aboutsummaryrefslogtreecommitdiff
path: root/ufund-api/src/main/java/com
diff options
context:
space:
mode:
authorGunther6070 <haydenhartman10@yahoo.com>2025-03-17 16:12:56 -0400
committerGunther6070 <haydenhartman10@yahoo.com>2025-03-17 16:12:56 -0400
commitebccd8c4bddc9799e91a3149040efb4cac647c45 (patch)
tree0ea4dbb616005cc833b7e877bc56eaed412f163d /ufund-api/src/main/java/com
parent60dd2db634de6146671be9546fb3e4bdf6d9b7d9 (diff)
parent251f30c402700169213ed4560a7797a785a50e78 (diff)
downloadJellySolutions-ebccd8c4bddc9799e91a3149040efb4cac647c45.tar.gz
JellySolutions-ebccd8c4bddc9799e91a3149040efb4cac647c45.tar.bz2
JellySolutions-ebccd8c4bddc9799e91a3149040efb4cac647c45.zip
Merge branch 'service-tests' of https://github.com/RIT-SWEN-261-02/team-project-2245-swen-261-02-2b into service-tests
Diffstat (limited to 'ufund-api/src/main/java/com')
-rw-r--r--ufund-api/src/main/java/com/ufund/api/ufundapi/model/User.java35
-rw-r--r--ufund-api/src/main/java/com/ufund/api/ufundapi/persistence/CupboardFileDAO.java2
-rw-r--r--ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java13
3 files changed, 28 insertions, 22 deletions
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/model/User.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/model/User.java
index 1e182a6..61293b9 100644
--- a/ufund-api/src/main/java/com/ufund/api/ufundapi/model/User.java
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/model/User.java
@@ -7,40 +7,35 @@ import com.fasterxml.jackson.annotation.JsonProperty;
public class User {
- @JsonProperty("username")
- private final String username;
- @JsonProperty("passwordHash")
- private int passwordHash;
- @JsonProperty("basket")
- private final List<Need> basket;
-
- /**
- * Create a new user
- *
- * @param username The name of the user
- */
- public User(String username) {
- this.username = username;
- basket = new ArrayList<>();
+ public enum UserType {
+ HELPER,
+ MANAGER
}
+ @JsonProperty("username") private final String username;
+ @JsonProperty("passwordHash") private int passwordHash;
+ @JsonProperty("basket") private final List<Need> basket;
+ @JsonProperty("type") private final UserType type;
+
/**
* Create a new user
*
* @param username The name of the user
* @param basket A basket to copy from
*/
- public User(@JsonProperty("username") String username, @JsonProperty("passwordHash") int passwordHash, @JsonProperty("basket") List<Need> basket) {
+ public User(@JsonProperty("username") String username, @JsonProperty("passwordHash") int passwordHash, @JsonProperty("basket") List<Need> basket, @JsonProperty("type") UserType userType) {
this.username = username;
this.basket = basket;
this.passwordHash = passwordHash;
+ this.type = userType;
}
public static User create(String username, String password) {
return new User(
username,
password.hashCode(),
- new ArrayList<>()
+ new ArrayList<>(),
+ UserType.HELPER
);
}
@@ -65,7 +60,11 @@ public class User {
}
public User withoutPasswordHash() {
- return new User(this.username, 0, this.basket);
+ return new User(this.username, 0, this.basket, this.type);
+ }
+
+ public UserType getType() {
+ return type;
}
}
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/persistence/CupboardFileDAO.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/persistence/CupboardFileDAO.java
index c4aaca3..521acae 100644
--- a/ufund-api/src/main/java/com/ufund/api/ufundapi/persistence/CupboardFileDAO.java
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/persistence/CupboardFileDAO.java
@@ -22,7 +22,7 @@ public class CupboardFileDAO implements CupboardDAO {
this.filename = filename;
this.objectMapper = objectMapper;
needs = new TreeMap<>();
- load(); // load the heroes from the file
+ load();
}
private synchronized static int nextId() {
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
index 591d891..5a1a492 100644
--- a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java
@@ -1,5 +1,6 @@
package com.ufund.api.ufundapi.service;
+import com.ufund.api.ufundapi.model.User;
import com.ufund.api.ufundapi.model.UserAuth;
import com.ufund.api.ufundapi.persistence.UserAuthDAO;
import org.springframework.stereotype.Component;
@@ -20,13 +21,19 @@ public class AuthService {
/**
* Check if the provided key has access to the provided user.
*
- * @param username The username of the user trying to be accessed.
+ * @param targetUsername The targetUsername of the user trying to be accessed.
* @param key The api key obtained by the client from logging in.
* @throws IllegalAccessException Thrown if access was denied to the user.
*/
- public void authenticate(String username, String key) throws IllegalAccessException, IOException {
+ public void authenticate(String targetUsername, String key) throws IllegalAccessException, IOException {
var userAuth = userAuthDAO.getUserAuth(key);
- if (userAuth == null || !userAuth.getUsername().equals(username)) {
+ if (userAuth == null) {
+ throw new IllegalAccessException("Unauthenticated");
+ }
+
+ var username = userAuth.getUsername();
+ var userType = userService.getUser(username).getType();
+ if (!username.equals(targetUsername) && userType != User.UserType.MANAGER) {
throw new IllegalAccessException("Unauthorized");
}
}
generated by cgit v1.2.3 (git 2.25.1) at 2025-06-17 15:59:35 +0000