source: springapp/src/main/java/mk/profesori/springapp/Controller/SecureController.java@ af801e3

main
Last change on this file since af801e3 was af801e3, checked in by viktor <viktor@…>, 18 months ago

finished edit/delete/displace opinion/thread from report (react); todo reporting user/opinion/thread interface, public user pages and messaging (springboot)
  • Property mode set to 100644
File size: 13.8 KB
Line 
1package mk.profesori.springapp.Controller;
2
3import com.fasterxml.jackson.databind.node.ObjectNode;
4import mk.profesori.springapp.Model.CustomUserDetails;
5import mk.profesori.springapp.Model.PostReport;
6import mk.profesori.springapp.Model.UserRole;
7import mk.profesori.springapp.Service.CustomUserDetailsService;
8import mk.profesori.springapp.Service.DisallowedOperationException;
9import mk.profesori.springapp.Service.IncompatiblePostId;
10import mk.profesori.springapp.Service.MainService;
11import org.apache.tomcat.websocket.AuthenticationException;
12import org.springframework.security.core.Authentication;
13import org.springframework.security.core.annotation.CurrentSecurityContext;
14import org.springframework.security.core.context.SecurityContext;
15import org.springframework.security.core.userdetails.UserDetails;
16import org.springframework.web.bind.annotation.*;
17
18import java.util.List;
19
20@RestController
21@RequestMapping("/secure")
22@CrossOrigin(origins = { "http://192.168.0.29:3000", "http://192.168.0.28:3000" })
23public class SecureController {
24
25 private final MainService mainService;
26 final CustomUserDetailsService customUserDetailsService;
27
28 public SecureController(MainService mainService, CustomUserDetailsService customUserDetailsService) {
29 this.mainService = mainService;
30 this.customUserDetailsService = customUserDetailsService;
31 }
32
33 @RequestMapping(value = "/professor/{professorId}/addOpinion", method = RequestMethod.POST)
34 public void addOpinion(@RequestBody ObjectNode objectNode, @PathVariable Long professorId,
35 @CurrentSecurityContext SecurityContext context) {
36 Authentication authentication = context.getAuthentication();
37 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
38 String content = objectNode.get("content").asText();
39 mainService.addOpinion(content, professorId, currentUser);
40 }
41 }
42
43 @RequestMapping(value = "/professor/{professorId}/replyToOpinion/{postId}", method = RequestMethod.POST)
44 public void replyToOpinion(@RequestBody ObjectNode objectNode, @PathVariable Long professorId,
45 @PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
46 Authentication authentication = context.getAuthentication();
47 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
48 String content = objectNode.get("content").asText();
49 mainService.replyToOpinion(content, professorId, postId, currentUser);
50 }
51 }
52
53 @RequestMapping(value = "/subject/{subjectId}/addThread", method = RequestMethod.POST)
54 public void addThread(@RequestBody ObjectNode objectNode, @PathVariable Long subjectId,
55 @CurrentSecurityContext SecurityContext context) {
56 Authentication authentication = context.getAuthentication();
57 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
58 String title = objectNode.get("title").asText();
59 String content = objectNode.get("content").asText();
60 mainService.addThread(title, content, subjectId, currentUser);
61 }
62 }
63
64 @RequestMapping(value = "/subject/{subjectId}/replyToThread/{postId}", method = RequestMethod.POST)
65 public void replyToThread(@RequestBody ObjectNode objectNode, @PathVariable Long subjectId,
66 @PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
67 Authentication authentication = context.getAuthentication();
68 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
69 String content = objectNode.get("content").asText();
70 mainService.replyToThread(content, subjectId, postId, currentUser);
71 }
72 }
73
74 @RequestMapping(value = "/currentUser", method = RequestMethod.GET)
75 public UserDetails getUserDetails(@CurrentSecurityContext SecurityContext context) {
76 Authentication authentication = context.getAuthentication();
77 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
78 return customUserDetailsService.loadUserByUsername(currentUser.getEmail());
79 }
80 return null;
81 }
82
83 @RequestMapping(value = "/upvoteOpinion/{postId}", method = RequestMethod.GET)
84 public void upvoteOpinion(@PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
85 Authentication authentication = context.getAuthentication();
86 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
87 mainService.upvoteOpinion(postId, currentUser);
88 }
89 }
90
91 @RequestMapping(value = "/downvoteOpinion/{postId}", method = RequestMethod.GET)
92 public void downvoteOpinion(@PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
93 Authentication authentication = context.getAuthentication();
94 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
95 mainService.downvoteOpinion(postId, currentUser);
96 }
97 }
98
99 @RequestMapping(value = "/upvoteThread/{postId}", method = RequestMethod.GET)
100 public void upvoteThread(@PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
101 Authentication authentication = context.getAuthentication();
102 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
103 mainService.upvote_Thread(postId, currentUser);
104 }
105 }
106
107 @RequestMapping(value = "/downvoteThread/{postId}", method = RequestMethod.GET)
108 public void downvoteThread(@PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
109
110 Authentication authentication = context.getAuthentication();
111 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
112 mainService.downvote_Thread(postId, currentUser);
113 }
114 }
115
116 @RequestMapping(value = "/deleteOpinion/{postId}", method = RequestMethod.DELETE)
117 public void deleteOpinion(@PathVariable Long postId, @CurrentSecurityContext SecurityContext context)
118 throws Exception {
119 Authentication authentication = context.getAuthentication();
120 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
121 && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
122 mainService.deleteOpinion(postId);
123 } else
124 throw new AuthenticationException("Auth exception");
125 }
126
127 @RequestMapping(value = "/deleteThread/{postId}", method = RequestMethod.DELETE)
128 public void deleteThread(@PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
129 Authentication authentication = context.getAuthentication();
130 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
131 && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
132 mainService.delete_Thread(postId);
133 }
134 }
135
136 @RequestMapping(value = "/updateOpinion/{postId}", method = RequestMethod.PUT)
137 public String updateOpinion(@RequestBody ObjectNode objectNode, @PathVariable Long postId,
138 @CurrentSecurityContext SecurityContext context) {
139 Authentication authentication = context.getAuthentication();
140 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
141 && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
142 String newContent = objectNode.get("newContent").asText();
143 Long newTargetProfessorId = objectNode.get("newTargetProfessorId").asLong();
144 Long newParentPostId = objectNode.get("newParentPostId").asLong();
145 try {
146 mainService.updateOpinion(newContent, newTargetProfessorId, newParentPostId, postId);
147 } catch (IncompatiblePostId | DisallowedOperationException e) {
148 return e.getMessage();
149 }
150 }
151
152 return null;
153 }
154
155 @RequestMapping(value = "/updateThread/{postId}", method = RequestMethod.PUT)
156 public String updateThread(@RequestBody ObjectNode objectNode, @PathVariable Long postId,
157 @CurrentSecurityContext SecurityContext context) {
158 Authentication authentication = context.getAuthentication();
159 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
160 && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
161 String newTitle = objectNode.get("newTitle").asText();
162 String newContent = objectNode.get("newContent").asText();
163 Long newTargetSubjectId = objectNode.get("newTargetSubjectId").asLong();
164 Long newParentThreadId = objectNode.get("newParentThreadId").asLong();
165 try {
166 mainService.update_Thread(newTitle, newContent, newTargetSubjectId, newParentThreadId, postId);
167 } catch (IncompatiblePostId | DisallowedOperationException e) {
168 return e.getMessage();
169 }
170 }
171
172 return null;
173 }
174
175 @RequestMapping(value = "/lockUser/{userId}", method = RequestMethod.GET)
176 public void lockUser(@PathVariable Long userId, @CurrentSecurityContext SecurityContext context) {
177 Authentication authentication = context.getAuthentication();
178 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
179 && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
180 mainService.lockUser(userId);
181 }
182 }
183
184 @RequestMapping(value = "/deleteUser/{userId}", method = RequestMethod.DELETE)
185 public void deleteUser(@PathVariable Long userId, @CurrentSecurityContext SecurityContext context) {
186 Authentication authentication = context.getAuthentication();
187 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
188 && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
189 mainService.deleteUser(userId);
190 }
191 }
192
193 @RequestMapping(value = "/updateUserFullName/{userId}", method = RequestMethod.PUT)
194 public void updateUserFullName(@RequestBody ObjectNode objectNode, @PathVariable Long userId,
195 @CurrentSecurityContext SecurityContext context) {
196 Authentication authentication = context.getAuthentication();
197 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
198 && (currentUser.getUserRole().equals(UserRole.MODERATOR) || currentUser.getId().equals(userId))) {
199 String newFullName = objectNode.get("newFullName").asText();
200 mainService.updateUserFullName(newFullName, userId);
201 }
202 }
203
204 @RequestMapping(value = "/updateUserUsername/{userId}", method = RequestMethod.PUT)
205 public void updateUserUsername(@RequestBody ObjectNode objectNode, @PathVariable Long userId,
206 @CurrentSecurityContext SecurityContext context) {
207 Authentication authentication = context.getAuthentication();
208 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
209 && (currentUser.getUserRole().equals(UserRole.MODERATOR) || currentUser.getId().equals(userId))) {
210 String newUsername = objectNode.get("newUsername").asText();
211 mainService.updateUserUsername(newUsername, userId);
212 }
213 }
214
215 @RequestMapping(value = "/reportOpinion/{postId}", method = RequestMethod.POST)
216 public void reportOpinion(@RequestBody ObjectNode objectNode, @PathVariable Long postId,
217 @CurrentSecurityContext SecurityContext context) {
218 Authentication authentication = context.getAuthentication();
219 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
220 String description = objectNode.get("description").asText();
221 mainService.reportOpinion(postId, currentUser, description);
222 }
223 }
224
225 @RequestMapping(value = "/reportThread/{postId}", method = RequestMethod.POST)
226 public void reportThread(@RequestBody ObjectNode objectNode, @PathVariable Long postId,
227 @CurrentSecurityContext SecurityContext context) {
228 Authentication authentication = context.getAuthentication();
229 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
230 String description = objectNode.get("description").asText();
231 mainService.reportThread(postId, currentUser, description);
232 }
233 }
234
235 @RequestMapping(value = "/markReportResolved/{postReportId}/{action}", method = RequestMethod.GET)
236 public void markReportResolved(@PathVariable Long postReportId, @PathVariable String action, @CurrentSecurityContext SecurityContext context) {
237 Authentication authentication = context.getAuthentication();
238 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser &&
239 currentUser.getUserRole().equals(UserRole.MODERATOR)) {
240 mainService.markReport(postReportId, action);
241 }
242 }
243
244 @RequestMapping(value = "/getAllPostReports", method = RequestMethod.GET)
245 public List<PostReport> getAllPostReports(@CurrentSecurityContext SecurityContext context) throws AuthenticationException{
246 Authentication authentication = context.getAuthentication();
247 if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
248 && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
249 return mainService.getAllPostReports();
250 } else throw new AuthenticationException("Invalid role");
251 }
252
253
254}
Note: See TracBrowser for help on using the repository browser.