Example 6 with CustomAccessDeniedException
use of com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException in project 2021-msk-food-delivery by netcracker-edu.
the class ProductPositionController method acceptSupply.
@PostMapping(path = "/api/v1/productPosition")
@PreAuthorize("hasAnyAuthority('ADMIN', 'MODERATOR')")
public isCreatedDTO acceptSupply(@AuthenticationPrincipal User user, @Valid @RequestBody AcceptSupplyDTO acceptSupplyDTO) {
if (Role.isMODERATOR(user.getRole().toString())) {
if (!user.getModerator().getWarehouseId().equals(acceptSupplyDTO.getWarehouseId())) {
throw new CustomAccessDeniedException();
}
}
Long id = productPositionService.acceptSupply(acceptSupplyDTO);
isCreatedDTO isCreated = new isCreatedDTO();
isCreated.setId(id);
return isCreated;
}
Also used :
CustomAccessDeniedException(com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException)
com.ncedu.fooddelivery.api.v1.dto.isCreatedDTO(com.ncedu.fooddelivery.api.v1.dto.isCreatedDTO)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
Example 7 with CustomAccessDeniedException
use of com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException in project 2021-msk-food-delivery by netcracker-edu.
the class ProductPositionController method findFiltered.
@GetMapping("/api/v1/productPositions")
@PreAuthorize("hasAnyAuthority('ADMIN', 'MODERATOR')")
public ResponseEntity<List<ProductPositionInfoDTO>> findFiltered(@AuthenticationPrincipal User user, @Valid ProductPositionFilterDTO filterDTO, Pageable pageable) {
List<ProductPositionInfoDTO> filteredPositions;
if (user.getRole() == Role.MODERATOR) {
Long moderatorWarehouseId = user.getModerator().getWarehouseId();
if (filterDTO.getWarehouseId() != null) {
if (!filterDTO.getWarehouseId().equals(moderatorWarehouseId))
throw new CustomAccessDeniedException();
}
filterDTO.setWarehouseId(moderatorWarehouseId);
Specification<ProductPositionNotHierarchical> spec = ProductPositionSpecifications.getFilterSpecification(filterDTO);
filteredPositions = productPositionService.findFiltered(spec, pageable);
} else {
Specification<ProductPositionNotHierarchical> spec = ProductPositionSpecifications.getFilterSpecification(filterDTO);
filteredPositions = productPositionService.findFiltered(spec, pageable);
}
return ResponseEntity.status(HttpStatus.OK).body(filteredPositions);
}
Also used :
CustomAccessDeniedException(com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException)
ProductPositionNotHierarchical(com.ncedu.fooddelivery.api.v1.entities.productPosition.ProductPositionNotHierarchical)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
Example 8 with CustomAccessDeniedException
use of com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException in project 2021-msk-food-delivery by netcracker-edu.
the class OrderServiceImpl1 method changeOrderStatus.
@Override
public void changeOrderStatus(Order order, User user, ChangeOrderStatusDTO dto) {
if (user.getRole() == Role.MODERATOR) {
if (!order.getWarehouse().getId().equals(user.getModerator().getWarehouseId()))
throw new CustomAccessDeniedException();
} else if (user.getRole() == Role.COURIER) {
if (!order.getCourier().getId().equals(user.getCourier().getId()))
throw new CustomAccessDeniedException();
} else if (user.getRole() == Role.CLIENT) {
if (!order.getClient().getId().equals(user.getClient().getId()))
throw new CustomAccessDeniedException();
}
OrderStatus oldStatus = order.getStatus();
OrderStatus newStatus = dto.getNewStatus();
if (oldStatus == OrderStatus.CANCELLED || oldStatus == OrderStatus.DELIVERED || (oldStatus.ordinal() > newStatus.ordinal()))
throw new OrderStatusChangeException(order.getId());
order.setStatus(newStatus);
orderRepo.save(order);
}
Also used :
CustomAccessDeniedException(com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException)
Example 9 with CustomAccessDeniedException
use of com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException in project 2021-msk-food-delivery by netcracker-edu.
the class OrderServiceImpl1 method changeDeliveryRating.
@Override
public void changeDeliveryRating(Order order, ChangeRatingDTO dto, User user) {
if (order.getCourier() == null)
throw new CourierNotSetException();
if (!user.getId().equals(order.getClient().getId()))
throw new CustomAccessDeniedException();
order.setDeliveryRating(dto.getRating());
orderRepo.save(order);
}
Also used :
CustomAccessDeniedException(com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException)
Example 10 with CustomAccessDeniedException
use of com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException in project 2021-msk-food-delivery by netcracker-edu.
the class OrderServiceImpl1 method findFiltered.
@Override
public List<OrderInfoDTO> findFiltered(User user, OrderFilterDTO dto, Pageable pageable) {
Specification<Order> spec;
if (user.getRole() == Role.MODERATOR) {
Long moderatorWarehouseId = user.getModerator().getWarehouseId();
if (dto.getWarehouseId() != null) {
if (!dto.getWarehouseId().equals(moderatorWarehouseId))
throw new CustomAccessDeniedException();
}
}
spec = OrderSpecifications.getFilterSpecification(dto);
return orderRepo.findAll(spec, pageable).stream().map(order -> convertToOrderInfoDTO(order)).collect(Collectors.toList());
}
Also used :
Order(com.ncedu.fooddelivery.api.v1.entities.order.Order)
OrderProductPositionRepo(com.ncedu.fooddelivery.api.v1.repos.orderProductPosition.OrderProductPositionRepo)
java.util(java.util)
CoordsDTO(com.ncedu.fooddelivery.api.v1.dto.CoordsDTO)
com.ncedu.fooddelivery.api.v1.entities(com.ncedu.fooddelivery.api.v1.entities)
LocalDateTime(java.time.LocalDateTime)
Autowired(org.springframework.beans.factory.annotation.Autowired)
PrecisionModel(com.vividsolutions.jts.geom.PrecisionModel)
com.ncedu.fooddelivery.api.v1.dto.order(com.ncedu.fooddelivery.api.v1.dto.order)
OrderCostChangedEx(com.ncedu.fooddelivery.api.v1.errors.orderRegistration.OrderCostChangedEx)
OrderSpecifications(com.ncedu.fooddelivery.api.v1.specifications.OrderSpecifications)
NotFoundEx(com.ncedu.fooddelivery.api.v1.errors.notfound.NotFoundEx)
Service(org.springframework.stereotype.Service)
com.ncedu.fooddelivery.api.v1.dto.areCreatedDTO(com.ncedu.fooddelivery.api.v1.dto.areCreatedDTO)
Geometry(com.vividsolutions.jts.geom.Geometry)
Pageable(org.springframework.data.domain.Pageable)
OrderProductPosition(com.ncedu.fooddelivery.api.v1.entities.orderProductPosition.OrderProductPosition)
ProductRepo(com.ncedu.fooddelivery.api.v1.repos.ProductRepo)
Coordinate(com.vividsolutions.jts.geom.Coordinate)
ProductMapper(com.ncedu.fooddelivery.api.v1.mappers.ProductMapper)
Predicate(java.util.function.Predicate)
OrderRepo(com.ncedu.fooddelivery.api.v1.repos.order.OrderRepo)
WarehouseService(com.ncedu.fooddelivery.api.v1.services.WarehouseService)
WarehouseInfoDTO(com.ncedu.fooddelivery.api.v1.dto.warehouseDTOs.WarehouseInfoDTO)
CourierRepo(com.ncedu.fooddelivery.api.v1.repos.CourierRepo)
ProductPositionRepo(com.ncedu.fooddelivery.api.v1.repos.productPosition.ProductPositionRepo)
CourierAvailabilityEx(com.ncedu.fooddelivery.api.v1.errors.orderRegistration.CourierAvailabilityEx)
OrderService(com.ncedu.fooddelivery.api.v1.services.OrderService)
Collectors(java.util.stream.Collectors)
Order(com.ncedu.fooddelivery.api.v1.entities.order.Order)
ProductAvailabilityEx(com.ncedu.fooddelivery.api.v1.errors.orderRegistration.ProductAvailabilityEx)
ProductDTO(com.ncedu.fooddelivery.api.v1.dto.product.ProductDTO)
Specification(org.springframework.data.jpa.domain.Specification)
WarehouseCoordsBindingEx(com.ncedu.fooddelivery.api.v1.errors.orderRegistration.WarehouseCoordsBindingEx)
ProductPosition(com.ncedu.fooddelivery.api.v1.entities.productPosition.ProductPosition)
CustomAccessDeniedException(com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException)
GeometryFactory(com.vividsolutions.jts.geom.GeometryFactory)
com.ncedu.fooddelivery.api.v1.errors.badrequest(com.ncedu.fooddelivery.api.v1.errors.badrequest)
CourierService(com.ncedu.fooddelivery.api.v1.services.CourierService)
Transactional(org.springframework.transaction.annotation.Transactional)
CustomAccessDeniedException(com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException)
Aggregations
CustomAccessDeniedException (com.ncedu.fooddelivery.api.v1.errors.security.CustomAccessDeniedException)16
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)6
NotFoundEx (com.ncedu.fooddelivery.api.v1.errors.notfound.NotFoundEx)5
ProductPosition (com.ncedu.fooddelivery.api.v1.entities.productPosition.ProductPosition)4
IOException (java.io.IOException)4
Path (java.nio.file.Path)4
Order (com.ncedu.fooddelivery.api.v1.entities.order.Order)3
BadFileExtensionException (com.ncedu.fooddelivery.api.v1.errors.badrequest.BadFileExtensionException)3
ResponseEntity (org.springframework.http.ResponseEntity)3
File (com.ncedu.fooddelivery.api.v1.entities.File)2
User (com.ncedu.fooddelivery.api.v1.entities.User)2
FileDeleteException (com.ncedu.fooddelivery.api.v1.errors.badrequest.FileDeleteException)2
Test (org.junit.jupiter.api.Test)2
SpringBootTest (org.springframework.boot.test.context.SpringBootTest)2
MockMultipartFile (org.springframework.mock.web.MockMultipartFile)2
MultipartFile (org.springframework.web.multipart.MultipartFile)2
CoordsDTO (com.ncedu.fooddelivery.api.v1.dto.CoordsDTO)1
com.ncedu.fooddelivery.api.v1.dto.areCreatedDTO (com.ncedu.fooddelivery.api.v1.dto.areCreatedDTO)1
FileLinkDTO (com.ncedu.fooddelivery.api.v1.dto.file.FileLinkDTO)1
com.ncedu.fooddelivery.api.v1.dto.isCreatedDTO (com.ncedu.fooddelivery.api.v1.dto.isCreatedDTO)1
