Add ReadMe

chackib · chackib · commit 6214f64c3e74 · 2022-10-22T16:37:57.000+01:00
diff --git a/README.md b/README.md
@@ -0,0 +1,151 @@
+# Challenge with Java BE
+
+This is a simple project with a challenge for Backend developers.
+
+## In this project you will learn:
+
+* Consuming API (Feign)
+* Creating API REST (Spring Web)
+* Create a database (Spring Data)
+* Create a CircuitBreak & RateLimiter (Resilience4J)
+* Different Roles & JWT (Spring Security)
+* JUnit, Mockito, MockMvc
+* H2/Postgres
+* Cache with Hazelcast
+* Swagger
+* Sonar
+* CI/CD
+* Docker
+* Kubernetes
+* Deploy in Cloud
+
+## Tasks:
+
+### LVL 1 
+
+**Goals:** 
+* Create the project
+* Create the database using H2
+* Create the user entity, and Roles
+* Include JWT authentication
+* Create the login/registration/upgrade-permissions endpoints
+
+**Expected time:** 16 | 8 | 4 hours
+
+#### Create your project
+
+- [ ] Create the database using [H2](https://www.h2database.com/html/main.html). You should include the user table, the user can have multiple roles.
+- [ ] Create an endpoint to create a user. (The user should have a username and a password, be careful when saving the user password, and the roles)
+- [ ] Create an endpoint to update the permission to this user to ADMIN and/or USER role. This API could be called just by the ADMIN user, see @Secured and Roles in Spring Security.
+
+#### Create the authentication for your API
+
+- [ ] Create the authentication using JWT
+- [ ] Create two roles ADMIN, USER
+- [ ] Create an endpoint to return the JWT (5 minutes of timeout), receive the username and password
+
+* Book: REST API - Design Rulebook : Mark Masse: https://www.oreilly.com/library/view/rest-api-design/9781449317904/
+* Spring Data: https://www.baeldung.com/the-persistence-layer-with-spring-data-jpa
+* Spring REST - Full Tutorial: https://www.baeldung.com/rest-with-spring-series
+* Spring REST: https://spring.io/guides/tutorials/rest/
+* Spring Security: https://www.toptal.com/spring/spring-security-tutorial
+* Spring Security JWT: https://www.bezkoder.com/spring-boot-jwt-authentication/
+
+### LVL 2
+
+**Expected time:** 16 | 9 | 5 hours
+
+#### Upgrade your API REST
+
+- [ ] Create an endpoint to consume an API from IMDB (https://imdb-api.com/) and populate your database (you can use WebClient or Feign to consume the API). This API could be called just by the ADMIN user, see @Secured and Roles in Spring Security.
+- [ ] Create an endpoint to list all the movies.
+- [ ] Create an endpoint to include a movie to the user (favorite list)
+- [ ] Create an endpoint to exclude the movie from the favorite list
+- [ ] Each time the user includes the movie in the favorite list add one "star" to the movie
+- [ ] Create an endpoint to list the top 10 movies, the movies with more stars.
+- [ ] Create an endpoint to list the favorite movies per user.
+- [ ] Don't forget to include Swagger/OpenAPI, and the test.
+
+#### Content to help:
+
+* Spring Test: https://www.baeldung.com/integration-testing-in-spring
+* Open API: https://www.baeldung.com/spring-rest-openapi-documentation
+* WebClient: https://www.baeldung.com/spring-5-webclient
+* Feign: https://www.baeldung.com/intro-to-feign
+
+----------
+
+### LVL 3
+
+**Expected time:** 18 | 11 | 7 hours
+
+#### Include Hazelcast, design pattern, Resilience4J
+
+- [ ] Include this rank top movies in the cache (Hazelcast), and get from it using RateLimiter (https://resilience4j.readme.io/docs/ratelimiter) as fallback.
+- [ ] Find another API to get Movies, and update the first endpoint to use the template method design pattern to be able to get the movies from both APIs. Use a CircuitBreak for that. If you have any problem with one API you should get it from the other API as a fallback. (You can try changing the API Key)
+- [ ] Create a new endpoint to send a random movie to the user.
+This endpoint should do this: find another user who likes the same movies as the current user and upload a random movie from that favorites list.
+If this condition does not exist, just send a random movie.
+
+#### Content to help:
+
+* Guide to Resilience4j: https://www.baeldung.com/resilience4j
+* RateLimiter: https://resilience4j.readme.io/docs/ratelimiter
+* Caching with Spring Boot and Hazelcast: https://hazelcast.com/blog/spring-boot/
+* Get Started with Hazelcast using Spring Boot: https://docs.hazelcast.com/tutorials/hazelcast-embedded-springboot
+* Template Method: https://refactoring.guru/design-patterns/template-method
+* Failover: https://medium.com/lydtech-consulting/failover-and-circuit-breaker-with-resilience4j-14a57a43c0da
+
+----------
+
+### LVL 4
+
+**Expected time:** 21 | 14 | 8 hours
+
+#### Part 1 - Docker, Kubernetes
+
+- [ ] Run your application using Docker, create a docker file.
+- [ ] Create the files to deploy the application using kubernetes.
+- [ ] Include the probes from actuator in your deployment.yaml
+- [ ] Deploy your application in local environment using Kubernetes.
+
+
+**Expected time:** 27 | 17 | 7 hours
+
+#### Part 2 - Deploy in the cloud, Openshift
+
+- [ ] Include postgres to your production environment
+- [ ] Include all the yaml files that are required to deploy the hazelcast and postgres
+- [ ] Do the deployment into sandbox Openshift (https://developers.redhat.com/developer-sandbox)
+- [ ] Create a service and a route for your application to expose your application to internet.
+- [ ] Create a document with step-by-step on how to deploy the application in the Openshift
+
+
+#### Content to help:
+
+* Spring Boot Actuator: https://www.baeldung.com/spring-boot-actuators
+* Spring Boot with Docker: https://spring.io/guides/gs/spring-boot-docker/
+* Hazelcast Config: https://docs.hazelcast.com/imdg/4.2/configuration/configuring-declaratively
+* Kubernetes Tutorial: https://medium.com/@javatechie/kubernetes-tutorial-run-deploy-spring-boot-application-in-k8s-cluster-using-yaml-configuration-3b079154d232
+* Postgres K8s: https://www.sumologic.com/blog/kubernetes-deploy-postgres/
+* Book: Modernizing Enterprise Java: https://developers.redhat.com/e-books/modernizing-enterprise-java
+
+----------
+
+### LVL 5
+
+#### Pipeline, CI/CD, Sonar
+
+- [ ] Include SonarCloud in your project, make sure the coverage is above 70% and you don't have a loud code smell.
+- [ ] Include a pipeline, you can use gitHub Actions, or Travis CI, use what you prefer. Your CI pipeline should include [build, test, sonar]
+- [ ] Include also CD in your pipeline, it should be able to deploy in the Cloud.
+
+#### Content to help:
+
+* SonarCloud Integration with SpringBoot-Maven: https://medium.com/@bethecodewithyou/sonarcloud-integration-with-springboot-maven-5820180ef764
+* How to build a CI/CD pipeline with GitHub Actions in four simple steps: https://github.blog/2022-02-02-build-ci-cd-pipeline-github-actions-four-steps/
+* The twelve-factor: https://12factor.net/
+* Travis CI: https://www.travis-ci.org/
+
+
+
diff --git a/src/main/java/org/sid/jwtservice/JwtServiceApplication.java b/src/main/java/org/sid/jwtservice/JwtServiceApplication.java
@@ -39,6 +39,7 @@ CommandLineRunner start(AccountService accountService){
 			accountService.addNewUser(new AppUser(null, "user3", "12345", new ArrayList<>()));
 			accountService.addNewUser(new AppUser(null, "user2", "12345", new ArrayList<>()));
 			accountService.addNewUser(new AppUser(null, "user4", "12345", new ArrayList<>()));
+			accountService.addNewUser(new AppUser(null, "user5", "123456", new ArrayList<>()));
 
 			accountService.addRoleToUser("user1", "USER");
 			accountService.addRoleToUser("admin", "USER");
@@ -49,6 +50,8 @@ CommandLineRunner start(AccountService accountService){
 			accountService.addRoleToUser("user3", "PRODUCT_MANAGER");
 			accountService.addRoleToUser("user4", "USER");
 			accountService.addRoleToUser("user4", "BILLS_MANAGER");
+			accountService.addRoleToUser("user5", "BILLS_MANAGER");
+
 		};
 	}
 
diff --git a/src/main/java/org/sid/jwtservice/securityp/web/AccountRestController.java b/src/main/java/org/sid/jwtservice/securityp/web/AccountRestController.java
@@ -5,14 +5,12 @@
 import org.sid.jwtservice.securityp.entities.AppRole;
 import org.sid.jwtservice.securityp.entities.AppUser;
 import org.sid.jwtservice.securityp.service.AccountService;
-import org.springframework.web.bind.annotation.GetMapping;
-import org.springframework.web.bind.annotation.PostMapping;
-import org.springframework.web.bind.annotation.RequestBody;
-import org.springframework.web.bind.annotation.RestController;
+import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
 
 @RestController
+@RequestMapping(value = "/users")
 public class AccountRestController {
     private AccountService accountService;
 
@@ -21,12 +19,12 @@ public AccountRestController(AccountService accountService) {
         this.accountService = accountService;
     }
 
-    @GetMapping(path="/users")
+    @GetMapping
     public List<AppUser> appUser(){
         return accountService.listUsers();
     }
 
-    @PostMapping(path="/users")
+    @PostMapping
     public AppUser saveUser(@RequestBody AppUser appUser){
         return accountService.addNewUser(appUser);
     }
@@ -42,8 +40,3 @@ public void addRoleToUser(@RequestBody RoleUserForm roleUserForm){
     }
 }
 
-@Data
-class RoleUserForm{
-    private String username;
-    private String roleName;
-}
diff --git a/src/main/java/org/sid/jwtservice/securityp/web/RoleUserForm.java b/src/main/java/org/sid/jwtservice/securityp/web/RoleUserForm.java
@@ -0,0 +1,9 @@
+package org.sid.jwtservice.securityp.web;
+
+import lombok.Data;
+
+@Data
+public class RoleUserForm {
+    private String username;
+    private String roleName;
+}
