вкатываемся в АОП ооопп

pom.xml

@@ -81,5 +81,16 @@
             <artifactId>geoip2</artifactId>
             <version>3.0.2</version>
         </dependency>
+        <dependency>
+            <groupId>org.springframework</groupId>
+            <artifactId>spring-aop</artifactId>
+            <version>6.0.4</version>
+        </dependency>
+        <dependency>
+            <groupId>org.aspectj</groupId>
+            <artifactId>aspectjweaver</artifactId>
+            <version>1.9.19</version>
+            <scope>compile</scope>
+        </dependency>
     </dependencies>
 </project>

src/main/java/app/annotations/exceptions/InvalidCookie.java

@@ -0,0 +1,4 @@
+package app.annotations.exceptions;
+
+public class InvalidCookie extends RuntimeException{
+}

src/main/java/app/annotations/exceptions/LowPermition.java

@@ -0,0 +1,4 @@
+package app.annotations.exceptions;
+
+public class LowPermition extends RuntimeException{
+}

src/main/java/app/annotations/exceptions/NeedCookie.java

@@ -0,0 +1,4 @@
+package app.annotations.exceptions;
+
+public class NeedCookie extends RuntimeException{
+}

src/main/java/app/annotations/impl/CookieAspect.java

@@ -0,0 +1,58 @@
+package app.annotations.impl;
+
+import app.annotations.exceptions.InvalidCookie;
+import app.annotations.exceptions.NeedCookie;
+import app.utils.SaltedCookie;
+import jakarta.servlet.http.HttpServletRequest;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+
+@Aspect
+@Configuration
+public class CookieAspect {
+    SaltedCookie saltedCookie;
+
+    @Autowired
+    public CookieAspect(SaltedCookie saltedCookie) {
+        this.saltedCookie = saltedCookie;
+    }
+
+    @Before("@annotation(app.annotations.interfaces.NeedValidCookie) && args(request,..)")
+    public void before(HttpServletRequest request){
+        System.out.println("check cookie");
+        if(!(request instanceof HttpServletRequest)) {
+            throw new RuntimeException("cannot read cookie from invalid request");
+        }
+
+        if(request.getHeader("Cookie") == null) {
+            throw new NeedCookie();
+        }
+        String[] rawCookieParams = request.getHeader("Cookie").split(";");
+        String steam64 = "";
+        String steam64_secured = "";
+
+        for(String rawCookie: rawCookieParams) {
+            if(!steam64.isEmpty() && !steam64_secured.isEmpty()) {
+                break;
+            }
+            if(rawCookie.contains("steam64=")) {
+                steam64 = rawCookie.split("=")[1];
+                continue;
+            }
+            if(rawCookie.contains("steam64_secured=")) {
+                steam64_secured = rawCookie.split("=")[1];
+                continue;
+            }
+        }
+
+        if (steam64.isEmpty() || steam64_secured.isEmpty()) {
+            throw new NeedCookie();
+        }
+
+        if(!saltedCookie.Validate(steam64, steam64_secured)) {
+            throw new InvalidCookie();
+        }
+    }
+}

src/main/java/app/annotations/impl/PermitionFlagAspect.java

@@ -0,0 +1,57 @@
+package app.annotations.impl;
+
+import app.annotations.exceptions.InvalidCookie;
+import app.annotations.exceptions.LowPermition;
+import app.annotations.exceptions.NeedCookie;
+import app.entities.db.Permition;
+import app.services.ProfileService;
+import jakarta.servlet.http.HttpServletRequest;
+import org.aspectj.lang.annotation.Aspect;
+import org.aspectj.lang.annotation.Before;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.context.annotation.Configuration;
+
+import java.util.Arrays;
+import java.util.List;
+
+@Aspect
+@Configuration
+public class PermitionFlagAspect {
+    ProfileService profileService;
+
+    @Autowired
+    public PermitionFlagAspect(ProfileService profileService) {
+        this.profileService = profileService;
+    }
+
+    public boolean ValidateAdmin(String steam64, String flag) {
+        Permition permition = profileService.GetProfile(steam64, List.of("permition")).getPermition();
+        if (permition == null) return false;
+        return permition.getFlags().contains(flag);
+    }
+
+    @Before("@annotation(app.annotations.interfaces.CheckPermitionFlag) && args(request,..)")
+    public void before(HttpServletRequest request){
+        System.out.println("check permition flag");
+        if(!(request instanceof HttpServletRequest)) {
+            throw new RuntimeException("invalid request");
+        }
+
+        if(request.getHeader("Cookie") == null) {
+            throw new NeedCookie();
+        }
+
+        String steam64 = Arrays.stream(request.getHeader("Cookie").split(";"))
+                .filter(raw_cookie -> raw_cookie.contains("steam64="))
+                .map(raw_cookie -> raw_cookie.split("=")[1])
+                .findFirst().orElse(null);
+
+        if (steam64 == null) {
+            throw new InvalidCookie();
+        }
+
+        if(!ValidateAdmin(steam64, "z")){
+            throw new LowPermition();
+        }
+    }
+}

src/main/java/app/annotations/interfaces/CheckPermitionFlag.java

@@ -0,0 +1,13 @@
+package app.annotations.interfaces;
+
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.METHOD)
+public @interface CheckPermitionFlag {
+    public String flag() default "z";
+}

src/main/java/app/annotations/interfaces/NeedValidCookie.java

@@ -0,0 +1,11 @@
+package app.annotations.interfaces;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Retention(RetentionPolicy.RUNTIME)
+@Target(ElementType.METHOD)
+public @interface NeedValidCookie {
+}

src/main/java/app/controllers/AdminController.java

@@ -1,10 +1,12 @@
 package app.controllers;
 
-import app.entities.PlayerProfile;
+import app.annotations.interfaces.CheckPermitionFlag;
+import app.annotations.interfaces.NeedValidCookie;
 import app.entities.db.Permition;
 import app.services.ProfileService;
 import app.services.ServerService;
 import app.utils.SaltedCookie;
+import jakarta.servlet.http.HttpServletRequest;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
@@ -28,21 +30,15 @@ public class AdminController {
         this.profileService = profileService;
     }
 
-    public boolean ValidateAdmin(String steam64, String flag) {
-        Permition permition = profileService.GetProfile(steam64, List.of("permition")).getPermition();
-        if (permition == null) return false;
-        return permition.getFlags().contains(flag);
-    }
-
     @GetMapping("kick")
+    @NeedValidCookie
+    @CheckPermitionFlag(flag = "z")
     public ResponseEntity kickPlayer(
+            HttpServletRequest request,
             @CookieValue(value = "steam64", defaultValue = "") String steam64,
-            @CookieValue(value = "steam64_secured", defaultValue = "") String steam64_secured,
             @RequestParam(value = "steam64", required = false, defaultValue = "") String kicked_steam64,
             @RequestParam(value = "player_name", required = false, defaultValue = "") String player_name
     ) {
-        if(!saltedCookie.Validate(steam64, steam64_secured)) return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-        if(!ValidateAdmin(steam64, "z")) return new ResponseEntity<>(HttpStatus.FORBIDDEN);
         if(kicked_steam64.isEmpty() && player_name.isEmpty()) return new ResponseEntity<>(HttpStatus.NO_CONTENT);
 
         boolean result = false;

src/main/java/app/controllers/ProfileController.java

@@ -1,7 +1,7 @@
 package app.controllers;
 
+import app.annotations.interfaces.NeedValidCookie;
 import app.services.ProfileService;
-import app.entities.Stats;
 import app.utils.SaltedCookie;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
@@ -11,8 +11,6 @@ import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RestController;
 
-import java.util.List;
-
 @RestController
 @RequestMapping("api/profile")
 public class ProfileController {
@@ -27,12 +25,10 @@ public class ProfileController {
     }
 
     @GetMapping("/current")
+    @NeedValidCookie
     public ResponseEntity GetCurrentUser(
-            @CookieValue(value = "steam64", defaultValue = "") String steam64,
+            @CookieValue(value = "steam64", defaultValue = "") String steam64
-            @CookieValue(value = "steam64_secured", defaultValue = "") String steam64_secured
     ){
-        if(!saltedCookie.Validate(steam64, steam64_secured)) return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-
         return new ResponseEntity(profileService.GetProfile(steam64), HttpStatus.OK);
     }
 }

src/main/java/app/exceptions/handler/GlobalExceptionAdvice.java

@@ -0,0 +1,27 @@
+package app.exceptions.handler;
+
+import app.annotations.exceptions.InvalidCookie;
+import app.annotations.exceptions.LowPermition;
+import app.annotations.exceptions.NeedCookie;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.ControllerAdvice;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+
+@ControllerAdvice
+public class GlobalExceptionAdvice {
+    @ExceptionHandler(NeedCookie.class)
+    public ResponseEntity handNeedCookie() {
+        return new ResponseEntity(HttpStatus.UNAUTHORIZED);
+    }
+
+    @ExceptionHandler(InvalidCookie.class)
+    public ResponseEntity handInvalidCookie() {
+        return new ResponseEntity(HttpStatus.UNAUTHORIZED);
+    }
+
+    @ExceptionHandler(LowPermition.class)
+    public ResponseEntity handLowPermition(){
+        return new ResponseEntity<>(HttpStatus.FORBIDDEN);
+    }
+}