Merge branch 'master' into Max/Backend/Curriculum
This commit is contained in:
@ -2,17 +2,20 @@ package ovh.herisson.Clyde.EndPoints;
|
||||
|
||||
|
||||
import org.springframework.http.HttpStatus;
|
||||
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
|
||||
import ovh.herisson.Clyde.Services.AuthenticatorService;
|
||||
import ovh.herisson.Clyde.Services.UserService;
|
||||
import ovh.herisson.Clyde.Tables.Role;
|
||||
import ovh.herisson.Clyde.Tables.User;
|
||||
import java.util.ArrayList;
|
||||
import java.util.HashMap;
|
||||
import java.util.Map;
|
||||
|
||||
|
||||
@RestController
|
||||
@CrossOrigin(origins = "http://localhost:5173")
|
||||
@CrossOrigin(originPatterns = "*", allowCredentials = "true")
|
||||
public class UserController {
|
||||
|
||||
private final UserService userService;
|
||||
@ -23,23 +26,78 @@ public class UserController {
|
||||
}
|
||||
|
||||
@GetMapping("/user")
|
||||
public ResponseEntity<User> getUser(@RequestHeader("Cookie") String authorization){
|
||||
public ResponseEntity<HashMap<String,Object>> getUser(@RequestHeader("Authorization") String authorization){
|
||||
|
||||
if (authorization == null) return new UnauthorizedResponse<>(null);
|
||||
User user = authServ.getUserFromToken(authorization);
|
||||
if (user == null) return new UnauthorizedResponse<>(null);
|
||||
return new ResponseEntity<>(user, HttpStatus.OK);
|
||||
|
||||
return new ResponseEntity<>(userWithoutPassword(user), HttpStatus.OK);
|
||||
}
|
||||
|
||||
@PostMapping("/user") //todo check role
|
||||
public ResponseEntity<String> postUser(@RequestBody User user){
|
||||
@PostMapping("/user")
|
||||
public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
|
||||
|
||||
if (!isSecretaryOrAdmin(authorization))
|
||||
return new UnauthorizedResponse<>(null);
|
||||
|
||||
userService.save(user);
|
||||
return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
|
||||
}
|
||||
|
||||
@GetMapping("/users")
|
||||
public Iterable<User> getAllUsers(){
|
||||
return userService.getAll();
|
||||
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
|
||||
|
||||
if (!isSecretaryOrAdmin(authorization))
|
||||
return new UnauthorizedResponse<>(null);
|
||||
|
||||
Iterable<User> users = userService.getAll();
|
||||
ArrayList<HashMap<String, Object>> withoutPassword = new ArrayList<>();
|
||||
|
||||
for (User u :users){
|
||||
withoutPassword.add(userWithoutPassword(u));
|
||||
}
|
||||
return new ResponseEntity<>(withoutPassword, HttpStatus.OK);
|
||||
}
|
||||
@PatchMapping("/user")
|
||||
public ResponseEntity<String> patchUser(@RequestBody Map<String,Object> updates, @RequestHeader("Authorization") String authorization) {
|
||||
|
||||
if (authorization == null) return new UnauthorizedResponse<>(null);
|
||||
|
||||
User poster = authServ.getUserFromToken(authorization);
|
||||
if (poster == null) {return new UnauthorizedResponse<>("bad authorization");}
|
||||
|
||||
if (!userService.modifyData(poster, updates, poster))
|
||||
return new UnauthorizedResponse<>("there was an issue with the updates requested");
|
||||
|
||||
return new ResponseEntity<>("data modified", HttpStatus.OK);
|
||||
}
|
||||
/** return user's data except password
|
||||
* @param user the user to return
|
||||
* @return all the user data without the password
|
||||
*/
|
||||
private HashMap<String,Object> userWithoutPassword(User user){
|
||||
HashMap<String,Object> toReturn = new HashMap<>();
|
||||
|
||||
toReturn.put("regNo",user.getRegNo());
|
||||
toReturn.put("firstName",user.getFirstName());
|
||||
toReturn.put("lastName",user.getLastName());
|
||||
toReturn.put("birthDate",user.getBirthDate());
|
||||
toReturn.put("country",user.getCountry());
|
||||
toReturn.put("address",user.getAddress());
|
||||
toReturn.put("role",user.getRole());
|
||||
|
||||
return toReturn;
|
||||
}
|
||||
|
||||
private boolean isSecretaryOrAdmin(String authorization){
|
||||
if (authorization ==null)
|
||||
return false;
|
||||
|
||||
User poster = authServ.getUserFromToken(authorization);
|
||||
if (poster == null) return false;
|
||||
|
||||
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user