Ignore:
Timestamp:
02/10/23 00:10:41 (23 months ago)
Author:
DenicaKj <dkorvezir@…>
Branches:
master
Children:
73f0dbc
Parents:
5444409
Message:

added authorization

Location:
src/main/java/com/example/moviezone
Files:
5 edited

Legend:

Unmodified
Added
Removed
  • src/main/java/com/example/moviezone/config/WebSecurityConfig.java

    r5444409 r01a1ca6  
    3232        http.csrf().disable()
    3333                .authorizeRequests()
    34                 .antMatchers("/","/**","/home/getFilm/**","/films","/projections" ,"/home", "/assets/**", "/register", "/api/**").permitAll()
    35                 .antMatchers("/admin/**").hasRole("ADMIN")
     34                .antMatchers("/","/films","/home/projections","/home/events","/home/getProjections/**","/home/films","/getFilm/**","/getEvent/**","/login","/events","/projections" ,"/home", "/assets/**", "/register", "/api/**").permitAll()
     35                .antMatchers("/home/getSeats/**","/myTickets","/getProjection/**","/home/makeReservation").hasRole("USER")
     36                .antMatchers("/**").hasRole("ADMIN")
    3637                .anyRequest()
    3738                .authenticated()
  • src/main/java/com/example/moviezone/repository/CustomerRepository.java

    r5444409 r01a1ca6  
    77@Repository
    88public interface CustomerRepository extends JpaRepository<Customer,Integer> {
     9    Customer getByUsername(String username);
    910}
  • src/main/java/com/example/moviezone/service/CustomerService.java

    r5444409 r01a1ca6  
    1111    List<Customer> findAllCustomers();
    1212    Optional<Customer> getCustomerById(int id);
     13    Customer findByUsername(String username);
    1314}
  • src/main/java/com/example/moviezone/service/Impl/CustomerServiceImpl.java

    r5444409 r01a1ca6  
    2626        return customerRepository.findById(id);
    2727    }
     28
     29    @Override
     30    public Customer findByUsername(String username) {
     31        return customerRepository.getByUsername(username);
     32    }
    2833}
  • src/main/java/com/example/moviezone/web/HomeController.java

    r5444409 r01a1ca6  
    259259    }
    260260    @GetMapping("/myTickets")
    261     public  String getMyTicketsPage(Model model,HttpSession session)
    262     {
    263         model.addAttribute("tickets",ticketService.findAllByCustomer((Customer) session.getAttribute("user")));
     261    public  String getMyTicketsPage(Model model,HttpServletRequest request)
     262    {
     263        Customer customer=customerService.findByUsername(request.getRemoteUser());
     264        model.addAttribute("tickets",ticketService.findAllByCustomer(customer));
    264265        model.addAttribute("bodyContent","myTickets");
    265266        return "master-template";
     
    380381    @PostMapping("/makeReservation")
    381382    @Transactional
    382     public String createTicketForReservation(@RequestParam Long film,@RequestParam Long projection,@RequestParam Long id_seat,@RequestParam String discount)
     383    public String createTicketForReservation(@RequestParam Long film,@RequestParam Long projection,@RequestParam Long id_seat,@RequestParam String discount,HttpServletRequest request, HttpServletResponse respons)
    383384    {
    384385        Ticket t;
     386        Customer customer=customerService.findByUsername(request.getRemoteUser());
    385387        Projection projection1=projectionService.findById(projection.intValue());
    386388        if(projection1.getDiscount().equals(discount)){
    387             t=ticketService.saveWithDiscount(LocalDate.now(),customerService.getCustomerById(2).get(),projection1,projection1.getDiscount(),seatService.getSeatById(id_seat.intValue()).get());
     389            t=ticketService.saveWithDiscount(LocalDate.now(),customer,projection1,projection1.getDiscount(),seatService.getSeatById(id_seat.intValue()).get());
    388390        }else{
    389             t=ticketService.saveWithout(LocalDate.now(),customerService.getCustomerById(4).get(),projection1,seatService.getSeatById(id_seat.intValue()).get());
     391            t=ticketService.saveWithout(LocalDate.now(),customer,projection1,seatService.getSeatById(id_seat.intValue()).get());
    390392        }
    391393        Integer price=ticketService.priceForTicket(t.getId_ticket());
    392394        t.setPrice(price);
    393         return "redirect:/home";
     395        return "redirect:/myTickets";
    394396    }
    395397
Note: See TracChangeset for help on using the changeset viewer.