moved the isSecretaryOrAdmin method
This commit is contained in:
@ -31,7 +31,7 @@ public class InscriptionController {
|
|||||||
@GetMapping("/inscriptionRequests")
|
@GetMapping("/inscriptionRequests")
|
||||||
public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){
|
public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){
|
||||||
|
|
||||||
if (!isSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
|
if (authServ.isNotSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
|
||||||
|
|
||||||
Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
|
Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
|
||||||
ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
|
ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
|
||||||
@ -70,15 +70,4 @@ public class InscriptionController {
|
|||||||
toReturn.put("state", inscriptionRequest.getState());
|
toReturn.put("state", inscriptionRequest.getState());
|
||||||
return toReturn;
|
return toReturn;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
private boolean isSecretaryOrAdmin(String authorization){
|
|
||||||
if (authorization ==null)
|
|
||||||
return false;
|
|
||||||
|
|
||||||
User poster = authServ.getUserFromToken(authorization);
|
|
||||||
if (poster == null) return false;
|
|
||||||
|
|
||||||
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
@ -43,7 +43,7 @@ public class UserController {
|
|||||||
@PostMapping("/user")
|
@PostMapping("/user")
|
||||||
public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
|
public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
|
||||||
|
|
||||||
if (!isSecretaryOrAdmin(authorization))
|
if (authServ.isNotSecretaryOrAdmin(authorization))
|
||||||
return new UnauthorizedResponse<>(null);
|
return new UnauthorizedResponse<>(null);
|
||||||
|
|
||||||
userService.save(user);
|
userService.save(user);
|
||||||
@ -53,7 +53,7 @@ public class UserController {
|
|||||||
@GetMapping("/users")
|
@GetMapping("/users")
|
||||||
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
|
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
|
||||||
|
|
||||||
if (!isSecretaryOrAdmin(authorization))
|
if (authServ.isNotSecretaryOrAdmin(authorization))
|
||||||
return new UnauthorizedResponse<>(null);
|
return new UnauthorizedResponse<>(null);
|
||||||
|
|
||||||
Iterable<User> users = userService.getAll();
|
Iterable<User> users = userService.getAll();
|
||||||
@ -85,7 +85,6 @@ public class UserController {
|
|||||||
*/
|
*/
|
||||||
private HashMap<String,Object> userWithoutPassword(User user){
|
private HashMap<String,Object> userWithoutPassword(User user){
|
||||||
HashMap<String,Object> toReturn = new HashMap<>();
|
HashMap<String,Object> toReturn = new HashMap<>();
|
||||||
|
|
||||||
toReturn.put("regNo",user.getRegNo());
|
toReturn.put("regNo",user.getRegNo());
|
||||||
toReturn.put("firstName",user.getFirstName());
|
toReturn.put("firstName",user.getFirstName());
|
||||||
toReturn.put("lastName",user.getLastName());
|
toReturn.put("lastName",user.getLastName());
|
||||||
@ -93,18 +92,7 @@ public class UserController {
|
|||||||
toReturn.put("country",user.getCountry());
|
toReturn.put("country",user.getCountry());
|
||||||
toReturn.put("address",user.getAddress());
|
toReturn.put("address",user.getAddress());
|
||||||
toReturn.put("role",user.getRole());
|
toReturn.put("role",user.getRole());
|
||||||
|
|
||||||
return toReturn;
|
return toReturn;
|
||||||
}
|
}
|
||||||
|
|
||||||
private boolean isSecretaryOrAdmin(String authorization){
|
|
||||||
if (authorization ==null)
|
|
||||||
return false;
|
|
||||||
|
|
||||||
User poster = authServ.getUserFromToken(authorization);
|
|
||||||
if (poster == null) return false;
|
|
||||||
|
|
||||||
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -4,6 +4,7 @@ import org.springframework.stereotype.Service;
|
|||||||
import ovh.herisson.Clyde.EndPoints.LoginController;
|
import ovh.herisson.Clyde.EndPoints.LoginController;
|
||||||
import ovh.herisson.Clyde.Repositories.InscriptionRepository;
|
import ovh.herisson.Clyde.Repositories.InscriptionRepository;
|
||||||
import ovh.herisson.Clyde.Tables.InscriptionRequest;
|
import ovh.herisson.Clyde.Tables.InscriptionRequest;
|
||||||
|
import ovh.herisson.Clyde.Tables.Role;
|
||||||
import ovh.herisson.Clyde.Tables.Token;
|
import ovh.herisson.Clyde.Tables.Token;
|
||||||
import ovh.herisson.Clyde.Tables.User;
|
import ovh.herisson.Clyde.Tables.User;
|
||||||
|
|
||||||
@ -39,4 +40,17 @@ public class AuthenticatorService {
|
|||||||
public void register(InscriptionRequest inscriptionRequest) {
|
public void register(InscriptionRequest inscriptionRequest) {
|
||||||
inscriptionService.save(inscriptionRequest);
|
inscriptionService.save(inscriptionRequest);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public boolean isNotSecretaryOrAdmin(String authorization){
|
||||||
|
if (authorization ==null)
|
||||||
|
return true;
|
||||||
|
|
||||||
|
User poster = getUserFromToken(authorization);
|
||||||
|
if (poster == null) return true;
|
||||||
|
|
||||||
|
return poster.getRole() != Role.Secretary || poster.getRole() != Role.Admin;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
Reference in New Issue
Block a user