package com.plannaplan.controllers; import java.util.List; import java.util.Optional; import com.plannaplan.App; import com.plannaplan.entities.User; import com.plannaplan.responses.mappers.UserResponseMappers; import com.plannaplan.responses.models.UserResponse; import com.plannaplan.services.UserService; import com.plannaplan.types.UserRoles; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity; import org.springframework.web.bind.annotation.CrossOrigin; import org.springframework.web.bind.annotation.RestController; import io.swagger.annotations.Api; import io.swagger.annotations.ApiOperation; import io.swagger.annotations.ApiParam; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; /** * Rest controller to assignments related endpoints. More detailed api docs is * available via swagger */ @RestController @CrossOrigin @RequestMapping("/api/" + App.API_VERSION + "/users") @EnableGlobalMethodSecurity(prePostEnabled = true) @Api(tags = { "Users" }, value = "Users", description = "Endpoints to deal with users.") public class UsersController { @Autowired private UserService userService; /** * @param query to filrer userst with STUDENT role * @return list found */ @GetMapping("/student/search") @PreAuthorize("hasRole('ROLE_DEANERY')") @ApiOperation(value = "Serch for user by providing query. If query is empty it will return all students. You need token with DEANERY role to call this") public ResponseEntity> searchForStudent( @RequestParam("query") @ApiParam(value = "Query to filter all students. If empty will match everyone") String query) { final List searches = this.userService.searchForStudents(query); final List response = UserResponseMappers.mapToDefaultResponse(searches); return new ResponseEntity<>(response, HttpStatus.OK); } /** * @return list of all studnents */ @GetMapping("/students") @PreAuthorize("hasRole('ROLE_DEANERY')") @ApiOperation(value = "Gets all students. You need token with DEANERY role to call this") public ResponseEntity> getAllStudents() { final List searches = this.userService.getAllStudents(); final List response = UserResponseMappers.mapToDefaultResponse(searches); return new ResponseEntity<>(response, HttpStatus.OK); } /** * @param authority USOS ID or E-mail. If user does not exist it should be USOS * ID * @return response entity was operation with succcesss */ @PostMapping(path = "/admin") @PreAuthorize("hasRole('ROLE_ADMIN')") @ApiOperation(value = "Adds new admin user.") public ResponseEntity addAdmin( @RequestParam("authority") @ApiParam(value = "USOS ID or E-mail. If user does not exist it should be USOS ID") String authority) { final Optional userResponse = this.userService.getByAuthority(authority); final User user = userResponse.orElseGet(() -> new User(null, null, null, authority, UserRoles.ADMIN)); user.setRole(UserRoles.ADMIN); this.userService.save(user); return new ResponseEntity<>("Success", HttpStatus.OK); } /** * @param authority USOS ID or E-mail. If user does not exist it should be USOS * ID * @return response entity was operation with succcesss */ @PostMapping(path = "/deanery") @PreAuthorize("hasRole('ROLE_ADMIN')") @ApiOperation(value = "Adds new deanery user.") public ResponseEntity addDeanery( @RequestParam("authority") @ApiParam(value = "USOS ID or E-mail. If user does not exist it should be USOS ID") String authority) { final Optional userResponse = this.userService.getByAuthority(authority); final User user = userResponse.orElseGet(() -> new User(null, null, null, authority, UserRoles.DEANERY)); user.setRole(UserRoles.DEANERY); this.userService.save(user); return new ResponseEntity<>("Success", HttpStatus.OK); } }