From 378258b3c4ada8d2c776ea50e05afc48641de68a Mon Sep 17 00:00:00 2001 From: Julian van Dijk Date: Sun, 16 Feb 2020 14:34:22 +0100 Subject: [PATCH] Feature disable user birthdate change during event (#517) * add rfidlink check when updating profile and disable date editing when link is present * clean up test file by reordering new tests to bottom * add comments to changed method * add information message for the user * change jpa query to exist and use it through Service * change profile change event to return bad request during event * remove bad request method and place it in line * update test by testing for no profile changes * remove unused imports * fix indentation in UserRestIntegraton.java * add rfidRepo test * add RFID service test --- .../rfid/service/RFIDLinkRepository.java | 2 + .../extras/rfid/service/RFIDService.java | 2 + .../extras/rfid/service/RFIDServiceImpl.java | 5 +++ .../controller/UserProfileRestController.java | 41 ++++++++++++++----- .../integration/RFIDIntegrationTest.java | 17 ++++++++ .../integration/UserRestIntegrationTest.java | 34 +++++++++++++++ .../integration/XAuthIntegrationTest.java | 9 ++++ .../areafiftylan/unit/RFIDServiceTest.java | 16 ++++++++ 8 files changed, 116 insertions(+), 10 deletions(-) diff --git a/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDLinkRepository.java b/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDLinkRepository.java index 4662887d9..7a17354c1 100644 --- a/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDLinkRepository.java +++ b/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDLinkRepository.java @@ -28,4 +28,6 @@ public interface RFIDLinkRepository extends JpaRepository { Optional findByRfid(String rfid); Optional findByTicketId(Long ticketId); + + boolean existsRFIDLinkByTicket_Owner_Email(String email); } diff --git a/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDService.java b/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDService.java index 30859fa84..20bc09b23 100644 --- a/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDService.java +++ b/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDService.java @@ -37,4 +37,6 @@ public interface RFIDService { RFIDLink removeRFIDLink(Long ticketId); boolean isTicketLinked(Long ticketId); + + boolean isOwnerLinked(String email); } diff --git a/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDServiceImpl.java b/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDServiceImpl.java index aec70f4ab..9f1702996 100644 --- a/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDServiceImpl.java +++ b/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDServiceImpl.java @@ -100,6 +100,11 @@ public boolean isTicketLinked(Long ticketId) { return rfidLinkRepository.findByTicketId(ticketId).isPresent(); } + @Override + public boolean isOwnerLinked(String email) { + return rfidLinkRepository.existsRFIDLinkByTicket_Owner_Email(email); + } + private boolean isValidRfid(String rfid) { return rfid.length() == RFID_CHAR_COUNT; } diff --git a/src/main/java/ch/wisv/areafiftylan/users/controller/UserProfileRestController.java b/src/main/java/ch/wisv/areafiftylan/users/controller/UserProfileRestController.java index 63f42e886..61055019d 100644 --- a/src/main/java/ch/wisv/areafiftylan/users/controller/UserProfileRestController.java +++ b/src/main/java/ch/wisv/areafiftylan/users/controller/UserProfileRestController.java @@ -17,6 +17,7 @@ package ch.wisv.areafiftylan.users.controller; +import ch.wisv.areafiftylan.extras.rfid.service.RFIDService; import ch.wisv.areafiftylan.users.model.Profile; import ch.wisv.areafiftylan.users.model.ProfileDTO; import ch.wisv.areafiftylan.users.model.User; @@ -29,6 +30,8 @@ import org.springframework.validation.annotation.Validated; import org.springframework.web.bind.annotation.*; +import java.time.LocalDate; + import static ch.wisv.areafiftylan.utils.ResponseEntityBuilder.createResponseEntity; @RestController @@ -36,19 +39,20 @@ public class UserProfileRestController { private final UserService userService; + private final RFIDService rfidService; @Autowired - UserProfileRestController(UserService userService) { + UserProfileRestController(UserService userService, RFIDService rfidService) { this.userService = userService; + this.rfidService = rfidService; } /** - * Add a profile to a user. An empty profile is created when a user is created, so this method fills the existing - * fields + * Add a profile to a user. An empty profile is created when a user is created, so this method + * fills the existing fields * * @param userId The userId of the user to which the profile needs to be added * @param input A representation of the profile - * * @return The user with the new profile */ @PreAuthorize("@currentUserServiceImpl.canAccessUser(principal, #userId)") @@ -60,16 +64,34 @@ public ResponseEntity addProfile(@PathVariable Long userId, @Validated @Reque } /** - * Add a profile to the current user. An empty profile is created when a user is created, so this method fills the - * existing fields + * Add a profile to the current user. An empty profile is created when a user is created, so + * this method fills the existing fields. + *

+ * This method is also called when users change their profile. It is unwanted behaviour that + * users can change their birth date during the event. This is checked before writing the + * changes in the function * * @param input A representation of the profile - * * @return The user with the new profile */ @PreAuthorize("isAuthenticated()") @PostMapping("/current/profile") public ResponseEntity addProfile(@AuthenticationPrincipal User user, @Validated @RequestBody ProfileDTO input) { + // Check profile for existing rfidLinks + boolean isUserCheckedIn = rfidService.isOwnerLinked(user.getEmail()); + + if (!isUserCheckedIn) { + return this.addProfile(user.getId(), input); + } + + LocalDate currentBirthday = user.getProfile().getBirthday(); + boolean isDateChanged = currentBirthday != input.getBirthday(); + + // If rfidLinks are present and the date is changed then return an error + if (isDateChanged) { + return createResponseEntity(HttpStatus.BAD_REQUEST, "Unable to change date during event", user.getProfile()); + } + return this.addProfile(user.getId(), input); } @@ -78,7 +100,6 @@ public ResponseEntity addProfile(@AuthenticationPrincipal User user, @Validat * * @param userId The userId of the user to which the profile needs to be added * @param input A representation of the profile - * * @return The user with the changed profile */ @PreAuthorize("@currentUserServiceImpl.canAccessUser(principal, #userId)") @@ -90,10 +111,10 @@ public ResponseEntity changeProfile(@PathVariable Long userId, @Validated @Re } /** - * Resets the profile fields to null. The profile can't actually be deleted as it is a required field. + * Resets the profile fields to null. The profile can't actually be deleted as it is a required + * field. * * @param userId The userId of the user which needs the profile reset - * * @return Empty body with StatusCode OK. */ @PreAuthorize("hasRole('ADMIN')") diff --git a/src/test/java/ch/wisv/areafiftylan/integration/RFIDIntegrationTest.java b/src/test/java/ch/wisv/areafiftylan/integration/RFIDIntegrationTest.java index 0ec2a9bd4..3a4d4455a 100644 --- a/src/test/java/ch/wisv/areafiftylan/integration/RFIDIntegrationTest.java +++ b/src/test/java/ch/wisv/areafiftylan/integration/RFIDIntegrationTest.java @@ -438,4 +438,21 @@ public void testRemoveRFIDLinkInvalidRFIDAsAdmin() { .statusCode(HttpStatus.SC_NOT_FOUND); //@formatter:on } + + @Test + public void testOwnerExistForRFIDLinkAsUser() { + User user = createUser(); + Ticket ticket = createTicketForUser(user); + createRfidLink(ticket); + + Assert.assertTrue(rfidLinkRepository.existsRFIDLinkByTicket_Owner_Email(user.getEmail())); + } + + @Test + public void testOwnerDoesNotExistForRFIDLinkAsUser() { + User user = createUser(); + createTicketForUser(user); + + Assert.assertFalse(rfidLinkRepository.existsRFIDLinkByTicket_Owner_Email(user.getEmail())); + } } diff --git a/src/test/java/ch/wisv/areafiftylan/integration/UserRestIntegrationTest.java b/src/test/java/ch/wisv/areafiftylan/integration/UserRestIntegrationTest.java index 800c2cf8f..5bc71010a 100644 --- a/src/test/java/ch/wisv/areafiftylan/integration/UserRestIntegrationTest.java +++ b/src/test/java/ch/wisv/areafiftylan/integration/UserRestIntegrationTest.java @@ -17,6 +17,7 @@ package ch.wisv.areafiftylan.integration; +import ch.wisv.areafiftylan.products.model.Ticket; import ch.wisv.areafiftylan.security.token.repository.VerificationTokenRepository; import ch.wisv.areafiftylan.users.model.Role; import ch.wisv.areafiftylan.users.model.RoleDTO; @@ -928,4 +929,37 @@ public void testDeleteNullRole() { then().statusCode(HttpStatus.SC_BAD_REQUEST); //@formatter:on } + + @Test + public void createProfileAsCurrentUserAndChangeDate() { + User user = createUser(); + Ticket ticket = createTicketForUser(user); + createRFIDLink("", ticket); + user.resetProfile(); + user = userRepository.save(user); + + Map profileDTO = getProfileDTO(); + profileDTO.put("displayName", "TestdisplayName" + user.getId()); + + //@formatter:off + given(). + header(getXAuthTokenHeaderForUser(user)). + when(). + body(profileDTO). + contentType(ContentType.JSON). + post("/users/current/profile"). + then(). + statusCode(HttpStatus.SC_BAD_REQUEST). + body("object.birthday", not(equalTo("2000-01-02"))). + body("object.gender", equalTo(null)). + body("object.address", equalTo(null)). + body("object.zipcode", equalTo(null)). + body("object.city", equalTo(null)). + body("object.phoneNumber", equalTo(null)). + body("object.notes", equalTo(null)). + body("object.firstName", equalTo(null)). + body("object.lastName", equalTo(null)). + body("object.displayName", equalTo(null)); + //@formatter:on + } } diff --git a/src/test/java/ch/wisv/areafiftylan/integration/XAuthIntegrationTest.java b/src/test/java/ch/wisv/areafiftylan/integration/XAuthIntegrationTest.java index 05f370431..38d649f20 100644 --- a/src/test/java/ch/wisv/areafiftylan/integration/XAuthIntegrationTest.java +++ b/src/test/java/ch/wisv/areafiftylan/integration/XAuthIntegrationTest.java @@ -19,6 +19,8 @@ import ch.wisv.areafiftylan.ApplicationTest; import ch.wisv.areafiftylan.exception.TicketOptionNotFoundException; +import ch.wisv.areafiftylan.extras.rfid.model.RFIDLink; +import ch.wisv.areafiftylan.extras.rfid.service.RFIDLinkRepository; import ch.wisv.areafiftylan.products.model.Ticket; import ch.wisv.areafiftylan.products.model.TicketOption; import ch.wisv.areafiftylan.products.model.TicketType; @@ -78,6 +80,8 @@ public abstract class XAuthIntegrationTest { private TicketRepository ticketRepository; @Autowired private TeamRepository teamRepository; + @Autowired + private RFIDLinkRepository rfidLinkRepository; protected final String CH_MEMBER = "chMember"; protected final String PICKUP_SERVICE = "pickupService"; @@ -126,6 +130,11 @@ protected Ticket createTicket(User user, List options) { return ticketRepository.save(ticket); } + protected RFIDLink createRFIDLink(String rfidString, Ticket ticket){ + RFIDLink rfidLink = new RFIDLink(rfidString, ticket); + return rfidLinkRepository.save(rfidLink); + } + protected Ticket createTicketForUser(User user) { return createTicket(user, Collections.emptyList()); } diff --git a/src/test/java/ch/wisv/areafiftylan/unit/RFIDServiceTest.java b/src/test/java/ch/wisv/areafiftylan/unit/RFIDServiceTest.java index 301cb1fcb..822da86d7 100644 --- a/src/test/java/ch/wisv/areafiftylan/unit/RFIDServiceTest.java +++ b/src/test/java/ch/wisv/areafiftylan/unit/RFIDServiceTest.java @@ -171,4 +171,20 @@ public void isTicketLinkedNotLinkedTest() throws Exception { Ticket ticket = persistTicketForUser(user); assertFalse(rfidService.isTicketLinked(ticket.getId())); } + + @Test + public void isOwnerLinkedTest() throws Exception { + User user = persistUser(); + Ticket ticket = persistTicketForUser(user); + String rfid = "0000000001"; + rfidService.addRFIDLink(rfid, ticket.getId()); + assertTrue(rfidService.isOwnerLinked(user.getEmail())); + } + + @Test + public void isOwnerLinkedNotLinkedTest() throws Exception { + User user = persistUser(); + persistTicketForUser(user); + assertFalse(rfidService.isOwnerLinked(user.getEmail())); + } } \ No newline at end of file