Project: Secure E-commerce Order Processing System with CI/CD
Objective: Implement a secure RESTful API for an E-commerce Order Processing System using Java, Spring Boot, Apache Kafka, and GitHub Actions (for CI/CD). The system should allow users to place orders and process them asynchronously through a message queue.
Requirements:
-
Initialize a new Spring Boot project using Spring Initializr. Choose the following dependencies: Web, JPA, H2, Cache, Spring for Apache Kafka, Spring Security, Spring AOP, and Lombok.
-
Structure your project with the following packages:
model
: Contains domain model classes (Product
,Order
,User
)repository
: Contains repository interfaces extendingJpaRepository
service
: Contains service classes to encapsulate business logiccontroller
: Contains REST API controllersexception
: Contains custom exception classesdto
: Contains data transfer objects (DTOs) used in the APIsecurity
: Contains classes related to security and authenticationaspect
: Contains classes related to Aspect-Oriented Programming
-
Implement the domain model:
Product
class: Fields should includeid
,name
,description
,price
, andstockQuantity
Order
class: Fields should includeid
,product
,quantity
,status
, andtotalPrice
. Thestatus
should be an enum with valuesPLACED
,PROCESSING
,COMPLETED
, andFAILED
.User
class: Fields should includeid
,username
,password
,role
. Therole
should be an enum with valuesUSER
,ADMIN
.
-
Implement the repositories:
ProductRepository
: ExtendsJpaRepository<Product, Long>
OrderRepository
: ExtendsJpaRepository<Order, Long>
UserRepository
: ExtendsJpaRepository<User, Long>
-
Implement the services:
ProductService
: Contains methods for creating, updating, deleting, and retrieving products. Use Spring's Dependency Injection to inject theProductRepository
into the service.OrderService
: Contains methods for placing and updating orders. It should also contain methods for sending orders to a Kafka topic and consuming orders from the topic. Use Dependency Injection to inject theOrderRepository
and aKafkaTemplate
into the service.UserService
: Contains methods for registering, authenticating, and retrieving users. Use Dependency Injection to inject theUserRepository
into the service.
-
Implement the REST API controllers:
ProductController
: Handles HTTP requests for CRUD operations on products. Use Dependency Injection to inject theProductService
into the controller.OrderController
: Handles HTTP requests for placing orders. Use Dependency Injection to inject theOrderService
into the controller.UserController
: Handles HTTP requests for user registration and authentication. Use Dependency Injection to inject theUserService
into the controller.
-
Implement DTOs for the API:
ProductDTO
: Contains fields forid
,name
,description
,price
, andstockQuantity
. Use Java's built-in serialization mechanism to ensure that this object can be easily converted to JSON for use in the API.OrderDTO
: Contains fields forid
,product
,quantity
,status
, andtotalPrice
. Again, use Java's serialization mechanism for this.UserDTO
:
Contains fields for id
, username
, role
. Do not include the password in the DTO.
-
Implement exception handling:
- Create custom exceptions (
ResourceNotFoundException
,BadRequestException
,OutOfStockException
,AuthenticationException
) - Implement a global exception handler with
@ControllerAdvice
to handle exceptions and return appropriate HTTP response status codes
- Create custom exceptions (
-
Configure an H2 in-memory database for the application. Use Spring Data JPA for Object-Relational Mapping.
-
Configure Spring's caching mechanism to cache products. You can use Spring's
@Cacheable
annotation to do this. -
Set up a Kafka producer and consumer in your
OrderService
. The producer should send orders to a Kafka topic when they are placed, and the consumer should process these orders asynchronously. -
Implement AOP for logging and monitoring. You can create an aspect to log the execution time of methods, for example.
-
Configure Spring Security for authentication. You should allow only authenticated users to place orders.
-
Write unit tests for the service classes using JUnit and Mockito.
-
Set up a GitHub Actions workflow for Continuous Integration. The workflow should build the project and run the tests whenever changes are pushed to the repository.
-
(Optional) Implement API documentation using Swagger or OpenAPI.
Deliverables:
- A fully functional Spring Boot project, including source code and tests
- A README file with instructions on how to build and run the project, as well as an explanation of any design decisions you made
When you submit your project, please include all necessary files in a single archive (e.g., ZIP or TAR) and provide clear instructions for building and running your application. Good luck!