From e572f730654181af34e49e0dc829113f9d42bbea Mon Sep 17 00:00:00 2001 From: ddangelorb Date: Sat, 6 Nov 2021 18:49:21 -0300 Subject: [PATCH] Adding findById method and fixing ROLE return bug --- index.html | 2 +- .../wpdauth/controller/UsersController.java | 30 +++++++++++ .../wpdauth/dto/UsersResponseDTO.java | 9 ++-- .../wpdauth/repository/UsersRepository.java | 4 ++ .../wpdauth/service/UsersService.java | 6 ++- .../UsersServiceIntegrationTest.java | 12 +++++ swagger.yaml | 54 +++++++++++++++---- 7 files changed, 102 insertions(+), 15 deletions(-) diff --git a/index.html b/index.html index fb5086a..052d7d8 100644 --- a/index.html +++ b/index.html @@ -1,5 +1,5 @@ - + diff --git a/src/main/java/org/waterproofingdata/wpdauth/controller/UsersController.java b/src/main/java/org/waterproofingdata/wpdauth/controller/UsersController.java index dd802b2..0ab8aac 100644 --- a/src/main/java/org/waterproofingdata/wpdauth/controller/UsersController.java +++ b/src/main/java/org/waterproofingdata/wpdauth/controller/UsersController.java @@ -30,6 +30,36 @@ import io.swagger.annotations.Authorization; public class UsersController { @Autowired private UsersService userService; + + @GetMapping(value = "/{id}") + @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_INSTITUTION') or hasRole('ROLE_CLIENT')") + @ApiOperation( + value = "${UserController.findById}", + response = UsersResponseDTO.class, + authorizations = { @Authorization(value="apiKey") }, + notes = "This is the user findById search method." + ) + @ApiResponses(value = {// + @ApiResponse(code = 403, message = "Access denied"), // + @ApiResponse(code = 404, message = "The user doesn't exist"), // + @ApiResponse(code = 500, message = "Expired or invalid JWT token") + } + ) + public UsersResponseDTO findById ( + @ApiParam( + name = "id", + type = "Integer", + value = "user id", + example = "A positive numeric id.", + required = true + ) + @RequestParam Integer id + ) { + UsersResponseDTO urDTO = CustomMapper.map(userService.findById(id), UsersResponseDTO.class); + urDTO.setEduCemadenOrganization(userService.findEduCemadenOrganizationById(urDTO.getId())); + urDTO.setProviderActivationKey(userService.findProviderActivationKeyById(urDTO.getId())); + return urDTO; + } @PostMapping("/existsByUsername") @ApiOperation( diff --git a/src/main/java/org/waterproofingdata/wpdauth/dto/UsersResponseDTO.java b/src/main/java/org/waterproofingdata/wpdauth/dto/UsersResponseDTO.java index 3f020cd..259e178 100644 --- a/src/main/java/org/waterproofingdata/wpdauth/dto/UsersResponseDTO.java +++ b/src/main/java/org/waterproofingdata/wpdauth/dto/UsersResponseDTO.java @@ -5,6 +5,7 @@ import lombok.Getter; import lombok.Setter; import java.sql.Date; +import java.util.List; import org.waterproofingdata.wpdauth.model.EduCemadenOrganizations; import org.waterproofingdata.wpdauth.model.Roles; @@ -149,13 +150,13 @@ public class UsersResponseDTO { @ApiModelProperty( position = 13, name = "institutiontype", - dataType = "String", - value = "institution type of the user.", - example = "i.e. 'ROLE_ADMIN' means system administrator, 'ROLE_INSTITUTION' means institution administrator, 'ROLE_CLIENT' means regular users", + dataType = "List", + value = "list of institution type of the user.", + example = "i.e. ['ROLE_ADMIN'] means system administrator, ['ROLE_INSTITUTION'] means institution administrator, ['ROLE_CLIENT'] means regular users", allowableValues = "{@code ROLE_ADMIN, ROLE_INSTITUTION, ROLE_CLIENT}", required = false ) - Roles role; + List roles; @ApiModelProperty( position = 14, diff --git a/src/main/java/org/waterproofingdata/wpdauth/repository/UsersRepository.java b/src/main/java/org/waterproofingdata/wpdauth/repository/UsersRepository.java index d80949c..4b67d7f 100644 --- a/src/main/java/org/waterproofingdata/wpdauth/repository/UsersRepository.java +++ b/src/main/java/org/waterproofingdata/wpdauth/repository/UsersRepository.java @@ -1,5 +1,7 @@ package org.waterproofingdata.wpdauth.repository; +import java.util.Optional; + import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.jpa.repository.Modifying; import org.springframework.data.jpa.repository.Query; @@ -8,6 +10,8 @@ import org.waterproofingdata.wpdauth.model.Users; @Transactional public interface UsersRepository extends JpaRepository { + Optional findById(Integer id); + boolean existsByUsername(String username); Users findByUsername(String username); diff --git a/src/main/java/org/waterproofingdata/wpdauth/service/UsersService.java b/src/main/java/org/waterproofingdata/wpdauth/service/UsersService.java index aa9f863..307b346 100644 --- a/src/main/java/org/waterproofingdata/wpdauth/service/UsersService.java +++ b/src/main/java/org/waterproofingdata/wpdauth/service/UsersService.java @@ -65,6 +65,10 @@ public class UsersService { } } + public Users findById(Integer id) { + return usersRepository.findById(id).orElseThrow(() -> new CustomException("The user doesn't exist", HttpStatus.NOT_FOUND)); + } + public boolean existsByUsername(String username) { return usersRepository.existsByUsername(username); } @@ -181,7 +185,7 @@ public class UsersService { } public Users whoami(HttpServletRequest req) { - return usersRepository.findByUsername(jwtTokenProvider.getUsername(jwtTokenProvider.resolveToken(req))); + return usersRepository.findByUsername(jwtTokenProvider.getUsername(jwtTokenProvider.resolveToken(req))); } public EduCemadenOrganizations findEduCemadenOrganizationById(Integer userid) { diff --git a/src/test/java/org/waterproofingdata/wpdauth/integrationtest/UsersServiceIntegrationTest.java b/src/test/java/org/waterproofingdata/wpdauth/integrationtest/UsersServiceIntegrationTest.java index 414a5fc..7bef940 100644 --- a/src/test/java/org/waterproofingdata/wpdauth/integrationtest/UsersServiceIntegrationTest.java +++ b/src/test/java/org/waterproofingdata/wpdauth/integrationtest/UsersServiceIntegrationTest.java @@ -97,6 +97,18 @@ public class UsersServiceIntegrationTest { assertEquals(Roles.ROLE_ADMIN, u.getRoles().get(0)); } + @Test + public void testAdmUserFindById() { + Users u = usersService.findById(1); + assertEquals("admin", u.getUsername()); + assertEquals("admin", u.getNickname()); + assertEquals("SP", u.getState()); + assertEquals("São Paulo", u.getCity()); + assertEquals(true, u.getTermsofusage()); + assertEquals(1, u.getActive()); + assertEquals(Roles.ROLE_ADMIN, u.getRoles().get(0)); + } + @Test public void testRandomUserSignup() { Users u = setUpUserTest("user_", Roles.ROLE_CLIENT); diff --git a/swagger.yaml b/swagger.yaml index 072fe08..4a0b37c 100644 --- a/swagger.yaml +++ b/swagger.yaml @@ -1,7 +1,7 @@ swagger: '2.0' info: description: 'This is a sample JWT authentication service. You can find out more about JWT at [https://jwt.io/](https://jwt.io/). For this sample, you can use the `admin` or `client` users (password: admin and client respectively) to test the authorization filters. Once you have successfully logged in and obtained the token, you should click on the right top button `Authorize` and introduce it with the prefix "Bearer ".' - version: 1.0.5 + version: 1.0.4 title: The authenticator for the Waterproofing Data (WPD) Work Packages contact: email: igsd@warwick.ac.uk @@ -435,6 +435,40 @@ paths: - Authorization: - global deprecated: false + /users/{id}: + get: + tags: + - users + summary: ${UserController.findById} + description: This is the user findById search method. + operationId: findByIdUsingGET + produces: + - '*/*' + parameters: + - name: id + in: query + description: user id + required: true + type: integer + format: int32 + allowEmptyValue: false + x-example: A positive numeric id. + responses: + '200': + description: OK + schema: + $ref: '#/definitions/UsersResponseDTO' + '403': + description: Access denied + '404': + description: The user doesn't exist + '500': + description: Expired or invalid JWT token + security: + - Authorization: + - global + - apiKey: [] + deprecated: false /users/{username}: get: tags: @@ -699,14 +733,16 @@ definitions: format: int32 example: i.e. true. description: whether user is active or not. - role: - type: string - example: i.e. 'ROLE_ADMIN' means system administrator, 'ROLE_INSTITUTION' means institution administrator, 'ROLE_CLIENT' means regular users - description: institution type of the user. - enum: - - '{@code ROLE_ADMIN' - - ROLE_INSTITUTION - - ROLE_CLIENT} + roles: + type: array + example: i.e. ['ROLE_ADMIN'] means system administrator, ['ROLE_INSTITUTION'] means institution administrator, ['ROLE_CLIENT'] means regular users + description: list of institution type of the user. + items: + type: string + enum: + - '{@code ROLE_ADMIN' + - ROLE_INSTITUTION + - ROLE_CLIENT} eduCemadenOrganization: description: which Educational Cemaden Organization the user belongs. $ref: '#/definitions/EduCemadenOrganizations'