Index: src/main/java/it/finki/charitable/CharitableApplication.java =================================================================== --- src/main/java/it/finki/charitable/CharitableApplication.java (revision 194776a42ab45f74d99c7afd74d5674184e9d8ae) +++ src/main/java/it/finki/charitable/CharitableApplication.java (revision 5306751d2d24af6bfb27078e1727d579fa8b5939) @@ -4,6 +4,8 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; +import org.springframework.scheduling.annotation.EnableScheduling; @SpringBootApplication +@EnableScheduling public class CharitableApplication { Index: src/main/java/it/finki/charitable/controller/DonationPostController.java =================================================================== --- src/main/java/it/finki/charitable/controller/DonationPostController.java (revision 194776a42ab45f74d99c7afd74d5674184e9d8ae) +++ src/main/java/it/finki/charitable/controller/DonationPostController.java (revision 5306751d2d24af6bfb27078e1727d579fa8b5939) @@ -73,4 +73,5 @@ post.setDateDue(dateDue); post.setBankAccount(bankAccount); + post.setApproved(false); List phoneNumbers = Arrays.asList(telekom, a1); @@ -123,5 +124,5 @@ @RequestMapping("/album") public String album(Model model) { - List postList = donationPostService.findAll(); + List postList = donationPostService.findAllByApproved(true); if (postList.size() == 0) { model.addAttribute("noPosts", true); @@ -148,18 +149,18 @@ } - @RequestMapping("/deletePost") - public String deletePost(@RequestParam Long postid) { - DonationPost post = donationPostService.getById(postid); - if (post.getUser().getUsername().equals(SecurityContextHolder.getContext().getAuthentication().getName())) { - List fileForDeletion = post.getPhotosForDeletion(); - for (String f : fileForDeletion) { - File file = new File(f); - file.delete(); - } - donationPostService.delete(post); - } - - return "redirect:/myPosts"; - } +// @RequestMapping("/deletePost") +// public String deletePost(@RequestParam Long postid) { +// DonationPost post = donationPostService.getById(postid); +// if (post.getUser().getUsername().equals(SecurityContextHolder.getContext().getAuthentication().getName())) { +// List fileForDeletion = post.getPhotosForDeletion(); +// for (String f : fileForDeletion) { +// File file = new File(f); +// file.delete(); +// } +// donationPostService.delete(post); +// } +// +// return "redirect:/myPosts"; +// } @RequestMapping("/donate") Index: src/main/java/it/finki/charitable/controller/ModeratorController.java =================================================================== --- src/main/java/it/finki/charitable/controller/ModeratorController.java (revision 5306751d2d24af6bfb27078e1727d579fa8b5939) +++ src/main/java/it/finki/charitable/controller/ModeratorController.java (revision 5306751d2d24af6bfb27078e1727d579fa8b5939) @@ -0,0 +1,83 @@ +package it.finki.charitable.controller; + +import it.finki.charitable.entities.AppUser; +import it.finki.charitable.entities.DonationPost; +import it.finki.charitable.services.DonationPostService; +import it.finki.charitable.services.EmailService; +import org.springframework.security.core.context.SecurityContextHolder; +import org.springframework.stereotype.Controller; +import org.springframework.ui.Model; +import org.springframework.web.bind.annotation.ModelAttribute; +import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; + +import java.io.File; +import java.util.List; + +@Controller +public class ModeratorController { + + private final DonationPostService donationPostService; + private final EmailService emailService; + + public ModeratorController(DonationPostService donationPostService, EmailService emailService) { + this.donationPostService = donationPostService; + this.emailService = emailService; + } + + @RequestMapping("moderator/approval") + public String approval(Model model) { + List postList = donationPostService.findAllByApproved(false); + if (postList.size() == 0) { + model.addAttribute("noPosts", true); + return "postApproval"; + } + model.addAttribute("postList", postList); + return "postApproval"; + } + + @RequestMapping("moderator/post") + public String post(Model model, @RequestParam Long postid) { + DonationPost post = donationPostService.getById(postid); + if (post == null) { + model.addAttribute("notFound", true); + return "post"; + } + AppUser user = post.getUser(); + model.addAttribute("post", post); + model.addAttribute("createdByFirstName", user.getFirstName()); + model.addAttribute("createdByLastName", user.getLastName()); + return "moderatorPost"; + } + + @RequestMapping("/moderator/approvePost") + public String approvePost(@RequestParam Long postid) { + DonationPost post = donationPostService.getById(postid); + post.setApproved(true); + donationPostService.save(post); + emailService.sendApprovalEmail(post.getUser().getEmail(),"CharitAbleMk: " + post.getTitle() + " has been approved", postid); + return "redirect:/moderator/approval"; + } + + @RequestMapping("/moderator/dontApprove") + public String dontApprove(@RequestParam Long postid, + @RequestParam String description) { + DonationPost post = donationPostService.getById(postid); + emailService.sendNoApprovalEmail(post.getUser().getEmail(), "CharitAbleMk: " + post.getTitle() + " has not been approved", description); + List fileForDeletion = post.getPhotosForDeletion(); + for (String f : fileForDeletion) { + File file = new File(f); + file.delete(); + } + donationPostService.delete(post); + return "redirect:/moderator/approval"; + } + + @ModelAttribute("user") + public AppUser addAttributes() { + if (SecurityContextHolder.getContext().getAuthentication().getPrincipal() != "anonymousUser") { + return (AppUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal(); + } + return null; + } +} Index: src/main/java/it/finki/charitable/entities/DonationPost.java =================================================================== --- src/main/java/it/finki/charitable/entities/DonationPost.java (revision 194776a42ab45f74d99c7afd74d5674184e9d8ae) +++ src/main/java/it/finki/charitable/entities/DonationPost.java (revision 5306751d2d24af6bfb27078e1727d579fa8b5939) @@ -37,4 +37,5 @@ private LocalDate dateDue; private String bankAccount; + private Boolean approved; @ElementCollection @@ -74,5 +75,10 @@ List photoPaths = new ArrayList<>(); + for(String path: images) { + photoPaths.add("../../../../post-photos/" + id + "/" + path); + } + + for(String path: moderatorImages) { photoPaths.add("../../../../moderator-photos/" + id + "/" + path); } @@ -158,4 +164,12 @@ } + public Boolean getApproved() { + return approved; + } + + public void setApproved(Boolean approved) { + this.approved = approved; + } + public List getPhoneNumbers() { return phoneNumbers; Index: src/main/java/it/finki/charitable/repository/DonationPostRepository.java =================================================================== --- src/main/java/it/finki/charitable/repository/DonationPostRepository.java (revision 194776a42ab45f74d99c7afd74d5674184e9d8ae) +++ src/main/java/it/finki/charitable/repository/DonationPostRepository.java (revision 5306751d2d24af6bfb27078e1727d579fa8b5939) @@ -11,3 +11,4 @@ public interface DonationPostRepository extends JpaRepository { List findAllByUser(AppUser user); + List findAllByApproved(Boolean approved); } Index: src/main/java/it/finki/charitable/security/SecurityConfig.java =================================================================== --- src/main/java/it/finki/charitable/security/SecurityConfig.java (revision 194776a42ab45f74d99c7afd74d5674184e9d8ae) +++ src/main/java/it/finki/charitable/security/SecurityConfig.java (revision 5306751d2d24af6bfb27078e1727d579fa8b5939) @@ -7,6 +7,15 @@ import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter; +import org.springframework.security.core.Authentication; import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; +import org.springframework.security.web.DefaultRedirectStrategy; +import org.springframework.security.web.RedirectStrategy; +import org.springframework.security.web.authentication.AuthenticationSuccessHandler; import org.springframework.security.web.util.matcher.AntPathRequestMatcher; + +import javax.servlet.ServletException; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import java.io.IOException; @Configuration @@ -40,6 +49,6 @@ .authorizeRequests() .antMatchers(publicMatchers).permitAll() - .antMatchers("/moderator-photos/**").hasAuthority(UserRole.MODERATOR.name()) - .anyRequest().authenticated(); + .antMatchers("/moderator-photos/**", "/moderator/**").hasAuthority(UserRole.MODERATOR.name()) + .anyRequest().hasAuthority(UserRole.USER.name()); http @@ -47,5 +56,5 @@ .cors().disable() .formLogin().loginPage("/login") - .defaultSuccessUrl("/", true) + .successHandler(authenticationSuccessHandler) .and() .logout().logoutRequestMatcher(new AntPathRequestMatcher("/logout")) @@ -55,4 +64,13 @@ } + AuthenticationSuccessHandler authenticationSuccessHandler = (httpServletRequest, httpServletResponse, authentication) -> { + RedirectStrategy redirectStrategy = new DefaultRedirectStrategy(); + if(authentication.getAuthorities().toString().contains("MODERATOR")) { + redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, "/moderator/approval"); + } else { + redirectStrategy.sendRedirect(httpServletRequest, httpServletResponse, "/"); + } + }; + @Override protected void configure(AuthenticationManagerBuilder auth) throws Exception { Index: src/main/java/it/finki/charitable/services/DonationPostService.java =================================================================== --- src/main/java/it/finki/charitable/services/DonationPostService.java (revision 194776a42ab45f74d99c7afd74d5674184e9d8ae) +++ src/main/java/it/finki/charitable/services/DonationPostService.java (revision 5306751d2d24af6bfb27078e1727d579fa8b5939) @@ -41,4 +41,8 @@ } + public List findAllByApproved(Boolean approved) { + return donationPostRepository.findAllByApproved(approved); + } + public void delete(DonationPost donationPost) { donationPostRepository.delete(donationPost); Index: src/main/java/it/finki/charitable/services/EmailService.java =================================================================== --- src/main/java/it/finki/charitable/services/EmailService.java (revision 194776a42ab45f74d99c7afd74d5674184e9d8ae) +++ src/main/java/it/finki/charitable/services/EmailService.java (revision 5306751d2d24af6bfb27078e1727d579fa8b5939) @@ -24,3 +24,24 @@ javaMailSender.send(message); } + + public void sendApprovalEmail(String to, String subject, Long postId) { + SimpleMailMessage message = new SimpleMailMessage(); + message.setTo(to); + message.setSubject(subject); + + String text = "Your post has been approved\n" + "http://localhost:8080/post?postid=" + postId; + message.setText(text); + javaMailSender.send(message); + } + + public void sendNoApprovalEmail(String to, String subject, String description) { + SimpleMailMessage message = new SimpleMailMessage(); + message.setTo(to); + message.setSubject(subject); + + String text = "Sorry, your post hasn't been approved" + "\n" + + "Moderator:\n" + description; + message.setText(text); + javaMailSender.send(message); + } } Index: src/main/resources/templates/common/navbar.html =================================================================== --- src/main/resources/templates/common/navbar.html (revision 194776a42ab45f74d99c7afd74d5674184e9d8ae) +++ src/main/resources/templates/common/navbar.html (revision 5306751d2d24af6bfb27078e1727d579fa8b5939) @@ -9,6 +9,6 @@