Patrick Plate
6c66783b58
- Step 3.1: Spring Boot Starter Mail dependency (api + service) - Step 3.2: InviteToken JPA entity with 72h expiry - Step 3.3: InviteTokenRepository with valid-token finder - Step 3.4: EmailService (plain text invite email via JavaMailSender) - Step 3.5: StaffService (CRUD + invite + email pattern validation + token revocation) - Step 3.6: Staff DTOs (CreateStaffRequest, UpdateStaffRequest, StaffResponse) - Step 3.7: SetPasswordRequest with password complexity (@Pattern: 1 digit + 1 special) - Step 3.8: StaffController (6 endpoints, ADMIN-only via @PreAuthorize) - Step 3.9: POST /api/v1/auth/set-password (public, generic error messages) - Step 3.10: StaffTemplates (ausgabe, lager, vorstand predefined permission sets) - Step 3.11: AuthService rejects inactive users with 'Account not activated' - Step 3.12: Token revocation on permission change via revokeAllForUser() - Step 3.13: invite-email.txt template (German, 72h expiry note) - Step 3.14: Spring Mail config (Mailpit dev defaults, env var overrides) - Step 3.15: Unit tests (StaffServiceTest, StaffControllerTest, EmailServiceTest) - V5 Flyway migration for invite_tokens table Security review findings incorporated: - Password complexity: min 8 chars, 1 digit + 1 special char - Generic 'invalid or expired token' error (no state leakage) - SecureRandom 32-byte Base64 token generation - Token values never logged
124 lines
4.7 KiB
XML
124 lines
4.7 KiB
XML
<?xml version="1.0" encoding="UTF-8"?>
|
|
<project xmlns="http://maven.apache.org/POM/4.0.0"
|
|
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
|
|
xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 https://maven.apache.org/xsd/maven-4.0.0.xsd">
|
|
<modelVersion>4.0.0</modelVersion>
|
|
|
|
<parent>
|
|
<groupId>de.cannamanage</groupId>
|
|
<artifactId>cannamanage-parent</artifactId>
|
|
<version>1.0.0-SNAPSHOT</version>
|
|
<relativePath>../pom.xml</relativePath>
|
|
</parent>
|
|
|
|
<artifactId>cannamanage-service</artifactId>
|
|
<name>CannaManage — Service (Business Logic)</name>
|
|
|
|
<dependencies>
|
|
<!-- Internal domain -->
|
|
<dependency>
|
|
<groupId>de.cannamanage</groupId>
|
|
<artifactId>cannamanage-domain</artifactId>
|
|
</dependency>
|
|
<!-- Spring Data JPA for repository interfaces -->
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-data-jpa</artifactId>
|
|
</dependency>
|
|
<!-- Spring TX annotations -->
|
|
<dependency>
|
|
<groupId>org.springframework</groupId>
|
|
<artifactId>spring-tx</artifactId>
|
|
</dependency>
|
|
<!-- Lombok -->
|
|
<dependency>
|
|
<groupId>org.projectlombok</groupId>
|
|
<artifactId>lombok</artifactId>
|
|
<optional>true</optional>
|
|
</dependency>
|
|
<!-- Test dependencies -->
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-test</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<dependency>
|
|
<groupId>org.assertj</groupId>
|
|
<artifactId>assertj-core</artifactId>
|
|
<scope>test</scope>
|
|
</dependency>
|
|
<!-- Caffeine caching for token revocation -->
|
|
<dependency>
|
|
<groupId>com.github.ben-manes.caffeine</groupId>
|
|
<artifactId>caffeine</artifactId>
|
|
</dependency>
|
|
<!-- Spring Context for @Scheduled -->
|
|
<dependency>
|
|
<groupId>org.springframework</groupId>
|
|
<artifactId>spring-context</artifactId>
|
|
</dependency>
|
|
<!-- Spring Web for ResponseStatusException -->
|
|
<dependency>
|
|
<groupId>org.springframework</groupId>
|
|
<artifactId>spring-web</artifactId>
|
|
</dependency>
|
|
<!-- Spring Mail (invite flow) -->
|
|
<dependency>
|
|
<groupId>org.springframework.boot</groupId>
|
|
<artifactId>spring-boot-starter-mail</artifactId>
|
|
</dependency>
|
|
</dependencies>
|
|
|
|
<build>
|
|
<plugins>
|
|
<plugin>
|
|
<groupId>org.jacoco</groupId>
|
|
<artifactId>jacoco-maven-plugin</artifactId>
|
|
<executions>
|
|
<execution>
|
|
<id>prepare-agent</id>
|
|
<goals>
|
|
<goal>prepare-agent</goal>
|
|
</goals>
|
|
</execution>
|
|
<execution>
|
|
<id>report</id>
|
|
<phase>test</phase>
|
|
<goals>
|
|
<goal>report</goal>
|
|
</goals>
|
|
</execution>
|
|
<execution>
|
|
<id>check</id>
|
|
<goals>
|
|
<goal>check</goal>
|
|
</goals>
|
|
<configuration>
|
|
<rules>
|
|
<rule>
|
|
<element>CLASS</element>
|
|
<includes>
|
|
<include>de.cannamanage.service.ComplianceService</include>
|
|
</includes>
|
|
<limits>
|
|
<limit>
|
|
<counter>LINE</counter>
|
|
<value>COVEREDRATIO</value>
|
|
<minimum>1.00</minimum>
|
|
</limit>
|
|
<limit>
|
|
<counter>BRANCH</counter>
|
|
<value>COVEREDRATIO</value>
|
|
<minimum>1.00</minimum>
|
|
</limit>
|
|
</limits>
|
|
</rule>
|
|
</rules>
|
|
</configuration>
|
|
</execution>
|
|
</executions>
|
|
</plugin>
|
|
</plugins>
|
|
</build>
|
|
</project>
|