tonitch/Clyde
1
0
Fork 0
forked from PGL/Clyde
Code Pull Requests Activity

added security to the post of course and GET /courses

Browse Source
This commit is contained in:
Bartha Maxime 2024-03-17 02:15:08 +01:00
parent 474a8d3f31
commit 6e6bd285af
2 changed files with 22 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
backend/src/main/java/ovh/herisson/Clyde/EndPoints/CourseController.java
View File

@ -40,6 +40,15 @@ public class CourseController {
return new ResponseEntity<>(foundCourse, HttpStatus.OK);
}
@GetMapping("/courses")
public ResponseEntity<Iterable<Course>> getAllCourses(@RequestHeader("Authorization") String token){
if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(courseServ.findAll(),HttpStatus.OK);
}
@PostMapping("/course")
public ResponseEntity<Course> postCourse(@RequestHeader("Authorization") String token,
@ -49,7 +58,11 @@ public class CourseController {
if (authServ.isNotIn(new Role[]{Role.Secretary,Role.Admin},token))
return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(courseServ.save(course), HttpStatus.CREATED);
Course createdCourse = courseServ.save(course);
if (createdCourse == null)
return new ResponseEntity<>(null,HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(createdCourse, HttpStatus.CREATED);
}

8
backend/src/main/java/ovh/herisson/Clyde/Services/CourseService.java
View File

@ -17,6 +17,8 @@ public class CourseService {
}
public Course save(Course course){
if (course.getOwner().getRole() != Role.Teacher)
return null;
return courseRepo.save(course);
}
@ -24,6 +26,11 @@ public class CourseService {
return courseRepo.findById(id);
}
public Iterable<Course> findAll() {
return courseRepo.findAll();
}
public boolean modifyData(long id, Map<String, Object> updates, Role role) {
Course target = courseRepo.findById(id);
@ -62,4 +69,5 @@ public class CourseService {
courseRepo.save(target);
return true;
}
}