INSA/service-architecture
1
0
Fork 0
mirror of https://github.com/Lemonochrme/service-architecture.git synced 2025-06-08 13:40:50 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

Backend: Added "change_status" endpoint which checks the role before doing any action. DB: Added 3 dummy users with the 3 different roles.

Browse source
This commit is contained in:
Yohan Boujon 2024-12-23 00:01:47 +01:00
parent f051f41701
commit 42c3bb15f6
4 changed files with 103 additions and 18 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
README.md
View file

@ -20,9 +20,9 @@ Course Exercice : Application to help others
- [X] `Rest` Create user - [X] `Rest` Create user
- [X] `Rest` Login with user and password - [X] `Rest` Login with user and password
- [ ] `Rest` Make sure admin can do everything and users don't - [X] `Rest` Make sure admin can do everything and users don't
- [ ] `Rest` Create a Help Request - [X] `Rest` Create a Help Request
- [ ] `Rest` Modify the Help Request status - [X] `Rest` Modify the Help Request status
- [ ] `Rest` Create a User Feedback - [ ] `Rest` Create a User Feedback
- [ ] `Rest` Gather User Feedbacks - [ ] `Rest` Gather User Feedbacks

21
backend/database-manager/src/main/java/insa/application/helpapp/rest/StatusEnum.java Normal file
View file

@ -0,0 +1,21 @@
package insa.application.helpapp.rest;
public enum StatusEnum {
WAITING(1),
VALIDATED(2),
REJECTED(3),
SELECTED(4),
FINISHED(5);
private final int value;
// Constructor
StatusEnum(int value) {
this.value = value;
}
// Getter
public int getValue() {
return value;
}
}

80
backend/request-service/src/main/java/insa/application/helpapp/rest/RequestServiceApplication.java
View file

@ -20,6 +20,7 @@ public class RequestServiceApplication {
private AdministrationService administrationService; private AdministrationService administrationService;
@Autowired @Autowired
private RequestRepository requestRepository; private RequestRepository requestRepository;
public static void main(String[] args) { public static void main(String[] args) {
SpringApplication.run(RequestServiceApplication.class, args); SpringApplication.run(RequestServiceApplication.class, args);
} }
@ -31,32 +32,89 @@ public class RequestServiceApplication {
@Override @Override
public void addCorsMappings(CorsRegistry registry) { public void addCorsMappings(CorsRegistry registry) {
registry.addMapping("/**").allowedOrigins("*") registry.addMapping("/**").allowedOrigins("*")
.allowedMethods("GET", "POST", "PUT", "DELETE", "OPTIONS") .allowedMethods("POST", "PUT", "DELETE")
.allowedHeaders("*"); .allowedHeaders("*");
} }
}; };
} }
@PostMapping("/post_request") // Post should be : /create_request?idUser=1&message=string&token=?
public ResponseEntity<?> postMessage(@RequestParam int idUser,@RequestParam String token, @RequestParam String message) { // Response if success: the request
@PostMapping("/create_request")
public ResponseEntity<?> CreateRequest(@RequestParam int idUser, @RequestParam String token,
@RequestParam String message) {
if (!administrationService.checkToken(idUser, token)) { if (!administrationService.checkToken(idUser, token)) {
return ResponseEntity.status(HttpStatus.FORBIDDEN).body("User or token invalid."); return ResponseEntity.status(HttpStatus.FORBIDDEN).body("User or token invalid.");
}; }
Optional<Integer> idRoleOption = administrationService.getRole(idUser);
if(!idRoleOption.isPresent()) { int idRole = administrationService.getRole(idUser).get();
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("User invalid.");
};
int idRole = idRoleOption.get();
if (idRole == RoleEnum.VOLUNTEER.getValue()) { if (idRole == RoleEnum.VOLUNTEER.getValue()) {
return ResponseEntity.status(HttpStatus.FORBIDDEN).body("Volunteers cannot post a request."); return ResponseEntity.status(HttpStatus.FORBIDDEN).body("Volunteers cannot post a request.");
} }
Request request = new Request(); Request request = new Request();
// id_status = 1 means waiting. it is always set to 1 when created. request.setIdStatus(StatusEnum.WAITING.getValue());
request.setIdStatus(1);
request.setIdUser(idUser); request.setIdUser(idUser);
request.setCreatedAt(LocalDateTime.now()); request.setCreatedAt(LocalDateTime.now());
request.setMessage(message); request.setMessage(message);
return ResponseEntity.ok(requestRepository.save(request)); return ResponseEntity.ok(requestRepository.save(request));
} }
// Put should be : /change_status?idUser=1&idMessage=1&status=1&token=?
// Response if success: the request with the changed status
@PutMapping("/change_status")
public ResponseEntity<?> changeStatus(@RequestParam int idUser, @RequestParam String token,
@RequestParam int idMessage, @RequestParam int status) {
if (!administrationService.checkToken(idUser, token)) {
return ResponseEntity.status(HttpStatus.FORBIDDEN).body("User or token invalid.");
}
Optional<Request> requestOption = requestRepository.findById(idMessage);
if (!requestOption.isPresent()) {
return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("No message found with the following ID.");
}
Request request = requestOption.get();
int idRole = administrationService.getRole(idUser).get();
if (status > StatusEnum.values().length) {
return ResponseEntity.status(HttpStatus.BAD_REQUEST)
.body("The status of a request cannot exceed " + StatusEnum.values().length + ".");
}
// The admin can do anything
else if (idRole == RoleEnum.ADMIN.getValue()) {
request.setIdStatus(status);
requestRepository.save(request);
return ResponseEntity.ok(request);
}
// If the message is VALIDATED/SELECTED, the Volunteer can change its value
else if (idRole == RoleEnum.VOLUNTEER.getValue()) {
System.out.printf("Status: %d\tActual: %d%n", status, request.getIdStatus());
if ((status == StatusEnum.VALIDATED.getValue() || status == StatusEnum.SELECTED.getValue())
&& (request.getIdStatus() == StatusEnum.VALIDATED.getValue()
|| request.getIdStatus() == StatusEnum.SELECTED.getValue())) {
request.setIdStatus(status);
requestRepository.save(request);
return ResponseEntity.ok(request);
} else {
return ResponseEntity.status(HttpStatus.FORBIDDEN)
.body("Volunteers can only change the status of a request to SELECTED/VALIDATED.");
}
}
// The USER can only put the status to FINISHED after it is SELECTED
else if (idRole == RoleEnum.USER.getValue()) {
if ((status == StatusEnum.FINISHED.getValue())
&& (request.getIdStatus() == StatusEnum.SELECTED.getValue())) {
request.setIdStatus(status);
requestRepository.save(request);
return ResponseEntity.ok(request);
} else {
return ResponseEntity.status(HttpStatus.FORBIDDEN)
.body("Users can only change the status of a request from SELECTED to FINISHED.");
}
}
return ResponseEntity.status(HttpStatus.FORBIDDEN)
.body("Only Admins can perform this action.");
}
} }

8
db/init.sql
View file

@ -9,5 +9,11 @@ VALUES
(1, 'Waiting'), (1, 'Waiting'),
(2, 'Validated'), (2, 'Validated'),
(3, 'Rejected'), (3, 'Rejected'),
(4, 'Chosen'), (4, 'Selected'),
(5, 'Finished'); (5, 'Finished');
INSERT INTO `service-architecture`.users (id, id_role, username, password)
VALUES
(1, 1, 'toto', 'toto'),
(2, 2, 'helper', '1234'),
(3, 3, 'admin', 'admin');