapping(value = "/api/account")
+@AllArgsConstructor
+@Slf4j
 public class AccountController {
 
+    private final UserRepository userRepository;
+
     @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
     public User get(@AuthenticationPrincipal AuthUser authUser) {
+        log.info("get {}", authUser);
         return authUser.getUser();
     }
+
+    @DeleteMapping
+    @ResponseStatus(HttpStatus.NO_CONTENT)
+    public void delete(@AuthenticationPrincipal AuthUser authUser) {
+        log.info("delete {}", authUser);
+        userRepository.deleteById(authUser.id());
+    }
+
+    @PostMapping(value = "/register", consumes = MediaType.APPLICATION_JSON_VALUE)
+    @ResponseStatus(value = HttpStatus.CREATED)
+    public ResponseEntity<User> register(@Valid @RequestBody User user) {
+        log.info("register {}", user);
+        ValidationUtil.checkNew(user);
+        user.setRoles(Set.of(Role.USER));
+        user = userRepository.save(user);
+        URI uriOfNewResource = ServletUriComponentsBuilder.fromCurrentContextPath()
+                .path("/api/account")
+                .build().toUri();
+        return ResponseEntity.created(uriOfNewResource).body(user);
+    }
+
+    @PutMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
+    @ResponseStatus(HttpStatus.NO_CONTENT)
+    public void update(@Valid @RequestBody User user, @AuthenticationPrincipal AuthUser authUser) {
+        log.info("update {} to {}", authUser, user);
+        User oldUser = authUser.getUser();
+        ValidationUtil.assureIdConsistent(user, oldUser.id());
+        user.setRoles(oldUser.getRoles());
+        if (user.getPassword() == null) {
+            user.setPassword(oldUser.getPassword());
+        }
+        userRepository.save(user);
+    }
 }

From 9b384941397cc8c06c41cec4aff737f132aeda57 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Sun, 1 May 2022 18:26:38 +0300
Subject: [PATCH 15/26] 5_02_error_handling

---
 .../javaops/bootjava/error/AppException.java  | 16 +++++++++++
 .../error/IllegalRequestDataException.java    | 12 ++++++++
 .../javaops/bootjava/util/ValidationUtil.java |  5 ++--
 .../web/error/GlobalExceptionHandler.java     | 28 +++++++++++++++++++
 4 files changed, 59 insertions(+), 2 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/error/AppException.java
 create mode 100644 src/main/java/ru/javaops/bootjava/error/IllegalRequestDataException.java
 create mode 100644 src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java

diff --git a/src/main/java/ru/javaops/bootjava/error/AppException.java b/src/main/java/ru/javaops/bootjava/error/AppException.java
new file mode 100644
index 0000000..809caad
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/error/AppException.java
@@ -0,0 +1,16 @@
+package ru.javaops.bootjava.error;
+
+import lombok.Getter;
+import org.springframework.boot.web.error.ErrorAttributeOptions;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.server.ResponseStatusException;
+
+@Getter
+public class AppException extends ResponseStatusException {
+    private final ErrorAttributeOptions options;
+
+    public AppException(HttpStatus status, String message, ErrorAttributeOptions options) {
+        super(status, message);
+        this.options = options;
+    }
+}
diff --git a/src/main/java/ru/javaops/bootjava/error/IllegalRequestDataException.java b/src/main/java/ru/javaops/bootjava/error/IllegalRequestDataException.java
new file mode 100644
index 0000000..cb18581
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/error/IllegalRequestDataException.java
@@ -0,0 +1,12 @@
+package ru.javaops.bootjava.error;
+
+import org.springframework.boot.web.error.ErrorAttributeOptions;
+import org.springframework.http.HttpStatus;
+
+import static org.springframework.boot.web.error.ErrorAttributeOptions.Include.MESSAGE;
+
+public class IllegalRequestDataException extends AppException {
+    public IllegalRequestDataException(String msg) {
+        super(HttpStatus.UNPROCESSABLE_ENTITY, msg, ErrorAttributeOptions.of(MESSAGE));
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java b/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
index 33d764e..5f709d4 100644
--- a/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
+++ b/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
@@ -1,12 +1,13 @@
 package ru.javaops.bootjava.util;
 
+import ru.javaops.bootjava.error.IllegalRequestDataException;
 import ru.javaops.bootjava.model.BaseEntity;
 
 public class ValidationUtil {
 
     public static void checkNew(BaseEntity entity) {
         if (!entity.isNew()) {
-            throw new IllegalArgumentException(entity + " must be new (id=null)");
+            throw new IllegalRequestDataException(entity.getClass().getSimpleName() + " must be new (id=null)");
         }
     }
 
@@ -15,7 +16,7 @@ public static void assureIdConsistent(BaseEntity entity, int id) {
         if (entity.isNew()) {
             entity.setId(id);
         } else if (entity.id() != id) {
-            throw new IllegalArgumentException(entity + " must has id=" + id);
+            throw new IllegalRequestDataException(entity.getClass().getSimpleName() + " must has id=" + id);
         }
     }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java b/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java
new file mode 100644
index 0000000..9a917cb
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java
@@ -0,0 +1,28 @@
+package ru.javaops.bootjava.web.error;
+
+import lombok.AllArgsConstructor;
+import org.springframework.boot.web.servlet.error.ErrorAttributes;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+import org.springframework.web.context.request.WebRequest;
+import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
+import ru.javaops.bootjava.error.AppException;
+
+import java.util.Map;
+
+@RestControllerAdvice
+@AllArgsConstructor
+public class GlobalExceptionHandler extends ResponseEntityExceptionHandler {
+    private final ErrorAttributes errorAttributes;
+
+    @ExceptionHandler(AppException.class)
+    public ResponseEntity<Map<String, Object>> appException(AppException ex, WebRequest request) {
+        Map<String, Object> body = errorAttributes.getErrorAttributes(request, ex.getOptions());
+        HttpStatus status = ex.getStatus();
+        body.put("status", status.value());
+        body.put("error", status.getReasonPhrase());
+        return ResponseEntity.status(status).body(body);
+    }
+}

From 95b0e8b2afb5e7eb5b63d3ea16cbaa69df5173df Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Mon, 2 May 2022 11:00:30 +0300
Subject: [PATCH 16/26] 5_03_account_hateoas_paging

---
 .../bootjava/repository/UserRepository.java   |  5 +-
 .../bootjava/web/AccountController.java       | 54 ++++++++++++++++---
 src/main/resources/application.yaml           |  7 +++
 3 files changed, 56 insertions(+), 10 deletions(-)

diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
index dc2a413..b808c1d 100644
--- a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -1,12 +1,13 @@
 package ru.javaops.bootjava.repository;
 
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.Pageable;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.rest.core.annotation.RestResource;
 import org.springframework.transaction.annotation.Transactional;
 import ru.javaops.bootjava.model.User;
 
-import java.util.List;
 import java.util.Optional;
 
 @Transactional(readOnly = true)
@@ -17,5 +18,5 @@ public interface UserRepository extends JpaRepository<User, Integer> {
     Optional<User> findByEmailIgnoreCase(String email);
 
     @RestResource(rel = "by-lastname", path = "by-lastname")
-    List<User> findByLastNameContainingIgnoreCase(String lastName);
+    Page<User> findByLastNameContainingIgnoreCase(String lastName, Pageable page);
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index a7c9a40..f26e562 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -2,6 +2,11 @@
 
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.rest.webmvc.RepositoryLinksResource;
+import org.springframework.hateoas.EntityModel;
+import org.springframework.hateoas.MediaTypes;
+import org.springframework.hateoas.server.RepresentationModelProcessor;
+import org.springframework.hateoas.server.mvc.RepresentationModelAssemblerSupport;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.MediaType;
 import org.springframework.http.ResponseEntity;
@@ -18,18 +23,37 @@
 import java.net.URI;
 import java.util.Set;
 
+import static org.springframework.hateoas.server.mvc.WebMvcLinkBuilder.linkTo;
+
+/**
+ * Do not use {@link org.springframework.data.rest.webmvc.RepositoryRestController (BasePathAwareController}
+ * Bugs:
+ * NPE with http://localhost:8080/api/account<br>
+ * <a href="https://github.com/spring-projects/spring-hateoas/issues/434">data.rest.base-path missed in HAL links</a><br>
+ * <a href="https://jira.spring.io/browse/DATAREST-748">Two endpoints created</a>
+ * <p>
+ * RequestMapping("/${spring.data.rest.basePath}/account") give "Not enough variable values"
+ */
 @RestController
-@RequestMapping(value = "/api/account")
+@RequestMapping("/api/account")
 @AllArgsConstructor
 @Slf4j
-public class AccountController {
+public class AccountController implements RepresentationModelProcessor<RepositoryLinksResource> {
+    @SuppressWarnings("unchecked")
+    private static final RepresentationModelAssemblerSupport<User, EntityModel<User>> ASSEMBLER =
+            new RepresentationModelAssemblerSupport<>(AccountController.class, (Class<EntityModel<User>>) (Class<?>) EntityModel.class) {
+                @Override
+                public EntityModel<User> toModel(User user) {
+                    return EntityModel.of(user, linkTo(AccountController.class).withSelfRel());
+                }
+            };
 
     private final UserRepository userRepository;
 
-    @GetMapping(produces = MediaType.APPLICATION_JSON_VALUE)
-    public User get(@AuthenticationPrincipal AuthUser authUser) {
+    @GetMapping(produces = MediaTypes.HAL_JSON_VALUE)
+    public EntityModel<User> get(@AuthenticationPrincipal AuthUser authUser) {
         log.info("get {}", authUser);
-        return authUser.getUser();
+        return ASSEMBLER.toModel(authUser.getUser());
     }
 
     @DeleteMapping
@@ -39,9 +63,9 @@ public void delete(@AuthenticationPrincipal AuthUser authUser) {
         userRepository.deleteById(authUser.id());
     }
 
-    @PostMapping(value = "/register", consumes = MediaType.APPLICATION_JSON_VALUE)
+    @PostMapping(value = "/register", consumes = MediaTypes.HAL_JSON_VALUE)
     @ResponseStatus(value = HttpStatus.CREATED)
-    public ResponseEntity<User> register(@Valid @RequestBody User user) {
+    public ResponseEntity<EntityModel<User>> register(@Valid @RequestBody User user) {
         log.info("register {}", user);
         ValidationUtil.checkNew(user);
         user.setRoles(Set.of(Role.USER));
@@ -49,7 +73,7 @@ public ResponseEntity<User> register(@Valid @RequestBody User user) {
         URI uriOfNewResource = ServletUriComponentsBuilder.fromCurrentContextPath()
                 .path("/api/account")
                 .build().toUri();
-        return ResponseEntity.created(uriOfNewResource).body(user);
+        return ResponseEntity.created(uriOfNewResource).body(ASSEMBLER.toModel(user));
     }
 
     @PutMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
@@ -64,4 +88,18 @@ public void update(@Valid @RequestBody User user, @AuthenticationPrincipal AuthU
         }
         userRepository.save(user);
     }
+
+/*
+    @GetMapping(value = "/pageDemo", produces = MediaTypes.HAL_JSON_VALUE)
+    public PagedModel<EntityModel<User>> pageDemo(Pageable page, PagedResourcesAssembler<User> pagedAssembler) {
+        Page<User> users = userRepository.findAll(page);
+        return pagedAssembler.toModel(users, ASSEMBLER);
+    }
+*/
+
+    @Override
+    public RepositoryLinksResource process(RepositoryLinksResource resource) {
+        resource.add(linkTo(AccountController.class).withRel("account"));
+        return resource;
+    }
 }
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 6021c18..a686b00 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -32,6 +32,7 @@ spring:
   data.rest:
     #  https://docs.spring.io/spring-data/rest/docs/current/reference/html/#getting-started.basic-settings
     basePath: /api
+    defaultPageSize: 20
     returnBodyOnCreate: true
 
 #  https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-application-properties.html#security-properties
@@ -47,6 +48,12 @@ logging:
     ru.javaops.bootjava: DEBUG
 #    org.springframework.security.web.FilterChainProxy: DEBUG
 
+server.servlet:
+  encoding:
+    charset: UTF-8 # Charset of HTTP requests and responses. Added to the "Content-Type" header if not set explicitly
+    enabled: true # Enable http encoding support
+    force: true
+
 # Jackson Serialization Issue Resolver
 #  jackson:
 #    visibility.field: any

From 34f89fa163af09abebe6608fc0a0f4a537f52b3a Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Mon, 2 May 2022 13:06:21 +0300
Subject: [PATCH 17/26] 6_01_oas3_swagger

---
 pom.xml                                       | 20 +++++++++-
 .../bootjava/config/OpenApiConfig.java        | 39 +++++++++++++++++++
 .../bootjava/repository/UserRepository.java   |  2 +
 .../bootjava/web/AccountController.java       |  2 +
 4 files changed, 62 insertions(+), 1 deletion(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java

diff --git a/pom.xml b/pom.xml
index be60e0c..49c7a47 100644
--- a/pom.xml
+++ b/pom.xml
@@ -17,6 +17,7 @@
 
     <properties>
         <java.version>15</java.version>
+        <springdoc.version>1.5.6</springdoc.version>
     </properties>
 
     <dependencies>
@@ -48,6 +49,23 @@
                     <scope>runtime</scope>
                 </dependency>
         -->
+
+        <!--Swagger-->
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-ui</artifactId>
+            <version>${springdoc.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-data-rest</artifactId>
+            <version>${springdoc.version}</version>
+        </dependency>
+        <dependency>
+            <groupId>org.springdoc</groupId>
+            <artifactId>springdoc-openapi-security</artifactId>
+            <version>${springdoc.version}</version>
+        </dependency>
         <dependency>
             <groupId>com.h2database</groupId>
             <artifactId>h2</artifactId>
@@ -58,7 +76,7 @@
             <optional>true</optional>
         </dependency>
 
-<!--    https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.4-Release-Notes#junit-5s-vintage-engine-removed-from-spring-boot-starter-test-->
+        <!--    https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.4-Release-Notes#junit-5s-vintage-engine-removed-from-spring-boot-starter-test-->
         <dependency>
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-test</artifactId>
diff --git a/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java b/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java
new file mode 100644
index 0000000..4f6293d
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java
@@ -0,0 +1,39 @@
+package ru.javaops.bootjava.config;
+
+import io.swagger.v3.oas.annotations.OpenAPIDefinition;
+import io.swagger.v3.oas.annotations.enums.SecuritySchemeType;
+import io.swagger.v3.oas.annotations.info.Contact;
+import io.swagger.v3.oas.annotations.info.Info;
+import io.swagger.v3.oas.annotations.security.SecurityRequirement;
+import io.swagger.v3.oas.annotations.security.SecurityScheme;
+import org.springdoc.core.GroupedOpenApi;
+import org.springframework.context.annotation.Bean;
+import org.springframework.context.annotation.Configuration;
+
+@Configuration
+//https://sabljakovich.medium.com/adding-basic-auth-authorization-option-to-openapi-swagger-documentation-java-spring-95abbede27e9
+@SecurityScheme(
+        name = "basicAuth",
+        type = SecuritySchemeType.HTTP,
+        scheme = "basic"
+)
+@OpenAPIDefinition(
+        info = @Info(
+                title = "REST API documentation",
+                version = "1.0",
+                description = "Приложение по <a href='https://javaops.ru/view/bootjava'>курсу BootJava</a>",
+                contact = @Contact(url = "https://javaops.ru/#contacts", name = "Grigory Kislin", email = "admin@javaops.ru")
+        ),
+        security = @SecurityRequirement(name = "basicAuth")
+)
+public class OpenApiConfig {
+
+    @Bean
+    public GroupedOpenApi api() {
+        return GroupedOpenApi.builder()
+                .group("REST API")
+                .pathsToMatch("/api/**")
+                .pathsToExclude("/api/profile/**")
+                .build();
+    }
+}
diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
index b808c1d..5c71376 100644
--- a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -1,5 +1,6 @@
 package ru.javaops.bootjava.repository;
 
+import io.swagger.v3.oas.annotations.tags.Tag;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.jpa.repository.JpaRepository;
@@ -11,6 +12,7 @@
 import java.util.Optional;
 
 @Transactional(readOnly = true)
+@Tag(name = "User Controller")
 public interface UserRepository extends JpaRepository<User, Integer> {
 
     @RestResource(rel = "by-email", path = "by-email")
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index f26e562..ee5806e 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -1,5 +1,6 @@
 package ru.javaops.bootjava.web;
 
+import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.data.rest.webmvc.RepositoryLinksResource;
@@ -38,6 +39,7 @@
 @RequestMapping("/api/account")
 @AllArgsConstructor
 @Slf4j
+@Tag(name = "Account Controller")
 public class AccountController implements RepresentationModelProcessor<RepositoryLinksResource> {
     @SuppressWarnings("unchecked")
     private static final RepresentationModelAssemblerSupport<User, EntityModel<User>> ASSEMBLER =

From 36ba86362a664a0ada34b6625f948bc92089e93d Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Mon, 2 May 2022 13:21:52 +0300
Subject: [PATCH 18/26] 6_02_fix_update

---
 .../javaops/bootjava/RestaurantVotingApplication.java  |  2 --
 .../ru/javaops/bootjava/util/JsonDeserializers.java    |  2 ++
 .../java/ru/javaops/bootjava/util/ValidationUtil.java  |  2 ++
 .../ru/javaops/bootjava/web/AccountController.java     |  6 +++---
 .../bootjava/web/error/GlobalExceptionHandler.java     | 10 ++++++++++
 src/main/resources/application.yaml                    |  2 +-
 6 files changed, 18 insertions(+), 6 deletions(-)

diff --git a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
index 3326420..ee6a1ed 100644
--- a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
+++ b/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
@@ -1,11 +1,9 @@
 package ru.javaops.bootjava;
 
-import lombok.AllArgsConstructor;
 import org.springframework.boot.SpringApplication;
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 
 @SpringBootApplication
-@AllArgsConstructor
 public class RestaurantVotingApplication {
 
     public static void main(String[] args) {
diff --git a/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java b/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java
index a567a40..153afb4 100644
--- a/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java
+++ b/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java
@@ -5,10 +5,12 @@
 import com.fasterxml.jackson.databind.DeserializationContext;
 import com.fasterxml.jackson.databind.JsonDeserializer;
 import com.fasterxml.jackson.databind.JsonNode;
+import lombok.experimental.UtilityClass;
 import ru.javaops.bootjava.config.WebSecurityConfig;
 
 import java.io.IOException;
 
+@UtilityClass
 public class JsonDeserializers {
 
     // https://stackoverflow.com/a/60995048/548473
diff --git a/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java b/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
index 5f709d4..4d5c29c 100644
--- a/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
+++ b/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
@@ -1,8 +1,10 @@
 package ru.javaops.bootjava.util;
 
+import lombok.experimental.UtilityClass;
 import ru.javaops.bootjava.error.IllegalRequestDataException;
 import ru.javaops.bootjava.model.BaseEntity;
 
+@UtilityClass
 public class ValidationUtil {
 
     public static void checkNew(BaseEntity entity) {
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index ee5806e..b05cfb9 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -22,7 +22,7 @@
 
 import javax.validation.Valid;
 import java.net.URI;
-import java.util.Set;
+import java.util.EnumSet;
 
 import static org.springframework.hateoas.server.mvc.WebMvcLinkBuilder.linkTo;
 
@@ -65,12 +65,12 @@ public void delete(@AuthenticationPrincipal AuthUser authUser) {
         userRepository.deleteById(authUser.id());
     }
 
-    @PostMapping(value = "/register", consumes = MediaTypes.HAL_JSON_VALUE)
+    @PostMapping(value = "/register", consumes = MediaType.APPLICATION_JSON_VALUE)
     @ResponseStatus(value = HttpStatus.CREATED)
     public ResponseEntity<EntityModel<User>> register(@Valid @RequestBody User user) {
         log.info("register {}", user);
         ValidationUtil.checkNew(user);
-        user.setRoles(Set.of(Role.USER));
+        user.setRoles(EnumSet.of(Role.USER));
         user = userRepository.save(user);
         URI uriOfNewResource = ServletUriComponentsBuilder.fromCurrentContextPath()
                 .path("/api/account")
diff --git a/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java b/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java
index 9a917cb..d441662 100644
--- a/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java
+++ b/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java
@@ -1,7 +1,9 @@
 package ru.javaops.bootjava.web.error;
 
 import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.boot.web.servlet.error.ErrorAttributes;
+import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.ExceptionHandler;
@@ -14,15 +16,23 @@
 
 @RestControllerAdvice
 @AllArgsConstructor
+@Slf4j
 public class GlobalExceptionHandler extends ResponseEntityExceptionHandler {
     private final ErrorAttributes errorAttributes;
 
     @ExceptionHandler(AppException.class)
     public ResponseEntity<Map<String, Object>> appException(AppException ex, WebRequest request) {
+        log.error("Application Exception", ex);
         Map<String, Object> body = errorAttributes.getErrorAttributes(request, ex.getOptions());
         HttpStatus status = ex.getStatus();
         body.put("status", status.value());
         body.put("error", status.getReasonPhrase());
         return ResponseEntity.status(status).body(body);
     }
+
+    @Override
+    protected ResponseEntity<Object> handleExceptionInternal(Exception ex, Object body, HttpHeaders headers, HttpStatus status, WebRequest request) {
+        log.error("Exception", ex);
+        return super.handleExceptionInternal(ex, body, headers, status, request);
+    }
 }
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index a686b00..1e8b45b 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -4,7 +4,7 @@ spring:
     show-sql: true
     open-in-view: false
     hibernate:
-      ddl-auto: create-drop
+      ddl-auto: create
     properties:
       #  http://docs.jboss.org/hibernate/orm/5.3/userguide/html_single/Hibernate_User_Guide.html#configurations
       hibernate:

From 404304f2863587a90ef55b034a36617b36d99442 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Mon, 2 May 2022 14:23:55 +0300
Subject: [PATCH 19/26] 6_03_add_tests

---
 pom.xml                                       |  6 ++
 .../bootjava/web/AccountController.java       |  4 +-
 .../RestaurantVotingApplicationTests.java     | 12 ----
 .../ru/javaops/bootjava/UserTestUtil.java     |  8 +++
 .../bootjava/web/AbstractControllerTest.java  | 24 +++++++
 .../bootjava/web/AccountControllerTest.java   | 45 +++++++++++++
 .../bootjava/web/UserControllerTest.java      | 64 +++++++++++++++++++
 7 files changed, 150 insertions(+), 13 deletions(-)
 delete mode 100644 src/test/java/ru/javaops/bootjava/RestaurantVotingApplicationTests.java
 create mode 100644 src/test/java/ru/javaops/bootjava/UserTestUtil.java
 create mode 100644 src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
 create mode 100644 src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
 create mode 100644 src/test/java/ru/javaops/bootjava/web/UserControllerTest.java

diff --git a/pom.xml b/pom.xml
index 49c7a47..9429775 100644
--- a/pom.xml
+++ b/pom.xml
@@ -82,6 +82,12 @@
             <artifactId>spring-boot-starter-test</artifactId>
             <scope>test</scope>
         </dependency>
+        <!--        https://www.baeldung.com/spring-security-integration-tests        -->
+        <dependency>
+            <groupId>org.springframework.security</groupId>
+            <artifactId>spring-security-test</artifactId>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
     <build>
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index b05cfb9..e13c485 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -36,11 +36,13 @@
  * RequestMapping("/${spring.data.rest.basePath}/account") give "Not enough variable values"
  */
 @RestController
-@RequestMapping("/api/account")
+@RequestMapping(AccountController.URL)
 @AllArgsConstructor
 @Slf4j
 @Tag(name = "Account Controller")
 public class AccountController implements RepresentationModelProcessor<RepositoryLinksResource> {
+    static final String URL = "/api/account";
+
     @SuppressWarnings("unchecked")
     private static final RepresentationModelAssemblerSupport<User, EntityModel<User>> ASSEMBLER =
             new RepresentationModelAssemblerSupport<>(AccountController.class, (Class<EntityModel<User>>) (Class<?>) EntityModel.class) {
diff --git a/src/test/java/ru/javaops/bootjava/RestaurantVotingApplicationTests.java b/src/test/java/ru/javaops/bootjava/RestaurantVotingApplicationTests.java
deleted file mode 100644
index 52bba6d..0000000
--- a/src/test/java/ru/javaops/bootjava/RestaurantVotingApplicationTests.java
+++ /dev/null
@@ -1,12 +0,0 @@
-package ru.javaops.bootjava;
-
-import org.junit.jupiter.api.Test;
-import org.springframework.boot.test.context.SpringBootTest;
-
-@SpringBootTest
-class RestaurantVotingApplicationTests {
-
-	@Test
-	void contextLoads() {
-	}
-}
diff --git a/src/test/java/ru/javaops/bootjava/UserTestUtil.java b/src/test/java/ru/javaops/bootjava/UserTestUtil.java
new file mode 100644
index 0000000..8e2123a
--- /dev/null
+++ b/src/test/java/ru/javaops/bootjava/UserTestUtil.java
@@ -0,0 +1,8 @@
+package ru.javaops.bootjava;
+
+public class UserTestUtil {
+    public static final int USER_ID = 1;
+    public static final int ADMIN_ID = 2;
+    public static final String USER_MAIL = "user@gmail.com";
+    public static final String ADMIN_MAIL = "admin@javaops.ru";
+}
diff --git a/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
new file mode 100644
index 0000000..b5a26c0
--- /dev/null
+++ b/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
@@ -0,0 +1,24 @@
+package ru.javaops.bootjava.web;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
+import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.web.servlet.MockMvc;
+import org.springframework.test.web.servlet.ResultActions;
+import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
+import org.springframework.transaction.annotation.Transactional;
+
+//https://docs.spring.io/spring-boot/docs/current/reference/html/spring-boot-features.html#boot-features-testing-spring-boot-applications
+@SpringBootTest
+@Transactional
+@AutoConfigureMockMvc
+//https://docs.spring.io/spring-boot/docs/current/reference/html/spring-boot-features.html#boot-features-testing-spring-boot-applications-testing-with-mock-environment
+public abstract class AbstractControllerTest {
+
+    @Autowired
+    protected MockMvc mockMvc;
+
+    protected ResultActions perform(MockHttpServletRequestBuilder builder) throws Exception {
+        return mockMvc.perform(builder);
+    }
+}
diff --git a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
new file mode 100644
index 0000000..c977623
--- /dev/null
+++ b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
@@ -0,0 +1,45 @@
+package ru.javaops.bootjava.web;
+
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.hateoas.MediaTypes;
+import org.springframework.security.test.context.support.WithUserDetails;
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import ru.javaops.bootjava.repository.UserRepository;
+
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+import static ru.javaops.bootjava.UserTestUtil.*;
+import static ru.javaops.bootjava.web.AccountController.URL;
+
+class AccountControllerTest extends AbstractControllerTest {
+
+    @Autowired
+    private UserRepository userRepository;
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void get() throws Exception {
+        perform(MockMvcRequestBuilders.get(URL))
+                .andExpect(status().isOk())
+                .andDo(print())
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+    }
+
+    @Test
+    void getUnAuth() throws Exception {
+        perform(MockMvcRequestBuilders.get(URL))
+                .andExpect(status().isUnauthorized());
+    }
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void delete() throws Exception {
+        perform(MockMvcRequestBuilders.delete(URL))
+                .andExpect(status().isNoContent());
+        Assertions.assertFalse(userRepository.findById(USER_ID).isPresent());
+        Assertions.assertTrue(userRepository.findById(ADMIN_ID).isPresent());
+    }
+}
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java b/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
new file mode 100644
index 0000000..c90354e
--- /dev/null
+++ b/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
@@ -0,0 +1,64 @@
+package ru.javaops.bootjava.web;
+
+import org.junit.jupiter.api.Assertions;
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.hateoas.MediaTypes;
+import org.springframework.security.test.context.support.WithUserDetails;
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import ru.javaops.bootjava.repository.UserRepository;
+
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+import static ru.javaops.bootjava.UserTestUtil.*;
+
+class UserControllerTest extends AbstractControllerTest {
+    static final String URL = "/api/users/";
+
+    @Autowired
+    private UserRepository userRepository;
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void get() throws Exception {
+        perform(MockMvcRequestBuilders.get(URL + USER_ID))
+                .andExpect(status().isOk())
+                .andDo(print())
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void getAll() throws Exception {
+        perform(MockMvcRequestBuilders.get(URL))
+                .andExpect(status().isOk())
+                .andDo(print())
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void getByEmail() throws Exception {
+        perform(MockMvcRequestBuilders.get(URL + "search/by-email?email=" + ADMIN_MAIL))
+                .andExpect(status().isOk())
+                .andDo(print())
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+    }
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void getForbidden() throws Exception {
+        perform(MockMvcRequestBuilders.get(URL))
+                .andExpect(status().isForbidden());
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void delete() throws Exception {
+        perform(MockMvcRequestBuilders.delete(URL + USER_ID))
+                .andExpect(status().isNoContent());
+        Assertions.assertFalse(userRepository.findById(USER_ID).isPresent());
+        Assertions.assertTrue(userRepository.findById(ADMIN_ID).isPresent());
+    }
+}
\ No newline at end of file

From 6111ee4ea34b30aa9eaa639986404362e7a9be02 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Mon, 2 May 2022 15:01:10 +0300
Subject: [PATCH 20/26] 6_04_json_support

---
 .../bootjava/config/WebSecurityConfig.java    |  9 ++++++
 .../java/ru/javaops/bootjava/model/User.java  |  6 ++++
 .../ru/javaops/bootjava/util/JsonUtil.java    | 31 +++++++++++++++++++
 .../ru/javaops/bootjava/UserTestUtil.java     | 13 ++++++++
 .../bootjava/web/AccountControllerTest.java   | 24 ++++++++++++++
 .../bootjava/web/UserControllerTest.java      | 24 ++++++++++++++
 6 files changed, 107 insertions(+)
 create mode 100644 src/main/java/ru/javaops/bootjava/util/JsonUtil.java

diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index b6438fc..29fe8ee 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -1,5 +1,6 @@
 package ru.javaops.bootjava.config;
 
+import com.fasterxml.jackson.databind.ObjectMapper;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -18,7 +19,9 @@
 import ru.javaops.bootjava.model.Role;
 import ru.javaops.bootjava.model.User;
 import ru.javaops.bootjava.repository.UserRepository;
+import ru.javaops.bootjava.util.JsonUtil;
 
+import javax.annotation.PostConstruct;
 import java.util.Optional;
 
 @Configuration
@@ -29,6 +32,12 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
     public static final PasswordEncoder PASSWORD_ENCODER = PasswordEncoderFactories.createDelegatingPasswordEncoder();
     private final UserRepository userRepository;
+    private final ObjectMapper objectMapper;
+
+    @PostConstruct
+    void setMapper() {
+        JsonUtil.setObjectMapper(objectMapper);
+    }
 
     @Bean
     public UserDetailsService userDetailsService() {
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
index c61b200..effb0b1 100644
--- a/src/main/java/ru/javaops/bootjava/model/User.java
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -11,6 +11,8 @@
 import javax.validation.constraints.NotEmpty;
 import javax.validation.constraints.Size;
 import java.io.Serializable;
+import java.util.Collection;
+import java.util.EnumSet;
 import java.util.Set;
 
 @Entity
@@ -21,6 +23,10 @@
 @AllArgsConstructor
 @ToString(callSuper = true, exclude = {"password"})
 public class User extends BaseEntity implements Serializable {
+    public User(Integer id, String email, String firstName, String lastName, String password, Collection<Role> roles) {
+        this(email, firstName, lastName, password, EnumSet.copyOf(roles));
+        this.id = id;
+    }
 
     @Column(name = "email", nullable = false, unique = true)
     @Email
diff --git a/src/main/java/ru/javaops/bootjava/util/JsonUtil.java b/src/main/java/ru/javaops/bootjava/util/JsonUtil.java
new file mode 100644
index 0000000..336088a
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/util/JsonUtil.java
@@ -0,0 +1,31 @@
+package ru.javaops.bootjava.util;
+
+import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.databind.ObjectMapper;
+import com.fasterxml.jackson.databind.ObjectReader;
+import lombok.experimental.UtilityClass;
+
+import java.io.IOException;
+import java.util.List;
+
+@UtilityClass
+public class JsonUtil {
+    private static ObjectMapper objectMapper;
+
+    public static void setObjectMapper(ObjectMapper objectMapper) {
+        JsonUtil.objectMapper = objectMapper;
+    }
+
+    public static <T> List<T> readValues(String json, Class<T> clazz) throws IOException {
+        ObjectReader reader = objectMapper.readerFor(clazz);
+        return reader.<T>readValues(json).readAll();
+    }
+
+    public static <T> T readValue(String json, Class<T> clazz) throws JsonProcessingException {
+        return objectMapper.readValue(json, clazz);
+    }
+
+    public static <T> String writeValue(T obj) throws JsonProcessingException {
+        return objectMapper.writeValueAsString(obj);
+    }
+}
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/UserTestUtil.java b/src/test/java/ru/javaops/bootjava/UserTestUtil.java
index 8e2123a..1a6bb63 100644
--- a/src/test/java/ru/javaops/bootjava/UserTestUtil.java
+++ b/src/test/java/ru/javaops/bootjava/UserTestUtil.java
@@ -1,8 +1,21 @@
 package ru.javaops.bootjava;
 
+import ru.javaops.bootjava.model.Role;
+import ru.javaops.bootjava.model.User;
+
+import java.util.List;
+
 public class UserTestUtil {
     public static final int USER_ID = 1;
     public static final int ADMIN_ID = 2;
     public static final String USER_MAIL = "user@gmail.com";
     public static final String ADMIN_MAIL = "admin@javaops.ru";
+
+    public static User getNew() {
+        return new User(null, "new@gmail.com", "New_First", "New_Last", "newpass", List.of(Role.USER));
+    }
+
+    public static User getUpdated() {
+        return new User(USER_ID, "user_update@gmail.com", "User_First_Update", "User_Last_Update", "password_update", List.of(Role.USER));
+    }
 }
diff --git a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
index c977623..aa6ead2 100644
--- a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
+++ b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
@@ -4,14 +4,18 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.hateoas.MediaTypes;
+import org.springframework.http.MediaType;
 import org.springframework.security.test.context.support.WithUserDetails;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import ru.javaops.bootjava.UserTestUtil;
+import ru.javaops.bootjava.model.User;
 import ru.javaops.bootjava.repository.UserRepository;
 
 import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 import static ru.javaops.bootjava.UserTestUtil.*;
+import static ru.javaops.bootjava.util.JsonUtil.writeValue;
 import static ru.javaops.bootjava.web.AccountController.URL;
 
 class AccountControllerTest extends AbstractControllerTest {
@@ -42,4 +46,24 @@ void delete() throws Exception {
         Assertions.assertFalse(userRepository.findById(USER_ID).isPresent());
         Assertions.assertTrue(userRepository.findById(ADMIN_ID).isPresent());
     }
+
+    @Test
+    void register() throws Exception {
+        User newUser = UserTestUtil.getNew();
+        perform(MockMvcRequestBuilders.post(URL + "/register")
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(writeValue(newUser)))
+                .andExpect(status().isCreated());
+    }
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void update() throws Exception {
+        User updated = UserTestUtil.getUpdated();
+        perform(MockMvcRequestBuilders.put(URL)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(writeValue(updated)))
+                .andDo(print())
+                .andExpect(status().isNoContent());
+    }
 }
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java b/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
index c90354e..9950437 100644
--- a/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
+++ b/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
@@ -4,14 +4,18 @@
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.hateoas.MediaTypes;
+import org.springframework.http.MediaType;
 import org.springframework.security.test.context.support.WithUserDetails;
 import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import ru.javaops.bootjava.UserTestUtil;
+import ru.javaops.bootjava.model.User;
 import ru.javaops.bootjava.repository.UserRepository;
 
 import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
 import static ru.javaops.bootjava.UserTestUtil.*;
+import static ru.javaops.bootjava.util.JsonUtil.writeValue;
 
 class UserControllerTest extends AbstractControllerTest {
     static final String URL = "/api/users/";
@@ -61,4 +65,24 @@ void delete() throws Exception {
         Assertions.assertFalse(userRepository.findById(USER_ID).isPresent());
         Assertions.assertTrue(userRepository.findById(ADMIN_ID).isPresent());
     }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void create() throws Exception {
+        User newUser = UserTestUtil.getNew();
+        perform(MockMvcRequestBuilders.post(URL)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(writeValue(newUser)))
+                .andExpect(status().isCreated());
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void update() throws Exception {
+        User updated = UserTestUtil.getUpdated();
+        perform(MockMvcRequestBuilders.put(URL + USER_ID)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(writeValue(updated)))
+                .andExpect(status().isNoContent());
+    }
 }
\ No newline at end of file

From 889571b56a203106e196065023542449a8640d3f Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Mon, 2 May 2022 15:09:15 +0300
Subject: [PATCH 21/26] 6_05_test_body_check

---
 .../ru/javaops/bootjava/UserTestUtil.java     | 28 +++++++++++++++++++
 .../bootjava/web/AccountControllerTest.java   | 12 ++++++--
 .../bootjava/web/UserControllerTest.java      | 11 ++++++--
 3 files changed, 45 insertions(+), 6 deletions(-)

diff --git a/src/test/java/ru/javaops/bootjava/UserTestUtil.java b/src/test/java/ru/javaops/bootjava/UserTestUtil.java
index 1a6bb63..c0c5c78 100644
--- a/src/test/java/ru/javaops/bootjava/UserTestUtil.java
+++ b/src/test/java/ru/javaops/bootjava/UserTestUtil.java
@@ -1,15 +1,25 @@
 package ru.javaops.bootjava;
 
+import com.fasterxml.jackson.core.JsonProcessingException;
+import org.springframework.test.web.servlet.MvcResult;
+import org.springframework.test.web.servlet.ResultMatcher;
 import ru.javaops.bootjava.model.Role;
 import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.util.JsonUtil;
 
+import java.io.UnsupportedEncodingException;
 import java.util.List;
+import java.util.function.BiConsumer;
+
+import static org.assertj.core.api.Assertions.assertThat;
 
 public class UserTestUtil {
     public static final int USER_ID = 1;
     public static final int ADMIN_ID = 2;
     public static final String USER_MAIL = "user@gmail.com";
     public static final String ADMIN_MAIL = "admin@javaops.ru";
+    public static final User user = new User(USER_ID, USER_MAIL, "User_First", "User_Last", "password", List.of(Role.USER));
+    public static final User admin = new User(ADMIN_ID, ADMIN_MAIL, "Admin_First", "Admin_Last", "admin", List.of(Role.ADMIN, Role.USER));
 
     public static User getNew() {
         return new User(null, "new@gmail.com", "New_First", "New_Last", "newpass", List.of(Role.USER));
@@ -18,4 +28,22 @@ public static User getNew() {
     public static User getUpdated() {
         return new User(USER_ID, "user_update@gmail.com", "User_First_Update", "User_Last_Update", "password_update", List.of(Role.USER));
     }
+
+    public static void assertEquals(User actual, User expected) {
+        assertThat(actual).usingRecursiveComparison().ignoringFields("password").isEqualTo(expected);
+    }
+
+    // No id in HATEOAS answer
+    public static void assertNoIdEquals(User actual, User expected) {
+        assertThat(actual).usingRecursiveComparison().ignoringFields("id", "password").isEqualTo(expected);
+    }
+
+    public static User asUser(MvcResult mvcResult) throws UnsupportedEncodingException, JsonProcessingException {
+        String jsonActual = mvcResult.getResponse().getContentAsString();
+        return JsonUtil.readValue(jsonActual, User.class);
+    }
+
+    public static ResultMatcher jsonMatcher(User expected, BiConsumer<User, User> equalsAssertion) {
+        return mvcResult -> equalsAssertion.accept(asUser(mvcResult), expected);
+    }
 }
diff --git a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
index aa6ead2..9185be8 100644
--- a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
+++ b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
@@ -29,7 +29,8 @@ void get() throws Exception {
         perform(MockMvcRequestBuilders.get(URL))
                 .andExpect(status().isOk())
                 .andDo(print())
-                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE))
+                .andExpect(jsonMatcher(user, UserTestUtil::assertEquals));
     }
 
     @Test
@@ -50,10 +51,14 @@ void delete() throws Exception {
     @Test
     void register() throws Exception {
         User newUser = UserTestUtil.getNew();
-        perform(MockMvcRequestBuilders.post(URL + "/register")
+        User registered = asUser(perform(MockMvcRequestBuilders.post(URL + "/register")
                 .contentType(MediaType.APPLICATION_JSON)
                 .content(writeValue(newUser)))
-                .andExpect(status().isCreated());
+                .andExpect(status().isCreated()).andReturn());
+        int newId = registered.id();
+        newUser.setId(newId);
+        UserTestUtil.assertEquals(registered, newUser);
+        UserTestUtil.assertEquals(registered, userRepository.findById(newId).orElseThrow());
     }
 
     @Test
@@ -65,5 +70,6 @@ void update() throws Exception {
                 .content(writeValue(updated)))
                 .andDo(print())
                 .andExpect(status().isNoContent());
+        UserTestUtil.assertEquals(updated, userRepository.findById(USER_ID).orElseThrow());
     }
 }
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java b/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
index 9950437..9295ca0 100644
--- a/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
+++ b/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
@@ -29,12 +29,14 @@ void get() throws Exception {
         perform(MockMvcRequestBuilders.get(URL + USER_ID))
                 .andExpect(status().isOk())
                 .andDo(print())
-                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE))
+                .andExpect(jsonMatcher(user, UserTestUtil::assertNoIdEquals));
     }
 
     @Test
     @WithUserDetails(value = ADMIN_MAIL)
     void getAll() throws Exception {
+        // TODO check content yourself
         perform(MockMvcRequestBuilders.get(URL))
                 .andExpect(status().isOk())
                 .andDo(print())
@@ -47,7 +49,8 @@ void getByEmail() throws Exception {
         perform(MockMvcRequestBuilders.get(URL + "search/by-email?email=" + ADMIN_MAIL))
                 .andExpect(status().isOk())
                 .andDo(print())
-                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
+                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE))
+                .andExpect(jsonMatcher(admin, UserTestUtil::assertNoIdEquals));
     }
 
     @Test
@@ -73,7 +76,8 @@ void create() throws Exception {
         perform(MockMvcRequestBuilders.post(URL)
                 .contentType(MediaType.APPLICATION_JSON)
                 .content(writeValue(newUser)))
-                .andExpect(status().isCreated());
+                .andExpect(status().isCreated())
+                .andExpect(jsonMatcher(newUser, UserTestUtil::assertNoIdEquals));
     }
 
     @Test
@@ -84,5 +88,6 @@ void update() throws Exception {
                 .contentType(MediaType.APPLICATION_JSON)
                 .content(writeValue(updated)))
                 .andExpect(status().isNoContent());
+        UserTestUtil.assertEquals(updated, userRepository.findById(USER_ID).orElseThrow());
     }
 }
\ No newline at end of file

From b5c0be8d57450bdb180d24f82f2c4de841b55dc2 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Mon, 2 May 2022 16:13:22 +0300
Subject: [PATCH 22/26] 6_06_add_cache

---
 pom.xml                                               | 11 +++++++++++
 .../java/ru/javaops/bootjava/config/AppConfig.java    |  2 ++
 .../ru/javaops/bootjava/config/WebSecurityConfig.java |  2 +-
 .../javaops/bootjava/repository/UserRepository.java   |  2 ++
 .../ru/javaops/bootjava/web/AccountController.java    |  8 ++++++--
 5 files changed, 22 insertions(+), 3 deletions(-)

diff --git a/pom.xml b/pom.xml
index 9429775..1334f0f 100644
--- a/pom.xml
+++ b/pom.xml
@@ -66,6 +66,17 @@
             <artifactId>springdoc-openapi-security</artifactId>
             <version>${springdoc.version}</version>
         </dependency>
+
+        <!--cache-->
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-cache</artifactId>
+        </dependency>
+        <dependency>
+            <groupId>com.github.ben-manes.caffeine</groupId>
+            <artifactId>caffeine</artifactId>
+        </dependency>
+
         <dependency>
             <groupId>com.h2database</groupId>
             <artifactId>h2</artifactId>
diff --git a/src/main/java/ru/javaops/bootjava/config/AppConfig.java b/src/main/java/ru/javaops/bootjava/config/AppConfig.java
index 19dbc45..4a9742b 100644
--- a/src/main/java/ru/javaops/bootjava/config/AppConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/AppConfig.java
@@ -2,6 +2,7 @@
 
 import lombok.extern.slf4j.Slf4j;
 import org.h2.tools.Server;
+import org.springframework.cache.annotation.EnableCaching;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 
@@ -9,6 +10,7 @@
 
 @Configuration
 @Slf4j
+@EnableCaching
 public class AppConfig {
 
 /*
diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index 29fe8ee..2e18324 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -43,7 +43,7 @@ void setMapper() {
     public UserDetailsService userDetailsService() {
         return email -> {
             log.debug("Authenticating '{}'", email);
-            Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email);
+            Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email.toLowerCase());
             return new AuthUser(optionalUser.orElseThrow(
                     () -> new UsernameNotFoundException("User '" + email + "' was not found")));
         };
diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
index 5c71376..b676a7f 100644
--- a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -1,6 +1,7 @@
 package ru.javaops.bootjava.repository;
 
 import io.swagger.v3.oas.annotations.tags.Tag;
+import org.springframework.cache.annotation.Cacheable;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.jpa.repository.JpaRepository;
@@ -17,6 +18,7 @@ public interface UserRepository extends JpaRepository<User, Integer> {
 
     @RestResource(rel = "by-email", path = "by-email")
     @Query("SELECT u FROM User u WHERE u.email = LOWER(:email)")
+    @Cacheable("users")
     Optional<User> findByEmailIgnoreCase(String email);
 
     @RestResource(rel = "by-lastname", path = "by-lastname")
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index e13c485..a43eb3e 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -3,6 +3,8 @@
 import io.swagger.v3.oas.annotations.tags.Tag;
 import lombok.AllArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
+import org.springframework.cache.annotation.CacheEvict;
+import org.springframework.cache.annotation.CachePut;
 import org.springframework.data.rest.webmvc.RepositoryLinksResource;
 import org.springframework.hateoas.EntityModel;
 import org.springframework.hateoas.MediaTypes;
@@ -62,6 +64,7 @@ public EntityModel<User> get(@AuthenticationPrincipal AuthUser authUser) {
 
     @DeleteMapping
     @ResponseStatus(HttpStatus.NO_CONTENT)
+    @CacheEvict(value = "users", key = "#authUser.username")
     public void delete(@AuthenticationPrincipal AuthUser authUser) {
         log.info("delete {}", authUser);
         userRepository.deleteById(authUser.id());
@@ -82,7 +85,8 @@ public ResponseEntity<EntityModel<User>> register(@Valid @RequestBody User user)
 
     @PutMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
     @ResponseStatus(HttpStatus.NO_CONTENT)
-    public void update(@Valid @RequestBody User user, @AuthenticationPrincipal AuthUser authUser) {
+    @CachePut(value = "users", key = "#authUser.username")
+    public User update(@Valid @RequestBody User user, @AuthenticationPrincipal AuthUser authUser) {
         log.info("update {} to {}", authUser, user);
         User oldUser = authUser.getUser();
         ValidationUtil.assureIdConsistent(user, oldUser.id());
@@ -90,7 +94,7 @@ public void update(@Valid @RequestBody User user, @AuthenticationPrincipal AuthU
         if (user.getPassword() == null) {
             user.setPassword(oldUser.getPassword());
         }
-        userRepository.save(user);
+        return userRepository.save(user);
     }
 
 /*

From 5dabccc446ffd69059d44bc292807477d6e1355b Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Mon, 2 May 2022 17:08:27 +0300
Subject: [PATCH 23/26] 6_07_update_cache

---
 .../bootjava/repository/UserRepository.java   | 21 +++++++++++++++++++
 .../bootjava/web/AbstractControllerTest.java  |  2 ++
 src/test/resources/application-test.yaml      |  1 +
 3 files changed, 24 insertions(+)
 create mode 100644 src/test/resources/application-test.yaml

diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
index b676a7f..a579ae6 100644
--- a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -1,10 +1,13 @@
 package ru.javaops.bootjava.repository;
 
 import io.swagger.v3.oas.annotations.tags.Tag;
+import org.springframework.cache.annotation.CacheEvict;
+import org.springframework.cache.annotation.CachePut;
 import org.springframework.cache.annotation.Cacheable;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Modifying;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.rest.core.annotation.RestResource;
 import org.springframework.transaction.annotation.Transactional;
@@ -23,4 +26,22 @@ public interface UserRepository extends JpaRepository<User, Integer> {
 
     @RestResource(rel = "by-lastname", path = "by-lastname")
     Page<User> findByLastNameContainingIgnoreCase(String lastName, Pageable page);
+
+    @Override
+    @Modifying
+    @Transactional
+    @CachePut(value = "users", key = "#user.email")
+    User save(User user);
+
+    @Override
+    @Modifying
+    @Transactional
+    @CacheEvict(value = "users", key = "#user.email")
+    void delete(User user);
+
+    @Override
+    @Modifying
+    @Transactional
+    @CacheEvict(value = "users", allEntries = true)
+    void deleteById(Integer integer);
 }
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
index b5a26c0..68cf79c 100644
--- a/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
+++ b/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
@@ -3,6 +3,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.boot.test.autoconfigure.web.servlet.AutoConfigureMockMvc;
 import org.springframework.boot.test.context.SpringBootTest;
+import org.springframework.test.context.ActiveProfiles;
 import org.springframework.test.web.servlet.MockMvc;
 import org.springframework.test.web.servlet.ResultActions;
 import org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder;
@@ -12,6 +13,7 @@
 @SpringBootTest
 @Transactional
 @AutoConfigureMockMvc
+@ActiveProfiles("test")
 //https://docs.spring.io/spring-boot/docs/current/reference/html/spring-boot-features.html#boot-features-testing-spring-boot-applications-testing-with-mock-environment
 public abstract class AbstractControllerTest {
 
diff --git a/src/test/resources/application-test.yaml b/src/test/resources/application-test.yaml
new file mode 100644
index 0000000..be16632
--- /dev/null
+++ b/src/test/resources/application-test.yaml
@@ -0,0 +1 @@
+spring.cache.type: none
\ No newline at end of file

From 4ac1694c9dc1613c4af7128a27ae273aad1849e4 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Mon, 2 May 2022 18:22:00 +0300
Subject: [PATCH 24/26] 7_01_upgrade_refactoring

---
 pom.xml                                       | 36 +++++---
 ...lication.java => BootJavaApplication.java} |  4 +-
 .../ru/javaops/bootjava/config/AppConfig.java | 11 +--
 .../bootjava/config/OpenApiConfig.java        |  7 +-
 .../bootjava/config/WebSecurityConfig.java    | 29 ++++---
 .../javaops/bootjava/error/AppException.java  |  5 ++
 .../ru/javaops/bootjava/model/BaseEntity.java |  8 +-
 .../java/ru/javaops/bootjava/model/User.java  | 16 ++--
 .../util/{ => validation}/ValidationUtil.java | 11 ++-
 .../bootjava/web/AccountController.java       |  5 +-
 .../javaops/bootjava/{ => web}/AuthUser.java  |  2 +-
 .../bootjava/web/GlobalExceptionHandler.java  | 86 +++++++++++++++++++
 .../web/error/GlobalExceptionHandler.java     | 38 --------
 src/main/resources/application.yaml           | 24 ++++--
 .../bootjava/web/AbstractControllerTest.java  |  2 +-
 .../bootjava/web/AccountControllerTest.java   |  9 +-
 16 files changed, 189 insertions(+), 104 deletions(-)
 rename src/main/java/ru/javaops/bootjava/{RestaurantVotingApplication.java => BootJavaApplication.java} (66%)
 rename src/main/java/ru/javaops/bootjava/util/{ => validation}/ValidationUtil.java (67%)
 rename src/main/java/ru/javaops/bootjava/{ => web}/AuthUser.java (93%)
 create mode 100644 src/main/java/ru/javaops/bootjava/web/GlobalExceptionHandler.java
 delete mode 100644 src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java

diff --git a/pom.xml b/pom.xml
index 1334f0f..3736dc5 100644
--- a/pom.xml
+++ b/pom.xml
@@ -5,19 +5,21 @@
     <parent>
         <groupId>org.springframework.boot</groupId>
         <artifactId>spring-boot-starter-parent</artifactId>
-        <version>2.5.0</version>
+        <version>2.6.7</version>
         <relativePath/> <!-- lookup parent from repository -->
     </parent>
-    <groupId>ru.javaops.bootjava</groupId>
-    <artifactId>restaurant-voting</artifactId>
+    <groupId>ru.javaops</groupId>
+    <artifactId>bootjava</artifactId>
     <version>1.0</version>
-    <name>restaurant-voting</name>
+    <name>BootJava</name>
     <description>Spring Boot 2.x HATEOAS application (BootJava)</description>
     <url>https://javaops.ru/view/bootjava</url>
 
     <properties>
-        <java.version>15</java.version>
-        <springdoc.version>1.5.6</springdoc.version>
+        <java.version>17</java.version>
+        <springdoc.version>1.6.8</springdoc.version>
+        <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
+        <project.reporting.outputEncoding>UTF-8</project.reporting.outputEncoding>
     </properties>
 
     <dependencies>
@@ -42,14 +44,6 @@
             <artifactId>spring-boot-starter-security</artifactId>
         </dependency>
 
-        <!--
-                <dependency>
-                    <groupId>org.springframework.data</groupId>
-                    <artifactId>spring-data-rest-hal-browser</artifactId>
-                    <scope>runtime</scope>
-                </dependency>
-        -->
-
         <!--Swagger-->
         <dependency>
             <groupId>org.springdoc</groupId>
@@ -99,6 +93,12 @@
             <artifactId>spring-security-test</artifactId>
             <scope>test</scope>
         </dependency>
+        <!--        https://youtrack.jetbrains.com/issue/IDEA-231927-->
+        <dependency>
+            <groupId>org.junit.platform</groupId>
+            <artifactId>junit-platform-launcher</artifactId>
+            <scope>test</scope>
+        </dependency>
     </dependencies>
 
     <build>
@@ -115,6 +115,14 @@
                     </excludes>
                 </configuration>
             </plugin>
+            <plugin>
+                <!--https://junit.org/junit5/docs/current/user-guide/#running-tests-build-maven -->
+                <groupId>org.apache.maven.plugins</groupId>
+                <artifactId>maven-surefire-plugin</artifactId>
+                <configuration>
+                    <argLine>-Dfile.encoding=UTF-8</argLine>
+                </configuration>
+            </plugin>
         </plugins>
     </build>
 </project>
diff --git a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java b/src/main/java/ru/javaops/bootjava/BootJavaApplication.java
similarity index 66%
rename from src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
rename to src/main/java/ru/javaops/bootjava/BootJavaApplication.java
index ee6a1ed..fd874f1 100644
--- a/src/main/java/ru/javaops/bootjava/RestaurantVotingApplication.java
+++ b/src/main/java/ru/javaops/bootjava/BootJavaApplication.java
@@ -4,9 +4,9 @@
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 
 @SpringBootApplication
-public class RestaurantVotingApplication {
+public class BootJavaApplication {
 
     public static void main(String[] args) {
-        SpringApplication.run(RestaurantVotingApplication.class, args);
+        SpringApplication.run(BootJavaApplication.class, args);
     }
 }
diff --git a/src/main/java/ru/javaops/bootjava/config/AppConfig.java b/src/main/java/ru/javaops/bootjava/config/AppConfig.java
index 4a9742b..cf1e5e7 100644
--- a/src/main/java/ru/javaops/bootjava/config/AppConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/AppConfig.java
@@ -5,6 +5,7 @@
 import org.springframework.cache.annotation.EnableCaching;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.context.annotation.Profile;
 
 import java.sql.SQLException;
 
@@ -13,15 +14,9 @@
 @EnableCaching
 public class AppConfig {
 
-/*
+    @Profile("!test")
     @Bean(initMethod = "start", destroyMethod = "stop")
-    public Server h2WebServer() throws SQLException {
-        return Server.createWebServer("-web", "-webAllowOthers", "-webPort", "8082");
-    }
-*/
-
-    @Bean(initMethod = "start", destroyMethod = "stop")
-    public Server h2Server() throws SQLException {
+    Server h2Server() throws SQLException {
         log.info("Start H2 TCP server");
         return Server.createTcpServer("-tcp", "-tcpAllowOthers", "-tcpPort", "9092");
     }
diff --git a/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java b/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java
index 4f6293d..8445b18 100644
--- a/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java
@@ -21,7 +21,12 @@
         info = @Info(
                 title = "REST API documentation",
                 version = "1.0",
-                description = "Приложение по <a href='https://javaops.ru/view/bootjava'>курсу BootJava</a>",
+                description = """
+                        Приложение по <a href='https://javaops.ru/view/bootjava'>курсу BootJava</a>
+                        <p><b>Тестовые креденшелы:</b><br>
+                        - user@gmail.com / password<br>
+                        - admin@javaops.ru / admin</p>
+                        """,
                 contact = @Contact(url = "https://javaops.ru/#contacts", name = "Grigory Kislin", email = "admin@javaops.ru")
         ),
         security = @SecurityRequirement(name = "basicAuth")
diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index 2e18324..76b25a3 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -6,6 +6,7 @@
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpMethod;
 import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
@@ -15,13 +16,12 @@
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.security.crypto.factory.PasswordEncoderFactories;
 import org.springframework.security.crypto.password.PasswordEncoder;
-import ru.javaops.bootjava.AuthUser;
 import ru.javaops.bootjava.model.Role;
 import ru.javaops.bootjava.model.User;
 import ru.javaops.bootjava.repository.UserRepository;
 import ru.javaops.bootjava.util.JsonUtil;
+import ru.javaops.bootjava.web.AuthUser;
 
-import javax.annotation.PostConstruct;
 import java.util.Optional;
 
 @Configuration
@@ -32,33 +32,34 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
     public static final PasswordEncoder PASSWORD_ENCODER = PasswordEncoderFactories.createDelegatingPasswordEncoder();
     private final UserRepository userRepository;
-    private final ObjectMapper objectMapper;
 
-    @PostConstruct
-    void setMapper() {
+    @Autowired
+    private void setMapper(ObjectMapper objectMapper) {
         JsonUtil.setObjectMapper(objectMapper);
     }
 
     @Bean
-    public UserDetailsService userDetailsService() {
-        return email -> {
-            log.debug("Authenticating '{}'", email);
-            Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email.toLowerCase());
-            return new AuthUser(optionalUser.orElseThrow(
-                    () -> new UsernameNotFoundException("User '" + email + "' was not found")));
-        };
+    @Override
+    public UserDetailsService userDetailsServiceBean() throws Exception {
+        return super.userDetailsServiceBean();
     }
 
     @Autowired
     public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception {
-        auth.userDetailsService(userDetailsService())
+        auth.userDetailsService(
+                        email -> {
+                            log.debug("Authenticating '{}'", email);
+                            Optional<User> optionalUser = userRepository.findByEmailIgnoreCase(email);
+                            return new AuthUser(optionalUser.orElseThrow(
+                                    () -> new UsernameNotFoundException("User '" + email + "' was not found")));
+                        })
                 .passwordEncoder(PASSWORD_ENCODER);
     }
 
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests()
-                .antMatchers("/api/account/register").anonymous()
+                .antMatchers(HttpMethod.POST, "/api/account").anonymous()
                 .antMatchers("/api/account").hasRole(Role.USER.name())
                 .antMatchers("/api/**").hasRole(Role.ADMIN.name())
                 .and().httpBasic()
diff --git a/src/main/java/ru/javaops/bootjava/error/AppException.java b/src/main/java/ru/javaops/bootjava/error/AppException.java
index 809caad..9d00dd4 100644
--- a/src/main/java/ru/javaops/bootjava/error/AppException.java
+++ b/src/main/java/ru/javaops/bootjava/error/AppException.java
@@ -13,4 +13,9 @@ public AppException(HttpStatus status, String message, ErrorAttributeOptions opt
         super(status, message);
         this.options = options;
     }
+
+    @Override
+    public String getMessage() {
+        return getReason();
+    }
 }
diff --git a/src/main/java/ru/javaops/bootjava/model/BaseEntity.java b/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
index 72ed0fc..c942ac3 100644
--- a/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
+++ b/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
@@ -1,6 +1,7 @@
 package ru.javaops.bootjava.model;
 
 import com.fasterxml.jackson.annotation.JsonIgnore;
+import io.swagger.v3.oas.annotations.media.Schema;
 import lombok.*;
 import org.springframework.data.domain.Persistable;
 import org.springframework.data.util.ProxyUtils;
@@ -15,11 +16,11 @@
 @Setter
 @NoArgsConstructor(access = AccessLevel.PROTECTED)
 @AllArgsConstructor(access = AccessLevel.PROTECTED)
-@ToString
 public abstract class BaseEntity implements Persistable<Integer> {
 
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
+    @Schema(accessMode = Schema.AccessMode.READ_ONLY) // https://stackoverflow.com/a/28025008/548473
     protected Integer id;
 
     // doesn't work for hibernate lazy proxy
@@ -51,4 +52,9 @@ public boolean equals(Object o) {
     public int hashCode() {
         return id == null ? 0 : id;
     }
+
+    @Override
+    public String toString() {
+        return getClass().getSimpleName() + ":" + id;
+    }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
index effb0b1..4878c62 100644
--- a/src/main/java/ru/javaops/bootjava/model/User.java
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -8,7 +8,7 @@
 
 import javax.persistence.*;
 import javax.validation.constraints.Email;
-import javax.validation.constraints.NotEmpty;
+import javax.validation.constraints.NotBlank;
 import javax.validation.constraints.Size;
 import java.io.Serializable;
 import java.util.Collection;
@@ -21,16 +21,15 @@
 @Setter
 @NoArgsConstructor(access = AccessLevel.PROTECTED)
 @AllArgsConstructor
-@ToString(callSuper = true, exclude = {"password"})
 public class User extends BaseEntity implements Serializable {
     public User(Integer id, String email, String firstName, String lastName, String password, Collection<Role> roles) {
-        this(email, firstName, lastName, password, EnumSet.copyOf(roles));
+        this(email, firstName, lastName, password, roles.isEmpty() ? EnumSet.noneOf(Role.class) : EnumSet.copyOf(roles));
         this.id = id;
     }
 
     @Column(name = "email", nullable = false, unique = true)
     @Email
-    @NotEmpty
+    @NotBlank
     @Size(max = 128)
     private String email;
 
@@ -49,7 +48,9 @@ public User(Integer id, String email, String firstName, String lastName, String
     private String password;
 
     @Enumerated(EnumType.STRING)
-    @CollectionTable(name = "user_role", joinColumns = @JoinColumn(name = "user_id"), uniqueConstraints = {@UniqueConstraint(columnNames = {"user_id", "role"}, name = "user_roles_unique")})
+    @CollectionTable(name = "user_role",
+            joinColumns = @JoinColumn(name = "user_id"),
+            uniqueConstraints = @UniqueConstraint(columnNames = {"user_id", "role"}, name = "uk_user_role"))
     @Column(name = "role")
     @ElementCollection(fetch = FetchType.EAGER)
     private Set<Role> roles;
@@ -57,4 +58,9 @@ public User(Integer id, String email, String firstName, String lastName, String
     public void setEmail(String email) {
         this.email = StringUtils.hasText(email) ? email.toLowerCase() : null;
     }
+
+    @Override
+    public String toString() {
+        return "User:" + id + '[' + email + ']';
+    }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java b/src/main/java/ru/javaops/bootjava/util/validation/ValidationUtil.java
similarity index 67%
rename from src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
rename to src/main/java/ru/javaops/bootjava/util/validation/ValidationUtil.java
index 4d5c29c..991c447 100644
--- a/src/main/java/ru/javaops/bootjava/util/ValidationUtil.java
+++ b/src/main/java/ru/javaops/bootjava/util/validation/ValidationUtil.java
@@ -1,6 +1,8 @@
-package ru.javaops.bootjava.util;
+package ru.javaops.bootjava.util.validation;
 
 import lombok.experimental.UtilityClass;
+import org.springframework.core.NestedExceptionUtils;
+import org.springframework.lang.NonNull;
 import ru.javaops.bootjava.error.IllegalRequestDataException;
 import ru.javaops.bootjava.model.BaseEntity;
 
@@ -21,4 +23,11 @@ public static void assureIdConsistent(BaseEntity entity, int id) {
             throw new IllegalRequestDataException(entity.getClass().getSimpleName() + " must has id=" + id);
         }
     }
+
+    //  https://stackoverflow.com/a/65442410/548473
+    @NonNull
+    public static Throwable getRootCause(@NonNull Throwable t) {
+        Throwable rootCause = NestedExceptionUtils.getRootCause(t);
+        return rootCause != null ? rootCause : t;
+    }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
index a43eb3e..bba5c9c 100644
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ b/src/main/java/ru/javaops/bootjava/web/AccountController.java
@@ -16,11 +16,10 @@
 import org.springframework.security.core.annotation.AuthenticationPrincipal;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
-import ru.javaops.bootjava.AuthUser;
 import ru.javaops.bootjava.model.Role;
 import ru.javaops.bootjava.model.User;
 import ru.javaops.bootjava.repository.UserRepository;
-import ru.javaops.bootjava.util.ValidationUtil;
+import ru.javaops.bootjava.util.validation.ValidationUtil;
 
 import javax.validation.Valid;
 import java.net.URI;
@@ -70,7 +69,7 @@ public void delete(@AuthenticationPrincipal AuthUser authUser) {
         userRepository.deleteById(authUser.id());
     }
 
-    @PostMapping(value = "/register", consumes = MediaType.APPLICATION_JSON_VALUE)
+    @PostMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
     @ResponseStatus(value = HttpStatus.CREATED)
     public ResponseEntity<EntityModel<User>> register(@Valid @RequestBody User user) {
         log.info("register {}", user);
diff --git a/src/main/java/ru/javaops/bootjava/AuthUser.java b/src/main/java/ru/javaops/bootjava/web/AuthUser.java
similarity index 93%
rename from src/main/java/ru/javaops/bootjava/AuthUser.java
rename to src/main/java/ru/javaops/bootjava/web/AuthUser.java
index d4bf023..d31db91 100644
--- a/src/main/java/ru/javaops/bootjava/AuthUser.java
+++ b/src/main/java/ru/javaops/bootjava/web/AuthUser.java
@@ -1,4 +1,4 @@
-package ru.javaops.bootjava;
+package ru.javaops.bootjava.web;
 
 import lombok.Getter;
 import lombok.ToString;
diff --git a/src/main/java/ru/javaops/bootjava/web/GlobalExceptionHandler.java b/src/main/java/ru/javaops/bootjava/web/GlobalExceptionHandler.java
new file mode 100644
index 0000000..60a28c2
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/web/GlobalExceptionHandler.java
@@ -0,0 +1,86 @@
+package ru.javaops.bootjava.web;
+
+import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.boot.web.error.ErrorAttributeOptions;
+import org.springframework.boot.web.servlet.error.ErrorAttributes;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.lang.NonNull;
+import org.springframework.validation.BindException;
+import org.springframework.validation.BindingResult;
+import org.springframework.web.bind.MethodArgumentNotValidException;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.RestControllerAdvice;
+import org.springframework.web.context.request.WebRequest;
+import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
+import ru.javaops.bootjava.error.AppException;
+import ru.javaops.bootjava.util.validation.ValidationUtil;
+
+import javax.persistence.EntityNotFoundException;
+import java.util.Map;
+import java.util.stream.Collectors;
+
+import static org.springframework.boot.web.error.ErrorAttributeOptions.Include.MESSAGE;
+
+@RestControllerAdvice
+@AllArgsConstructor
+@Slf4j
+public class GlobalExceptionHandler extends ResponseEntityExceptionHandler {
+    private final ErrorAttributes errorAttributes;
+
+    @ExceptionHandler(AppException.class)
+    public ResponseEntity<?> appException(WebRequest request, AppException ex) {
+        log.error("ApplicationException: {}", ex.getMessage());
+        return createResponseEntity(request, ex.getOptions(), null, ex.getStatus());
+    }
+
+    @ExceptionHandler(EntityNotFoundException.class)
+    public ResponseEntity<?> entityNotFoundException(WebRequest request, EntityNotFoundException ex) {
+        log.error("EntityNotFoundException: {}", ex.getMessage());
+        return createResponseEntity(request, ErrorAttributeOptions.of(MESSAGE), null, HttpStatus.UNPROCESSABLE_ENTITY);
+    }
+
+    @NonNull
+    @Override
+    protected ResponseEntity<Object> handleExceptionInternal(
+            @NonNull Exception ex, Object body, @NonNull HttpHeaders headers, @NonNull HttpStatus status, @NonNull WebRequest request) {
+        log.error("Exception", ex);
+        super.handleExceptionInternal(ex, body, headers, status, request);
+        return createResponseEntity(request, ErrorAttributeOptions.of(), ValidationUtil.getRootCause(ex).getMessage(), status);
+    }
+
+    @NonNull
+    @Override
+    protected ResponseEntity<Object> handleMethodArgumentNotValid(
+            MethodArgumentNotValidException ex,
+            @NonNull HttpHeaders headers, @NonNull HttpStatus status, @NonNull WebRequest request) {
+        return handleBindingErrors(ex.getBindingResult(), request);
+    }
+
+    @NonNull
+    @Override
+    protected ResponseEntity<Object> handleBindException(
+            BindException ex, @NonNull HttpHeaders headers, @NonNull HttpStatus status, @NonNull WebRequest request) {
+        return handleBindingErrors(ex.getBindingResult(), request);
+    }
+
+    private ResponseEntity<Object> handleBindingErrors(BindingResult result, WebRequest request) {
+        String msg = result.getFieldErrors().stream()
+                .map(fe -> String.format("[%s] %s", fe.getField(), fe.getDefaultMessage()))
+                .collect(Collectors.joining("\n"));
+        return createResponseEntity(request, ErrorAttributeOptions.defaults(), msg, HttpStatus.UNPROCESSABLE_ENTITY);
+    }
+
+    @SuppressWarnings("unchecked")
+    private <T> ResponseEntity<T> createResponseEntity(WebRequest request, ErrorAttributeOptions options, String msg, HttpStatus status) {
+        Map<String, Object> body = errorAttributes.getErrorAttributes(request, options);
+        if (msg != null) {
+            body.put("message", msg);
+        }
+        body.put("status", status.value());
+        body.put("error", status.getReasonPhrase());
+        return (ResponseEntity<T>) ResponseEntity.status(status).body(body);
+    }
+}
diff --git a/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java b/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java
deleted file mode 100644
index d441662..0000000
--- a/src/main/java/ru/javaops/bootjava/web/error/GlobalExceptionHandler.java
+++ /dev/null
@@ -1,38 +0,0 @@
-package ru.javaops.bootjava.web.error;
-
-import lombok.AllArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.boot.web.servlet.error.ErrorAttributes;
-import org.springframework.http.HttpHeaders;
-import org.springframework.http.HttpStatus;
-import org.springframework.http.ResponseEntity;
-import org.springframework.web.bind.annotation.ExceptionHandler;
-import org.springframework.web.bind.annotation.RestControllerAdvice;
-import org.springframework.web.context.request.WebRequest;
-import org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler;
-import ru.javaops.bootjava.error.AppException;
-
-import java.util.Map;
-
-@RestControllerAdvice
-@AllArgsConstructor
-@Slf4j
-public class GlobalExceptionHandler extends ResponseEntityExceptionHandler {
-    private final ErrorAttributes errorAttributes;
-
-    @ExceptionHandler(AppException.class)
-    public ResponseEntity<Map<String, Object>> appException(AppException ex, WebRequest request) {
-        log.error("Application Exception", ex);
-        Map<String, Object> body = errorAttributes.getErrorAttributes(request, ex.getOptions());
-        HttpStatus status = ex.getStatus();
-        body.put("status", status.value());
-        body.put("error", status.getReasonPhrase());
-        return ResponseEntity.status(status).body(body);
-    }
-
-    @Override
-    protected ResponseEntity<Object> handleExceptionInternal(Exception ex, Object body, HttpHeaders headers, HttpStatus status, WebRequest request) {
-        log.error("Exception", ex);
-        return super.handleExceptionInternal(ex, body, headers, status, request);
-    }
-}
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 1e8b45b..8467837 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -3,6 +3,8 @@ spring:
   jpa:
     show-sql: true
     open-in-view: false
+    # https://stackoverflow.com/a/67678945/548473
+    defer-datasource-initialization: true
     hibernate:
       ddl-auto: create
     properties:
@@ -12,19 +14,18 @@ spring:
         default_batch_fetch_size: 20
         # https://stackoverflow.com/questions/21257819/what-is-the-difference-between-hibernate-jdbc-fetch-size-and-hibernate-jdbc-batc
         jdbc.batch_size: 20
-    defer-datasource-initialization: true
   datasource:
     # ImMemory
-    url: jdbc:h2:mem:voting
-    #    tcp: jdbc:h2:tcp://localhost:9092/mem:voting
+    url: jdbc:h2:mem:bootjava
+    #    tcp: jdbc:h2:tcp://localhost:9092/mem:bootjava
     # Absolute path
-    #    url: jdbc:h2:C:/projects/bootjava/restorant-voting/db/voting
-    #    tcp: jdbc:h2:tcp://localhost:9092/C:/projects/bootjava/restorant-voting/db/voting
+    #    url: jdbc:h2:C:/projects/bootjava/db/bootjava
+    #    tcp: jdbc:h2:tcp://localhost:9092/C:/projects/bootjava/db/bootjava
     # Relative path form current dir
-    #    url: jdbc:h2:./db/voting
+    #    url: jdbc:h2:./db/bootjava
     # Relative path from home
-    #    url: jdbc:h2:~/voting
-    #    tcp: jdbc:h2:tcp://localhost:9092/~/voting
+    #    url: jdbc:h2:~/bootjava
+    #    tcp: jdbc:h2:tcp://localhost:9092/~/bootjava
     username: sa
     password:
   h2.console.enabled: true
@@ -35,6 +36,11 @@ spring:
     defaultPageSize: 20
     returnBodyOnCreate: true
 
+  # https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-application-properties.html#common-application-properties-cache
+  cache:
+    cache-names: users
+    caffeine.spec: maximumSize=5000,expireAfterAccess=60s
+
 #  https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-application-properties.html#security-properties
 #  security:
 #    user:
@@ -46,7 +52,7 @@ logging:
   level:
     root: WARN
     ru.javaops.bootjava: DEBUG
-#    org.springframework.security.web.FilterChainProxy: DEBUG
+    org.springframework.web.servlet.mvc.method.annotation.ExceptionHandlerExceptionResolver: DEBUG
 
 server.servlet:
   encoding:
diff --git a/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
index 68cf79c..b4d9cec 100644
--- a/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
+++ b/src/test/java/ru/javaops/bootjava/web/AbstractControllerTest.java
@@ -18,7 +18,7 @@
 public abstract class AbstractControllerTest {
 
     @Autowired
-    protected MockMvc mockMvc;
+    private MockMvc mockMvc;
 
     protected ResultActions perform(MockHttpServletRequestBuilder builder) throws Exception {
         return mockMvc.perform(builder);
diff --git a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
index 9185be8..2514542 100644
--- a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
+++ b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
@@ -30,7 +30,7 @@ void get() throws Exception {
                 .andExpect(status().isOk())
                 .andDo(print())
                 .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE))
-                .andExpect(jsonMatcher(user, UserTestUtil::assertEquals));
+                .andExpect(jsonMatcher(user, UserTestUtil::assertNoIdEquals));
     }
 
     @Test
@@ -51,14 +51,11 @@ void delete() throws Exception {
     @Test
     void register() throws Exception {
         User newUser = UserTestUtil.getNew();
-        User registered = asUser(perform(MockMvcRequestBuilders.post(URL + "/register")
+        User registered = asUser(perform(MockMvcRequestBuilders.post(URL)
                 .contentType(MediaType.APPLICATION_JSON)
                 .content(writeValue(newUser)))
                 .andExpect(status().isCreated()).andReturn());
-        int newId = registered.id();
-        newUser.setId(newId);
-        UserTestUtil.assertEquals(registered, newUser);
-        UserTestUtil.assertEquals(registered, userRepository.findById(newId).orElseThrow());
+        UserTestUtil.assertNoIdEquals(registered, newUser);
     }
 
     @Test

From 4abc07be096eee29352df7ffec8bd9879836a9e1 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Mon, 2 May 2022 18:28:57 +0300
Subject: [PATCH 25/26] 7_02_xss_validation

---
 pom.xml                                       |  5 ++++
 .../java/ru/javaops/bootjava/model/User.java  |  4 ++++
 .../bootjava/util/validation/NoHtml.java      | 23 +++++++++++++++++++
 .../util/validation/NoHtmlValidator.java      | 14 +++++++++++
 .../bootjava/web/AccountControllerTest.java   | 12 ++++++++++
 5 files changed, 58 insertions(+)
 create mode 100644 src/main/java/ru/javaops/bootjava/util/validation/NoHtml.java
 create mode 100644 src/main/java/ru/javaops/bootjava/util/validation/NoHtmlValidator.java

diff --git a/pom.xml b/pom.xml
index 3736dc5..95002a4 100644
--- a/pom.xml
+++ b/pom.xml
@@ -80,6 +80,11 @@
             <artifactId>lombok</artifactId>
             <optional>true</optional>
         </dependency>
+        <dependency>
+            <groupId>org.jsoup</groupId>
+            <artifactId>jsoup</artifactId>
+            <version>1.14.3</version>
+        </dependency>
 
         <!--    https://github.com/spring-projects/spring-boot/wiki/Spring-Boot-2.4-Release-Notes#junit-5s-vintage-engine-removed-from-spring-boot-starter-test-->
         <dependency>
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
index 4878c62..e0516bd 100644
--- a/src/main/java/ru/javaops/bootjava/model/User.java
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -5,6 +5,7 @@
 import lombok.*;
 import org.springframework.util.StringUtils;
 import ru.javaops.bootjava.util.JsonDeserializers;
+import ru.javaops.bootjava.util.validation.NoHtml;
 
 import javax.persistence.*;
 import javax.validation.constraints.Email;
@@ -31,14 +32,17 @@ public User(Integer id, String email, String firstName, String lastName, String
     @Email
     @NotBlank
     @Size(max = 128)
+    @NoHtml   // https://stackoverflow.com/questions/17480809
     private String email;
 
     @Column(name = "first_name")
     @Size(max = 128)
+    @NoHtml
     private String firstName;
 
     @Column(name = "last_name")
     @Size(max = 128)
+    @NoHtml
     private String lastName;
 
     @Column(name = "password")
diff --git a/src/main/java/ru/javaops/bootjava/util/validation/NoHtml.java b/src/main/java/ru/javaops/bootjava/util/validation/NoHtml.java
new file mode 100644
index 0000000..e2cba7e
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/util/validation/NoHtml.java
@@ -0,0 +1,23 @@
+package ru.javaops.bootjava.util.validation;
+
+import javax.validation.Constraint;
+import javax.validation.Payload;
+import java.lang.annotation.Documented;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+import static java.lang.annotation.ElementType.FIELD;
+import static java.lang.annotation.ElementType.METHOD;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+@Documented
+@Constraint(validatedBy = NoHtmlValidator.class)
+@Target({METHOD, FIELD})
+@Retention(RUNTIME)
+public @interface NoHtml {
+    String message() default "{error.noHtml}";
+
+    Class<?>[] groups() default {};
+
+    Class<? extends Payload>[] payload() default {};
+}
diff --git a/src/main/java/ru/javaops/bootjava/util/validation/NoHtmlValidator.java b/src/main/java/ru/javaops/bootjava/util/validation/NoHtmlValidator.java
new file mode 100644
index 0000000..b5d0536
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/util/validation/NoHtmlValidator.java
@@ -0,0 +1,14 @@
+package ru.javaops.bootjava.util.validation;
+
+import org.jsoup.Jsoup;
+import org.jsoup.safety.Safelist;
+
+import javax.validation.ConstraintValidator;
+import javax.validation.ConstraintValidatorContext;
+
+public class NoHtmlValidator implements ConstraintValidator<NoHtml, String> {
+    @Override
+    public boolean isValid(String value, ConstraintValidatorContext ctx) {
+        return value == null || Jsoup.isValid(value, Safelist.none());
+    }
+}
diff --git a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
index 2514542..c552616 100644
--- a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
+++ b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
@@ -69,4 +69,16 @@ void update() throws Exception {
                 .andExpect(status().isNoContent());
         UserTestUtil.assertEquals(updated, userRepository.findById(USER_ID).orElseThrow());
     }
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void updateHtmlUnsafe() throws Exception {
+        User updated = UserTestUtil.getUpdated();
+        updated.setFirstName("<script>alert(123)</script>");
+        perform(MockMvcRequestBuilders.put(URL)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(writeValue(updated)))
+                .andDo(print())
+                .andExpect(status().isUnprocessableEntity());
+    }
 }
\ No newline at end of file

From 25ebf454e20f22d62e18eadfe298d446ac252a36 Mon Sep 17 00:00:00 2001
From: lehasoldat <saldakeev@gmail.com>
Date: Mon, 2 May 2022 18:39:29 +0300
Subject: [PATCH 26/26] 7_03_remove_data_rest_refactoring

---
 .gitignore                                    |   7 +-
 pom.xml                                       |  13 +-
 src/main/java/ru/javaops/bootjava/HasId.java  |  21 ++
 .../ru/javaops/bootjava/HasIdAndEmail.java    |   5 +
 .../ru/javaops/bootjava/config/AppConfig.java |   9 +
 .../bootjava/config/OpenApiConfig.java        |   1 -
 .../bootjava/config/WebSecurityConfig.java    |  13 +-
 .../ru/javaops/bootjava/model/BaseEntity.java |   3 +-
 .../javaops/bootjava/model/NamedEntity.java   |  36 +++
 .../java/ru/javaops/bootjava/model/User.java  |  72 +++---
 .../bootjava/repository/BaseRepository.java   |  24 ++
 .../bootjava/repository/UserRepository.java   |  33 +--
 .../java/ru/javaops/bootjava/to/BaseTo.java   |  21 ++
 .../java/ru/javaops/bootjava/to/NamedTo.java  |  27 +++
 .../java/ru/javaops/bootjava/to/UserTo.java   |  35 +++
 .../bootjava/util/JsonDeserializers.java      |  25 ---
 .../ru/javaops/bootjava/util/JsonUtil.java    |  44 +++-
 .../ru/javaops/bootjava/util/UserUtil.java    |  31 +++
 .../util/validation/ValidationUtil.java       |  24 +-
 .../bootjava/web/AccountController.java       | 112 ----------
 .../ru/javaops/bootjava/web/SecurityUtil.java |  33 +++
 .../web/user/AbstractUserController.java      |  39 ++++
 .../web/user/AdminUserController.java         |  79 +++++++
 .../bootjava/web/user/ProfileController.java  |  58 +++++
 .../web/user/UniqueMailValidator.java         |  49 ++++
 src/main/resources/application.yaml           |  28 +--
 src/main/resources/data.sql                   |   6 +-
 .../ru/javaops/bootjava/UserTestUtil.java     |  49 ----
 .../bootjava/web/AccountControllerTest.java   |  84 -------
 .../javaops/bootjava/web/MatcherFactory.java  |  83 +++++++
 .../bootjava/web/UserControllerTest.java      |  93 --------
 .../web/user/AdminUserControllerTest.java     | 211 ++++++++++++++++++
 .../web/user/ProfileControllerTest.java       | 112 ++++++++++
 .../bootjava/web/user/UserTestData.java       |  34 +++
 34 files changed, 1032 insertions(+), 482 deletions(-)
 create mode 100644 src/main/java/ru/javaops/bootjava/HasId.java
 create mode 100644 src/main/java/ru/javaops/bootjava/HasIdAndEmail.java
 create mode 100644 src/main/java/ru/javaops/bootjava/model/NamedEntity.java
 create mode 100644 src/main/java/ru/javaops/bootjava/repository/BaseRepository.java
 create mode 100644 src/main/java/ru/javaops/bootjava/to/BaseTo.java
 create mode 100644 src/main/java/ru/javaops/bootjava/to/NamedTo.java
 create mode 100644 src/main/java/ru/javaops/bootjava/to/UserTo.java
 delete mode 100644 src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java
 create mode 100644 src/main/java/ru/javaops/bootjava/util/UserUtil.java
 delete mode 100644 src/main/java/ru/javaops/bootjava/web/AccountController.java
 create mode 100644 src/main/java/ru/javaops/bootjava/web/SecurityUtil.java
 create mode 100644 src/main/java/ru/javaops/bootjava/web/user/AbstractUserController.java
 create mode 100644 src/main/java/ru/javaops/bootjava/web/user/AdminUserController.java
 create mode 100644 src/main/java/ru/javaops/bootjava/web/user/ProfileController.java
 create mode 100644 src/main/java/ru/javaops/bootjava/web/user/UniqueMailValidator.java
 delete mode 100644 src/test/java/ru/javaops/bootjava/UserTestUtil.java
 delete mode 100644 src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
 create mode 100644 src/test/java/ru/javaops/bootjava/web/MatcherFactory.java
 delete mode 100644 src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
 create mode 100644 src/test/java/ru/javaops/bootjava/web/user/AdminUserControllerTest.java
 create mode 100644 src/test/java/ru/javaops/bootjava/web/user/ProfileControllerTest.java
 create mode 100644 src/test/java/ru/javaops/bootjava/web/user/UserTestData.java

diff --git a/.gitignore b/.gitignore
index 4c6870b..44fbcf3 100644
--- a/.gitignore
+++ b/.gitignore
@@ -4,6 +4,9 @@ patches
 
 ### IntelliJ IDEA ###
 .idea
-*.iws
+out
+target
 *.iml
-*.ipr
\ No newline at end of file
+log
+*.patch
+
diff --git a/pom.xml b/pom.xml
index 95002a4..345b938 100644
--- a/pom.xml
+++ b/pom.xml
@@ -37,11 +37,13 @@
         </dependency>
         <dependency>
             <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-data-rest</artifactId>
+            <artifactId>spring-boot-starter-security</artifactId>
         </dependency>
+
+        <!--        jackson-->
         <dependency>
-            <groupId>org.springframework.boot</groupId>
-            <artifactId>spring-boot-starter-security</artifactId>
+            <groupId>com.fasterxml.jackson.datatype</groupId>
+            <artifactId>jackson-datatype-hibernate5</artifactId>
         </dependency>
 
         <!--Swagger-->
@@ -50,11 +52,6 @@
             <artifactId>springdoc-openapi-ui</artifactId>
             <version>${springdoc.version}</version>
         </dependency>
-        <dependency>
-            <groupId>org.springdoc</groupId>
-            <artifactId>springdoc-openapi-data-rest</artifactId>
-            <version>${springdoc.version}</version>
-        </dependency>
         <dependency>
             <groupId>org.springdoc</groupId>
             <artifactId>springdoc-openapi-security</artifactId>
diff --git a/src/main/java/ru/javaops/bootjava/HasId.java b/src/main/java/ru/javaops/bootjava/HasId.java
new file mode 100644
index 0000000..42ba142
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/HasId.java
@@ -0,0 +1,21 @@
+package ru.javaops.bootjava;
+
+import com.fasterxml.jackson.annotation.JsonIgnore;
+import org.springframework.util.Assert;
+
+public interface HasId {
+    Integer getId();
+
+    void setId(Integer id);
+
+    @JsonIgnore
+    default boolean isNew() {
+        return getId() == null;
+    }
+
+    // doesn't work for hibernate lazy proxy
+    default int id() {
+        Assert.notNull(getId(), "Entity must has id");
+        return getId();
+    }
+}
diff --git a/src/main/java/ru/javaops/bootjava/HasIdAndEmail.java b/src/main/java/ru/javaops/bootjava/HasIdAndEmail.java
new file mode 100644
index 0000000..aa96c88
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/HasIdAndEmail.java
@@ -0,0 +1,5 @@
+package ru.javaops.bootjava;
+
+public interface HasIdAndEmail extends HasId {
+    String getEmail();
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/config/AppConfig.java b/src/main/java/ru/javaops/bootjava/config/AppConfig.java
index cf1e5e7..f775ee8 100644
--- a/src/main/java/ru/javaops/bootjava/config/AppConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/AppConfig.java
@@ -1,5 +1,7 @@
 package ru.javaops.bootjava.config;
 
+import com.fasterxml.jackson.databind.Module;
+import com.fasterxml.jackson.datatype.hibernate5.Hibernate5Module;
 import lombok.extern.slf4j.Slf4j;
 import org.h2.tools.Server;
 import org.springframework.cache.annotation.EnableCaching;
@@ -12,6 +14,7 @@
 @Configuration
 @Slf4j
 @EnableCaching
+// TODO: cache only most requested data!
 public class AppConfig {
 
     @Profile("!test")
@@ -20,4 +23,10 @@ Server h2Server() throws SQLException {
         log.info("Start H2 TCP server");
         return Server.createTcpServer("-tcp", "-tcpAllowOthers", "-tcpPort", "9092");
     }
+
+    //    https://stackoverflow.com/a/46947975/548473
+    @Bean
+    Module module() {
+        return new Hibernate5Module();
+    }
 }
diff --git a/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java b/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java
index 8445b18..4e9aa5f 100644
--- a/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/OpenApiConfig.java
@@ -38,7 +38,6 @@ public GroupedOpenApi api() {
         return GroupedOpenApi.builder()
                 .group("REST API")
                 .pathsToMatch("/api/**")
-                .pathsToExclude("/api/profile/**")
                 .build();
     }
 }
diff --git a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
index 76b25a3..aae64bd 100644
--- a/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
+++ b/src/main/java/ru/javaops/bootjava/config/WebSecurityConfig.java
@@ -14,8 +14,6 @@
 import org.springframework.security.config.http.SessionCreationPolicy;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
-import org.springframework.security.crypto.factory.PasswordEncoderFactories;
-import org.springframework.security.crypto.password.PasswordEncoder;
 import ru.javaops.bootjava.model.Role;
 import ru.javaops.bootjava.model.User;
 import ru.javaops.bootjava.repository.UserRepository;
@@ -24,18 +22,19 @@
 
 import java.util.Optional;
 
+import static ru.javaops.bootjava.util.UserUtil.PASSWORD_ENCODER;
+
 @Configuration
 @EnableWebSecurity
 @Slf4j
 @AllArgsConstructor
 public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
-    public static final PasswordEncoder PASSWORD_ENCODER = PasswordEncoderFactories.createDelegatingPasswordEncoder();
     private final UserRepository userRepository;
 
     @Autowired
     private void setMapper(ObjectMapper objectMapper) {
-        JsonUtil.setObjectMapper(objectMapper);
+        JsonUtil.setMapper(objectMapper);
     }
 
     @Bean
@@ -59,9 +58,9 @@ public void configureGlobal(AuthenticationManagerBuilder auth) throws Exception
     @Override
     protected void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests()
-                .antMatchers(HttpMethod.POST, "/api/account").anonymous()
-                .antMatchers("/api/account").hasRole(Role.USER.name())
-                .antMatchers("/api/**").hasRole(Role.ADMIN.name())
+                .antMatchers("/api/admin/**").hasRole(Role.ADMIN.name())
+                .antMatchers(HttpMethod.POST, "/api/profile").anonymous()
+                .antMatchers("/api/**").authenticated()
                 .and().httpBasic()
                 .and().sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
                 .and().csrf().disable();
diff --git a/src/main/java/ru/javaops/bootjava/model/BaseEntity.java b/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
index c942ac3..44cb9af 100644
--- a/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
+++ b/src/main/java/ru/javaops/bootjava/model/BaseEntity.java
@@ -6,6 +6,7 @@
 import org.springframework.data.domain.Persistable;
 import org.springframework.data.util.ProxyUtils;
 import org.springframework.util.Assert;
+import ru.javaops.bootjava.HasId;
 
 import javax.persistence.*;
 
@@ -16,7 +17,7 @@
 @Setter
 @NoArgsConstructor(access = AccessLevel.PROTECTED)
 @AllArgsConstructor(access = AccessLevel.PROTECTED)
-public abstract class BaseEntity implements Persistable<Integer> {
+public abstract class BaseEntity implements Persistable<Integer>, HasId {
 
     @Id
     @GeneratedValue(strategy = GenerationType.IDENTITY)
diff --git a/src/main/java/ru/javaops/bootjava/model/NamedEntity.java b/src/main/java/ru/javaops/bootjava/model/NamedEntity.java
new file mode 100644
index 0000000..68a743a
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/model/NamedEntity.java
@@ -0,0 +1,36 @@
+package ru.javaops.bootjava.model;
+
+import lombok.AccessLevel;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import ru.javaops.bootjava.util.validation.NoHtml;
+
+import javax.persistence.Column;
+import javax.persistence.MappedSuperclass;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Size;
+
+
+@MappedSuperclass
+@Getter
+@Setter
+@NoArgsConstructor(access = AccessLevel.PROTECTED)
+public abstract class NamedEntity extends BaseEntity {
+
+    @NotBlank
+    @Size(min = 2, max = 128)
+    @Column(name = "name", nullable = false)
+    @NoHtml
+    protected String name;
+
+    protected NamedEntity(Integer id, String name) {
+        super(id);
+        this.name = name;
+    }
+
+    @Override
+    public String toString() {
+        return super.toString() + '[' + name + ']';
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/model/User.java b/src/main/java/ru/javaops/bootjava/model/User.java
index e0516bd..4e402cb 100644
--- a/src/main/java/ru/javaops/bootjava/model/User.java
+++ b/src/main/java/ru/javaops/bootjava/model/User.java
@@ -1,18 +1,25 @@
 package ru.javaops.bootjava.model;
 
 import com.fasterxml.jackson.annotation.JsonProperty;
-import com.fasterxml.jackson.databind.annotation.JsonDeserialize;
-import lombok.*;
-import org.springframework.util.StringUtils;
-import ru.javaops.bootjava.util.JsonDeserializers;
+import lombok.AccessLevel;
+import lombok.Getter;
+import lombok.NoArgsConstructor;
+import lombok.Setter;
+import org.hibernate.annotations.OnDelete;
+import org.hibernate.annotations.OnDeleteAction;
+import org.springframework.util.CollectionUtils;
+import ru.javaops.bootjava.HasIdAndEmail;
 import ru.javaops.bootjava.util.validation.NoHtml;
 
 import javax.persistence.*;
 import javax.validation.constraints.Email;
 import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.NotNull;
 import javax.validation.constraints.Size;
+import java.io.Serial;
 import java.io.Serializable;
 import java.util.Collection;
+import java.util.Date;
 import java.util.EnumSet;
 import java.util.Set;
 
@@ -21,12 +28,9 @@
 @Getter
 @Setter
 @NoArgsConstructor(access = AccessLevel.PROTECTED)
-@AllArgsConstructor
-public class User extends BaseEntity implements Serializable {
-    public User(Integer id, String email, String firstName, String lastName, String password, Collection<Role> roles) {
-        this(email, firstName, lastName, password, roles.isEmpty() ? EnumSet.noneOf(Role.class) : EnumSet.copyOf(roles));
-        this.id = id;
-    }
+public class User extends NamedEntity implements HasIdAndEmail, Serializable {
+    @Serial
+    private static final long serialVersionUID = 1L;
 
     @Column(name = "email", nullable = false, unique = true)
     @Email
@@ -35,32 +39,50 @@ public User(Integer id, String email, String firstName, String lastName, String
     @NoHtml   // https://stackoverflow.com/questions/17480809
     private String email;
 
-    @Column(name = "first_name")
-    @Size(max = 128)
-    @NoHtml
-    private String firstName;
-
-    @Column(name = "last_name")
-    @Size(max = 128)
-    @NoHtml
-    private String lastName;
-
-    @Column(name = "password")
+    @Column(name = "password", nullable = false)
+    @NotBlank
     @Size(max = 256)
+    // https://stackoverflow.com/a/12505165/548473
     @JsonProperty(access = JsonProperty.Access.WRITE_ONLY)
-    @JsonDeserialize(using = JsonDeserializers.PasswordDeserializer.class)
     private String password;
 
+    @Column(name = "enabled", nullable = false, columnDefinition = "bool default true")
+    private boolean enabled = true;
+
+    @Column(name = "registered", nullable = false, columnDefinition = "timestamp default now()", updatable = false)
+    @NotNull
+    @JsonProperty(access = JsonProperty.Access.READ_ONLY)
+    private Date registered = new Date();
+
     @Enumerated(EnumType.STRING)
     @CollectionTable(name = "user_role",
             joinColumns = @JoinColumn(name = "user_id"),
-            uniqueConstraints = @UniqueConstraint(columnNames = {"user_id", "role"}, name = "uk_user_role"))
+            uniqueConstraints = @UniqueConstraint(columnNames = {"user_id", "role"}, name = "uk_user_roles"))
     @Column(name = "role")
     @ElementCollection(fetch = FetchType.EAGER)
+    @JoinColumn(name = "user_id") //https://stackoverflow.com/a/62848296/548473
+    @OnDelete(action = OnDeleteAction.CASCADE)
     private Set<Role> roles;
 
-    public void setEmail(String email) {
-        this.email = StringUtils.hasText(email) ? email.toLowerCase() : null;
+    public User(User u) {
+        this(u.id, u.name, u.email, u.password, u.enabled, u.registered, u.roles);
+    }
+
+    public User(Integer id, String name, String email, String password, Role role, Role... roles) {
+        this(id, name, email, password, true, new Date(), EnumSet.of(role, roles));
+    }
+
+    public User(Integer id, String name, String email, String password, boolean enabled, Date registered, Collection<Role> roles) {
+        super(id, name);
+        this.email = email;
+        this.password = password;
+        this.enabled = enabled;
+        this.registered = registered;
+        setRoles(roles);
+    }
+
+    public void setRoles(Collection<Role> roles) {
+        this.roles = CollectionUtils.isEmpty(roles) ? EnumSet.noneOf(Role.class) : EnumSet.copyOf(roles);
     }
 
     @Override
diff --git a/src/main/java/ru/javaops/bootjava/repository/BaseRepository.java b/src/main/java/ru/javaops/bootjava/repository/BaseRepository.java
new file mode 100644
index 0000000..08ed1da
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/repository/BaseRepository.java
@@ -0,0 +1,24 @@
+package ru.javaops.bootjava.repository;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Modifying;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.NoRepositoryBean;
+import org.springframework.transaction.annotation.Transactional;
+
+import static ru.javaops.bootjava.util.validation.ValidationUtil.checkModification;
+
+// https://stackoverflow.com/questions/42781264/multiple-base-repositories-in-spring-data-jpa
+@NoRepositoryBean
+public interface BaseRepository<T> extends JpaRepository<T, Integer> {
+
+    //    https://docs.spring.io/spring-data/jpa/docs/current/reference/html/#jpa.query.spel-expressions
+    @Transactional
+    @Modifying
+    @Query("DELETE FROM #{#entityName} u WHERE u.id=:id")
+    int delete(int id);
+
+    default void deleteExisted(int id) {
+        checkModification(delete(id), id);
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
index a579ae6..727497f 100644
--- a/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
+++ b/src/main/java/ru/javaops/bootjava/repository/UserRepository.java
@@ -1,15 +1,7 @@
 package ru.javaops.bootjava.repository;
 
 import io.swagger.v3.oas.annotations.tags.Tag;
-import org.springframework.cache.annotation.CacheEvict;
-import org.springframework.cache.annotation.CachePut;
-import org.springframework.cache.annotation.Cacheable;
-import org.springframework.data.domain.Page;
-import org.springframework.data.domain.Pageable;
-import org.springframework.data.jpa.repository.JpaRepository;
-import org.springframework.data.jpa.repository.Modifying;
 import org.springframework.data.jpa.repository.Query;
-import org.springframework.data.rest.core.annotation.RestResource;
 import org.springframework.transaction.annotation.Transactional;
 import ru.javaops.bootjava.model.User;
 
@@ -17,31 +9,8 @@
 
 @Transactional(readOnly = true)
 @Tag(name = "User Controller")
-public interface UserRepository extends JpaRepository<User, Integer> {
+public interface UserRepository extends BaseRepository<User> {
 
-    @RestResource(rel = "by-email", path = "by-email")
     @Query("SELECT u FROM User u WHERE u.email = LOWER(:email)")
-    @Cacheable("users")
     Optional<User> findByEmailIgnoreCase(String email);
-
-    @RestResource(rel = "by-lastname", path = "by-lastname")
-    Page<User> findByLastNameContainingIgnoreCase(String lastName, Pageable page);
-
-    @Override
-    @Modifying
-    @Transactional
-    @CachePut(value = "users", key = "#user.email")
-    User save(User user);
-
-    @Override
-    @Modifying
-    @Transactional
-    @CacheEvict(value = "users", key = "#user.email")
-    void delete(User user);
-
-    @Override
-    @Modifying
-    @Transactional
-    @CacheEvict(value = "users", allEntries = true)
-    void deleteById(Integer integer);
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/to/BaseTo.java b/src/main/java/ru/javaops/bootjava/to/BaseTo.java
new file mode 100644
index 0000000..399a1cf
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/to/BaseTo.java
@@ -0,0 +1,21 @@
+package ru.javaops.bootjava.to;
+
+import io.swagger.v3.oas.annotations.media.Schema;
+import lombok.AccessLevel;
+import lombok.AllArgsConstructor;
+import lombok.Data;
+import lombok.NoArgsConstructor;
+import ru.javaops.bootjava.HasId;
+
+@NoArgsConstructor
+@AllArgsConstructor(access = AccessLevel.PROTECTED)
+@Data
+public abstract class BaseTo implements HasId {
+    @Schema(accessMode = Schema.AccessMode.READ_ONLY) // https://stackoverflow.com/a/28025008/548473
+    protected Integer id;
+
+    @Override
+    public String toString() {
+        return getClass().getSimpleName() + ":" + id;
+    }
+}
diff --git a/src/main/java/ru/javaops/bootjava/to/NamedTo.java b/src/main/java/ru/javaops/bootjava/to/NamedTo.java
new file mode 100644
index 0000000..0b2e4b1
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/to/NamedTo.java
@@ -0,0 +1,27 @@
+package ru.javaops.bootjava.to;
+
+import lombok.Data;
+import lombok.EqualsAndHashCode;
+import ru.javaops.bootjava.util.validation.NoHtml;
+
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Size;
+
+@Data
+@EqualsAndHashCode(callSuper = true)
+public class NamedTo extends BaseTo {
+    @NotBlank
+    @Size(min = 2, max = 128)
+    @NoHtml
+    protected String name;
+
+    public NamedTo(Integer id, String name) {
+        super(id);
+        this.name = name;
+    }
+
+    @Override
+    public String toString() {
+        return super.toString() + '[' + name + ']';
+    }
+}
diff --git a/src/main/java/ru/javaops/bootjava/to/UserTo.java b/src/main/java/ru/javaops/bootjava/to/UserTo.java
new file mode 100644
index 0000000..eb0317f
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/to/UserTo.java
@@ -0,0 +1,35 @@
+package ru.javaops.bootjava.to;
+
+import lombok.EqualsAndHashCode;
+import lombok.Value;
+import ru.javaops.bootjava.HasIdAndEmail;
+import ru.javaops.bootjava.util.validation.NoHtml;
+
+import javax.validation.constraints.Email;
+import javax.validation.constraints.NotBlank;
+import javax.validation.constraints.Size;
+
+@Value
+@EqualsAndHashCode(callSuper = true)
+public class UserTo extends NamedTo implements HasIdAndEmail {
+    @Email
+    @NotBlank
+    @Size(max = 128)
+    @NoHtml  // https://stackoverflow.com/questions/17480809
+    String email;
+
+    @NotBlank
+    @Size(min = 5, max = 32)
+    String password;
+
+    public UserTo(Integer id, String name, String email, String password) {
+        super(id, name);
+        this.email = email;
+        this.password = password;
+    }
+
+    @Override
+    public String toString() {
+        return "UserTo:" + id + '[' + email + ']';
+    }
+}
diff --git a/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java b/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java
deleted file mode 100644
index 153afb4..0000000
--- a/src/main/java/ru/javaops/bootjava/util/JsonDeserializers.java
+++ /dev/null
@@ -1,25 +0,0 @@
-package ru.javaops.bootjava.util;
-
-import com.fasterxml.jackson.core.JsonParser;
-import com.fasterxml.jackson.core.ObjectCodec;
-import com.fasterxml.jackson.databind.DeserializationContext;
-import com.fasterxml.jackson.databind.JsonDeserializer;
-import com.fasterxml.jackson.databind.JsonNode;
-import lombok.experimental.UtilityClass;
-import ru.javaops.bootjava.config.WebSecurityConfig;
-
-import java.io.IOException;
-
-@UtilityClass
-public class JsonDeserializers {
-
-    // https://stackoverflow.com/a/60995048/548473
-    public static class PasswordDeserializer extends JsonDeserializer<String> {
-        public String deserialize(JsonParser jsonParser, DeserializationContext deserializationContext) throws IOException {
-            ObjectCodec oc = jsonParser.getCodec();
-            JsonNode node = oc.readTree(jsonParser);
-            String rawPassword = node.asText();
-            return WebSecurityConfig.PASSWORD_ENCODER.encode(rawPassword);
-        }
-    }
-}
diff --git a/src/main/java/ru/javaops/bootjava/util/JsonUtil.java b/src/main/java/ru/javaops/bootjava/util/JsonUtil.java
index 336088a..9c37f33 100644
--- a/src/main/java/ru/javaops/bootjava/util/JsonUtil.java
+++ b/src/main/java/ru/javaops/bootjava/util/JsonUtil.java
@@ -1,31 +1,55 @@
 package ru.javaops.bootjava.util;
 
 import com.fasterxml.jackson.core.JsonProcessingException;
+import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.ObjectReader;
 import lombok.experimental.UtilityClass;
 
 import java.io.IOException;
 import java.util.List;
+import java.util.Map;
 
 @UtilityClass
 public class JsonUtil {
-    private static ObjectMapper objectMapper;
+    private static ObjectMapper mapper;
 
-    public static void setObjectMapper(ObjectMapper objectMapper) {
-        JsonUtil.objectMapper = objectMapper;
+    public static void setMapper(ObjectMapper mapper) {
+        JsonUtil.mapper = mapper;
     }
 
-    public static <T> List<T> readValues(String json, Class<T> clazz) throws IOException {
-        ObjectReader reader = objectMapper.readerFor(clazz);
-        return reader.<T>readValues(json).readAll();
+    public static <T> List<T> readValues(String json, Class<T> clazz) {
+        ObjectReader reader = mapper.readerFor(clazz);
+        try {
+            return reader.<T>readValues(json).readAll();
+        } catch (IOException e) {
+            throw new IllegalArgumentException("Invalid read array from JSON:\n'" + json + "'", e);
+        }
     }
 
-    public static <T> T readValue(String json, Class<T> clazz) throws JsonProcessingException {
-        return objectMapper.readValue(json, clazz);
+    public static <T> T readValue(String json, Class<T> clazz) {
+        try {
+            return mapper.readValue(json, clazz);
+        } catch (IOException e) {
+            throw new IllegalArgumentException("Invalid read from JSON:\n'" + json + "'", e);
+        }
     }
 
-    public static <T> String writeValue(T obj) throws JsonProcessingException {
-        return objectMapper.writeValueAsString(obj);
+    public static <T> String writeValue(T obj) {
+        try {
+            return mapper.writeValueAsString(obj);
+        } catch (JsonProcessingException e) {
+            throw new IllegalStateException("Invalid write to JSON:\n'" + obj + "'", e);
+        }
+    }
+
+    public static <T> String writeAdditionProps(T obj, String addName, Object addValue) {
+        return writeAdditionProps(obj, Map.of(addName, addValue));
+    }
+
+    public static <T> String writeAdditionProps(T obj, Map<String, Object> addProps) {
+        Map<String, Object> map = mapper.convertValue(obj, new TypeReference<>() {});
+        map.putAll(addProps);
+        return writeValue(map);
     }
 }
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/util/UserUtil.java b/src/main/java/ru/javaops/bootjava/util/UserUtil.java
new file mode 100644
index 0000000..4cf471b
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/util/UserUtil.java
@@ -0,0 +1,31 @@
+package ru.javaops.bootjava.util;
+
+import lombok.experimental.UtilityClass;
+import org.springframework.security.crypto.factory.PasswordEncoderFactories;
+import org.springframework.security.crypto.password.PasswordEncoder;
+import ru.javaops.bootjava.model.Role;
+import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.to.UserTo;
+
+@UtilityClass
+public class UserUtil {
+
+    public static final PasswordEncoder PASSWORD_ENCODER = PasswordEncoderFactories.createDelegatingPasswordEncoder();
+
+    public static User createNewFromTo(UserTo userTo) {
+        return new User(null, userTo.getName(), userTo.getEmail().toLowerCase(), userTo.getPassword(), Role.USER);
+    }
+
+    public static User updateFromTo(User user, UserTo userTo) {
+        user.setName(userTo.getName());
+        user.setEmail(userTo.getEmail().toLowerCase());
+        user.setPassword(userTo.getPassword());
+        return user;
+    }
+
+    public static User prepareToSave(User user) {
+        user.setPassword(PASSWORD_ENCODER.encode(user.getPassword()));
+        user.setEmail(user.getEmail().toLowerCase());
+        return user;
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/util/validation/ValidationUtil.java b/src/main/java/ru/javaops/bootjava/util/validation/ValidationUtil.java
index 991c447..509b8a0 100644
--- a/src/main/java/ru/javaops/bootjava/util/validation/ValidationUtil.java
+++ b/src/main/java/ru/javaops/bootjava/util/validation/ValidationUtil.java
@@ -3,24 +3,30 @@
 import lombok.experimental.UtilityClass;
 import org.springframework.core.NestedExceptionUtils;
 import org.springframework.lang.NonNull;
+import ru.javaops.bootjava.HasId;
 import ru.javaops.bootjava.error.IllegalRequestDataException;
-import ru.javaops.bootjava.model.BaseEntity;
 
 @UtilityClass
 public class ValidationUtil {
 
-    public static void checkNew(BaseEntity entity) {
-        if (!entity.isNew()) {
-            throw new IllegalRequestDataException(entity.getClass().getSimpleName() + " must be new (id=null)");
+    public static void checkNew(HasId bean) {
+        if (!bean.isNew()) {
+            throw new IllegalRequestDataException(bean.getClass().getSimpleName() + " must be new (id=null)");
         }
     }
 
     //  Conservative when you reply, but accept liberally (http://stackoverflow.com/a/32728226/548473)
-    public static void assureIdConsistent(BaseEntity entity, int id) {
-        if (entity.isNew()) {
-            entity.setId(id);
-        } else if (entity.id() != id) {
-            throw new IllegalRequestDataException(entity.getClass().getSimpleName() + " must has id=" + id);
+    public static void assureIdConsistent(HasId bean, int id) {
+        if (bean.isNew()) {
+            bean.setId(id);
+        } else if (bean.id() != id) {
+            throw new IllegalRequestDataException(bean.getClass().getSimpleName() + " must has id=" + id);
+        }
+    }
+
+    public static void checkModification(int count, int id) {
+        if (count == 0) {
+            throw new IllegalRequestDataException("Entity with id=" + id + " not found");
         }
     }
 
diff --git a/src/main/java/ru/javaops/bootjava/web/AccountController.java b/src/main/java/ru/javaops/bootjava/web/AccountController.java
deleted file mode 100644
index bba5c9c..0000000
--- a/src/main/java/ru/javaops/bootjava/web/AccountController.java
+++ /dev/null
@@ -1,112 +0,0 @@
-package ru.javaops.bootjava.web;
-
-import io.swagger.v3.oas.annotations.tags.Tag;
-import lombok.AllArgsConstructor;
-import lombok.extern.slf4j.Slf4j;
-import org.springframework.cache.annotation.CacheEvict;
-import org.springframework.cache.annotation.CachePut;
-import org.springframework.data.rest.webmvc.RepositoryLinksResource;
-import org.springframework.hateoas.EntityModel;
-import org.springframework.hateoas.MediaTypes;
-import org.springframework.hateoas.server.RepresentationModelProcessor;
-import org.springframework.hateoas.server.mvc.RepresentationModelAssemblerSupport;
-import org.springframework.http.HttpStatus;
-import org.springframework.http.MediaType;
-import org.springframework.http.ResponseEntity;
-import org.springframework.security.core.annotation.AuthenticationPrincipal;
-import org.springframework.web.bind.annotation.*;
-import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
-import ru.javaops.bootjava.model.Role;
-import ru.javaops.bootjava.model.User;
-import ru.javaops.bootjava.repository.UserRepository;
-import ru.javaops.bootjava.util.validation.ValidationUtil;
-
-import javax.validation.Valid;
-import java.net.URI;
-import java.util.EnumSet;
-
-import static org.springframework.hateoas.server.mvc.WebMvcLinkBuilder.linkTo;
-
-/**
- * Do not use {@link org.springframework.data.rest.webmvc.RepositoryRestController (BasePathAwareController}
- * Bugs:
- * NPE with http://localhost:8080/api/account<br>
- * <a href="https://github.com/spring-projects/spring-hateoas/issues/434">data.rest.base-path missed in HAL links</a><br>
- * <a href="https://jira.spring.io/browse/DATAREST-748">Two endpoints created</a>
- * <p>
- * RequestMapping("/${spring.data.rest.basePath}/account") give "Not enough variable values"
- */
-@RestController
-@RequestMapping(AccountController.URL)
-@AllArgsConstructor
-@Slf4j
-@Tag(name = "Account Controller")
-public class AccountController implements RepresentationModelProcessor<RepositoryLinksResource> {
-    static final String URL = "/api/account";
-
-    @SuppressWarnings("unchecked")
-    private static final RepresentationModelAssemblerSupport<User, EntityModel<User>> ASSEMBLER =
-            new RepresentationModelAssemblerSupport<>(AccountController.class, (Class<EntityModel<User>>) (Class<?>) EntityModel.class) {
-                @Override
-                public EntityModel<User> toModel(User user) {
-                    return EntityModel.of(user, linkTo(AccountController.class).withSelfRel());
-                }
-            };
-
-    private final UserRepository userRepository;
-
-    @GetMapping(produces = MediaTypes.HAL_JSON_VALUE)
-    public EntityModel<User> get(@AuthenticationPrincipal AuthUser authUser) {
-        log.info("get {}", authUser);
-        return ASSEMBLER.toModel(authUser.getUser());
-    }
-
-    @DeleteMapping
-    @ResponseStatus(HttpStatus.NO_CONTENT)
-    @CacheEvict(value = "users", key = "#authUser.username")
-    public void delete(@AuthenticationPrincipal AuthUser authUser) {
-        log.info("delete {}", authUser);
-        userRepository.deleteById(authUser.id());
-    }
-
-    @PostMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
-    @ResponseStatus(value = HttpStatus.CREATED)
-    public ResponseEntity<EntityModel<User>> register(@Valid @RequestBody User user) {
-        log.info("register {}", user);
-        ValidationUtil.checkNew(user);
-        user.setRoles(EnumSet.of(Role.USER));
-        user = userRepository.save(user);
-        URI uriOfNewResource = ServletUriComponentsBuilder.fromCurrentContextPath()
-                .path("/api/account")
-                .build().toUri();
-        return ResponseEntity.created(uriOfNewResource).body(ASSEMBLER.toModel(user));
-    }
-
-    @PutMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
-    @ResponseStatus(HttpStatus.NO_CONTENT)
-    @CachePut(value = "users", key = "#authUser.username")
-    public User update(@Valid @RequestBody User user, @AuthenticationPrincipal AuthUser authUser) {
-        log.info("update {} to {}", authUser, user);
-        User oldUser = authUser.getUser();
-        ValidationUtil.assureIdConsistent(user, oldUser.id());
-        user.setRoles(oldUser.getRoles());
-        if (user.getPassword() == null) {
-            user.setPassword(oldUser.getPassword());
-        }
-        return userRepository.save(user);
-    }
-
-/*
-    @GetMapping(value = "/pageDemo", produces = MediaTypes.HAL_JSON_VALUE)
-    public PagedModel<EntityModel<User>> pageDemo(Pageable page, PagedResourcesAssembler<User> pagedAssembler) {
-        Page<User> users = userRepository.findAll(page);
-        return pagedAssembler.toModel(users, ASSEMBLER);
-    }
-*/
-
-    @Override
-    public RepositoryLinksResource process(RepositoryLinksResource resource) {
-        resource.add(linkTo(AccountController.class).withRel("account"));
-        return resource;
-    }
-}
diff --git a/src/main/java/ru/javaops/bootjava/web/SecurityUtil.java b/src/main/java/ru/javaops/bootjava/web/SecurityUtil.java
new file mode 100644
index 0000000..36fcf86
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/web/SecurityUtil.java
@@ -0,0 +1,33 @@
+package ru.javaops.bootjava.web;
+
+import lombok.experimental.UtilityClass;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import ru.javaops.bootjava.model.User;
+
+import static java.util.Objects.requireNonNull;
+
+@UtilityClass
+public class SecurityUtil {
+
+    public static AuthUser safeGet() {
+        Authentication auth = SecurityContextHolder.getContext().getAuthentication();
+        if (auth == null) {
+            return null;
+        }
+        Object principal = auth.getPrincipal();
+        return (principal instanceof AuthUser) ? (AuthUser) principal : null;
+    }
+
+    public static AuthUser get() {
+        return requireNonNull(safeGet(), "No authorized user found");
+    }
+
+    public static User authUser() {
+        return get().getUser();
+    }
+
+    public static int authId() {
+        return get().getUser().id();
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/web/user/AbstractUserController.java b/src/main/java/ru/javaops/bootjava/web/user/AbstractUserController.java
new file mode 100644
index 0000000..a41e626
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/web/user/AbstractUserController.java
@@ -0,0 +1,39 @@
+package ru.javaops.bootjava.web.user;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.WebDataBinder;
+import org.springframework.web.bind.annotation.InitBinder;
+import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.repository.UserRepository;
+import ru.javaops.bootjava.util.UserUtil;
+
+@Slf4j
+public abstract class AbstractUserController {
+
+    @Autowired
+    protected UserRepository repository;
+
+    @Autowired
+    private UniqueMailValidator emailValidator;
+
+    @InitBinder
+    protected void initBinder(WebDataBinder binder) {
+        binder.addValidators(emailValidator);
+    }
+
+    public ResponseEntity<User> get(int id) {
+        log.info("get {}", id);
+        return ResponseEntity.of(repository.findById(id));
+    }
+
+    public void delete(int id) {
+        log.info("delete {}", id);
+        repository.deleteExisted(id);
+    }
+
+    protected User prepareAndSave(User user) {
+        return repository.save(UserUtil.prepareToSave(user));
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/web/user/AdminUserController.java b/src/main/java/ru/javaops/bootjava/web/user/AdminUserController.java
new file mode 100644
index 0000000..55bbf88
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/web/user/AdminUserController.java
@@ -0,0 +1,79 @@
+package ru.javaops.bootjava.web.user;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.data.domain.Sort;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
+import ru.javaops.bootjava.model.User;
+
+import javax.validation.Valid;
+import java.net.URI;
+import java.util.List;
+
+import static ru.javaops.bootjava.util.validation.ValidationUtil.assureIdConsistent;
+import static ru.javaops.bootjava.util.validation.ValidationUtil.checkNew;
+
+@RestController
+@RequestMapping(value = AdminUserController.REST_URL, produces = MediaType.APPLICATION_JSON_VALUE)
+@Slf4j
+public class AdminUserController extends AbstractUserController {
+
+    static final String REST_URL = "/api/admin/users";
+
+    @Override
+    @GetMapping("/{id}")
+    public ResponseEntity<User> get(@PathVariable int id) {
+        return super.get(id);
+    }
+
+    @Override
+    @DeleteMapping("/{id}")
+    @ResponseStatus(HttpStatus.NO_CONTENT)
+    public void delete(@PathVariable int id) {
+        super.delete(id);
+    }
+
+    @GetMapping
+    public List<User> getAll() {
+        log.info("getAll");
+        return repository.findAll(Sort.by(Sort.Direction.ASC, "name", "email"));
+    }
+
+    @PostMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
+    public ResponseEntity<User> createWithLocation(@Valid @RequestBody User user) {
+        log.info("create {}", user);
+        checkNew(user);
+        User created = prepareAndSave(user);
+        URI uriOfNewResource = ServletUriComponentsBuilder.fromCurrentContextPath()
+                .path(REST_URL + "/{id}")
+                .buildAndExpand(created.getId()).toUri();
+        return ResponseEntity.created(uriOfNewResource).body(created);
+    }
+
+    @PutMapping(value = "/{id}", consumes = MediaType.APPLICATION_JSON_VALUE)
+    @ResponseStatus(HttpStatus.NO_CONTENT)
+    public void update(@Valid @RequestBody User user, @PathVariable int id) {
+        log.info("update {} with id={}", user, id);
+        assureIdConsistent(user, id);
+        prepareAndSave(user);
+    }
+
+    @GetMapping("/by-email")
+    public ResponseEntity<User> getByEmail(@RequestParam String email) {
+        log.info("getByEmail {}", email);
+        return ResponseEntity.of(repository.findByEmailIgnoreCase(email));
+    }
+
+    @PatchMapping("/{id}")
+    @ResponseStatus(HttpStatus.NO_CONTENT)
+    @Transactional
+    public void enable(@PathVariable int id, @RequestParam boolean enabled) {
+        log.info(enabled ? "enable {}" : "disable {}", id);
+        User user = repository.getById(id);
+        user.setEnabled(enabled);
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/web/user/ProfileController.java b/src/main/java/ru/javaops/bootjava/web/user/ProfileController.java
new file mode 100644
index 0000000..278324a
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/web/user/ProfileController.java
@@ -0,0 +1,58 @@
+package ru.javaops.bootjava.web.user;
+
+import lombok.extern.slf4j.Slf4j;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.annotation.AuthenticationPrincipal;
+import org.springframework.transaction.annotation.Transactional;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
+import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.to.UserTo;
+import ru.javaops.bootjava.util.UserUtil;
+import ru.javaops.bootjava.web.AuthUser;
+
+import javax.validation.Valid;
+import java.net.URI;
+
+import static ru.javaops.bootjava.util.validation.ValidationUtil.assureIdConsistent;
+import static ru.javaops.bootjava.util.validation.ValidationUtil.checkNew;
+
+@RestController
+@RequestMapping(value = ProfileController.REST_URL, produces = MediaType.APPLICATION_JSON_VALUE)
+@Slf4j
+public class ProfileController extends AbstractUserController {
+    static final String REST_URL = "/api/profile";
+
+    @GetMapping
+    public User get(@AuthenticationPrincipal AuthUser authUser) {
+        return authUser.getUser();
+    }
+
+    @DeleteMapping
+    @ResponseStatus(HttpStatus.NO_CONTENT)
+    public void delete(@AuthenticationPrincipal AuthUser authUser) {
+        super.delete(authUser.id());
+    }
+
+    @PostMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
+    @ResponseStatus(HttpStatus.CREATED)
+    public ResponseEntity<User> register(@Valid @RequestBody UserTo userTo) {
+        log.info("register {}", userTo);
+        checkNew(userTo);
+        User created = prepareAndSave(UserUtil.createNewFromTo(userTo));
+        URI uriOfNewResource = ServletUriComponentsBuilder.fromCurrentContextPath()
+                .path(REST_URL).build().toUri();
+        return ResponseEntity.created(uriOfNewResource).body(created);
+    }
+
+    @PutMapping(consumes = MediaType.APPLICATION_JSON_VALUE)
+    @ResponseStatus(HttpStatus.NO_CONTENT)
+    @Transactional
+    public void update(@RequestBody @Valid UserTo userTo, @AuthenticationPrincipal AuthUser authUser) {
+        assureIdConsistent(userTo, authUser.id());
+        User user = authUser.getUser();
+        prepareAndSave(UserUtil.updateFromTo(user, userTo));
+    }
+}
\ No newline at end of file
diff --git a/src/main/java/ru/javaops/bootjava/web/user/UniqueMailValidator.java b/src/main/java/ru/javaops/bootjava/web/user/UniqueMailValidator.java
new file mode 100644
index 0000000..2d8011e
--- /dev/null
+++ b/src/main/java/ru/javaops/bootjava/web/user/UniqueMailValidator.java
@@ -0,0 +1,49 @@
+package ru.javaops.bootjava.web.user;
+
+import lombok.AllArgsConstructor;
+import org.springframework.lang.NonNull;
+import org.springframework.stereotype.Component;
+import org.springframework.util.StringUtils;
+import org.springframework.validation.Errors;
+import ru.javaops.bootjava.HasIdAndEmail;
+import ru.javaops.bootjava.repository.UserRepository;
+import ru.javaops.bootjava.web.SecurityUtil;
+
+import javax.servlet.http.HttpServletRequest;
+
+@Component
+@AllArgsConstructor
+public class UniqueMailValidator implements org.springframework.validation.Validator {
+    public static final String EXCEPTION_DUPLICATE_EMAIL = "User with this email already exists";
+
+    private final UserRepository repository;
+    private final HttpServletRequest request;
+
+    @Override
+    public boolean supports(@NonNull Class<?> clazz) {
+        return HasIdAndEmail.class.isAssignableFrom(clazz);
+    }
+
+    @Override
+    public void validate(@NonNull Object target, @NonNull Errors errors) {
+        HasIdAndEmail user = ((HasIdAndEmail) target);
+        if (StringUtils.hasText(user.getEmail())) {
+            repository.findByEmailIgnoreCase(user.getEmail())
+                    .ifPresent(dbUser -> {
+                        if (request.getMethod().equals("PUT")) {  // UPDATE
+                            int dbId = dbUser.id();
+
+                            // it is ok, if update ourself
+                            if (user.getId() != null && dbId == user.id()) return;
+
+                            // Workaround for update with user.id=null in request body
+                            // ValidationUtil.assureIdConsistent called after this validation
+                            String requestURI = request.getRequestURI();
+                            if (requestURI.endsWith("/" + dbId) || (dbId == SecurityUtil.authId() && requestURI.contains("/profile")))
+                                return;
+                        }
+                        errors.rejectValue("email", "", EXCEPTION_DUPLICATE_EMAIL);
+                    });
+        }
+    }
+}
diff --git a/src/main/resources/application.yaml b/src/main/resources/application.yaml
index 8467837..9f55124 100644
--- a/src/main/resources/application.yaml
+++ b/src/main/resources/application.yaml
@@ -28,26 +28,19 @@ spring:
     #    tcp: jdbc:h2:tcp://localhost:9092/~/bootjava
     username: sa
     password:
-  h2.console.enabled: true
 
-  data.rest:
-    #  https://docs.spring.io/spring-data/rest/docs/current/reference/html/#getting-started.basic-settings
-    basePath: /api
-    defaultPageSize: 20
-    returnBodyOnCreate: true
+# Jackson Serialization Issue Resolver
+  jackson.visibility:
+    field: any
+    getter: none
+    setter: none
+    is-getter: none
 
   # https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-application-properties.html#common-application-properties-cache
   cache:
     cache-names: users
     caffeine.spec: maximumSize=5000,expireAfterAccess=60s
 
-#  https://docs.spring.io/spring-boot/docs/current/reference/html/appendix-application-properties.html#security-properties
-#  security:
-#    user:
-#      name: user
-#      password: password
-#      roles: USER
-
 logging:
   level:
     root: WARN
@@ -58,11 +51,4 @@ server.servlet:
   encoding:
     charset: UTF-8 # Charset of HTTP requests and responses. Added to the "Content-Type" header if not set explicitly
     enabled: true # Enable http encoding support
-    force: true
-
-# Jackson Serialization Issue Resolver
-#  jackson:
-#    visibility.field: any
-#    visibility.getter: none
-#    visibility.setter: none
-#    visibility.is-getter: none
\ No newline at end of file
+    force: true
\ No newline at end of file
diff --git a/src/main/resources/data.sql b/src/main/resources/data.sql
index 778d2f3..a37617f 100644
--- a/src/main/resources/data.sql
+++ b/src/main/resources/data.sql
@@ -1,6 +1,6 @@
-INSERT INTO USERS (EMAIL, FIRST_NAME, LAST_NAME, PASSWORD)
-VALUES ('user@gmail.com', 'User_First', 'User_Last', '{noop}password'),
-       ('admin@javaops.ru', 'Admin_First', 'Admin_Last', '{noop}admin');
+INSERT INTO USERS (NAME, EMAIL, PASSWORD)
+VALUES ('User', 'user@gmail.com', '{noop}password'),
+       ('Admin', 'admin@javaops.ru', '{noop}admin');
 
 INSERT INTO USER_ROLE (ROLE, USER_ID)
 VALUES ('USER', 1),
diff --git a/src/test/java/ru/javaops/bootjava/UserTestUtil.java b/src/test/java/ru/javaops/bootjava/UserTestUtil.java
deleted file mode 100644
index c0c5c78..0000000
--- a/src/test/java/ru/javaops/bootjava/UserTestUtil.java
+++ /dev/null
@@ -1,49 +0,0 @@
-package ru.javaops.bootjava;
-
-import com.fasterxml.jackson.core.JsonProcessingException;
-import org.springframework.test.web.servlet.MvcResult;
-import org.springframework.test.web.servlet.ResultMatcher;
-import ru.javaops.bootjava.model.Role;
-import ru.javaops.bootjava.model.User;
-import ru.javaops.bootjava.util.JsonUtil;
-
-import java.io.UnsupportedEncodingException;
-import java.util.List;
-import java.util.function.BiConsumer;
-
-import static org.assertj.core.api.Assertions.assertThat;
-
-public class UserTestUtil {
-    public static final int USER_ID = 1;
-    public static final int ADMIN_ID = 2;
-    public static final String USER_MAIL = "user@gmail.com";
-    public static final String ADMIN_MAIL = "admin@javaops.ru";
-    public static final User user = new User(USER_ID, USER_MAIL, "User_First", "User_Last", "password", List.of(Role.USER));
-    public static final User admin = new User(ADMIN_ID, ADMIN_MAIL, "Admin_First", "Admin_Last", "admin", List.of(Role.ADMIN, Role.USER));
-
-    public static User getNew() {
-        return new User(null, "new@gmail.com", "New_First", "New_Last", "newpass", List.of(Role.USER));
-    }
-
-    public static User getUpdated() {
-        return new User(USER_ID, "user_update@gmail.com", "User_First_Update", "User_Last_Update", "password_update", List.of(Role.USER));
-    }
-
-    public static void assertEquals(User actual, User expected) {
-        assertThat(actual).usingRecursiveComparison().ignoringFields("password").isEqualTo(expected);
-    }
-
-    // No id in HATEOAS answer
-    public static void assertNoIdEquals(User actual, User expected) {
-        assertThat(actual).usingRecursiveComparison().ignoringFields("id", "password").isEqualTo(expected);
-    }
-
-    public static User asUser(MvcResult mvcResult) throws UnsupportedEncodingException, JsonProcessingException {
-        String jsonActual = mvcResult.getResponse().getContentAsString();
-        return JsonUtil.readValue(jsonActual, User.class);
-    }
-
-    public static ResultMatcher jsonMatcher(User expected, BiConsumer<User, User> equalsAssertion) {
-        return mvcResult -> equalsAssertion.accept(asUser(mvcResult), expected);
-    }
-}
diff --git a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java b/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
deleted file mode 100644
index c552616..0000000
--- a/src/test/java/ru/javaops/bootjava/web/AccountControllerTest.java
+++ /dev/null
@@ -1,84 +0,0 @@
-package ru.javaops.bootjava.web;
-
-import org.junit.jupiter.api.Assertions;
-import org.junit.jupiter.api.Test;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.hateoas.MediaTypes;
-import org.springframework.http.MediaType;
-import org.springframework.security.test.context.support.WithUserDetails;
-import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
-import ru.javaops.bootjava.UserTestUtil;
-import ru.javaops.bootjava.model.User;
-import ru.javaops.bootjava.repository.UserRepository;
-
-import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
-import static ru.javaops.bootjava.UserTestUtil.*;
-import static ru.javaops.bootjava.util.JsonUtil.writeValue;
-import static ru.javaops.bootjava.web.AccountController.URL;
-
-class AccountControllerTest extends AbstractControllerTest {
-
-    @Autowired
-    private UserRepository userRepository;
-
-    @Test
-    @WithUserDetails(value = USER_MAIL)
-    void get() throws Exception {
-        perform(MockMvcRequestBuilders.get(URL))
-                .andExpect(status().isOk())
-                .andDo(print())
-                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE))
-                .andExpect(jsonMatcher(user, UserTestUtil::assertNoIdEquals));
-    }
-
-    @Test
-    void getUnAuth() throws Exception {
-        perform(MockMvcRequestBuilders.get(URL))
-                .andExpect(status().isUnauthorized());
-    }
-
-    @Test
-    @WithUserDetails(value = USER_MAIL)
-    void delete() throws Exception {
-        perform(MockMvcRequestBuilders.delete(URL))
-                .andExpect(status().isNoContent());
-        Assertions.assertFalse(userRepository.findById(USER_ID).isPresent());
-        Assertions.assertTrue(userRepository.findById(ADMIN_ID).isPresent());
-    }
-
-    @Test
-    void register() throws Exception {
-        User newUser = UserTestUtil.getNew();
-        User registered = asUser(perform(MockMvcRequestBuilders.post(URL)
-                .contentType(MediaType.APPLICATION_JSON)
-                .content(writeValue(newUser)))
-                .andExpect(status().isCreated()).andReturn());
-        UserTestUtil.assertNoIdEquals(registered, newUser);
-    }
-
-    @Test
-    @WithUserDetails(value = USER_MAIL)
-    void update() throws Exception {
-        User updated = UserTestUtil.getUpdated();
-        perform(MockMvcRequestBuilders.put(URL)
-                .contentType(MediaType.APPLICATION_JSON)
-                .content(writeValue(updated)))
-                .andDo(print())
-                .andExpect(status().isNoContent());
-        UserTestUtil.assertEquals(updated, userRepository.findById(USER_ID).orElseThrow());
-    }
-
-    @Test
-    @WithUserDetails(value = USER_MAIL)
-    void updateHtmlUnsafe() throws Exception {
-        User updated = UserTestUtil.getUpdated();
-        updated.setFirstName("<script>alert(123)</script>");
-        perform(MockMvcRequestBuilders.put(URL)
-                .contentType(MediaType.APPLICATION_JSON)
-                .content(writeValue(updated)))
-                .andDo(print())
-                .andExpect(status().isUnprocessableEntity());
-    }
-}
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/web/MatcherFactory.java b/src/test/java/ru/javaops/bootjava/web/MatcherFactory.java
new file mode 100644
index 0000000..c510818
--- /dev/null
+++ b/src/test/java/ru/javaops/bootjava/web/MatcherFactory.java
@@ -0,0 +1,83 @@
+package ru.javaops.bootjava.web;
+
+import org.springframework.test.web.servlet.MvcResult;
+import org.springframework.test.web.servlet.ResultActions;
+import org.springframework.test.web.servlet.ResultMatcher;
+import ru.javaops.bootjava.util.JsonUtil;
+
+import java.io.UnsupportedEncodingException;
+import java.util.List;
+import java.util.function.BiConsumer;
+
+import static org.assertj.core.api.Assertions.assertThat;
+
+/**
+ * Factory for creating test matchers.
+ * <p>
+ * Comparing actual and expected objects via AssertJ
+ * Support converting json MvcResult to objects for comparation.
+ */
+public class MatcherFactory {
+
+    public static <T> Matcher<T> usingAssertions(Class<T> clazz, BiConsumer<T, T> assertion, BiConsumer<Iterable<T>, Iterable<T>> iterableAssertion) {
+        return new Matcher<>(clazz, assertion, iterableAssertion);
+    }
+
+    public static <T> Matcher<T> usingEqualsComparator(Class<T> clazz) {
+        return usingAssertions(clazz,
+                (a, e) -> assertThat(a).isEqualTo(e),
+                (a, e) -> assertThat(a).isEqualTo(e));
+    }
+
+    public static <T> Matcher<T> usingIgnoringFieldsComparator(Class<T> clazz, String... fieldsToIgnore) {
+        return usingAssertions(clazz,
+                (a, e) -> assertThat(a).usingRecursiveComparison().ignoringFields(fieldsToIgnore).isEqualTo(e),
+                (a, e) -> assertThat(a).usingRecursiveFieldByFieldElementComparatorIgnoringFields(fieldsToIgnore).isEqualTo(e));
+    }
+
+    public static class Matcher<T> {
+        private final Class<T> clazz;
+        private final BiConsumer<T, T> assertion;
+        private final BiConsumer<Iterable<T>, Iterable<T>> iterableAssertion;
+
+        private Matcher(Class<T> clazz, BiConsumer<T, T> assertion, BiConsumer<Iterable<T>, Iterable<T>> iterableAssertion) {
+            this.clazz = clazz;
+            this.assertion = assertion;
+            this.iterableAssertion = iterableAssertion;
+        }
+
+        public void assertMatch(T actual, T expected) {
+            assertion.accept(actual, expected);
+        }
+
+        @SafeVarargs
+        public final void assertMatch(Iterable<T> actual, T... expected) {
+            assertMatch(actual, List.of(expected));
+        }
+
+        public void assertMatch(Iterable<T> actual, Iterable<T> expected) {
+            iterableAssertion.accept(actual, expected);
+        }
+
+        public ResultMatcher contentJson(T expected) {
+            return result -> assertMatch(JsonUtil.readValue(getContent(result), clazz), expected);
+        }
+
+        @SafeVarargs
+        public final ResultMatcher contentJson(T... expected) {
+            return contentJson(List.of(expected));
+        }
+
+        public ResultMatcher contentJson(Iterable<T> expected) {
+            return result -> assertMatch(JsonUtil.readValues(getContent(result), clazz), expected);
+        }
+
+        public T readFromJson(ResultActions action) throws UnsupportedEncodingException {
+            return JsonUtil.readValue(getContent(action.andReturn()), clazz);
+        }
+
+        private static String getContent(MvcResult result) throws UnsupportedEncodingException {
+            return result.getResponse().getContentAsString();
+        }
+    }
+}
diff --git a/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java b/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
deleted file mode 100644
index 9295ca0..0000000
--- a/src/test/java/ru/javaops/bootjava/web/UserControllerTest.java
+++ /dev/null
@@ -1,93 +0,0 @@
-package ru.javaops.bootjava.web;
-
-import org.junit.jupiter.api.Assertions;
-import org.junit.jupiter.api.Test;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.hateoas.MediaTypes;
-import org.springframework.http.MediaType;
-import org.springframework.security.test.context.support.WithUserDetails;
-import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
-import ru.javaops.bootjava.UserTestUtil;
-import ru.javaops.bootjava.model.User;
-import ru.javaops.bootjava.repository.UserRepository;
-
-import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
-import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
-import static ru.javaops.bootjava.UserTestUtil.*;
-import static ru.javaops.bootjava.util.JsonUtil.writeValue;
-
-class UserControllerTest extends AbstractControllerTest {
-    static final String URL = "/api/users/";
-
-    @Autowired
-    private UserRepository userRepository;
-
-    @Test
-    @WithUserDetails(value = ADMIN_MAIL)
-    void get() throws Exception {
-        perform(MockMvcRequestBuilders.get(URL + USER_ID))
-                .andExpect(status().isOk())
-                .andDo(print())
-                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE))
-                .andExpect(jsonMatcher(user, UserTestUtil::assertNoIdEquals));
-    }
-
-    @Test
-    @WithUserDetails(value = ADMIN_MAIL)
-    void getAll() throws Exception {
-        // TODO check content yourself
-        perform(MockMvcRequestBuilders.get(URL))
-                .andExpect(status().isOk())
-                .andDo(print())
-                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE));
-    }
-
-    @Test
-    @WithUserDetails(value = ADMIN_MAIL)
-    void getByEmail() throws Exception {
-        perform(MockMvcRequestBuilders.get(URL + "search/by-email?email=" + ADMIN_MAIL))
-                .andExpect(status().isOk())
-                .andDo(print())
-                .andExpect(content().contentTypeCompatibleWith(MediaTypes.HAL_JSON_VALUE))
-                .andExpect(jsonMatcher(admin, UserTestUtil::assertNoIdEquals));
-    }
-
-    @Test
-    @WithUserDetails(value = USER_MAIL)
-    void getForbidden() throws Exception {
-        perform(MockMvcRequestBuilders.get(URL))
-                .andExpect(status().isForbidden());
-    }
-
-    @Test
-    @WithUserDetails(value = ADMIN_MAIL)
-    void delete() throws Exception {
-        perform(MockMvcRequestBuilders.delete(URL + USER_ID))
-                .andExpect(status().isNoContent());
-        Assertions.assertFalse(userRepository.findById(USER_ID).isPresent());
-        Assertions.assertTrue(userRepository.findById(ADMIN_ID).isPresent());
-    }
-
-    @Test
-    @WithUserDetails(value = ADMIN_MAIL)
-    void create() throws Exception {
-        User newUser = UserTestUtil.getNew();
-        perform(MockMvcRequestBuilders.post(URL)
-                .contentType(MediaType.APPLICATION_JSON)
-                .content(writeValue(newUser)))
-                .andExpect(status().isCreated())
-                .andExpect(jsonMatcher(newUser, UserTestUtil::assertNoIdEquals));
-    }
-
-    @Test
-    @WithUserDetails(value = ADMIN_MAIL)
-    void update() throws Exception {
-        User updated = UserTestUtil.getUpdated();
-        perform(MockMvcRequestBuilders.put(URL + USER_ID)
-                .contentType(MediaType.APPLICATION_JSON)
-                .content(writeValue(updated)))
-                .andExpect(status().isNoContent());
-        UserTestUtil.assertEquals(updated, userRepository.findById(USER_ID).orElseThrow());
-    }
-}
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/web/user/AdminUserControllerTest.java b/src/test/java/ru/javaops/bootjava/web/user/AdminUserControllerTest.java
new file mode 100644
index 0000000..541fafc
--- /dev/null
+++ b/src/test/java/ru/javaops/bootjava/web/user/AdminUserControllerTest.java
@@ -0,0 +1,211 @@
+package ru.javaops.bootjava.web.user;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.MediaType;
+import org.springframework.security.test.context.support.WithUserDetails;
+import org.springframework.test.web.servlet.ResultActions;
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import org.springframework.transaction.annotation.Propagation;
+import org.springframework.transaction.annotation.Transactional;
+import ru.javaops.bootjava.model.Role;
+import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.repository.UserRepository;
+import ru.javaops.bootjava.web.AbstractControllerTest;
+
+import static org.hamcrest.Matchers.containsString;
+import static org.junit.jupiter.api.Assertions.assertFalse;
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+import static ru.javaops.bootjava.web.user.UniqueMailValidator.EXCEPTION_DUPLICATE_EMAIL;
+import static ru.javaops.bootjava.web.user.UserTestData.*;
+
+class AdminUserControllerTest extends AbstractControllerTest {
+
+    private static final String REST_URL = AdminUserController.REST_URL + '/';
+
+    @Autowired
+    private UserRepository userRepository;
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void get() throws Exception {
+        perform(MockMvcRequestBuilders.get(REST_URL + ADMIN_ID))
+                .andExpect(status().isOk())
+                .andDo(print())
+                // https://jira.spring.io/browse/SPR-14472
+                .andExpect(content().contentTypeCompatibleWith(MediaType.APPLICATION_JSON))
+                .andExpect(USER_MATCHER.contentJson(admin));
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void getNotFound() throws Exception {
+        perform(MockMvcRequestBuilders.get(REST_URL + NOT_FOUND))
+                .andDo(print())
+                .andExpect(status().isNotFound());
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void getByEmail() throws Exception {
+        perform(MockMvcRequestBuilders.get(REST_URL + "by-email?email=" + admin.getEmail()))
+                .andExpect(status().isOk())
+                .andExpect(content().contentTypeCompatibleWith(MediaType.APPLICATION_JSON))
+                .andExpect(USER_MATCHER.contentJson(admin));
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void delete() throws Exception {
+        perform(MockMvcRequestBuilders.delete(REST_URL + USER_ID))
+                .andDo(print())
+                .andExpect(status().isNoContent());
+        assertFalse(userRepository.findById(USER_ID).isPresent());
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void deleteNotFound() throws Exception {
+        perform(MockMvcRequestBuilders.delete(REST_URL + NOT_FOUND))
+                .andDo(print())
+                .andExpect(status().isUnprocessableEntity());
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void enableNotFound() throws Exception {
+        perform(MockMvcRequestBuilders.patch(REST_URL + NOT_FOUND)
+                .param("enabled", "false")
+                .contentType(MediaType.APPLICATION_JSON))
+                .andDo(print())
+                .andExpect(status().isUnprocessableEntity());
+    }
+
+    @Test
+    void getUnAuth() throws Exception {
+        perform(MockMvcRequestBuilders.get(REST_URL))
+                .andExpect(status().isUnauthorized());
+    }
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void getForbidden() throws Exception {
+        perform(MockMvcRequestBuilders.get(REST_URL))
+                .andExpect(status().isForbidden());
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void update() throws Exception {
+        User updated = getUpdated();
+        updated.setId(null);
+        perform(MockMvcRequestBuilders.put(REST_URL + USER_ID)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(jsonWithPassword(updated, "newPass")))
+                .andDo(print())
+                .andExpect(status().isNoContent());
+
+        USER_MATCHER.assertMatch(userRepository.getById(USER_ID), getUpdated());
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void createWithLocation() throws Exception {
+        User newUser = getNew();
+        ResultActions action = perform(MockMvcRequestBuilders.post(REST_URL)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(jsonWithPassword(newUser, "newPass")))
+                .andExpect(status().isCreated());
+
+        User created = USER_MATCHER.readFromJson(action);
+        int newId = created.id();
+        newUser.setId(newId);
+        USER_MATCHER.assertMatch(created, newUser);
+        USER_MATCHER.assertMatch(userRepository.getById(newId), newUser);
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void getAll() throws Exception {
+        perform(MockMvcRequestBuilders.get(REST_URL))
+                .andExpect(status().isOk())
+                .andExpect(content().contentTypeCompatibleWith(MediaType.APPLICATION_JSON))
+                .andExpect(USER_MATCHER.contentJson(admin, user));
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void enable() throws Exception {
+        perform(MockMvcRequestBuilders.patch(REST_URL + USER_ID)
+                .param("enabled", "false")
+                .contentType(MediaType.APPLICATION_JSON))
+                .andDo(print())
+                .andExpect(status().isNoContent());
+
+        assertFalse(userRepository.getById(USER_ID).isEnabled());
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void createInvalid() throws Exception {
+        User invalid = new User(null, null, "", "newPass", Role.USER, Role.ADMIN);
+        perform(MockMvcRequestBuilders.post(REST_URL)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(jsonWithPassword(invalid, "newPass")))
+                .andDo(print())
+                .andExpect(status().isUnprocessableEntity());
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void updateInvalid() throws Exception {
+        User invalid = new User(user);
+        invalid.setName("");
+        perform(MockMvcRequestBuilders.put(REST_URL + USER_ID)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(jsonWithPassword(invalid, "password")))
+                .andDo(print())
+                .andExpect(status().isUnprocessableEntity());
+    }
+
+    @Test
+    @WithUserDetails(value = ADMIN_MAIL)
+    void updateHtmlUnsafe() throws Exception {
+        User updated = new User(user);
+        updated.setName("<script>alert(123)</script>");
+        perform(MockMvcRequestBuilders.put(REST_URL + USER_ID)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(jsonWithPassword(updated, "password")))
+                .andDo(print())
+                .andExpect(status().isUnprocessableEntity());
+    }
+
+    @Test
+    @Transactional(propagation = Propagation.NEVER)
+    @WithUserDetails(value = ADMIN_MAIL)
+    void updateDuplicate() throws Exception {
+        User updated = new User(user);
+        updated.setEmail(ADMIN_MAIL);
+        perform(MockMvcRequestBuilders.put(REST_URL + USER_ID)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(jsonWithPassword(updated, "password")))
+                .andDo(print())
+                .andExpect(status().isUnprocessableEntity())
+                .andExpect(content().string(containsString(EXCEPTION_DUPLICATE_EMAIL)));
+    }
+
+    @Test
+    @Transactional(propagation = Propagation.NEVER)
+    @WithUserDetails(value = ADMIN_MAIL)
+    void createDuplicate() throws Exception {
+        User expected = new User(null, "New", USER_MAIL, "newPass", Role.USER, Role.ADMIN);
+        perform(MockMvcRequestBuilders.post(REST_URL)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(jsonWithPassword(expected, "newPass")))
+                .andDo(print())
+                .andExpect(status().isUnprocessableEntity())
+                .andExpect(content().string(containsString(EXCEPTION_DUPLICATE_EMAIL)));
+    }
+}
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/web/user/ProfileControllerTest.java b/src/test/java/ru/javaops/bootjava/web/user/ProfileControllerTest.java
new file mode 100644
index 0000000..527c298
--- /dev/null
+++ b/src/test/java/ru/javaops/bootjava/web/user/ProfileControllerTest.java
@@ -0,0 +1,112 @@
+package ru.javaops.bootjava.web.user;
+
+import org.junit.jupiter.api.Test;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.MediaType;
+import org.springframework.security.test.context.support.WithUserDetails;
+import org.springframework.test.web.servlet.ResultActions;
+import org.springframework.test.web.servlet.request.MockMvcRequestBuilders;
+import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.repository.UserRepository;
+import ru.javaops.bootjava.to.UserTo;
+import ru.javaops.bootjava.util.JsonUtil;
+import ru.javaops.bootjava.util.UserUtil;
+import ru.javaops.bootjava.web.AbstractControllerTest;
+
+import static org.hamcrest.Matchers.containsString;
+import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.content;
+import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
+import static ru.javaops.bootjava.web.user.ProfileController.REST_URL;
+import static ru.javaops.bootjava.web.user.UniqueMailValidator.EXCEPTION_DUPLICATE_EMAIL;
+import static ru.javaops.bootjava.web.user.UserTestData.*;
+
+class ProfileControllerTest extends AbstractControllerTest {
+
+    @Autowired
+    private UserRepository userRepository;
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void get() throws Exception {
+        perform(MockMvcRequestBuilders.get(REST_URL))
+                .andExpect(status().isOk())
+                .andExpect(content().contentTypeCompatibleWith(MediaType.APPLICATION_JSON))
+                .andExpect(USER_MATCHER.contentJson(user));
+    }
+
+    @Test
+    void getUnAuth() throws Exception {
+        perform(MockMvcRequestBuilders.get(REST_URL))
+                .andExpect(status().isUnauthorized());
+    }
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void delete() throws Exception {
+        perform(MockMvcRequestBuilders.delete(REST_URL))
+                .andExpect(status().isNoContent());
+        USER_MATCHER.assertMatch(userRepository.findAll(), admin);
+    }
+
+    @Test
+    void register() throws Exception {
+        UserTo newTo = new UserTo(null, "newName", "newemail@ya.ru", "newPassword");
+        User newUser = UserUtil.createNewFromTo(newTo);
+        ResultActions action = perform(MockMvcRequestBuilders.post(REST_URL)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(JsonUtil.writeValue(newTo)))
+                .andDo(print())
+                .andExpect(status().isCreated());
+
+        User created = USER_MATCHER.readFromJson(action);
+        int newId = created.id();
+        newUser.setId(newId);
+        USER_MATCHER.assertMatch(created, newUser);
+        USER_MATCHER.assertMatch(userRepository.getById(newId), newUser);
+    }
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void update() throws Exception {
+        UserTo updatedTo = new UserTo(null, "newName", USER_MAIL, "newPassword");
+        perform(MockMvcRequestBuilders.put(REST_URL).contentType(MediaType.APPLICATION_JSON)
+                .content(JsonUtil.writeValue(updatedTo)))
+                .andDo(print())
+                .andExpect(status().isNoContent());
+
+        USER_MATCHER.assertMatch(userRepository.getById(USER_ID), UserUtil.updateFromTo(new User(user), updatedTo));
+    }
+
+    @Test
+    void registerInvalid() throws Exception {
+        UserTo newTo = new UserTo(null, null, null, null);
+        perform(MockMvcRequestBuilders.post(REST_URL)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(JsonUtil.writeValue(newTo)))
+                .andDo(print())
+                .andExpect(status().isUnprocessableEntity());
+    }
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void updateInvalid() throws Exception {
+        UserTo updatedTo = new UserTo(null, null, "password", null);
+        perform(MockMvcRequestBuilders.put(REST_URL)
+                .contentType(MediaType.APPLICATION_JSON)
+                .content(JsonUtil.writeValue(updatedTo)))
+                .andDo(print())
+                .andExpect(status().isUnprocessableEntity());
+    }
+
+    @Test
+    @WithUserDetails(value = USER_MAIL)
+    void updateDuplicate() throws Exception {
+        UserTo updatedTo = new UserTo(null, "newName", ADMIN_MAIL, "newPassword");
+        perform(MockMvcRequestBuilders.put(REST_URL).contentType(MediaType.APPLICATION_JSON)
+                .content(JsonUtil.writeValue(updatedTo)))
+                .andDo(print())
+                .andExpect(status().isUnprocessableEntity())
+                .andExpect(content().string(containsString(EXCEPTION_DUPLICATE_EMAIL)));
+    }
+}
\ No newline at end of file
diff --git a/src/test/java/ru/javaops/bootjava/web/user/UserTestData.java b/src/test/java/ru/javaops/bootjava/web/user/UserTestData.java
new file mode 100644
index 0000000..f4841b6
--- /dev/null
+++ b/src/test/java/ru/javaops/bootjava/web/user/UserTestData.java
@@ -0,0 +1,34 @@
+package ru.javaops.bootjava.web.user;
+
+import ru.javaops.bootjava.model.Role;
+import ru.javaops.bootjava.model.User;
+import ru.javaops.bootjava.util.JsonUtil;
+import ru.javaops.bootjava.web.MatcherFactory;
+
+import java.util.Collections;
+import java.util.Date;
+
+public class UserTestData {
+    public static final MatcherFactory.Matcher<User> USER_MATCHER = MatcherFactory.usingIgnoringFieldsComparator(User.class, "registered", "password");
+
+    public static final int USER_ID = 1;
+    public static final int ADMIN_ID = 2;
+    public static final int NOT_FOUND = 100;
+    public static final String USER_MAIL = "user@gmail.com";
+    public static final String ADMIN_MAIL = "admin@javaops.ru";
+
+    public static final User user = new User(USER_ID, "User", USER_MAIL, "password", Role.USER);
+    public static final User admin = new User(ADMIN_ID, "Admin", ADMIN_MAIL, "admin", Role.ADMIN, Role.USER);
+
+    public static User getNew() {
+        return new User(null, "New", "new@gmail.com", "newPass", false, new Date(), Collections.singleton(Role.USER));
+    }
+
+    public static User getUpdated() {
+        return new User(USER_ID, "UpdatedName", USER_MAIL, "newPass", false, new Date(), Collections.singleton(Role.ADMIN));
+    }
+
+    public static String jsonWithPassword(User user, String passw) {
+        return JsonUtil.writeAdditionProps(user, "password", passw);
+    }
+}