Examples with Book com.aidanwhiteley.books.domain.Book used on opensource projects

Example 21 with Book

use of com.aidanwhiteley.books.domain.Book in project books by aidanwhiteley.

the class BookSecureController method removeCommentFromBook.

@RequestMapping(value = "/books/{id}/comments/{commentId}", method = DELETE)
public Book removeCommentFromBook(@PathVariable("id") String id, @PathVariable("commentId") String commentId, Principal principal) {
    Optional<User> user = authUtils.extractUserFromPrincipal(principal, false);
    if (user.isPresent()) {
        Book currentBook = bookRepository.findById(id).orElseThrow(() -> new IllegalArgumentException("Unable to find book to delete comment from"));
        Comment comment = currentBook.getComments().stream().filter(c -> c.getId().equals(commentId)).findFirst().orElse(null);
        if (comment == null) {
            throw new IllegalArgumentException("Unknown commentId supplied");
        }
        if (comment.isOwner(user.get()) || user.get().getRoles().contains(User.Role.ROLE_ADMIN)) {
            return bookRepository.removeCommentFromBook(id, commentId, user.get().getFullName());
        } else {
            throw new AccessForbiddenException("Not owner of comment or admin");
        }
    } else {
        return null;
    }
}

Example 22 with Book

use of com.aidanwhiteley.books.domain.Book in project books by aidanwhiteley.

the class BookSecureController method createBook.

@RequestMapping(value = "/books", method = POST)
public ResponseEntity<Book> createBook(@Valid @RequestBody Book book, Principal principal, HttpServletRequest request) throws MalformedURLException, URISyntaxException {
    Optional<User> user = authUtils.extractUserFromPrincipal(principal, false);
    if (user.isPresent()) {
        book.setCreatedBy(new Owner(user.get()));
        // implementation.
        if (book.getGoogleBookId() != null && book.getGoogleBookId().length() > 0) {
            book.setGoogleBookDetails(googleBooksDaoSync.searchGoogleBooksByGoogleBookId(book.getGoogleBookId()));
        }
        Book insertedBook = bookRepository.insert(book);
        URI location = ServletUriComponentsBuilder.fromCurrentRequest().path("/{id}").buildAndExpand(insertedBook.getId()).toUri();
        // Basic GET of book details are not on a secure API
        location = new URI(location.toURL().toString().replaceAll("/secure", ""));
        return ResponseEntity.created(location).build();
    } else {
        LOGGER.error("Couldnt create a book as user to own book not found! Principal: {}", principal);
        return ResponseEntity.status(HttpStatus.FORBIDDEN).build();
    }
}

Example 23 with Book

use of com.aidanwhiteley.books.domain.Book in project books by aidanwhiteley.

the class LimitDataVisibilityAspect method limitPageOfBookDataImpl.

@SuppressWarnings("unchecked")
@Around("limitPageBookData()")
public Object limitPageOfBookDataImpl(ProceedingJoinPoint joinPoint) throws Throwable {
    Object retVal = joinPoint.proceed();
    Principal principal = getPrincipal(joinPoint);
    Optional<User> user = authUtils.extractUserFromPrincipal(principal, true);
    if (retVal instanceof Page) {
        if (LOGGER.isInfoEnabled()) {
            LOGGER.info("About to call setPermissionsAndContentForUser for {}", joinPoint.getSignature());
        }
        User theUser = user.orElse(null);
        ((Page<Book>) retVal).getContent().forEach(s -> s.setPermissionsAndContentForUser(theUser));
    } else {
        LOGGER.error("Unexpected return type found by aspect");
    }
    return retVal;
}