added authentication on shoppinglist endpoints and controller/service tests

src/main/java/ntnu/idatt2016/v233/SmartMat/controller/ShoppingListController.java

@@ -44,7 +44,9 @@ public class ShoppingListController {
      * @return the shopping list, or an error if the ID is invalid
      */
     @GetMapping("/{id}")
-    public ResponseEntity<ShoppingList> getShoppingListById(@PathVariable("id") long id) {
+    public ResponseEntity<ShoppingList> getShoppingListById(@PathVariable("id") long id, Authentication auth) {
+        shoppingListService.isUserInShoppinglist(id, auth.getName());
+
         Optional<ShoppingList> shoppingList = shoppingListService.getShoppingListById(id);
         return shoppingList.map(list -> ResponseEntity.status(HttpStatus.OK).body(list))
                            .orElseGet(() -> ResponseEntity.status(HttpStatus.NOT_FOUND).build());

src/main/java/ntnu/idatt2016/v233/SmartMat/repository/ShoppingListRepository.java

 package ntnu.idatt2016.v233.SmartMat.repository;
 
+import java.util.List;
 import java.util.Optional;
 
 import ntnu.idatt2016.v233.SmartMat.entity.ShoppingList;
@@ -23,5 +24,13 @@ public interface ShoppingListRepository extends JpaRepository<ShoppingList, Long
      */
     Optional<ShoppingList> getByGroupGroupId(long id);
 
-   
+
+    /**
+     * Gets all shopping lists by the username of the user
+     * @param username the username of the user
+     * @return a list of shopping lists
+     */
+    List<ShoppingList> findAllByGroupUsersUsername(String username);
+
+
 }

src/main/java/ntnu/idatt2016/v233/SmartMat/service/ShoppingListService.java

@@ -105,4 +105,16 @@ public class ShoppingListService {
 
         return shoppingListRepository.findById(shoppingListId);
     }
+
+    /**
+     * Check if user can edit/get shoppinglist
+     * @param id id of shoppinglist
+     * @param name name of user
+     * @return true if user is in shoppinglist, false if not
+     */
+    public boolean isUserInShoppinglist(long id, String name) {
+        return shoppingListRepository.findAllByGroupUsersUsername(name).stream()
+                .anyMatch(shoppingList -> shoppingList.getShoppingListID() == id);
+
+    }
 }

src/test/java/ntnu/idatt2016/v233/SmartMat/controller/ShoppingListControllerTest.java

 package ntnu.idatt2016.v233.SmartMat.controller;
 
+import ntnu.idatt2016.v233.SmartMat.dto.enums.Authority;
 import ntnu.idatt2016.v233.SmartMat.dto.request.ShoppingListRequest;
 import ntnu.idatt2016.v233.SmartMat.entity.ShoppingList;
 import ntnu.idatt2016.v233.SmartMat.service.ShoppingListService;
@@ -11,7 +12,12 @@ import org.mockito.Mock;
 import org.mockito.junit.jupiter.MockitoExtension;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.GrantedAuthority;
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
+import java.util.Collection;
+import java.util.List;
 import java.util.Optional;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
@@ -28,6 +34,80 @@ public class ShoppingListControllerTest {
 
     private ShoppingList shoppingList;
 
+    private final Authentication regularUser = new Authentication() {
+        @Override
+        public Collection<? extends GrantedAuthority> getAuthorities() {
+            return List.of(new SimpleGrantedAuthority(Authority.USER.name()));
+        }
+
+        @Override
+        public Object getCredentials() {
+            return null;
+        }
+
+        @Override
+        public Object getDetails() {
+            return null;
+        }
+
+        @Override
+        public Object getPrincipal() {
+            return null;
+        }
+
+        @Override
+        public boolean isAuthenticated() {
+            return true;
+        }
+
+        @Override
+        public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
+
+        }
+
+        @Override
+        public String getName() {
+            return "test";
+        }
+    };
+
+    private Authentication adminUser = new Authentication() {
+        @Override
+        public Collection<? extends GrantedAuthority> getAuthorities() {
+            return List.of(new SimpleGrantedAuthority(Authority.ADMIN.name()));
+        }
+
+        @Override
+        public Object getCredentials() {
+            return null;
+        }
+
+        @Override
+        public Object getDetails() {
+            return null;
+        }
+
+        @Override
+        public Object getPrincipal() {
+            return null;
+        }
+
+        @Override
+        public boolean isAuthenticated() {
+            return true;
+        }
+
+        @Override
+        public void setAuthenticated(boolean isAuthenticated) throws IllegalArgumentException {
+
+        }
+
+        @Override
+        public String getName() {
+            return "test";
+        }
+    };
+
     @BeforeEach
     public void setUp() {
         shoppingList = new ShoppingList();
@@ -39,7 +119,7 @@ public class ShoppingListControllerTest {
         long id = 1;
         when(shoppingListService.getShoppingListById(id)).thenReturn(Optional.of(shoppingList));
 
-        ResponseEntity<ShoppingList> response = shoppingListController.getShoppingListById(id);
+        ResponseEntity<ShoppingList> response = shoppingListController.getShoppingListById(id, adminUser);
 
         assertEquals(HttpStatus.OK, response.getStatusCode());
         assertEquals(shoppingList, response.getBody());
@@ -50,7 +130,7 @@ public class ShoppingListControllerTest {
         long id = 1;
         when(shoppingListService.getShoppingListById(id)).thenReturn(Optional.empty());
 
-        ResponseEntity<ShoppingList> response = shoppingListController.getShoppingListById(id);
+        ResponseEntity<ShoppingList> response = shoppingListController.getShoppingListById(id, adminUser);
 
         assertEquals(HttpStatus.NOT_FOUND, response.getStatusCode());
     }

src/test/java/ntnu/idatt2016/v233/SmartMat/controller/group/FridgeControllerTest.java

@@ -51,7 +51,7 @@ public class FridgeControllerTest {
     private FridgeProductRequest fridgeProductRequest;
 
 
-    private Authentication regularUser = new Authentication() {
+    private final Authentication regularUser = new Authentication() {
         @Override
         public Collection<? extends GrantedAuthority> getAuthorities() {
             return List.of(new SimpleGrantedAuthority(Authority.USER.name()));

src/test/java/ntnu/idatt2016/v233/SmartMat/service/ShoppingListServiceTest.java

 package ntnu.idatt2016.v233.SmartMat.service;
 
 import ntnu.idatt2016.v233.SmartMat.entity.group.Group;
+import ntnu.idatt2016.v233.SmartMat.entity.group.UserGroupAsso;
+import ntnu.idatt2016.v233.SmartMat.entity.user.User;
 import org.junit.jupiter.api.BeforeEach;
 import org.junit.jupiter.api.Test;
 import org.mockito.InjectMocks;
@@ -79,4 +81,33 @@ class ShoppingListServiceTest {
 
         verify(shoppingListRepository, times(1)).deleteById(1L);
     }
+
+    @Test
+    void isUserInGroupWithShoppinglist(){
+        ShoppingList shoppingList = new ShoppingList();
+        Group group = new Group();
+        shoppingList.setGroup(group);
+
+        User user = User.builder()
+                .username("test")
+                .password("test")
+                .build();
+
+        group.addUser(UserGroupAsso.builder()
+                        .user(user)
+                        .group(group)
+                .build());
+
+
+        when(shoppingListRepository.findAllByGroupUsersUsername(user.getUsername()))
+                .thenReturn(List.of(shoppingList));
+
+        boolean result = shoppingListService.isUserInShoppinglist(
+                shoppingList.getShoppingListID(), user.getUsername());
+
+        assertTrue(result);
+
+        verify(shoppingListRepository, times(1))
+                .findAllByGroupUsersUsername(user.getUsername());
+    }
 }