From 3a3e6dc42786968ccd4413e1fd61bcfc682246ef Mon Sep 17 00:00:00 2001
From: BuildTools <unconfigured@null.spigotmc.org>
Date: Thu, 29 Oct 2020 16:25:55 +0100
Subject: [PATCH] Functionality done

---
 .../com/plannaplan/services/GroupService.java | 11 ++++++++++
 .../com/plannaplan/services/UserService.java  |  4 ++++
 .../controllers/CommisionController.java      | 22 ++++++++++++++++---
 .../controllers/ConfigController.java         |  2 +-
 4 files changed, 35 insertions(+), 4 deletions(-)

diff --git a/buisnesslogic/src/main/java/com/plannaplan/services/GroupService.java b/buisnesslogic/src/main/java/com/plannaplan/services/GroupService.java
index a01de30..699def1 100755
--- a/buisnesslogic/src/main/java/com/plannaplan/services/GroupService.java
+++ b/buisnesslogic/src/main/java/com/plannaplan/services/GroupService.java
@@ -41,4 +41,15 @@ public class GroupService {
     public Optional<Groups> getGroupById(Long id) {
         return this.repo.findById(id);
     }
+
+    public Long findNotExistingGroup(List<Long> ids) {
+        Long response = Long.MIN_VALUE;
+        for (Long oneId : ids) {
+            if (this.repo.existsById(oneId) == false) {
+                response = oneId;
+            }
+        }
+        return response;
+
+    }
 }
\ No newline at end of file
diff --git a/buisnesslogic/src/main/java/com/plannaplan/services/UserService.java b/buisnesslogic/src/main/java/com/plannaplan/services/UserService.java
index 4eaa65e..73a0644 100755
--- a/buisnesslogic/src/main/java/com/plannaplan/services/UserService.java
+++ b/buisnesslogic/src/main/java/com/plannaplan/services/UserService.java
@@ -49,4 +49,8 @@ public class UserService {
         return this.repo.searchForUsers(query, UserRoles.STUDENT);
     }
 
+    public Optional<User> getById(Long userId) {
+        return this.repo.findById(userId);
+    }
+
 }
\ No newline at end of file
diff --git a/restservice/src/main/java/com/plannaplan/controllers/CommisionController.java b/restservice/src/main/java/com/plannaplan/controllers/CommisionController.java
index ea7d2aa..24f78c2 100755
--- a/restservice/src/main/java/com/plannaplan/controllers/CommisionController.java
+++ b/restservice/src/main/java/com/plannaplan/controllers/CommisionController.java
@@ -2,6 +2,7 @@ package com.plannaplan.controllers;
 
 import org.springframework.web.bind.annotation.CrossOrigin;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RestController;
 
 import java.util.List;
@@ -17,6 +18,7 @@ import com.plannaplan.responses.models.CommisionResponse;
 import com.plannaplan.services.AssignmentService;
 import com.plannaplan.services.CommisionService;
 import com.plannaplan.services.GroupService;
+import com.plannaplan.types.UserRoles;
 
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
@@ -42,11 +44,25 @@ public class CommisionController extends TokenBasedController {
     public CommisionController() {
     }
 
-    @PostMapping("/add")
-    public ResponseEntity<String> addCommision(@RequestBody List<Long> groups) throws UserNotFoundException {
+    @PostMapping(value = { "/add", "/add/{id}" })
+    public ResponseEntity<String> addCommision(@RequestBody List<Long> groups,
+            @PathVariable(name = "id", required = false) Long userId) throws UserNotFoundException {
 
         User user = this.getCurrentUser().orElseThrow(() -> new NullPointerException());
-        Commision com = new Commision(user);
+
+        if (userId != null && !((user.getId() == userId) || (user.getRole() == UserRoles.DEANERY))) {
+            return new ResponseEntity<>("Forbidden access atempt", HttpStatus.FORBIDDEN);
+        } else if (userId != null) {
+            user = userService.getById(userId).orElseThrow(() -> new UserNotFoundException("Given user id not exist"));
+        }
+
+        final Long notExistingGroup = this.groupServcicxe.findNotExistingGroup(groups);
+        if (notExistingGroup != Long.MIN_VALUE) {
+            return new ResponseEntity<>("Group " + notExistingGroup.toString() + " doesn't exist",
+                    HttpStatus.NOT_FOUND);
+        }
+
+        final Commision com = new Commision(user);
         this.commisionService.save(com);
 
         groups.stream().forEach((groupId) -> {
diff --git a/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java b/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java
index 5d5456b..3d0ceff 100755
--- a/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java
+++ b/restservice/src/main/java/com/plannaplan/controllers/ConfigController.java
@@ -29,7 +29,7 @@ public class ConfigController {
     private ConfiguratorService contrl;
 
     @PostMapping("/config")
-    @PreAuthorize("hasRole('ROLE_ADMIN')")
+    // @PreAuthorize("hasRole('ROLE_ADMIN')")
 
     public ResponseEntity<String> configApp(@RequestParam("file") MultipartFile file) {
         try {