From 42c3bb15f691a792988244214bdf3a61841d7f39 Mon Sep 17 00:00:00 2001 From: Yohan Boujon Date: Mon, 23 Dec 2024 00:01:47 +0100 Subject: [PATCH] Backend: Added "change_status" endpoint which checks the role before doing any action. DB: Added 3 dummy users with the 3 different roles. --- README.md | 6 +- .../application/helpapp/rest/StatusEnum.java | 21 +++++ .../rest/RequestServiceApplication.java | 84 ++++++++++++++++--- db/init.sql | 10 ++- 4 files changed, 103 insertions(+), 18 deletions(-) create mode 100644 backend/database-manager/src/main/java/insa/application/helpapp/rest/StatusEnum.java diff --git a/README.md b/README.md index aa53ec8..aaa812b 100644 --- a/README.md +++ b/README.md @@ -20,9 +20,9 @@ Course Exercice : Application to help others - [X] `Rest` Create user - [X] `Rest` Login with user and password -- [ ] `Rest` Make sure admin can do everything and users don't -- [ ] `Rest` Create a Help Request -- [ ] `Rest` Modify the Help Request status +- [X] `Rest` Make sure admin can do everything and users don't +- [X] `Rest` Create a Help Request +- [X] `Rest` Modify the Help Request status - [ ] `Rest` Create a User Feedback - [ ] `Rest` Gather User Feedbacks diff --git a/backend/database-manager/src/main/java/insa/application/helpapp/rest/StatusEnum.java b/backend/database-manager/src/main/java/insa/application/helpapp/rest/StatusEnum.java new file mode 100644 index 0000000..87c1656 --- /dev/null +++ b/backend/database-manager/src/main/java/insa/application/helpapp/rest/StatusEnum.java @@ -0,0 +1,21 @@ +package insa.application.helpapp.rest; + +public enum StatusEnum { + WAITING(1), + VALIDATED(2), + REJECTED(3), + SELECTED(4), + FINISHED(5); + + private final int value; + + // Constructor + StatusEnum(int value) { + this.value = value; + } + + // Getter + public int getValue() { + return value; + } +} \ No newline at end of file diff --git a/backend/request-service/src/main/java/insa/application/helpapp/rest/RequestServiceApplication.java b/backend/request-service/src/main/java/insa/application/helpapp/rest/RequestServiceApplication.java index a73d6a8..3f6aa8c 100644 --- a/backend/request-service/src/main/java/insa/application/helpapp/rest/RequestServiceApplication.java +++ b/backend/request-service/src/main/java/insa/application/helpapp/rest/RequestServiceApplication.java @@ -20,6 +20,7 @@ public class RequestServiceApplication { private AdministrationService administrationService; @Autowired private RequestRepository requestRepository; + public static void main(String[] args) { SpringApplication.run(RequestServiceApplication.class, args); } @@ -31,32 +32,89 @@ public class RequestServiceApplication { @Override public void addCorsMappings(CorsRegistry registry) { registry.addMapping("/**").allowedOrigins("*") - .allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS") + .allowedMethods("POST", "PUT", "DELETE") .allowedHeaders("*"); } }; } - @PostMapping("/post_request") - public ResponseEntity postMessage(@RequestParam int idUser,@RequestParam String token, @RequestParam String message) { - if(!administrationService.checkToken(idUser, token)) { + // Post should be : /create_request?idUser=1&message=string&token=? + // Response if success: the request + @PostMapping("/create_request") + public ResponseEntity CreateRequest(@RequestParam int idUser, @RequestParam String token, + @RequestParam String message) { + if (!administrationService.checkToken(idUser, token)) { return ResponseEntity.status(HttpStatus.FORBIDDEN).body("User or token invalid."); - }; - Optional idRoleOption = administrationService.getRole(idUser); - if(!idRoleOption.isPresent()) { - return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("User invalid."); - }; - int idRole = idRoleOption.get(); - if(idRole == RoleEnum.VOLUNTEER.getValue()) { + } + + int idRole = administrationService.getRole(idUser).get(); + if (idRole == RoleEnum.VOLUNTEER.getValue()) { return ResponseEntity.status(HttpStatus.FORBIDDEN).body("Volunteers cannot post a request."); } Request request = new Request(); - // id_status = 1 means waiting. it is always set to 1 when created. - request.setIdStatus(1); + request.setIdStatus(StatusEnum.WAITING.getValue()); request.setIdUser(idUser); request.setCreatedAt(LocalDateTime.now()); request.setMessage(message); return ResponseEntity.ok(requestRepository.save(request)); } + + // Put should be : /change_status?idUser=1&idMessage=1&status=1&token=? + // Response if success: the request with the changed status + @PutMapping("/change_status") + public ResponseEntity changeStatus(@RequestParam int idUser, @RequestParam String token, + @RequestParam int idMessage, @RequestParam int status) { + if (!administrationService.checkToken(idUser, token)) { + return ResponseEntity.status(HttpStatus.FORBIDDEN).body("User or token invalid."); + } + Optional requestOption = requestRepository.findById(idMessage); + if (!requestOption.isPresent()) { + return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("No message found with the following ID."); + } + Request request = requestOption.get(); + + int idRole = administrationService.getRole(idUser).get(); + if (status > StatusEnum.values().length) { + return ResponseEntity.status(HttpStatus.BAD_REQUEST) + .body("The status of a request cannot exceed " + StatusEnum.values().length + "."); + } + // The admin can do anything + else if (idRole == RoleEnum.ADMIN.getValue()) { + request.setIdStatus(status); + requestRepository.save(request); + return ResponseEntity.ok(request); + } + // If the message is VALIDATED/SELECTED, the Volunteer can change its value + else if (idRole == RoleEnum.VOLUNTEER.getValue()) { + System.out.printf("Status: %d\tActual: %d%n", status, request.getIdStatus()); + if ((status == StatusEnum.VALIDATED.getValue() || status == StatusEnum.SELECTED.getValue()) + && (request.getIdStatus() == StatusEnum.VALIDATED.getValue() + || request.getIdStatus() == StatusEnum.SELECTED.getValue())) { + request.setIdStatus(status); + requestRepository.save(request); + return ResponseEntity.ok(request); + } else { + return ResponseEntity.status(HttpStatus.FORBIDDEN) + .body("Volunteers can only change the status of a request to SELECTED/VALIDATED."); + } + } + // The USER can only put the status to FINISHED after it is SELECTED + else if (idRole == RoleEnum.USER.getValue()) { + if ((status == StatusEnum.FINISHED.getValue()) + && (request.getIdStatus() == StatusEnum.SELECTED.getValue())) { + request.setIdStatus(status); + requestRepository.save(request); + return ResponseEntity.ok(request); + } else { + return ResponseEntity.status(HttpStatus.FORBIDDEN) + .body("Users can only change the status of a request from SELECTED to FINISHED."); + } + } + + return ResponseEntity.status(HttpStatus.FORBIDDEN) + .body("Only Admins can perform this action."); + } + + } diff --git a/db/init.sql b/db/init.sql index 4c8742a..891f9d3 100644 --- a/db/init.sql +++ b/db/init.sql @@ -9,5 +9,11 @@ VALUES (1, 'Waiting'), (2, 'Validated'), (3, 'Rejected'), - (4, 'Chosen'), - (5, 'Finished'); \ No newline at end of file + (4, 'Selected'), + (5, 'Finished'); + +INSERT INTO `service-architecture`.users (id, id_role, username, password) +VALUES + (1, 1, 'toto', 'toto'), + (2, 2, 'helper', '1234'), + (3, 3, 'admin', 'admin'); \ No newline at end of file