diff options
| author | sowgro <tpoke.ferrari@gmail.com> | 2025-03-17 16:08:11 -0400 |
|---|---|---|
| committer | sowgro <tpoke.ferrari@gmail.com> | 2025-03-17 16:08:11 -0400 |
| commit | 251f30c402700169213ed4560a7797a785a50e78 (patch) | |
| tree | cbc658e4de18d7f6b2c6957a352fb4bfb871c7a6 /ufund-api | |
| parent | 4d9fe6c96f487d75a03e3a680cc80fa3f2ad5e4f (diff) | |
| download | JellySolutions-251f30c402700169213ed4560a7797a785a50e78.tar.gz JellySolutions-251f30c402700169213ed4560a7797a785a50e78.tar.bz2 JellySolutions-251f30c402700169213ed4560a7797a785a50e78.zip | |
Refactoring
Diffstat (limited to 'ufund-api')
6 files changed, 42 insertions, 36 deletions
diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/model/User.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/model/User.java index 1e182a6..61293b9 100644 --- a/ufund-api/src/main/java/com/ufund/api/ufundapi/model/User.java +++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/model/User.java @@ -7,40 +7,35 @@ import com.fasterxml.jackson.annotation.JsonProperty; public class User { - @JsonProperty("username") - private final String username; - @JsonProperty("passwordHash") - private int passwordHash; - @JsonProperty("basket") - private final List<Need> basket; - - /** - * Create a new user - * - * @param username The name of the user - */ - public User(String username) { - this.username = username; - basket = new ArrayList<>(); + public enum UserType { + HELPER, + MANAGER } + @JsonProperty("username") private final String username; + @JsonProperty("passwordHash") private int passwordHash; + @JsonProperty("basket") private final List<Need> basket; + @JsonProperty("type") private final UserType type; + /** * Create a new user * * @param username The name of the user * @param basket A basket to copy from */ - public User(@JsonProperty("username") String username, @JsonProperty("passwordHash") int passwordHash, @JsonProperty("basket") List<Need> basket) { + public User(@JsonProperty("username") String username, @JsonProperty("passwordHash") int passwordHash, @JsonProperty("basket") List<Need> basket, @JsonProperty("type") UserType userType) { this.username = username; this.basket = basket; this.passwordHash = passwordHash; + this.type = userType; } public static User create(String username, String password) { return new User( username, password.hashCode(), - new ArrayList<>() + new ArrayList<>(), + UserType.HELPER ); } @@ -65,7 +60,11 @@ public class User { } public User withoutPasswordHash() { - return new User(this.username, 0, this.basket); + return new User(this.username, 0, this.basket, this.type); + } + + public UserType getType() { + return type; } } diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/persistence/CupboardFileDAO.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/persistence/CupboardFileDAO.java index c4aaca3..521acae 100644 --- a/ufund-api/src/main/java/com/ufund/api/ufundapi/persistence/CupboardFileDAO.java +++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/persistence/CupboardFileDAO.java @@ -22,7 +22,7 @@ public class CupboardFileDAO implements CupboardDAO { this.filename = filename; this.objectMapper = objectMapper; needs = new TreeMap<>(); - load(); // load the heroes from the file + load(); } private synchronized static int nextId() { diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java index 591d891..5a1a492 100644 --- a/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java +++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/service/AuthService.java @@ -1,5 +1,6 @@ package com.ufund.api.ufundapi.service; +import com.ufund.api.ufundapi.model.User; import com.ufund.api.ufundapi.model.UserAuth; import com.ufund.api.ufundapi.persistence.UserAuthDAO; import org.springframework.stereotype.Component; @@ -20,13 +21,19 @@ public class AuthService { /** * Check if the provided key has access to the provided user. * - * @param username The username of the user trying to be accessed. + * @param targetUsername The targetUsername of the user trying to be accessed. * @param key The api key obtained by the client from logging in. * @throws IllegalAccessException Thrown if access was denied to the user. */ - public void authenticate(String username, String key) throws IllegalAccessException, IOException { + public void authenticate(String targetUsername, String key) throws IllegalAccessException, IOException { var userAuth = userAuthDAO.getUserAuth(key); - if (userAuth == null || !userAuth.getUsername().equals(username)) { + if (userAuth == null) { + throw new IllegalAccessException("Unauthenticated"); + } + + var username = userAuth.getUsername(); + var userType = userService.getUser(username).getType(); + if (!username.equals(targetUsername) && userType != User.UserType.MANAGER) { throw new IllegalAccessException("Unauthorized"); } } diff --git a/ufund-api/src/test/java/com/ufund/api/ufundapi/controller/UserControllerTest.java b/ufund-api/src/test/java/com/ufund/api/ufundapi/controller/UserControllerTest.java index efe639e..3f110cb 100644 --- a/ufund-api/src/test/java/com/ufund/api/ufundapi/controller/UserControllerTest.java +++ b/ufund-api/src/test/java/com/ufund/api/ufundapi/controller/UserControllerTest.java @@ -37,8 +37,8 @@ public class UserControllerTest { public void testGetUser() throws IOException { // getUser may throw IOException // Setup String username = "Test"; - User user = new User(username); - String key = UserAuth.generate(username).getKey(); + User user = User.create(username, "pass"); + String key = UserAuth.generate(username).getKey( ); // When the same id is passed in, our mock User DAO will return the User object when(mockUserService.getUser(username)).thenReturn(user); @@ -89,7 +89,7 @@ public class UserControllerTest { // Setup String username = "Test"; String password = "Pass"; - User user = new User(username); + User user = User.create(username, "pass"); // when createUser is called, return true simulating successful // creation and save when(mockUserService.createUser(username, password)).thenReturn(user); @@ -153,7 +153,7 @@ public class UserControllerTest { public void testUpdateUser() throws IOException { // updateUser may throw IOException // Setup String username = "Test"; - User user = new User("Bob"); + User user = User.create("Bob", "pass"); String key = UserAuth.generate(username).getKey(); // when updateUser is called, return true simulating successful // update and save @@ -171,7 +171,7 @@ public class UserControllerTest { public void testUpdateUserFailed() throws IOException { // updateUser may throw IOException // Setup String username = "Test"; - User user = new User("Bob"); + User user = User.create("Bob", "pass"); String key = UserAuth.generate(username).getKey(); // when updateUser is called, return true simulating successful // update and save @@ -188,7 +188,7 @@ public class UserControllerTest { public void testUpdateUserHandleException() throws IOException { // updateUser may throw IOException // Setup String username = "Test"; - User user = new User("Bob"); + User user = User.create("Bob", "pass"); String key = UserAuth.generate(username).getKey(); // When updateUser is called on the Mock User DAO, throw an IOException doThrow(new IOException()).when(mockUserService).updateUser(user, username); diff --git a/ufund-api/src/test/java/com/ufund/api/ufundapi/model/UserTest.java b/ufund-api/src/test/java/com/ufund/api/ufundapi/model/UserTest.java index 1725190..5e017dd 100644 --- a/ufund-api/src/test/java/com/ufund/api/ufundapi/model/UserTest.java +++ b/ufund-api/src/test/java/com/ufund/api/ufundapi/model/UserTest.java @@ -13,7 +13,7 @@ public class UserTest { String name = "Bob"; - User user = new User(name); + User user = User.create(name, "pass"); assertNotNull(user); @@ -36,7 +36,7 @@ public class UserTest { String expectedName = "Bob"; - User user = new User(expectedName); + User user = User.create(expectedName, "pass"); Need need = new Need("Test", 0, 100, Need.GoalType.MONETARY); Need[] needs = { need }; @@ -51,7 +51,7 @@ public class UserTest { String expectedName = "Bob"; - User user = new User(expectedName); + User user = User.create(expectedName, "pass"); Need need = new Need("Test", 0, 100, Need.GoalType.MONETARY); Need need2 = new Need("Test2", 0, 100, Need.GoalType.MONETARY); @@ -68,7 +68,7 @@ public class UserTest { String expectedName = "Bob"; - User user = new User(expectedName); + User user = User.create(expectedName, "pass"); assertFalse(user.verifyPassword(expectedName)); diff --git a/ufund-api/src/test/java/com/ufund/api/ufundapi/persistence/UserFileDAOTest.java b/ufund-api/src/test/java/com/ufund/api/ufundapi/persistence/UserFileDAOTest.java index b802669..9361188 100644 --- a/ufund-api/src/test/java/com/ufund/api/ufundapi/persistence/UserFileDAOTest.java +++ b/ufund-api/src/test/java/com/ufund/api/ufundapi/persistence/UserFileDAOTest.java @@ -27,9 +27,9 @@ public class UserFileDAOTest { public void setupHeroFileDAO() throws IOException { mockObjectMapper = mock(ObjectMapper.class); testUsers = new User[3]; - testUsers[0] = new User("bob"); - testUsers[1] = new User("admin"); - testUsers[2] = new User("jelly12"); + testUsers[0] = User.create("bob", "pass"); + testUsers[1] = User.create("admin", "pass"); + testUsers[2] = User.create("jelly12", "pass"); // When the object mapper is supposed to read from the file // the mock object mapper will return the hero array above @@ -75,7 +75,7 @@ public class UserFileDAOTest { @Test public void createUserTest() throws IOException { - User newUser = new User("keshey"); + User newUser = User.create("keshey", "pass"); userFileDAO.addUser(newUser); User actualUser = userFileDAO.getUser("keshey"); |