This is the codeAbility Sharing Platform! Learn more about the codeAbility Sharing Platform.

Skip to content
Snippets Groups Projects
Commit 3044671e authored by Michael Breu's avatar Michael Breu :speech_balloon:
Browse files

Fixing Tests

parent 21a0114c
Branches
Tags
1 merge request!50Merge 2021 May Sprint
......@@ -47,19 +47,20 @@ public class UserWatchListService {
* checks the access to this watchlist for the current user.
* @param watchlistId the id of the watchlist
* @param description some description of the request
* @param mustExist if true, access fails if not existing
* @throws BadRequestAlertException if access not allowed
*/
public void checkAccessToWatchList(final Long watchlistId, final String description) throws IllegalAccessError {
public Optional<UserWatchListDTO> checkAccessToWatchList(final Long watchlistId, final String description, boolean mustExist) throws IllegalAccessError {
final Optional<User> currentPrincipal = tokenProvider.getCurrentPrincipal();
if(currentPrincipal.isEmpty()) {
log.warn("Cannot find a principal for watchlist {} for exercise {}", watchlistId, description);
throw new IllegalAccessError("Cannot find a principal");
}
final Optional<UserWatchListDTO> watchListO = findOne(watchlistId);
if(currentPrincipal.get().getAuthorities().contains(AuthoritiesConstantEnum.ADMIN.getGrantedAuthority())) {
return; // ADMIN is always allowed
return watchListO; // ADMIN is always allowed
}
final Optional<UserWatchListDTO> watchListO = findOne(watchlistId);
if(watchListO.isEmpty()) {
if(watchListO.isEmpty() && mustExist) {
log.warn("Cannot find watchlist for : {} for exercise {}", watchlistId, description);
throw new IllegalAccessError("Cannot find watchlist");
}
......@@ -68,6 +69,7 @@ public class UserWatchListService {
log.warn("watchlist {} does not belong to current user", watchListO.get().getName());
throw new IllegalAccessError("watchlist does not belong to current User");
}
return watchListO; // ADMIN is always allowed
}
/**
......
......@@ -159,14 +159,14 @@ public class UserWatchListResource {
public ResponseEntity<UserWatchListDTO> updateUserWatchList(@Valid @RequestBody UserWatchListDTO userWatchListDTO) throws URISyntaxException {
log.debug("REST request to update UserWatchList : {}", userWatchListDTO);
Long id = userWatchListDTO.getId();
if(id==null) {
return ResponseEntity.notFound().headers(HeaderUtil.createFailureAlert(applicationName, true, "UserWatchList", "not found",
"There was an error: id was null.")).build();
}
userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist");
if (userWatchListDTO.getId() == null) {
if (id == null) {
throw new BadRequestAlertException("Invalid id", ENTITY_NAME, "idnull");
}
try {
userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist", true);
} catch (IllegalAccessError e) {
throw new BadRequestAlertException("Empty id", ENTITY_NAME, "");
}
UserWatchListDTO result = userWatchListService.save(userWatchListDTO);
return ResponseEntity.ok()
.headers(HeaderUtil.createEntityUpdateAlert(applicationName, true, ENTITY_NAME, userWatchListDTO.getId().toString()))
......@@ -234,7 +234,7 @@ public class UserWatchListResource {
*/
@GetMapping("/user-watch-lists/{id}")
public ResponseEntity<UserWatchListDTO> getUserWatchList(@PathVariable Long id) {
userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist");
userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist", false);
log.debug("REST request to get UserWatchList : {}", id);
Optional<UserWatchListDTO> userWatchListDTO = userWatchListService.findOne(id);
return ResponseUtil.wrapOrNotFound(userWatchListDTO);
......@@ -248,7 +248,7 @@ public class UserWatchListResource {
*/
@DeleteMapping("/user-watch-lists/{id}")
public ResponseEntity<Void> deleteUserWatchList(@PathVariable Long id) {
userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist");
userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist", true);
log.debug("REST request to delete UserWatchList : {}", id);
userWatchListService.delete(id);
return ResponseEntity.noContent().headers(HeaderUtil.createEntityDeletionAlert(applicationName, true, ENTITY_NAME, id.toString())).build();
......@@ -291,7 +291,7 @@ public class UserWatchListResource {
public SearchResultsDTO
searchExercisesOnWatchlist(@PathVariable Long id, @RequestBody Integer page) throws IOException {
if(page == null) page = 0;
userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist");
userWatchListService.checkAccessToWatchList(id, "searchExercisesOnWatchlist", true);
final List<WatchListEntryDTO> entriesForWatchlist = watchListEntryService.getEntriesForWatchlist(id);
return searchService.watchListResultPage(entriesForWatchlist.stream().map(entry -> entry.getExerciseId()), page, SearchInputDTO.PAGE_SIZE);
}
......
......@@ -84,7 +84,7 @@ public class WatchListEntryResource {
*/
@PostMapping("/currentuser-watch-list-entries")
public ResponseEntity<WatchListEntryDTO> createWatchListEntryForCurrentUser(@Valid @RequestBody WatchListEntryDTO watchListEntryDTO) throws URISyntaxException {
userWatchListService.checkAccessToWatchList(watchListEntryDTO.getWatchlistId(), watchListEntryDTO.getExerciseName());
userWatchListService.checkAccessToWatchList(watchListEntryDTO.getWatchlistId(), watchListEntryDTO.getExerciseName(), false);
return createWatchListEntry(watchListEntryDTO);
}
......@@ -176,14 +176,14 @@ public class WatchListEntryResource {
@GetMapping("/currentuser-watch-lists/{id}/entries")
public ResponseEntity<List<WatchListEntryDTO>> getWatchListEntriesIfCurrentUser(@PathVariable Long id) {
userWatchListService.checkAccessToWatchList(id, "getWatchlist");
userWatchListService.checkAccessToWatchList(id, "getWatchlist", true);
return getWatchListEntries(id);
}
@DeleteMapping("/currentuser-watch-lists/{watchListId}/entries/{exerciseId}")
public ResponseEntity<Void> deleteWatchListEntryIfCurrentUser(
@PathVariable("watchListId") Long watchListId, @PathVariable String exerciseId) {
userWatchListService.checkAccessToWatchList(watchListId, "deleteOnWatchlist");
userWatchListService.checkAccessToWatchList(watchListId, "deleteOnWatchlist", true);
watchListEntryService.deleteInWatchlist(watchListId, exerciseId);
return ResponseEntity.noContent().headers(HeaderUtil.createEntityDeletionAlert(applicationName, true, ENTITY_NAME, exerciseId)).build();
}
......
......@@ -383,11 +383,34 @@ public class UserWatchListResourceIT {
@Test
@Transactional
@WithMockUser(authorities = AuthoritiesConstants.USER)
public void updateNonExistingUserWatchList() throws Exception {
int databaseSizeBeforeUpdate = userWatchListRepository.findAll().size();
// Create the UserWatchList
UserWatchListDTO userWatchListDTO = userWatchListMapper.toDto(userWatchList);
userWatchListDTO.setId(Long.MAX_VALUE);
// If the entity doesn't have an ID, it will throw BadRequestAlertException
restUserWatchListMockMvc.perform(put("/api/user-watch-lists")
.with(csrf().asHeader())
.contentType(MediaType.APPLICATION_JSON)
.content(TestUtil.convertObjectToJsonBytes(userWatchListDTO)))
.andExpect(status().isBadRequest());
// Validate the UserWatchList in the database
List<UserWatchList> userWatchListList = userWatchListRepository.findAll();
assertThat(userWatchListList).hasSize(databaseSizeBeforeUpdate);
}
@Test
@Transactional
public void updatChangeUserWatchListWithoutId() throws Exception {
int databaseSizeBeforeUpdate = userWatchListRepository.findAll().size();
// Create the UserWatchList
UserWatchListDTO userWatchListDTO = userWatchListMapper.toDto(userWatchList);
userWatchListDTO.setId(null);
// If the entity doesn't have an ID, it will throw BadRequestAlertException
restUserWatchListMockMvc.perform(put("/api/user-watch-lists")
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment