1 files changed, 78 insertions, 23 deletions

diff --git a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/CupboardController.java b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/CupboardController.java
index f79e445..c62bff3 100644
--- a/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/CupboardController.java
+++ b/ufund-api/src/main/java/com/ufund/api/ufundapi/controller/CupboardController.java
@@ -5,6 +5,7 @@ import java.util.Map;
 import java.util.logging.Level;
 import java.util.logging.Logger;
 
+import com.ufund.api.ufundapi.service.AuthService;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.DeleteMapping;
@@ -13,6 +14,7 @@ import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
+import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 import org.springframework.web.bind.annotation.RestController;
@@ -27,14 +29,16 @@ import com.ufund.api.ufundapi.service.CupboardService;
 public class CupboardController {
     private static final Logger LOG = Logger.getLogger(CupboardController.class.getName());
     private final CupboardService cupboardService;
+    private final AuthService authService;
 
     /**
      * Create a cupboard controller to receive REST signals
      *
      * @param cupboardService The Data Access Object
      */
-    public CupboardController(CupboardService cupboardService) {
+    public CupboardController(CupboardService cupboardService, AuthService authService) {
         this.cupboardService = cupboardService;
+        this.authService = authService;
     }
 
     /**
@@ -47,8 +51,9 @@ public class CupboardController {
      *         INTERNAL_SERVER_ERROR otherwise
      */
     @PostMapping("")
-    public ResponseEntity<Need> createNeed(@RequestBody Map<String, Object> params) {
-        System.out.println(params);
+    public ResponseEntity<Need> createNeed(@RequestBody Map<String, Object> params, @RequestHeader("jelly-api-key") String key) {
+        LOG.log(Level.INFO, "POST /cupboard body={0}", params);
+
         String name = (String) params.get("name");
         String location = (String) params.get("location");
         double maxGoal = ((Number) params.get("maxGoal")).doubleValue();
@@ -56,13 +61,20 @@ public class CupboardController {
         Need.GoalType goalType = GoalType.valueOf((String) params.get("type"));
 
         try {
+            authService.keyHasAccessToCupboard(key);
             Need need = cupboardService.createNeed(name, location, maxGoal, goalType, urgent);
             return new ResponseEntity<>(need, HttpStatus.OK);
         } catch (DuplicateKeyException ex) {
+            LOG.log(Level.WARNING, ex.getLocalizedMessage());
             return new ResponseEntity<>(HttpStatus.CONFLICT);
         } catch (IllegalArgumentException ex) {
+            LOG.log(Level.WARNING, ex.getLocalizedMessage());
             return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        } catch (IllegalAccessException ex) {
+            LOG.log(Level.WARNING, ex.getLocalizedMessage());
+            return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
         } catch (IOException ex) {
+            LOG.log(Level.SEVERE, ex.getLocalizedMessage());
             return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
         }
     }
@@ -77,7 +89,7 @@ public class CupboardController {
      */
     @GetMapping("")
     public ResponseEntity<Need[]> getNeeds() {
-        LOG.info("GET /needs");
+        LOG.info("GET /cupboard");
 
         try {
             Need[] needs = cupboardService.getNeeds();
@@ -89,19 +101,21 @@ public class CupboardController {
     }
 
      /**
-     * Responds to the GET request for all {@linkplain Need need} whose name contains
-     * the text in name
-     * 
-     * @param name The name parameter which contains the text used to find the {@link Need need}
-     * 
-     * @return ResponseEntity with array of {@link Need need} objects (may be empty) and
-     * HTTP status of OK<br>
-     * ResponseEntity with HTTP status of INTERNAL_SERVER_ERROR otherwise
-     * <p>
-     */
+      * Responds to the GET request for all {@linkplain Need need} whose name contains
+      * the text in name
+      *
+      * @param name The name parameter which contains the text used to find the {@link Need need}
+      *
+      * @deprecated Searching should now be done client side in the future
+      *
+      * @return ResponseEntity with array of {@link Need need} objects (may be empty) and
+      * HTTP status of OK<br>
+      * ResponseEntity with HTTP status of INTERNAL_SERVER_ERROR otherwise
+      * <p>
+      */
     @GetMapping("/")
     public ResponseEntity<Need[]> searchNeeds(@RequestParam String name) {
-        LOG.info("GET /need/?name="+name);
+        LOG.info("GET /cupboard/?name="+name);
 
         try {
             Need[] needs = cupboardService.searchNeeds(name);
@@ -122,7 +136,7 @@ public class CupboardController {
      */
     @GetMapping("/{id}")
     public ResponseEntity<Need> getNeed(@PathVariable int id) {
-        LOG.log(Level.INFO, "GET /need/{0}", id);
+        LOG.log(Level.INFO, "GET /cupboard/{0}", id);
 
         try {
             Need need = cupboardService.getNeed(id);
@@ -145,9 +159,10 @@ public class CupboardController {
      * @return OK response and the need if it was successful, or INTERNAL_SERVER_ERROR if there was an issue
      */
     @PutMapping("/{id}")
-    public ResponseEntity<Need> updateNeed(@RequestBody Need need, @PathVariable int id) {
-        LOG.log(Level.INFO, "Updating need: " + need);
+    public ResponseEntity<Need> updateNeed(@RequestBody Need need, @PathVariable int id, @RequestHeader("jelly-api-key") String key) {
+        LOG.log(Level.INFO, "PUT /cupboard/{0} body={1}", of(id, need));
         try {
+            authService.keyHasAccessToCupboard(key);
             Need updatedNeed = cupboardService.updateNeed(need, id);
             if (updatedNeed != null) {
                 return new ResponseEntity<>(need, HttpStatus.OK);
@@ -155,10 +170,40 @@ public class CupboardController {
                 return new ResponseEntity<>(HttpStatus.NOT_FOUND);
             }
         } catch (IllegalArgumentException ex) {
-            ex.printStackTrace();
+            LOG.log(Level.WARNING, ex.getLocalizedMessage());
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        } catch (IllegalAccessException ex) {
+            LOG.log(Level.WARNING, ex.getLocalizedMessage());
+            return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
+        } catch (IOException ex) {
+            LOG.log(Level.SEVERE, ex.getLocalizedMessage());
+            return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
+        }
+    }
+
+    /**
+     * Checks out a need by checkoutAmount
+     *
+     * @param data JSON object with parameters needID and amount
+     * @param key  Key used to authenticate user
+     * @return OK if successful, other statuses if failure
+     */
+    @PutMapping("/checkout")
+    public ResponseEntity<Object> checkoutNeeds(@RequestBody Map<String, Integer> data, @RequestHeader("jelly-api-key") String key) {
+        int needID = data.get("needID");
+        int checkoutAmount = data.get("amount");
+        LOG.log(Level.INFO, "PUT /need/checkout body={0}", data);
+        try {
+            cupboardService.checkoutNeed(needID, checkoutAmount, key);
+            return new ResponseEntity<>(HttpStatus.OK);
+        } catch (IllegalArgumentException ex) {
+            LOG.log(Level.WARNING, ex.getLocalizedMessage());
             return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+        } catch (IllegalAccessException ex) {
+            LOG.log(Level.WARNING, ex.getLocalizedMessage());
+            return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
         } catch (IOException ex) {
-            ex.printStackTrace();
+            LOG.log(Level.SEVERE, ex.getLocalizedMessage());
             return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
         }
     }
@@ -170,17 +215,27 @@ public class CupboardController {
      * @return OK if the need was deleted, NOT_FOUND if the need was not found, or INTERNAL_SERVER_ERROR if an error occurred
     */
     @DeleteMapping("/{id}")
-    public ResponseEntity<Need> deleteNeed(@PathVariable int id) {
+    public ResponseEntity<Need> deleteNeed(@PathVariable int id, @RequestHeader("jelly-api-key") String key) {
+        LOG.log(Level.INFO, "DELETE /cupboard/{0}", id);
         try {
+            authService.keyHasAccessToCupboard(key);
             Need need = cupboardService.getNeed(id);
             if (cupboardService.deleteNeed(id)) {
                 return new ResponseEntity<>(need, HttpStatus.OK);
             } else {
                 return new ResponseEntity<>(HttpStatus.NOT_FOUND);
-            } 
-        } catch (IOException e) {
+            }
+        } catch (IllegalAccessException ex) {
+            LOG.log(Level.WARNING, ex.getLocalizedMessage());
+            return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
+        } catch (IOException ex) {
+            LOG.log(Level.SEVERE, ex.getLocalizedMessage());
             return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
         }
     }
 
+    private Object[] of(Object ...params) {
+        return params;
+    }
+
 }