Cedric
a5e5824a44
docs: write recent changes section
2026-05-10 20:18:58 +02:00
Cedric
7189e4fb08
docs: write error handling section
2026-05-10 20:18:28 +02:00
Cedric
2782823c3d
docs: write data models section
2026-05-10 20:17:55 +02:00
Cedric
ddf64305a5
docs: write expense lists endpoint section
2026-05-10 20:17:22 +02:00
Cedric
2b84ed0de8
docs: write home and users endpoint sections
2026-05-10 20:14:22 +02:00
Cedric
18e740bb73
docs: write rate limiting section
2026-05-10 20:13:58 +02:00
Cedric
9b93cd97a6
docs: write authentication section
2026-05-09 23:56:14 +02:00
Cedric
8fb1820bc7
docs: write API overview section
2026-05-09 23:50:42 +02:00
Cedric
9c35bb8435
docs: scaffold API.md with section headings
2026-05-09 23:49:56 +02:00
Cedric
3d456f2f81
Bugfixes
2026-05-09 23:04:27 +02:00
Cedric
b1324e3048
test: add jsonPath field assertions to create validation tests
2026-05-06 14:40:11 +02:00
Cedric
8b96433b1a
feat: add CreateExpenseListRequest DTO with validation to POST /create endpoint
...
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-05 17:28:47 +02:00
Cedric
f0de751da4
fix: centralise error handling in GlobalExceptionHandler, add SLF4J logging, remove HTTP 417 and e.printStackTrace()
...
- Expand GlobalExceptionHandler with handlers for ResourceNotFoundException (404),
UsernameAlreadyExistsException (409), ResponseStatusException (pass-through),
RuntimeException (500), and generic Exception (500); add SLF4J logging
- Remove all bare try/catch blocks and e.printStackTrace() calls from
ExpenseListController; add SLF4J logger field
- Add test: create_returns500_onUnexpectedServiceError
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-05 17:11:37 +02:00
Cedric
9b95741292
fix: add /docs/superpowers to .gitignore
2026-05-05 17:00:01 +02:00
Cedric
2bd229cc5e
Remove docs from tracking
2026-05-05 16:59:35 +02:00
Cedric
797d482ebf
fix: use ResourceNotFoundException for not-found cases in updateExpense, IllegalArgumentException for ownership mismatch in deleteCustomCategory
2026-05-05 16:55:01 +02:00
Cedric
906b60d264
fix: single-param JPQL queries, ResourceNotFoundException throughout ExpenseListService, remove addExpenseToList loop
...
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-05 16:40:31 +02:00
Cedric
68783cc892
fix: throw ResourceNotFoundException instead of returning null, replace full-table-scan list queries with JPQL
2026-05-05 15:20:46 +02:00
Cedric
9c91da9f30
test: fix ExpenseListRepositoryTest with H2 and proper save-then-find pattern
...
Added H2 as a test-scoped dependency so @DataJpaTest has an embedded
database. Rewrote the test to save an entity and assert on the returned
ID rather than assuming a record exists at ID=1.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-05 11:23:51 +02:00
Cedric
024b3880e7
security: add per-user/IP rate limiting via Bucket4j
...
RateLimitFilter (OncePerRequestFilter) enforces 60 req/min per
authenticated Google ID or client IP, using Bucket4j in-memory
token buckets. Filter is registered after BearerTokenAuthenticationFilter
in the production security chain. Added 4 unit tests covering
allow, block, per-IP isolation, and X-Forwarded-For preference.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-05 11:19:42 +02:00
Cedric
457efab452
security: enforce JWT-based authorization on AppUserController
...
Added AuthenticatedUserResolver injection and assertSelf guard to
getUser, getUserByGoogleId, and deleteUser endpoints. createUser
remains open for registration. Added 7 controller tests covering
validation failures and 403 enforcement.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-05 11:13:05 +02:00
Cedric
95688e5111
test: add unit tests for AuthenticatedUserResolver
2026-05-05 10:03:35 +02:00
Cedric
bb2a4d70b2
feat: add ExpenseListController validation and authorization tests
2026-05-04 22:46:29 +02:00
Cedric
a948bca2fc
feat: add GlobalExceptionHandler, @Valid to user creation, AuthenticatedUserResolver stub, and rewrite ExpenseListController with authorization
2026-05-04 22:44:37 +02:00
Cedric
3bea06fead
feat: add Bean Validation annotations to request models
2026-05-04 22:36:20 +02:00
Cedric
b7db35defe
build: add spring-boot-starter-validation and bucket4j-core
2026-05-04 22:34:10 +02:00
Cedric
efe84942ff
docs: add security hardening implementation plan
...
8-task TDD plan covering input validation, JWT-based authorization
enforcement, and Bucket4j rate limiting.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-04 22:22:54 +02:00
Cedric
e3b8917bfc
docs: add security hardening design spec
...
Covers input validation, JWT-based authorization enforcement, and
per-user rate limiting via Bucket4j.
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com >
2026-05-04 21:58:20 +02:00
Cedric
477a5c3c70
dockerfile aktualisiert
2026-02-04 15:31:16 +01:00
Cedric
7bac694357
docker-compose.yml aktualisiert
2026-02-04 15:29:55 +01:00
Cedric
f8407db3ac
docker-compose.yml aktualisiert
2026-02-04 15:27:51 +01:00
Cedric
374d91f0c9
dockerfile aktualisiert
2026-02-04 15:18:40 +01:00
Cedric
8f17e8d8a8
dockerfile aktualisiert
2026-02-04 15:15:53 +01:00
Cedric
8c8eccb35e
dockerfile aktualisiert
2026-02-04 15:13:23 +01:00
Cedric
3656ccc941
dockerfile aktualisiert
2026-02-04 15:07:41 +01:00
Cedric
e9851ffea4
dockerfile update
2026-02-04 15:05:44 +01:00
Cedric
38b5e0f740
Merge pull request 'Vps update' ( #11 ) from Vps-new-infrastructure into main
...
Reviewed-on: #11
2026-02-04 14:56:13 +01:00
Cedric
2ba7f8d5da
Vps update
2026-02-04 14:55:25 +01:00
Cedric
b46464cd32
Merge pull request 'dev' ( #8 ) from dev into main
...
Build and Deploy Versioned Spring Boot Server / build (push) Successful in 10m4s
Reviewed-on: #8
2025-05-10 16:13:59 -07:00
Cedric
15792bad28
Add CategoryService and integrate category handling in ExpenseListController
...
Build and Deploy Spring Boot Server / build (push) Successful in 10m8s
- Introduced CategoryService to manage standard categories.
- Updated ExpenseListController to set default categories when creating an expense list.
- Modified ExpenseChangeRequest and ExpenseInput to include category field.
- Enhanced DataInitializer to ensure standard categories are initialized.
2025-05-11 00:59:54 +02:00
Cedric
814b2221c8
#7
Build and Deploy Spring Boot Server / build (push) Successful in 10m8s
2025-05-10 19:07:50 +02:00
Cedric
011bb03d3f
Merge pull request 'sync' ( #3 ) from main into dev
...
Build and Deploy Spring Boot Server / build (push) Successful in 9m53s
Reviewed-on: #3
2025-01-12 05:19:50 -08:00
Cedric
5e0311971d
Merge pull request 'rc' ( #2 ) from dev into main
...
Build and Deploy Versioned Spring Boot Server / build (push) Successful in 9m54s
Reviewed-on: #2
2025-01-12 05:18:03 -08:00
Cedric
31566d1bd8
adjusted compose
Build and Deploy Spring Boot Server / build (push) Has been cancelled
2025-01-12 14:14:13 +01:00
Cedric
b669855a56
Dateien nach "src/main/resources/static" hochladen
2025-01-12 04:51:41 -08:00
Cedric
3830449377
major minor version tagging
Build and Deploy Spring Boot Server / build (push) Successful in 9m55s
Build and Deploy Versioned Spring Boot Server / build (push) Successful in 9m54s
2025-01-12 12:36:43 +01:00
Cedric
3db2806a04
fix gitea tag
Build and Deploy Spring Boot Server / build (push) Successful in 9m53s
Build and Deploy Versioned Spring Boot Server / build (push) Successful in 9m58s
2025-01-12 11:46:29 +01:00
Cedric
d26a9bffc5
tag
Build and Deploy Spring Boot Server / build (push) Has been cancelled
Build and Deploy Versioned Spring Boot Server / build (push) Failing after 9m46s
2025-01-12 11:23:17 +01:00
Cedric
f49530653b
Merge pull request 'initial Release request' ( #1 ) from dev into main
...
Build and Deploy Versioned Spring Boot Server / build (push) Failing after 9m45s
Reviewed-on: #1
2025-01-12 01:46:30 -08:00
Cedric
25e70ddf68
tag releases
Build and Deploy Spring Boot Server / build (push) Successful in 9m53s
2025-01-12 10:35:50 +01:00
Cedric