Add the routes to the AuthorizedInterceptor's configuration.

pom.xml

@@ -14,8 +14,8 @@
     <groovy.version>4.0.15</groovy.version>
     <maven.compiler.source>11</maven.compiler.source>
     <maven.compiler.target>11</maven.compiler.target>
-    <spring.version>5.2.3.RELEASE</spring.version>
+    <spring.version>5.3.13</spring.version>
-    <hibernate.version>5.4.1.Final</hibernate.version>
+    <hibernate.version>6.3.0.Final</hibernate.version>
   </properties>
 
   <build>
@@ -119,13 +119,7 @@
     <dependency>
       <groupId>org.springframework</groupId>
       <artifactId>spring-webmvc</artifactId>
-      <version>5.2.3.RELEASE</version>
+      <version>5.3.19</version>
-    </dependency>
-    <dependency>
-      <groupId>org.springframework</groupId>
-      <artifactId>spring-test</artifactId>
-      <version>5.2.3.RELEASE</version>
-      <scope>test</scope>
     </dependency>
     <dependency>
       <groupId>com.fasterxml.jackson.core</groupId>

src/main/java/space/kklochko/spring_rest_example/config/WebConfig.java

@@ -1,8 +1,6 @@
 package space.kklochko.spring_rest_example.config;
 
-import java.sql.Timestamp;
 import java.util.List;
-import java.util.UUID;
 
 import jakarta.persistence.EntityManager;
 import org.springframework.context.annotation.Bean;
@@ -11,9 +9,11 @@ import org.springframework.context.annotation.Configuration;
 import org.springframework.http.converter.HttpMessageConverter;
 import org.springframework.http.converter.json.MappingJackson2HttpMessageConverter;
 import org.springframework.web.servlet.config.annotation.EnableWebMvc;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 import space.kklochko.spring_rest_example.db.factories.EntityManagerConnection;
 import space.kklochko.spring_rest_example.db.repositories.IndicatorRepository;
+import space.kklochko.spring_rest_example.interceptors.AuthorizedInterceptor;
 import space.kklochko.spring_rest_example.models.factories.TokenFactory;
 import space.kklochko.spring_rest_example.security.tokens.SimpleRandomToken;
 import space.kklochko.spring_rest_example.security.tokens.StringTokenFactory;
@@ -42,4 +42,17 @@ public class WebConfig implements WebMvcConfigurer {
         StringTokenFactory stringTokenFactory = new SimpleRandomToken();
         return new TokenFactory(stringTokenFactory);
     }
+
+    @Bean
+    public AuthorizedInterceptor authorizedInterceptor() {
+        return new AuthorizedInterceptor();
+    }
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(authorizedInterceptor())
+                .addPathPatterns("/api/v1/departments/**")
+                .addPathPatterns("/api/v1/patients/**")
+                .addPathPatterns("/api/v1/indicators/**");
+    }
 }

src/main/java/space/kklochko/spring_rest_example/controllers/IndicatorController.java

@@ -1,6 +1,5 @@
 package space.kklochko.spring_rest_example.controllers;
 
-import jakarta.persistence.Entity;
 import jakarta.persistence.EntityManager;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
@@ -9,8 +8,6 @@ import org.springframework.web.bind.annotation.*;
 import space.kklochko.spring_rest_example.db.repositories.IndicatorRepository;
 import space.kklochko.spring_rest_example.models.Indicator;
 
-import java.sql.Timestamp;
-import java.util.ArrayList;
 import java.util.List;
 import java.util.UUID;
 

src/main/java/space/kklochko/spring_rest_example/interceptors/AuthorizedInterceptor.java

@@ -0,0 +1,44 @@
+package space.kklochko.spring_rest_example.interceptors;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpMethod;
+import org.springframework.web.servlet.HandlerInterceptor;
+import space.kklochko.spring_rest_example.security.access.AuthorizedValidator;
+
+public class AuthorizedInterceptor implements HandlerInterceptor {
+    @Autowired
+    AuthorizedValidator authorizedValidator;
+
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        if (request.getMethod().equals(HttpMethod.GET.name())) {
+            return true;
+        }
+
+        String token = request.getHeader("Authorization");
+
+        Boolean accessStatus;
+
+        if (request.getMethod().equals(HttpMethod.DELETE.name())) {
+            accessStatus = authorizedValidator.isAdmin(token);
+        }else {
+            accessStatus = authorizedValidator.isUser(token);
+        }
+
+        if(accessStatus == null) {
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authorizedValidator.noToken());
+            return false;
+        }
+
+        if(!accessStatus) {
+            response.sendError(HttpServletResponse.SC_UNAUTHORIZED, authorizedValidator.accessDeniedNoPermission());
+            return false;
+        }
+
+        return true;
+    }
+}
+

src/main/java/space/kklochko/spring_rest_example/security/access/AccessPower.java

@@ -0,0 +1,29 @@
+package space.kklochko.spring_rest_example.security.access;
+
+public class AccessPower {
+    int ADMIN = 2;
+    int USER = 1;
+
+    public int accessPower(String role) {
+        if(role.equals("ADMIN"))
+            return ADMIN | USER;
+
+        if(role.equals("USER"))
+            return USER;
+
+        return 0;
+    }
+
+    public boolean isUser(String role) {
+        int power = accessPower(role);
+
+        return (power & USER) != 0;
+    }
+
+    public boolean isAdmin(String role) {
+        int power = accessPower(role);
+
+        return (power & ADMIN) != 0;
+    }
+}
+

src/main/java/space/kklochko/spring_rest_example/security/access/AuthorizedValidator.java

@@ -0,0 +1,56 @@
+package space.kklochko.spring_rest_example.security.access;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Component;
+import space.kklochko.spring_rest_example.db.repositories.TokenRepository;
+import space.kklochko.spring_rest_example.db.repositories.UserRepository;
+import space.kklochko.spring_rest_example.models.Token;
+import space.kklochko.spring_rest_example.models.User;
+
+@Component
+public class AuthorizedValidator {
+   @Autowired
+   private UserRepository userRepository;
+
+   @Autowired
+   private TokenRepository tokenRepository;
+
+   AccessPower accessPower = new AccessPower();
+
+   public Boolean isUser(String token){
+      Token userToken = tokenRepository.read(token);
+
+      if(userToken == null)
+         return null;
+
+      User user = userRepository.read(userToken.getUsername());
+
+      if(user == null)
+         return null;
+
+      return accessPower.isUser(user.getRole());
+   }
+
+   public Boolean isAdmin(String token){
+      Token userToken = tokenRepository.read(token);
+
+      if(userToken == null)
+         return null;
+
+      User user = userRepository.read(userToken.getUsername());
+
+      if(user == null)
+         return null;
+
+      return accessPower.isAdmin(user.getRole());
+   }
+
+   public String noToken(){
+      return "Access denied, you have invalid token or no token!!!";
+   }
+
+   public String accessDeniedNoPermission(){
+      return "Access denied, you have no permission!!!";
+   }
+}
+