Index: phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/AuthContextController.java =================================================================== --- phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/AuthContextController.java (revision 775e15e60ae9ae29421f2ec15ebde7525163294d) +++ phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/AuthContextController.java (revision 775e15e60ae9ae29421f2ec15ebde7525163294d) @@ -0,0 +1,20 @@ +package finki.it.phoneluxbackend.controllers; + +import finki.it.phoneluxbackend.entities.User; +import finki.it.phoneluxbackend.services.UserService; +import lombok.AllArgsConstructor; +import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RestController; + +@RestController +@AllArgsConstructor +public class AuthContextController { + private final UserService userService; + + // return name, role, email + @GetMapping(path = "/token/{token}") + public User getUserFromToken(@PathVariable("token") String token){ + return userService.getUserFromToken(token); + } +} Index: phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/PhoneController.java =================================================================== --- phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/PhoneController.java (revision e5b84dc652434cab61718f38889fc36867569866) +++ phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/PhoneController.java (revision 775e15e60ae9ae29421f2ec15ebde7525163294d) @@ -18,7 +18,5 @@ public class PhoneController { private final PhoneService phoneService; - private final PhoneOfferService phoneOfferService; -// handle request parameters for filtering phones @GetMapping(path = "/phones") public List getPhones(@RequestParam(name = "shops", required = false) String shops, @@ -42,21 +40,3 @@ } - @GetMapping(path = "/shops") - public List getShops(){ - return phoneOfferService.getShops(); - } - - @GetMapping(path = "/lowestPrice") - public int getLowestPrice() - { - return phoneOfferService.getLowestPrice(); - } - - @GetMapping(path = "/highestPrice") - public int getHighestPrice() - { - return phoneOfferService.getHighestPrice(); - } - - } Index: phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/PhoneOfferController.java =================================================================== --- phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/PhoneOfferController.java (revision e5b84dc652434cab61718f38889fc36867569866) +++ phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/PhoneOfferController.java (revision 775e15e60ae9ae29421f2ec15ebde7525163294d) @@ -18,5 +18,4 @@ public class PhoneOfferController { private final PhoneOfferService phoneOfferService; - private final PhoneService phoneService; @GetMapping(path = "/phones/offers/{phoneId}") @@ -30,3 +29,25 @@ } + @GetMapping(path = "/phoneoffer/{offerId}/cheaperoffers") + public List getCheaperOffers(@PathVariable("offerId") Long offerId){ + return phoneOfferService.getCheaperOffers(offerId); + } + + @GetMapping(path = "/shops") + public List getShops(){ + return phoneOfferService.getShops(); + } + + @GetMapping(path = "/lowestPrice") + public int getLowestPrice() + { + return phoneOfferService.getLowestPrice(); + } + + @GetMapping(path = "/highestPrice") + public int getHighestPrice() + { + return phoneOfferService.getHighestPrice(); + } + } Index: phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/SuperAdminController.java =================================================================== --- phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/SuperAdminController.java (revision 775e15e60ae9ae29421f2ec15ebde7525163294d) +++ phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/SuperAdminController.java (revision 775e15e60ae9ae29421f2ec15ebde7525163294d) @@ -0,0 +1,35 @@ +package finki.it.phoneluxbackend.controllers; + +import finki.it.phoneluxbackend.entities.PhoneOffer; +import finki.it.phoneluxbackend.entities.User; +import finki.it.phoneluxbackend.services.UserService; +import lombok.AllArgsConstructor; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.*; + +import java.util.Comparator; +import java.util.List; +import java.util.stream.Collectors; + +@RestController +@RequestMapping(path = "/management") +@AllArgsConstructor +public class SuperAdminController { + private final UserService userService; + + @GetMapping(path = "/users") + public List getUsers(@RequestParam(name = "searchValue", required = false) String searchValue){ + return userService.getUsers(searchValue); + } + + @PutMapping(path = "/addadmin/{userId}") + public ResponseEntity giveAdminRoleToUser(@PathVariable("userId") Long userId){ + return userService.giveAdminRoleToUser(userId); + } + + @PutMapping(path = "/removeadmin/{userId}") + public ResponseEntity removeAdminRoleFromUser(@PathVariable("userId") Long userId){ + return userService.removeAdminRoleFromUser(userId); + } + +} Index: phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/UserController.java =================================================================== --- phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/UserController.java (revision 775e15e60ae9ae29421f2ec15ebde7525163294d) +++ phonelux-backend/src/main/java/finki/it/phoneluxbackend/controllers/UserController.java (revision 775e15e60ae9ae29421f2ec15ebde7525163294d) @@ -0,0 +1,35 @@ +package finki.it.phoneluxbackend.controllers; +import finki.it.phoneluxbackend.entities.PhoneOffer; +import finki.it.phoneluxbackend.entities.User; +import finki.it.phoneluxbackend.services.PhoneOfferService; +import finki.it.phoneluxbackend.services.UserService; +import lombok.AllArgsConstructor; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.*; + +import java.util.List; + +@RestController +@RequestMapping(path = "/user") +@AllArgsConstructor +public class UserController { + private final UserService userService; + + @GetMapping(path = "/{userId}/favouriteoffers") + public List getFavouriteOffersForUser(@PathVariable("userId") Long userId){ + return userService.getFavouriteOffersForUser(userId); + } + + @PutMapping(path = "/{userId}/addoffer/{offerId}") + public ResponseEntity addOfferForUser(@PathVariable("userId") Long userId, + @PathVariable("offerId") Long offerId){ + return userService.editOfferForUser(userId,offerId, "add"); + } + + @PutMapping(path = "/{userId}/removeoffer/{offerId}") + public ResponseEntity removeOfferForUser(@PathVariable("userId") Long userId, + @PathVariable("offerId") Long offerId){ + return userService.editOfferForUser(userId,offerId, "remove"); + } + +} Index: phonelux-backend/src/main/java/finki/it/phoneluxbackend/entities/User.java =================================================================== --- phonelux-backend/src/main/java/finki/it/phoneluxbackend/entities/User.java (revision e5b84dc652434cab61718f38889fc36867569866) +++ phonelux-backend/src/main/java/finki/it/phoneluxbackend/entities/User.java (revision 775e15e60ae9ae29421f2ec15ebde7525163294d) @@ -1,4 +1,5 @@ package finki.it.phoneluxbackend.entities; +import com.fasterxml.jackson.annotation.JsonIgnore; import finki.it.phoneluxbackend.data.UserRole; import lombok.*; @@ -15,4 +16,5 @@ @Getter @Setter +@ToString @EqualsAndHashCode @NoArgsConstructor @@ -48,4 +50,5 @@ inverseJoinColumns = @JoinColumn(name = "offer_id") ) + @JsonIgnore private List favouriteOffers = new ArrayList(); @@ -55,4 +58,18 @@ this.email = email; this.password = password; + this.userRole = userRole; + } + + public User(Long id, String firstName, UserRole userRole) { + this.id = id; + this.firstName = firstName; + this.userRole = userRole; + } + + public User(Long id, String firstName, String lastName, String email, UserRole userRole) { + this.id = id; + this.firstName = firstName; + this.lastName = lastName; + this.email = email; this.userRole = userRole; } Index: phonelux-backend/src/main/java/finki/it/phoneluxbackend/security/CustomAuthenticationFilter.java =================================================================== --- phonelux-backend/src/main/java/finki/it/phoneluxbackend/security/CustomAuthenticationFilter.java (revision e5b84dc652434cab61718f38889fc36867569866) +++ phonelux-backend/src/main/java/finki/it/phoneluxbackend/security/CustomAuthenticationFilter.java (revision 775e15e60ae9ae29421f2ec15ebde7525163294d) @@ -50,20 +50,13 @@ .withClaim("role", user.getAuthorities().stream() .map(GrantedAuthority::getAuthority).collect(Collectors.toList())) + .withClaim("name", user.getFirstName()) + .withClaim("id", user.getId()) .sign(algorithm); -// String refresh_token = JWT.create() -// .withSubject(user.getEmail()) -// .withExpiresAt(new Date(System.currentTimeMillis() + 30 * 60 * 1000)) -// .withIssuer(request.getRequestURL().toString()) -// .withClaim("role",user.getAuthorities().stream() -// .map(GrantedAuthority::getAuthority).collect(Collectors.toList())) -// .sign(algorithm); - - Map tokens = new HashMap<>(); - tokens.put("access_token",access_token); -// tokens.put("refresh_token",refresh_token); + Map authInfo = new HashMap<>(); + authInfo.put("access_token",access_token); response.setContentType(APPLICATION_JSON_VALUE); - new ObjectMapper().writeValue(response.getOutputStream(),tokens); + new ObjectMapper().writeValue(response.getOutputStream(),authInfo); } } Index: phonelux-backend/src/main/java/finki/it/phoneluxbackend/security/configs/WebSecurityConfig.java =================================================================== --- phonelux-backend/src/main/java/finki/it/phoneluxbackend/security/configs/WebSecurityConfig.java (revision e5b84dc652434cab61718f38889fc36867569866) +++ phonelux-backend/src/main/java/finki/it/phoneluxbackend/security/configs/WebSecurityConfig.java (revision 775e15e60ae9ae29421f2ec15ebde7525163294d) @@ -29,17 +29,22 @@ @Override protected void configure(HttpSecurity http) throws Exception { -// http -// .csrf().disable() -// .authorizeRequests() -// .antMatchers("/registration/**") -// .permitAll() -// .anyRequest() -// .authenticated().and() -// .formLogin(); + http.csrf().disable(); http.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS); -// http.authorizeRequests().antMatchers(GET,"/phones").hasAnyAuthority("USER"); - http.authorizeRequests().anyRequest().permitAll(); + + http.authorizeRequests() + .and() + .authorizeRequests() + .antMatchers("/user/**") + .hasAnyAuthority("USER","ADMIN", "SUPERADMIN") + .and() + .authorizeRequests() + .antMatchers("/management/**") + .hasAnyAuthority("SUPERADMIN") + .anyRequest().permitAll(); + + + http.addFilter(new CustomAuthenticationFilter(authenticationManagerBean())); http.addFilterBefore(new CustomAuthorizationFilter(), UsernamePasswordAuthenticationFilter.class); Index: phonelux-backend/src/main/java/finki/it/phoneluxbackend/services/PhoneOfferService.java =================================================================== --- phonelux-backend/src/main/java/finki/it/phoneluxbackend/services/PhoneOfferService.java (revision e5b84dc652434cab61718f38889fc36867569866) +++ phonelux-backend/src/main/java/finki/it/phoneluxbackend/services/PhoneOfferService.java (revision 775e15e60ae9ae29421f2ec15ebde7525163294d) @@ -9,4 +9,5 @@ import java.util.Comparator; import java.util.List; +import java.util.Objects; import java.util.stream.Collectors; @@ -60,3 +61,18 @@ } + public List getCheaperOffers(Long offerId) { + boolean exists = phoneOfferRepository.existsById(offerId); + + if(!exists) + throw new IllegalStateException("Phone offer with id "+offerId+" does not exist"); + + PhoneOffer offer = phoneOfferRepository.findById(offerId).get(); + + return phoneOfferRepository.findAll() + .stream().filter(phoneOffer -> + Objects.equals(phoneOffer.getPhone().getModel(), offer.getPhone().getModel()) + && phoneOffer.getPrice() < offer.getPrice()) + .sorted(Comparator.comparing(PhoneOffer::getPrice).reversed()) + .collect(Collectors.toList()); + } } Index: phonelux-backend/src/main/java/finki/it/phoneluxbackend/services/UserService.java =================================================================== --- phonelux-backend/src/main/java/finki/it/phoneluxbackend/services/UserService.java (revision e5b84dc652434cab61718f38889fc36867569866) +++ phonelux-backend/src/main/java/finki/it/phoneluxbackend/services/UserService.java (revision 775e15e60ae9ae29421f2ec15ebde7525163294d) @@ -1,10 +1,15 @@ package finki.it.phoneluxbackend.services; - +import com.auth0.jwt.JWT; +import com.auth0.jwt.JWTVerifier; +import com.auth0.jwt.algorithms.Algorithm; +import com.auth0.jwt.interfaces.DecodedJWT; +import finki.it.phoneluxbackend.data.UserRole; +import finki.it.phoneluxbackend.entities.PhoneOffer; import finki.it.phoneluxbackend.entities.User; +import finki.it.phoneluxbackend.repositories.PhoneOfferRepository; import finki.it.phoneluxbackend.repositories.UserRepository; import finki.it.phoneluxbackend.entities.ConfirmationToken; import lombok.AllArgsConstructor; - import org.springframework.http.ResponseEntity; import org.springframework.security.core.userdetails.UserDetails; @@ -16,5 +21,8 @@ import java.time.LocalDateTime; +import java.util.Comparator; +import java.util.List; import java.util.UUID; +import java.util.stream.Collectors; @Service @@ -22,4 +30,5 @@ public class UserService implements UserDetailsService { private final UserRepository userRepository; + private final PhoneOfferRepository phoneOfferRepository; private final BCryptPasswordEncoder bCryptPasswordEncoder; private final ConfirmationTokenService confirmationTokenService; @@ -68,3 +77,101 @@ + public User getUserFromToken(String token) { + Algorithm algorithm = Algorithm.HMAC256("secret".getBytes()); + JWTVerifier verifier = JWT.require(algorithm).build(); + DecodedJWT decodedJWT = verifier.verify(token); + String email = decodedJWT.getSubject(); + UserRole role = UserRole.valueOf(decodedJWT.getClaim("role").asArray(String.class)[0]); + String name = decodedJWT.getClaim("name").as(String.class); + Long id = decodedJWT.getClaim("id").as(Long.class); + + return new User(id,name,role); + } + + public List getFavouriteOffersForUser(Long userId) { + boolean exists = userRepository.existsById(userId); + if(!exists) + throw new IllegalStateException("User with id "+userId+" does not exist"); + + return userRepository.findById(userId).get().getFavouriteOffers(); + } + + public ResponseEntity editOfferForUser(Long userId, Long offerId, String option) { + boolean userExists = userRepository.existsById(userId); + if (!userExists) + { + return ResponseEntity.badRequest().body("User with id "+userId+" doesn't exist"); + } + + boolean offerExists = phoneOfferRepository.existsById(offerId); + + if (!offerExists) + { + return ResponseEntity.badRequest().body("Offer with id "+offerId+" doesn't exist"); + } + + User user = userRepository.findById(userId).get(); + PhoneOffer phoneOffer = phoneOfferRepository.findById(offerId).get(); + + if(option.equals("add")) { + user.getFavouriteOffers().add(phoneOffer); + } + else{ + user.getFavouriteOffers().remove(phoneOffer); + } + + userRepository.save(user); + + return ResponseEntity.ok().build(); + } + + public List getUsers(String searchValue) { + List users = userRepository.findAll().stream() + .filter(user -> user.getUserRole() != UserRole.SUPERADMIN && user.getEnabled()) + .map(user -> new User(user.getId(),user.getFirstName(), + user.getLastName(),user.getEmail(),user.getUserRole())) + .collect(Collectors.toList()); + + if(searchValue != null) + { + users = users.stream() + .filter(user -> user.getEmail().toLowerCase().contains(searchValue.stripIndent().toLowerCase()) + || user.getFirstName().toLowerCase().contains(searchValue.stripIndent().toLowerCase())) + .collect(Collectors.toList()); + } + + return users.stream() + .sorted(Comparator.comparing(User::getId)) + .collect(Collectors.toList()); + + } + + public ResponseEntity giveAdminRoleToUser(Long userId) { + boolean userExists = userRepository.existsById(userId); + if (!userExists) + { + return ResponseEntity.badRequest().body("User with id "+userId+" doesn't exist"); + } + + User user = userRepository.findById(userId).get(); + + user.setUserRole(UserRole.ADMIN); + userRepository.save(user); + + return ResponseEntity.ok().build(); + } + + public ResponseEntity removeAdminRoleFromUser(Long userId) { + boolean userExists = userRepository.existsById(userId); + if (!userExists) + { + return ResponseEntity.badRequest().body("User with id "+userId+" doesn't exist"); + } + + User user = userRepository.findById(userId).get(); + + user.setUserRole(UserRole.USER); + userRepository.save(user); + return ResponseEntity.ok().build(); + } }