Examples with CustomAccessDeniedException com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException used on opensource projects

Example 1 with CustomAccessDeniedException

use of com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException in project 2021-msk-food-delivery by netcracker-edu.

the class FileServiceImpl method replace.

@Override
public FileLinkDTO replace(MultipartFile newFile, File oldFile, User authedUser) {
    boolean isAdminOrOwner = checkAdminOrOwner(oldFile, authedUser);
    if (!isAdminOrOwner) {
        log.error(authedUser.getEmail() + " not Admin and not Owner of the file " + oldFile.getId().toString());
        throw new CustomAccessDeniedException();
    }
    try {
        String originalFileName = newFile.getOriginalFilename();
        String newFileName = getFileNameWithoutExt(originalFileName);
        FileType fileType = getFileType(originalFileName);
        Long fileSize = newFile.getSize();
        Path fullPathToFile = createFullPathToFile(oldFile.getId());
        if (authedUser.getRole() == Role.CLIENT || authedUser.getRole() == Role.COURIER) {
            InputStream is = newFile.getInputStream();
            BufferedImage bufferedImage = ImageIO.read(is);
            boolean isExceedImageSize = checkExceedImageSize(bufferedImage);
            if (isExceedImageSize) {
                bufferedImage = resizeImage(bufferedImage);
            }
            if (fileType == FileType.PNG) {
                bufferedImage = convertPNGtoJPG(bufferedImage);
            }
            ImageIO.write(bufferedImage, "jpg", fullPathToFile.toFile());
            fileSize = Files.size(fullPathToFile);
            fileType = FileType.JPEG;
        } else {
            Files.copy(newFile.getInputStream(), fullPathToFile, StandardCopyOption.REPLACE_EXISTING);
        }
        oldFile.setName(newFileName);
        oldFile.setType(fileType);
        oldFile.setSize(fileSize);
        oldFile.setUploadDate(Timestamp.valueOf(LocalDateTime.now()));
        fileRepo.save(oldFile);
        String fileLink = createFileLink(oldFile.getId());
        return new FileLinkDTO(fileLink, oldFile.getId().toString());
    } catch (BadFileExtensionException e) {
        throw e;
    } catch (Exception e) {
        log.error(e.getMessage(), e);
        throw new FileStorageException();
    }
}

Example 2 with CustomAccessDeniedException

use of com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException in project 2021-msk-food-delivery by netcracker-edu.

the class FileServiceImpl method delete.

@Override
public void delete(File file, User authedUser) {
    boolean isAdminOrOwner = checkAdminOrOwner(file, authedUser);
    if (!isAdminOrOwner) {
        log.error(authedUser.getEmail() + " not Admin and not Owner of the file " + file.getId().toString());
        throw new CustomAccessDeniedException();
    }
    try {
        fileRepo.delete(file);
        Path fullFilePath = createFullPathToFile(file.getId());
        Files.deleteIfExists(fullFilePath);
        Path fileParentDirPath = fullFilePath.getParent();
        log.debug("PARENT DIR PATH: " + fileParentDirPath + "\n");
        boolean isParentDirEmpty = checkParentDirEmpty(fileParentDirPath);
        if (isParentDirEmpty) {
            Files.delete(fileParentDirPath);
        }
    } catch (IOException e) {
        throw new FileDeleteException();
    }
}

Example 3 with CustomAccessDeniedException

use of com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException in project 2021-msk-food-delivery by netcracker-edu.

the class OrderServiceImpl1 method findFilteredAmount.

@Override
public OrdersAmountDTO findFilteredAmount(User user, OrderFilterDTO dto) {
    Specification<Order> spec;
    if (user.getRole() == Role.MODERATOR) {
        Long moderatorWarehouseId = user.getModerator().getWarehouseId();
        if (dto.getWarehouseId() != null) {
            if (!dto.getWarehouseId().equals(moderatorWarehouseId))
                throw new CustomAccessDeniedException();
        }
    }
    spec = OrderSpecifications.getFilterSpecification(dto);
    return new OrdersAmountDTO(orderRepo.count(spec));
}

Example 4 with CustomAccessDeniedException

use of com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException in project 2021-msk-food-delivery by netcracker-edu.

the class OrderServiceImpl1 method replaceCourier.

@Override
public void replaceCourier(Order order, User user) {
    if (user.getRole() == Role.MODERATOR) {
        if (!order.getWarehouse().getId().equals(user.getModerator().getWarehouseId()))
            throw new CustomAccessDeniedException();
    }
    if (order.getStatus() == OrderStatus.CANCELLED || order.getStatus() == OrderStatus.DELIVERED)
        throw new CourierReplaceException();
    Courier currentCourier = order.getCourier();
    if (currentCourier == null)
        throw new CourierNotSetException();
    Courier newCourier = courierRepo.getWaitingCourierByWarehouse(order.getWarehouse().getId());
    order.setCourier(newCourier);
    orderRepo.save(order);
}

Example 5 with CustomAccessDeniedException

use of com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException in project 2021-msk-food-delivery by netcracker-edu.

the class ProductPositionController method shipProductPositionsFromOrder.

@PatchMapping("/api/v1/order/{id}/productPositions/currentAmount")
@PreAuthorize("hasAnyAuthority('ADMIN', 'MODERATOR')")
public ResponseEntity<?> shipProductPositionsFromOrder(@Min(value = 1) @Max(value = Long.MAX_VALUE) @PathVariable(name = "id") Long id, @Valid @RequestBody ProductPositionsShipmentDTO productPositionsShipmentDTO, @AuthenticationPrincipal User user) {
    Order order = orderService.getOrder(id);
    if (order == null)
        throw new NotFoundEx(String.valueOf(id));
    if (user.getRole() == Role.MODERATOR) {
        if (!user.getModerator().getWarehouseId().equals(order.getWarehouse().getId()))
            throw new CustomAccessDeniedException();
    }
    productPositionService.shipProductPositions(id, productPositionsShipmentDTO);
    return new ResponseEntity<>(HttpStatus.OK);
}