1 | package mk.profesori.springapp.Controller;
|
---|
2 |
|
---|
3 | import com.fasterxml.jackson.databind.node.ObjectNode;
|
---|
4 | import mk.profesori.springapp.Model.CustomUserDetails;
|
---|
5 | import mk.profesori.springapp.Model.PostReport;
|
---|
6 | import mk.profesori.springapp.Model.UserRole;
|
---|
7 | import mk.profesori.springapp.Service.CustomUserDetailsService;
|
---|
8 | import mk.profesori.springapp.Service.DisallowedOperationException;
|
---|
9 | import mk.profesori.springapp.Service.IncompatiblePostId;
|
---|
10 | import mk.profesori.springapp.Service.MainService;
|
---|
11 | import org.apache.tomcat.websocket.AuthenticationException;
|
---|
12 | import org.springframework.security.core.Authentication;
|
---|
13 | import org.springframework.security.core.annotation.CurrentSecurityContext;
|
---|
14 | import org.springframework.security.core.context.SecurityContext;
|
---|
15 | import org.springframework.security.core.userdetails.UserDetails;
|
---|
16 | import org.springframework.web.bind.annotation.*;
|
---|
17 |
|
---|
18 | import java.util.List;
|
---|
19 |
|
---|
20 | @RestController
|
---|
21 | @RequestMapping("/secure")
|
---|
22 | @CrossOrigin(origins = { "http://192.168.0.29:3000", "http://192.168.0.28:3000" })
|
---|
23 | public class SecureController {
|
---|
24 |
|
---|
25 | private final MainService mainService;
|
---|
26 | final CustomUserDetailsService customUserDetailsService;
|
---|
27 |
|
---|
28 | public SecureController(MainService mainService, CustomUserDetailsService customUserDetailsService) {
|
---|
29 | this.mainService = mainService;
|
---|
30 | this.customUserDetailsService = customUserDetailsService;
|
---|
31 | }
|
---|
32 |
|
---|
33 | @RequestMapping(value = "/professor/{professorId}/addOpinion", method = RequestMethod.POST)
|
---|
34 | public void addOpinion(@RequestBody ObjectNode objectNode, @PathVariable Long professorId,
|
---|
35 | @CurrentSecurityContext SecurityContext context) {
|
---|
36 | Authentication authentication = context.getAuthentication();
|
---|
37 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
|
---|
38 | String content = objectNode.get("content").asText();
|
---|
39 | mainService.addOpinion(content, professorId, currentUser);
|
---|
40 | }
|
---|
41 | }
|
---|
42 |
|
---|
43 | @RequestMapping(value = "/professor/{professorId}/replyToOpinion/{postId}", method = RequestMethod.POST)
|
---|
44 | public void replyToOpinion(@RequestBody ObjectNode objectNode, @PathVariable Long professorId,
|
---|
45 | @PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
|
---|
46 | Authentication authentication = context.getAuthentication();
|
---|
47 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
|
---|
48 | String content = objectNode.get("content").asText();
|
---|
49 | mainService.replyToOpinion(content, professorId, postId, currentUser);
|
---|
50 | }
|
---|
51 | }
|
---|
52 |
|
---|
53 | @RequestMapping(value = "/subject/{subjectId}/addThread", method = RequestMethod.POST)
|
---|
54 | public void addThread(@RequestBody ObjectNode objectNode, @PathVariable Long subjectId,
|
---|
55 | @CurrentSecurityContext SecurityContext context) {
|
---|
56 | Authentication authentication = context.getAuthentication();
|
---|
57 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
|
---|
58 | String title = objectNode.get("title").asText();
|
---|
59 | String content = objectNode.get("content").asText();
|
---|
60 | mainService.addThread(title, content, subjectId, currentUser);
|
---|
61 | }
|
---|
62 | }
|
---|
63 |
|
---|
64 | @RequestMapping(value = "/subject/{subjectId}/replyToThread/{postId}", method = RequestMethod.POST)
|
---|
65 | public void replyToThread(@RequestBody ObjectNode objectNode, @PathVariable Long subjectId,
|
---|
66 | @PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
|
---|
67 | Authentication authentication = context.getAuthentication();
|
---|
68 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
|
---|
69 | String content = objectNode.get("content").asText();
|
---|
70 | mainService.replyToThread(content, subjectId, postId, currentUser);
|
---|
71 | }
|
---|
72 | }
|
---|
73 |
|
---|
74 | @RequestMapping(value = "/currentUser", method = RequestMethod.GET)
|
---|
75 | public UserDetails getUserDetails(@CurrentSecurityContext SecurityContext context) {
|
---|
76 | Authentication authentication = context.getAuthentication();
|
---|
77 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
|
---|
78 | return customUserDetailsService.loadUserByUsername(currentUser.getEmail());
|
---|
79 | }
|
---|
80 | return null;
|
---|
81 | }
|
---|
82 |
|
---|
83 | @RequestMapping(value = "/upvoteOpinion/{postId}", method = RequestMethod.GET)
|
---|
84 | public void upvoteOpinion(@PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
|
---|
85 | Authentication authentication = context.getAuthentication();
|
---|
86 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
|
---|
87 | mainService.upvoteOpinion(postId, currentUser);
|
---|
88 | }
|
---|
89 | }
|
---|
90 |
|
---|
91 | @RequestMapping(value = "/downvoteOpinion/{postId}", method = RequestMethod.GET)
|
---|
92 | public void downvoteOpinion(@PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
|
---|
93 | Authentication authentication = context.getAuthentication();
|
---|
94 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
|
---|
95 | mainService.downvoteOpinion(postId, currentUser);
|
---|
96 | }
|
---|
97 | }
|
---|
98 |
|
---|
99 | @RequestMapping(value = "/upvoteThread/{postId}", method = RequestMethod.GET)
|
---|
100 | public void upvoteThread(@PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
|
---|
101 | Authentication authentication = context.getAuthentication();
|
---|
102 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
|
---|
103 | mainService.upvote_Thread(postId, currentUser);
|
---|
104 | }
|
---|
105 | }
|
---|
106 |
|
---|
107 | @RequestMapping(value = "/downvoteThread/{postId}", method = RequestMethod.GET)
|
---|
108 | public void downvoteThread(@PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
|
---|
109 |
|
---|
110 | Authentication authentication = context.getAuthentication();
|
---|
111 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
|
---|
112 | mainService.downvote_Thread(postId, currentUser);
|
---|
113 | }
|
---|
114 | }
|
---|
115 |
|
---|
116 | @RequestMapping(value = "/deleteOpinion/{postId}", method = RequestMethod.DELETE)
|
---|
117 | public void deleteOpinion(@PathVariable Long postId, @CurrentSecurityContext SecurityContext context)
|
---|
118 | throws Exception {
|
---|
119 | Authentication authentication = context.getAuthentication();
|
---|
120 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
|
---|
121 | && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
|
---|
122 | mainService.deleteOpinion(postId);
|
---|
123 | } else
|
---|
124 | throw new AuthenticationException("Auth exception");
|
---|
125 | }
|
---|
126 |
|
---|
127 | @RequestMapping(value = "/deleteThread/{postId}", method = RequestMethod.DELETE)
|
---|
128 | public void deleteThread(@PathVariable Long postId, @CurrentSecurityContext SecurityContext context) {
|
---|
129 | Authentication authentication = context.getAuthentication();
|
---|
130 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
|
---|
131 | && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
|
---|
132 | mainService.delete_Thread(postId);
|
---|
133 | }
|
---|
134 | }
|
---|
135 |
|
---|
136 | @RequestMapping(value = "/updateOpinion/{postId}", method = RequestMethod.PUT)
|
---|
137 | public String updateOpinion(@RequestBody ObjectNode objectNode, @PathVariable Long postId,
|
---|
138 | @CurrentSecurityContext SecurityContext context) {
|
---|
139 | Authentication authentication = context.getAuthentication();
|
---|
140 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
|
---|
141 | && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
|
---|
142 | String newContent = objectNode.get("newContent").asText();
|
---|
143 | Long newTargetProfessorId = objectNode.get("newTargetProfessorId").asLong();
|
---|
144 | Long newParentPostId = objectNode.get("newParentPostId").asLong();
|
---|
145 | try {
|
---|
146 | mainService.updateOpinion(newContent, newTargetProfessorId, newParentPostId, postId);
|
---|
147 | } catch (IncompatiblePostId | DisallowedOperationException e) {
|
---|
148 | return e.getMessage();
|
---|
149 | }
|
---|
150 | }
|
---|
151 |
|
---|
152 | return null;
|
---|
153 | }
|
---|
154 |
|
---|
155 | @RequestMapping(value = "/updateThread/{postId}", method = RequestMethod.PUT)
|
---|
156 | public String updateThread(@RequestBody ObjectNode objectNode, @PathVariable Long postId,
|
---|
157 | @CurrentSecurityContext SecurityContext context) {
|
---|
158 | Authentication authentication = context.getAuthentication();
|
---|
159 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
|
---|
160 | && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
|
---|
161 | String newTitle = objectNode.get("newTitle").asText();
|
---|
162 | String newContent = objectNode.get("newContent").asText();
|
---|
163 | Long newTargetSubjectId = objectNode.get("newTargetSubjectId").asLong();
|
---|
164 | Long newParentThreadId = objectNode.get("newParentThreadId").asLong();
|
---|
165 | try {
|
---|
166 | mainService.update_Thread(newTitle, newContent, newTargetSubjectId, newParentThreadId, postId);
|
---|
167 | } catch (IncompatiblePostId | DisallowedOperationException e) {
|
---|
168 | return e.getMessage();
|
---|
169 | }
|
---|
170 | }
|
---|
171 |
|
---|
172 | return null;
|
---|
173 | }
|
---|
174 |
|
---|
175 | @RequestMapping(value = "/lockUser/{userId}", method = RequestMethod.GET)
|
---|
176 | public void lockUser(@PathVariable Long userId, @CurrentSecurityContext SecurityContext context) {
|
---|
177 | Authentication authentication = context.getAuthentication();
|
---|
178 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
|
---|
179 | && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
|
---|
180 | mainService.lockUser(userId);
|
---|
181 | }
|
---|
182 | }
|
---|
183 |
|
---|
184 | @RequestMapping(value = "/deleteUser/{userId}", method = RequestMethod.DELETE)
|
---|
185 | public void deleteUser(@PathVariable Long userId, @CurrentSecurityContext SecurityContext context) {
|
---|
186 | Authentication authentication = context.getAuthentication();
|
---|
187 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
|
---|
188 | && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
|
---|
189 | mainService.deleteUser(userId);
|
---|
190 | }
|
---|
191 | }
|
---|
192 |
|
---|
193 | @RequestMapping(value = "/updateUserFullName/{userId}", method = RequestMethod.PUT)
|
---|
194 | public void updateUserFullName(@RequestBody ObjectNode objectNode, @PathVariable Long userId,
|
---|
195 | @CurrentSecurityContext SecurityContext context) {
|
---|
196 | Authentication authentication = context.getAuthentication();
|
---|
197 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
|
---|
198 | && (currentUser.getUserRole().equals(UserRole.MODERATOR) || currentUser.getId().equals(userId))) {
|
---|
199 | String newFullName = objectNode.get("newFullName").asText();
|
---|
200 | mainService.updateUserFullName(newFullName, userId);
|
---|
201 | }
|
---|
202 | }
|
---|
203 |
|
---|
204 | @RequestMapping(value = "/updateUserUsername/{userId}", method = RequestMethod.PUT)
|
---|
205 | public void updateUserUsername(@RequestBody ObjectNode objectNode, @PathVariable Long userId,
|
---|
206 | @CurrentSecurityContext SecurityContext context) {
|
---|
207 | Authentication authentication = context.getAuthentication();
|
---|
208 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
|
---|
209 | && (currentUser.getUserRole().equals(UserRole.MODERATOR) || currentUser.getId().equals(userId))) {
|
---|
210 | String newUsername = objectNode.get("newUsername").asText();
|
---|
211 | mainService.updateUserUsername(newUsername, userId);
|
---|
212 | }
|
---|
213 | }
|
---|
214 |
|
---|
215 | @RequestMapping(value = "/reportOpinion/{postId}", method = RequestMethod.POST)
|
---|
216 | public void reportOpinion(@RequestBody ObjectNode objectNode, @PathVariable Long postId,
|
---|
217 | @CurrentSecurityContext SecurityContext context) {
|
---|
218 | Authentication authentication = context.getAuthentication();
|
---|
219 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
|
---|
220 | String description = objectNode.get("description").asText();
|
---|
221 | mainService.reportOpinion(postId, currentUser, description);
|
---|
222 | }
|
---|
223 | }
|
---|
224 |
|
---|
225 | @RequestMapping(value = "/reportThread/{postId}", method = RequestMethod.POST)
|
---|
226 | public void reportThread(@RequestBody ObjectNode objectNode, @PathVariable Long postId,
|
---|
227 | @CurrentSecurityContext SecurityContext context) {
|
---|
228 | Authentication authentication = context.getAuthentication();
|
---|
229 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser) {
|
---|
230 | String description = objectNode.get("description").asText();
|
---|
231 | mainService.reportThread(postId, currentUser, description);
|
---|
232 | }
|
---|
233 | }
|
---|
234 |
|
---|
235 | @RequestMapping(value = "/markReportResolved/{postReportId}/{action}", method = RequestMethod.GET)
|
---|
236 | public void markReportResolved(@PathVariable Long postReportId, @PathVariable String action, @CurrentSecurityContext SecurityContext context) {
|
---|
237 | Authentication authentication = context.getAuthentication();
|
---|
238 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser &&
|
---|
239 | currentUser.getUserRole().equals(UserRole.MODERATOR)) {
|
---|
240 | mainService.markReport(postReportId, action);
|
---|
241 | }
|
---|
242 | }
|
---|
243 |
|
---|
244 | @RequestMapping(value = "/getAllPostReports", method = RequestMethod.GET)
|
---|
245 | public List<PostReport> getAllPostReports(@CurrentSecurityContext SecurityContext context) throws AuthenticationException{
|
---|
246 | Authentication authentication = context.getAuthentication();
|
---|
247 | if (authentication != null && authentication.getPrincipal() instanceof CustomUserDetails currentUser
|
---|
248 | && currentUser.getUserRole().equals(UserRole.MODERATOR)) {
|
---|
249 | return mainService.getAllPostReports();
|
---|
250 | } else throw new AuthenticationException("Invalid role");
|
---|
251 | }
|
---|
252 |
|
---|
253 |
|
---|
254 | }
|
---|