diff --git a/restservice/src/main/java/com/plannaplan/controllers/CommisionController.java b/restservice/src/main/java/com/plannaplan/controllers/CommisionController.java index 864b8de..0c95549 100755 --- a/restservice/src/main/java/com/plannaplan/controllers/CommisionController.java +++ b/restservice/src/main/java/com/plannaplan/controllers/CommisionController.java @@ -24,6 +24,7 @@ import com.plannaplan.types.UserRoles; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.util.Assert; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; @@ -94,4 +95,14 @@ public class CommisionController extends TokenBasedController { return new ResponseEntity<>(result, HttpStatus.OK); } + @PreAuthorize("hasRole('ROLE_DEANERY')") + @GetMapping("/user/{id}") + public ResponseEntity> getCommision(@PathVariable(name = "id") Long userId) + throws UserNotFoundException { + User user = this.userService.getById(userId).orElseThrow(() -> new NullPointerException()); + List result = CommisionResponseMappers + .mapToResponse(this.commisionService.getUsersCommisions(user)); + return new ResponseEntity<>(result, HttpStatus.OK); + } + } diff --git a/restservice/src/test/java/com/plannaplan/controllers/CommisionControllerTest.java b/restservice/src/test/java/com/plannaplan/controllers/CommisionControllerTest.java index eca8c45..883840b 100755 --- a/restservice/src/test/java/com/plannaplan/controllers/CommisionControllerTest.java +++ b/restservice/src/test/java/com/plannaplan/controllers/CommisionControllerTest.java @@ -42,6 +42,7 @@ public class CommisionControllerTest extends AbstractControllerTest { private static final String ADD_COMMISION_ENDPOINT = "/api/v1/commisions/add"; private static final String GET_COMMISIONS_ENDPOINT = "/api/v1/commisions/getAllCommisions"; + private static final String GET_SOMEONE_COMMISIONS_ENDPOINT = "/api/v1/commisions/user"; private static final MediaType APPLICATION_JSON_UTF8 = new MediaType(MediaType.APPLICATION_JSON.getType(), MediaType.APPLICATION_JSON.getSubtype(), Charset.forName("utf8")); @@ -157,6 +158,28 @@ public class CommisionControllerTest extends AbstractControllerTest { .andExpect(status().is4xxClientError()); } + @Test + public void shouldGetStudentCommisionsListByDeanary() throws Exception { + this.checkUsers(); + + final String token = this.service.login(TEST_COMMISIONS_DEANERY_EMAIL); + + MockMvc mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext).apply(springSecurity()).build(); + mockMvc.perform(get(GET_SOMEONE_COMMISIONS_ENDPOINT + "/" + CommisionControllerTest.user.getId().toString()) + .header("Authorization", "Bearer " + token)).andExpect(status().isOk()); + } + + @Test + public void shouldFailStudentCommisionsListByOtherStudent() throws Exception { + this.checkUsers(); + + final String token = this.service.login(TEST_COMMISIONS_STUDENT_EMAIL); + + MockMvc mockMvc = MockMvcBuilders.webAppContextSetup(webApplicationContext).apply(springSecurity()).build(); + mockMvc.perform(get(GET_SOMEONE_COMMISIONS_ENDPOINT + "/" + CommisionControllerTest.user.getId().toString()) + .header("Authorization", "Bearer " + token)).andExpect(status().is4xxClientError()); + } + private void checkUsers() { if (CommisionControllerTest.user == null) { CommisionControllerTest.user = new User(null, null, TEST_COMMISIONS_STUDENT_EMAIL, UserRoles.STUDENT);