Merge branch 'development' into more_search_fields

154e1949 · Eduard Frankford · 654a55c2 · 3d2dccee · 154e1949 · 154e1949
Commit 154e1949 authored 3 years ago by Eduard Frankford
--- a/src/main/java/at/ac/uibk/gitsearch/service/UserWatchListService.java
+++ b/src/main/java/at/ac/uibk/gitsearch/service/UserWatchListService.java
@@ -47,19 +47,20 @@ public class UserWatchListService {
     * checks the access to this watchlist for the current user.
     * @param watchlistId the id of the watchlist
     * @param description some description of the request
+     * @param mustExist if true, access fails if not existing
     * @throws BadRequestAlertException if access not allowed
     */
-	public void checkAccessToWatchList(final Long watchlistId, final String description) throws IllegalAccessError {
+	public Optional<UserWatchListDTO> checkAccessToWatchList(final Long watchlistId, final String description, boolean mustExist) throws IllegalAccessError {
 		final Optional<User> currentPrincipal = tokenProvider.getCurrentPrincipal();
 		if(currentPrincipal.isEmpty()) {
    		log.warn("Cannot find a principal for watchlist {} for exercise {}", watchlistId, description);
            throw new IllegalAccessError("Cannot find a principal");
    	}
+    	final Optional<UserWatchListDTO> watchListO = findOne(watchlistId);
 		if(currentPrincipal.get().getAuthorities().contains(AuthoritiesConstantEnum.ADMIN.getGrantedAuthority())) {
-			return; // ADMIN is always allowed
+			return watchListO; // ADMIN is always allowed
 		}
-    	final Optional<UserWatchListDTO> watchListO = findOne(watchlistId);
-    	if(watchListO.isEmpty()) {
+    	if(watchListO.isEmpty() && mustExist) {
    		log.warn("Cannot find watchlist for : {} for exercise {}", watchlistId, description);
            throw new IllegalAccessError("Cannot find watchlist");
    	}
@@ -68,6 +69,7 @@ public class UserWatchListService {
    		log.warn("watchlist {} does not belong to current user",  watchListO.get().getName());
            throw new IllegalAccessError("watchlist does not belong to current User");
    	}
+		return watchListO; // ADMIN is always allowed
 	}

    /**

--- a/src/main/java/at/ac/uibk/gitsearch/web/rest/UserWatchListResource.java
+++ b/src/main/java/at/ac/uibk/gitsearch/web/rest/UserWatchListResource.java
@@ -159,14 +159,14 @@ public class UserWatchListResource {
    public ResponseEntity<UserWatchListDTO> updateUserWatchList(@Valid @RequestBody UserWatchListDTO userWatchListDTO) throws URISyntaxException {
        log.debug("REST request to update UserWatchList : {}", userWatchListDTO);
        Long id = userWatchListDTO.getId();
-        if(id==null) {
-            return ResponseEntity.notFound().headers(HeaderUtil.createFailureAlert(applicationName, true, "UserWatchList", "not found",
-                    "There was an error: id was null.")).build();        
-        }
-    	userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist");
-        if (userWatchListDTO.getId() == null) {
+        if (id == null) {
            throw new BadRequestAlertException("Invalid id", ENTITY_NAME, "idnull");
        }
+    	try {
+			userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist", true);
+		} catch (IllegalAccessError e) {
+            throw new BadRequestAlertException("Empty id", ENTITY_NAME, "");
+		}
        UserWatchListDTO result = userWatchListService.save(userWatchListDTO);
        return ResponseEntity.ok()
            .headers(HeaderUtil.createEntityUpdateAlert(applicationName, true, ENTITY_NAME, userWatchListDTO.getId().toString()))
@@ -234,7 +234,7 @@ public class UserWatchListResource {
     */
    @GetMapping("/user-watch-lists/{id}")
    public ResponseEntity<UserWatchListDTO> getUserWatchList(@PathVariable Long id) {
-    	userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist");
+    	userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist", false);
        log.debug("REST request to get UserWatchList : {}", id);
        Optional<UserWatchListDTO> userWatchListDTO = userWatchListService.findOne(id);
        return ResponseUtil.wrapOrNotFound(userWatchListDTO);
@@ -248,7 +248,7 @@ public class UserWatchListResource {
     */
    @DeleteMapping("/user-watch-lists/{id}")
    public ResponseEntity<Void> deleteUserWatchList(@PathVariable Long id) {
-    	userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist");
+    	userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist", true);
        log.debug("REST request to delete UserWatchList : {}", id);
        userWatchListService.delete(id);
        return ResponseEntity.noContent().headers(HeaderUtil.createEntityDeletionAlert(applicationName, true, ENTITY_NAME, id.toString())).build();
@@ -291,7 +291,7 @@ public class UserWatchListResource {
    public SearchResultsDTO
    searchExercisesOnWatchlist(@PathVariable Long id, @RequestBody Integer page) throws IOException {
    	if(page == null) page = 0;
-    	userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist");
+    	userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist", true);
    	final List<WatchListEntryDTO> entriesForWatchlist = watchListEntryService.getEntriesForWatchlist(id);
        return searchService.watchListResultPage(entriesForWatchlist.stream().map(entry -> entry.getExerciseId()), page, SearchInputDTO.PAGE_SIZE);
    }

--- a/src/main/java/at/ac/uibk/gitsearch/web/rest/WatchListEntryResource.java
+++ b/src/main/java/at/ac/uibk/gitsearch/web/rest/WatchListEntryResource.java
@@ -84,7 +84,7 @@ public class WatchListEntryResource {
     */
    @PostMapping("/currentuser-watch-list-entries")
    public ResponseEntity<WatchListEntryDTO> createWatchListEntryForCurrentUser(@Valid @RequestBody WatchListEntryDTO watchListEntryDTO) throws URISyntaxException {
-    	userWatchListService.checkAccessToWatchList(watchListEntryDTO.getWatchlistId(), watchListEntryDTO.getExerciseName());
+    	userWatchListService.checkAccessToWatchList(watchListEntryDTO.getWatchlistId(), watchListEntryDTO.getExerciseName(), false);

    	return createWatchListEntry(watchListEntryDTO);
    }
@@ -176,14 +176,14 @@ public class WatchListEntryResource {

 	@GetMapping("/currentuser-watch-lists/{id}/entries")
 	public ResponseEntity<List<WatchListEntryDTO>> getWatchListEntriesIfCurrentUser(@PathVariable Long id) {
-		userWatchListService.checkAccessToWatchList(id, "getWatchlist");
+		userWatchListService.checkAccessToWatchList(id, "getWatchlist", true);
 		return getWatchListEntries(id);
 	}

 	@DeleteMapping("/currentuser-watch-lists/{watchListId}/entries/{exerciseId}")
 	public ResponseEntity<Void> deleteWatchListEntryIfCurrentUser(
 			@PathVariable("watchListId") Long watchListId, @PathVariable String exerciseId) {
-		userWatchListService.checkAccessToWatchList(watchListId, "deleteOnWatchlist");
+		userWatchListService.checkAccessToWatchList(watchListId, "deleteOnWatchlist", true);
        watchListEntryService.deleteInWatchlist(watchListId, exerciseId);
        return ResponseEntity.noContent().headers(HeaderUtil.createEntityDeletionAlert(applicationName, true, ENTITY_NAME, exerciseId)).build();
 	}

--- a/src/test/java/at/ac/uibk/gitsearch/web/rest/UserWatchListResourceIT.java
+++ b/src/test/java/at/ac/uibk/gitsearch/web/rest/UserWatchListResourceIT.java
@@ -383,11 +383,34 @@ public class UserWatchListResourceIT {

    @Test
    @Transactional
+    @WithMockUser(authorities = AuthoritiesConstants.USER)
    public void updateNonExistingUserWatchList() throws Exception {
        int databaseSizeBeforeUpdate = userWatchListRepository.findAll().size();

        // Create the UserWatchList
        UserWatchListDTO userWatchListDTO = userWatchListMapper.toDto(userWatchList);
+        userWatchListDTO.setId(Long.MAX_VALUE);
+
+        // If the entity doesn't have an ID, it will throw BadRequestAlertException
+        restUserWatchListMockMvc.perform(put("/api/user-watch-lists")
+          	.with(csrf().asHeader())
+            .contentType(MediaType.APPLICATION_JSON)
+            .content(TestUtil.convertObjectToJsonBytes(userWatchListDTO)))
+            .andExpect(status().isBadRequest());
+
+        // Validate the UserWatchList in the database
+        List<UserWatchList> userWatchListList = userWatchListRepository.findAll();
+        assertThat(userWatchListList).hasSize(databaseSizeBeforeUpdate);
+    }
+
+    @Test
+    @Transactional
+    public void updatChangeUserWatchListWithoutId() throws Exception {
+        int databaseSizeBeforeUpdate = userWatchListRepository.findAll().size();
+
+        // Create the UserWatchList
+        UserWatchListDTO userWatchListDTO = userWatchListMapper.toDto(userWatchList);
+        userWatchListDTO.setId(null);

        // If the entity doesn't have an ID, it will throw BadRequestAlertException
        restUserWatchListMockMvc.perform(put("/api/user-watch-lists")