Merge pull request #17 from RIT-SWEN-261-02/api-cleanup

Merge api-cleanup into main

3 files changed, 75 insertions, 17 deletions

diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
index 87a16a6..cdce80d 100644
--- a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
@@ -1,11 +1,12 @@
 package com.ufund.api.ufundapi.service;
 
+import java.io.IOException;
+
+import org.springframework.stereotype.Component;
+
 import com.ufund.api.ufundapi.model.User;
 import com.ufund.api.ufundapi.model.UserAuth;
 import com.ufund.api.ufundapi.persistence.UserAuthDAO;
-import org.springframework.stereotype.Component;
-
-import java.io.IOException;
 
 @Component
 public class AuthService {
@@ -24,18 +25,51 @@ public class AuthService {
      * @param targetUsername The targetUsername of the user trying to be accessed.
      * @param key The api key obtained by the client from logging in.
      * @throws IllegalAccessException Thrown if access was denied to the user.
+     * @throws IOException Thrown on a file writing issue
+     */
+    public void keyHasAccessToUser(String targetUsername, String key) throws IllegalAccessException, IOException {
+        var userAuth = userAuthDAO.getUserAuth(key);
+        if (userAuth == null) {
+            throw new IllegalAccessException("Invalid authentication key");
+        }
+
+       var username = userAuth.getUsername();
+       var userType = userService.getUser(username).getType();
+       if (!username.equals(targetUsername) && userType != User.UserType.MANAGER) {
+           throw new IllegalAccessException("Provided key does not grant access to perform the requested operation");
+       }
+    }
+
+    /**
+     * Check if the provided key is valid
+     * @param key The api key obtained by the client from logging in.
+     * @throws IllegalAccessException Thrown if access was denied to the user.
+     * @throws IOException Thrown on a file writing issue
+     */
+    public void keyIsValid(String key) throws IOException, IllegalAccessException {
+        var userAuth = userAuthDAO.getUserAuth(key);
+        if (userAuth == null) {
+            throw new IllegalAccessException("Invalid authentication key");
+        }
+    }
+
+    /**
+     * Check if the provided key has access to edit the cupboard
+     * @param key The api key obtained by the client from logging in.
+     * @throws IllegalAccessException Thrown if access was denied to the user.
+     * @throws IOException Thrown on a file writing issue
      */
-    public void authenticate(String targetUsername, String key) throws IllegalAccessException, IOException {
+    public void keyHasAccessToCupboard(String key) throws IOException, IllegalAccessException {
         var userAuth = userAuthDAO.getUserAuth(key);
         if (userAuth == null) {
-            throw new IllegalAccessException("Unauthenticated");
+            throw new IllegalAccessException("Invalid authentication key");
+        }
+
+        var username = userAuth.getUsername();
+        var userType = userService.getUser(username).getType();
+        if (userType != User.UserType.MANAGER) {
+            throw new IllegalAccessException("Provided key does not grant access to perform the requested operation");
         }
-//
-//        var username = userAuth.getUsername();
-//        var userType = userService.getUser(username).getType();
-//        if (!username.equals(targetUsername) && userType != User.UserType.MANAGER) {
-//            throw new IllegalAccessException("Unauthorized");
-//        }
     }
 
     /**
@@ -50,7 +84,7 @@ public class AuthService {
     public String login(String username, String password) throws IllegalAccessException, IOException {
         var usr = userService.getUser(username);
         if (usr == null || !usr.verifyPassword(password)) {
-            throw new IllegalAccessException("Unauthorized");
+            throw new IllegalAccessException("Incorrect username or password");
         }
         var userAuth = UserAuth.generate(username);
         userAuthDAO.addUserAuth(userAuth);
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/CupboardService.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/CupboardService.java
index 2398745..aaa8cb8 100644
--- a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/CupboardService.java
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/CupboardService.java
@@ -3,6 +3,7 @@ package com.ufund.api.ufundapi.service;
 import java.io.IOException;
 import java.util.Arrays;
 
+import org.springframework.context.annotation.Lazy;
 import org.springframework.stereotype.Component;
 
 import com.ufund.api.ufundapi.DuplicateKeyException;
@@ -13,8 +14,10 @@ import com.ufund.api.ufundapi.persistence.CupboardDAO;
 public class CupboardService {
 
     private final CupboardDAO cupboardDAO;
+    final AuthService authService;
 
-    public CupboardService(CupboardDAO cupboardDAO) {
+    public CupboardService(@Lazy AuthService authService, CupboardDAO cupboardDAO) {
+        this.authService = authService;
         this.cupboardDAO = cupboardDAO;
     }
 
@@ -97,6 +100,23 @@ public class CupboardService {
     }
 
     /**
+     * Checks out a need with the desired amount
+     * 
+     * @param id The ID of the need to update
+     * @param checkoutAmount The amount to update the need by
+     * @throws IOException If there is an error reading the file
+     * @throws IllegalAccessException If the user has insufficient permission
+    */
+    public void checkoutNeed(int id, double checkoutAmount, String key) throws IOException, IllegalAccessException {
+        if (checkoutAmount <= 0) {
+            throw new IllegalArgumentException("Amount must be greater than 0");
+        }
+        authService.keyIsValid(key);
+        Need need = cupboardDAO.getNeed(id);
+        need.incrementCurrent(checkoutAmount);
+    }
+
+    /**
      * Delete a need from the cupboard
      *
      * @param id the ID of the need
@@ -104,6 +124,7 @@ public class CupboardService {
      * @throws IOException Thrown on any problem removing the need
      */
     public boolean deleteNeed(int id) throws IOException {
+        
         return cupboardDAO.deleteNeed(id);
     }
 }
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/UserService.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/UserService.java
index caf9f4c..6e27f50 100644
--- a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/UserService.java
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/UserService.java
@@ -12,7 +12,7 @@ import com.ufund.api.ufundapi.persistence.UserDAO;
 public class UserService {
 
     private final UserDAO userDAO;
-    private final CupboardService cupboardService;
+    final CupboardService cupboardService;
 
     public UserService(UserDAO userDao, CupboardService cupboardService) {
         this.userDAO = userDao;
@@ -44,7 +44,10 @@ public class UserService {
      */
     public User getUser(String username) throws IOException {
         User user = userDAO.getUser(username);
-        for (int needId : user.getNeeds()) {
+        if (user == null) {
+            return null;
+        }
+        for (int needId : user.getBasket()) {
             if (cupboardService.getNeed(needId) == null) {
                 user.removeBasketNeed(needId);
             }
@@ -55,7 +58,7 @@ public class UserService {
     /**
      * Updates a user
      *
-     * @param user The ID of the user to update
+     * @param user     The ID of the user to update
      * @param username The user object to set (note: the ID is ignored)
      * @return The updated user object
      * @throws IOException Thrown if there was any issue saving the data
@@ -77,5 +80,5 @@ public class UserService {
     public boolean deleteUser(String username) throws IOException {
         return userDAO.deleteUser(username);
     }
-    
+
 }