diff --git a/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java b/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java index 31f52d9..146dc12 100755 --- a/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java +++ b/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java @@ -96,34 +96,6 @@ public class ConfigController { } } - @PostMapping(path = "/config/tours", consumes = { "multipart/form-data" }) - @PreAuthorize("hasRole('ROLE_ADMIN')") - @ApiOperation("Imports data to system. To call you need to provide ADMIN token") - public ResponseEntity configAppsasaas( - @RequestParam("file") @ApiParam(value = "file .xlsx that contains courses and groups with apoinnted rules") MultipartFile file, - @RequestParam("firstTourBegin") @DateTimeFormat(pattern = "dd.MM.yyyy") @ApiParam(value = "Date when first tour begin in format dd.MM.yyyy") Date firstTourBegin, - @RequestParam("firstTourEnd") @DateTimeFormat(pattern = "dd.MM.yyyy") @ApiParam(value = "Date when first tour ends in format dd.MM.yyyy") Date firstTourEnd, - @RequestParam("secondTourBegin") @DateTimeFormat(pattern = "dd.MM.yyyy") @ApiParam(value = "Date when second tour begin in format dd.MM.yyyy") Date secondTourBegin, - @RequestParam("secondTourEnd") @DateTimeFormat(pattern = "dd.MM.yyyy") @ApiParam(value = "Date when second tour ends in format dd.MM.yyyy") Date secondTourEnd) { - try { - if (!(firstTourBegin.before(firstTourEnd) - && (firstTourEnd.before(secondTourBegin) || firstTourEnd.equals(secondTourBegin)) - && secondTourBegin.before(secondTourEnd))) { - return new ResponseEntity<>("Bad dates", HttpStatus.BAD_REQUEST); - } - - final TourData firstTour = new TourData(firstTourBegin, firstTourEnd); - final TourData secondTour = new TourData(secondTourBegin, secondTourEnd); - - final ConfigData data = new ConfigData(firstTour, secondTour, file.getInputStream()); - this.contrl.config(data); - return new ResponseEntity<>("Sucess", HttpStatus.OK); - } catch (IOException e) { - return new ResponseEntity<>(e.getMessage(), HttpStatus.INTERNAL_SERVER_ERROR); - } - } - - @PostMapping(path = "/admin/init") @ApiOperation("It can be run only in the initialization of the application. It will create admin user to manage the application.") public ResponseEntity initAdmin(@RequestParam("ticket") @ApiParam(value = "Ticket for validation.") String ticket){ @@ -147,55 +119,4 @@ public class ConfigController { return new ResponseEntity<>("Internal Server Error", HttpStatus.INTERNAL_SERVER_ERROR); } } - - @PostMapping(path = "/admin/addnewdeanery", consumes = { "multipart/form-data" }) - @PreAuthorize("hasRole('ROLE_ADMIN')") - @ApiOperation("Adding the new deanery user into application") - public ResponseEntity AddNewDeaneryUser(@RequestParam("ticket") @ApiParam(value = "Ticket for validation.") String ticket){ - // if (this.userService.adminExists()){ - // return new ResponseEntity<>("Admin had been already created.", HttpStatus.FORBIDDEN); - // } - - final CasValidator validator = isDev ? new DefaultUAMCasValidator(serviceUrl, ticket) - : new CustomUAMCasValidator(serviceUrl, ticket); - - try { - final CasUserIdentity casUserIdentity = validator.validate(); - final String usosId = casUserIdentity.getUsosId(); - final String authority = casUserIdentity.getEmail(); - this.userService.save(new User(null, null, authority, usosId, UserRoles.DEANERY)); - - return new ResponseEntity<>("Success", HttpStatus.OK); - } catch (CasValidationExcepiton e) { - return new ResponseEntity<>("CAS validation failed", HttpStatus.UNAUTHORIZED); - } catch (Exception e) { - return new ResponseEntity<>("Internal Server Error", HttpStatus.INTERNAL_SERVER_ERROR); - } - } - - @PostMapping(path = "/admin/addnewadmin", consumes = { "multipart/form-data" }) - @PreAuthorize("hasRole('ROLE_ADMIN')") - @ApiOperation("Adding the new administrator user into application") - public ResponseEntity AddNewAdminUser(@RequestParam("ticket") @ApiParam(value = "Ticket for validation.") String ticket){ - // if (this.userService.adminExists()){ - // return new ResponseEntity<>("Admin had been already created.", HttpStatus.FORBIDDEN); - // } - - final CasValidator validator = isDev ? new DefaultUAMCasValidator(serviceUrl, ticket) - : new CustomUAMCasValidator(serviceUrl, ticket); - - try { - final CasUserIdentity casUserIdentity = validator.validate(); - final String usosId = casUserIdentity.getUsosId(); - final String authority = casUserIdentity.getEmail(); - this.userService.save(new User(null, null, authority, usosId, UserRoles.ADMIN)); - - return new ResponseEntity<>("Success", HttpStatus.OK); - } catch (CasValidationExcepiton e) { - return new ResponseEntity<>("CAS validation failed", HttpStatus.UNAUTHORIZED); - } catch (Exception e) { - return new ResponseEntity<>("Internal Server Error", HttpStatus.INTERNAL_SERVER_ERROR); - } - } - } \ No newline at end of file diff --git a/restservice/src/test/java/com/plannaplan/controllers/ConfigControllerTest.java b/restservice/src/test/java/com/plannaplan/controllers/ConfigControllerTest.java index a5f80f5..edee516 100755 --- a/restservice/src/test/java/com/plannaplan/controllers/ConfigControllerTest.java +++ b/restservice/src/test/java/com/plannaplan/controllers/ConfigControllerTest.java @@ -36,6 +36,7 @@ public class ConfigControllerTest extends AbstractControllerTest { private static final String FILE_NAME = "Zajecia.xlsx"; private static final String CONFIG_ENDPOINT = "/api/v1/configurator/config"; + private static final String COURSE_ENDPOINT = "/api/v1/configurator/config/courses"; private static final String ADMIN_INIT_ENDPOINT = "/api/v1/configurator/admin/init"; private static final String FIRST_TOUR_START = "firstTourBegin"; private static final String FIRST_TOUR_END = "firstTourEnd"; @@ -242,4 +243,33 @@ public class ConfigControllerTest extends AbstractControllerTest { mockMvc.perform(get(ADMIN_INIT_ENDPOINT).param("ticket", ticket)).andExpect(status().is4xxClientError()); } + @Test + public void shouldReturnOKAuthorizedForCourses() throws Exception { + final String mail = "shouldReturnOKAuthorizedForCourses@ConfigController.test"; + final User usr = this.service.save(new User(null, null, mail, UserRoles.ADMIN)); + + final InputStream inputStream = getClass().getClassLoader().getResourceAsStream(FILE_NAME); + final MockMultipartFile file = new MockMultipartFile("file", inputStream); + final String token = this.service.login(usr).getToken(); + + MockMvc mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext).apply(springSecurity()).build(); + mockMvc.perform(multipart(COURSE_ENDPOINT).file(file).header("Authorization", "Bearer " + token)) + .andExpect(status().isOk()); + + } + + @Test + public void shouldDeniedForCoursesDueToWrongRole() throws Exception { + final String mail = "shouldReturnOKAuthorizedForCourses@ConfigController.test"; + final User usr = this.service.save(new User(null, null, mail, UserRoles.TEST_USER)); + + final InputStream inputStream = getClass().getClassLoader().getResourceAsStream(FILE_NAME); + final MockMultipartFile file = new MockMultipartFile("file", inputStream); + final String token = this.service.login(usr).getToken(); + + MockMvc mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext).apply(springSecurity()).build(); + mockMvc.perform(multipart(COURSE_ENDPOINT).file(file).header("Authorization", "Bearer " + token)) + .andExpect(status().is4xxClientError()); + + } }