post User by secretary
This commit is contained in:
@ -74,7 +74,8 @@ public class ApplicationsController {
|
||||
authorizedApps.add(Applications.Requests);
|
||||
authorizedApps.add(Applications.StudentsList);}
|
||||
|
||||
if (!authServ.isNotIn(new Role[]{Role.Secretary,Role.Admin},token)){
|
||||
if (!authServ.isNotIn(new Role[]{Role.Secretary,Role.Admin},token)){
|
||||
authorizedApps.add(Applications.CreateUser);
|
||||
authorizedApps.add(Applications.UsersList);}
|
||||
|
||||
if (researchesServ.getResearcherByUser(user) != null)
|
||||
|
||||
@ -86,19 +86,20 @@ public class UserController {
|
||||
* @return a string clarifying the issue (if there is any)
|
||||
*/
|
||||
@PatchMapping("/user/{id}")
|
||||
public ResponseEntity<String> patchUser(@RequestHeader("Authorization") String token,
|
||||
public ResponseEntity<Map<String,Object>> patchUser(@RequestHeader("Authorization") String token,
|
||||
@RequestBody Map<String,Object> updates,
|
||||
@PathVariable Long id) {
|
||||
|
||||
if (token == null) return new UnauthorizedResponse<>(null);
|
||||
|
||||
User poster = authServ.getUserFromToken(token);
|
||||
if (poster == null) {return new UnauthorizedResponse<>("bad token");}
|
||||
if (poster == null) {return new UnauthorizedResponse<>(null);}
|
||||
|
||||
if (!userService.modifyData(id, updates, poster))
|
||||
User modified = userService.modifyData(id,updates,poster);
|
||||
if (modified ==null)
|
||||
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
|
||||
|
||||
return new ResponseEntity<>(null, HttpStatus.OK);
|
||||
return new ResponseEntity<>(ProtectionService.userWithoutPassword(modified), HttpStatus.OK);
|
||||
}
|
||||
|
||||
@GetMapping("/teachers")
|
||||
|
||||
@ -43,61 +43,55 @@ public class UserService {
|
||||
* @param targetId the id of the user to update
|
||||
* @return if the changes were done or not
|
||||
*/
|
||||
public boolean modifyData(long targetId, Map<String ,Object> updates, User poster){
|
||||
public User modifyData(long targetId, Map<String ,Object> updates, User poster){
|
||||
|
||||
User target = userRepo.findById(targetId);
|
||||
if (target == null)
|
||||
return false;
|
||||
return null;
|
||||
|
||||
if (poster.getRegNo().equals(target.getRegNo())){
|
||||
for (Map.Entry<String, Object> entry : updates.entrySet()){
|
||||
if (!target.getRegNo().equals(poster.getRegNo()) && !(poster.getRole() == Role.Secretary) &&
|
||||
!(poster.getRole() == Role.Admin))
|
||||
return null;
|
||||
|
||||
switch (entry.getKey()){
|
||||
case "firstName":
|
||||
target.setFirstName((String) entry.getValue());
|
||||
break;
|
||||
case "lastName":
|
||||
target.setLastName((String) entry.getValue());
|
||||
break;
|
||||
case "email":
|
||||
target.setEmail((String) entry.getValue());
|
||||
break;
|
||||
case "address":
|
||||
target.setAddress((String) entry.getValue());
|
||||
break;
|
||||
case "country":
|
||||
target.setCountry((String) entry.getValue());
|
||||
break;
|
||||
case "birthDate":
|
||||
target.setBirthDate((Date) entry.getValue());
|
||||
break;
|
||||
case "profilePictureUrl":
|
||||
target.setProfilePictureUrl((String) entry.getValue());
|
||||
break;
|
||||
case "password":
|
||||
target.setPassword(passwordEncoder.encode((String) entry.getValue()));
|
||||
break;
|
||||
}
|
||||
}
|
||||
userRepo.save(target);
|
||||
return true;
|
||||
}
|
||||
// the secretary can change roles (for example if a student becomes a teacher)
|
||||
else if (poster.getRole() == Role.Secretary)
|
||||
{
|
||||
for (Map.Entry<String, Object> entry : updates.entrySet()){
|
||||
|
||||
if ( entry.getKey().equals("role")) {
|
||||
|
||||
if (entry.getValue() == Role.Admin) {return false;}
|
||||
|
||||
target.setRole((Role) entry.getValue());
|
||||
userRepo.save(target);
|
||||
return true;
|
||||
}
|
||||
for (Map.Entry<String, Object> entry : updates.entrySet()){
|
||||
System.out.println(entry.getValue());
|
||||
switch (entry.getKey()){
|
||||
case "firstName":
|
||||
target.setFirstName((String) entry.getValue());
|
||||
break;
|
||||
case "lastName":
|
||||
target.setLastName((String) entry.getValue());
|
||||
break;
|
||||
case "email":
|
||||
target.setEmail((String) entry.getValue());
|
||||
break;
|
||||
case "address":
|
||||
target.setAddress((String) entry.getValue());
|
||||
break;
|
||||
case "country":
|
||||
target.setCountry((String) entry.getValue());
|
||||
break;
|
||||
case "birthDate":
|
||||
target.setBirthDate((Date) entry.getValue());
|
||||
break;
|
||||
case "profilePictureUrl":
|
||||
target.setProfilePictureUrl((String) entry.getValue());
|
||||
break;
|
||||
case "password":
|
||||
target.setPassword((String) entry.getValue());
|
||||
break;
|
||||
case "role":
|
||||
//a user can't change his own role
|
||||
if (poster.getRole()==Role.Secretary || poster.getRole() == Role.Admin){
|
||||
Role wanted = Role.valueOf((String) entry.getValue());
|
||||
if (wanted == Role.Admin && poster.getRole() != Role.Admin)
|
||||
return null;
|
||||
target.setRole(wanted);
|
||||
}
|
||||
}
|
||||
}
|
||||
return false;
|
||||
userRepo.save(target);
|
||||
return target;
|
||||
}
|
||||
|
||||
|
||||
@ -105,7 +99,7 @@ public class UserService {
|
||||
return passwordEncoder.matches(tryingPassword, user.getPassword());
|
||||
}
|
||||
|
||||
public User save(User user){
|
||||
public User save(User user){
|
||||
user.setPassword(passwordEncoder.encode(user.getPassword()));
|
||||
return userRepo.save(user);
|
||||
}
|
||||
|
||||
@ -23,5 +23,5 @@ public enum Applications {
|
||||
ManageResearcherProfile,
|
||||
|
||||
//the list of all researches (filterable)
|
||||
ListResearches, StudentsList
|
||||
ListResearches, CreateUser, StudentsList
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user