From 9f0ef97ae3dbbea6ff8fe02369d0c06a8b750629 Mon Sep 17 00:00:00 2001 From: Anders Austlid <andemau@ntnu.no> Date: Tue, 2 May 2023 12:02:58 +0200 Subject: [PATCH] Group endpoints now use Authentication objects to handle usernames. groupAuthority endpoint allows changing group member authority --- .../controller/group/GroupController.java | 44 +++++++++++-------- 1 file changed, 25 insertions(+), 19 deletions(-) diff --git a/src/main/java/ntnu/idatt2016/v233/SmartMat/controller/group/GroupController.java b/src/main/java/ntnu/idatt2016/v233/SmartMat/controller/group/GroupController.java index 19e01e7a..a33ab537 100644 --- a/src/main/java/ntnu/idatt2016/v233/SmartMat/controller/group/GroupController.java +++ b/src/main/java/ntnu/idatt2016/v233/SmartMat/controller/group/GroupController.java @@ -293,29 +293,35 @@ public class GroupController { */ @PutMapping("/groupAuthority") public ResponseEntity<?> changeAuthority(@RequestBody ChangeAuthorityRequest authorityRequest, - Authentication auth){ + Authentication auth) { Optional<User> groupAdminOpt = userService.getUserFromUsername(auth.getName()); - if(groupAdminOpt.isPresent()) { + if (groupAdminOpt.isPresent()) { User groupAdmin = groupAdminOpt.get(); - if(!(groupService.isUserAssociatedWithGroup(groupAdmin.getUsername(), authorityRequest.groupId()) - && (groupService.getUserGroupAssoAuthority(groupAdmin.getUsername(), authorityRequest.groupId()).equals("ADMIN")))) + if (!(groupService.isUserAssociatedWithGroup(groupAdmin.getUsername(), authorityRequest.groupId()) + && (groupService.getUserGroupAssoAuthority(groupAdmin.getUsername(), authorityRequest.groupId()).equals("ADMIN")))) return ResponseEntity.status(HttpStatus.FORBIDDEN).body("You are not authorized to change the authority of this user."); } - return groupService.getGroupById(authorityRequest.groupId()).flatMap(group -> userService.getUserFromUsername(authorityRequest.username()) - .flatMap(user -> { - UserGroupAsso userGroupAsso = user.getGroup().stream() - .filter(asso -> asso.getGroup().getGroupId() == authorityRequest.groupId()) - .findFirst() - .orElse(null); - if(userGroupAsso != null){ - userGroupAsso.setGroupAuthority(authorityRequest.authority()); - userService.updateUser(user); - return Optional.of(userGroupAsso); - } - return Optional.empty(); - })) - .map(ResponseEntity::ok) - .orElseGet(() -> ResponseEntity.notFound().build()); + + Optional<Group> groupOpt = groupService.getGroupById(authorityRequest.groupId()); + Optional<User> userOpt = userService.getUserFromUsername(authorityRequest.username()); + + if (groupOpt.isEmpty() || userOpt.isEmpty()) { + return ResponseEntity.notFound().build(); + } + + User user = userOpt.get(); + UserGroupAsso userGroupAsso = user.getGroup().stream() + .filter(asso -> asso.getGroup().getGroupId() == authorityRequest.groupId()) + .findFirst() + .orElse(null); + + if (userGroupAsso != null) { + userGroupAsso.setGroupAuthority(authorityRequest.authority()); + userService.updateUser(user); + return ResponseEntity.ok("Authority changed successfully."); + } else { + return ResponseEntity.notFound().build(); + } } } -- GitLab