Merge pull request #577 from bounswe/feature/BE-395-admin-api

Improved/Added admin functionalities.
bounswe · Dec 19, 2023 · 1d98569 · 1d98569
2 parents 011ac07 + 849e773
commit 1d98569
Show file tree

Hide file tree

Showing 5 changed files with 78 additions and 0 deletions.
diff --git a/resq/backend/resq/src/main/java/com/groupa1/resq/controller/NotificationController.java b/resq/backend/resq/src/main/java/com/groupa1/resq/controller/NotificationController.java
@@ -1,8 +1,12 @@
 package com.groupa1.resq.controller;
 
+import com.groupa1.resq.entity.Need;
+import com.groupa1.resq.entity.Notification;
+import com.groupa1.resq.entity.enums.ENotificationEntityType;
 import com.groupa1.resq.converter.NotificationConverter;
 import com.groupa1.resq.dto.NotificationDto;
 import com.groupa1.resq.service.NotificationService;
+import com.groupa1.resq.util.NotificationMessages;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.access.prepost.PreAuthorize;
@@ -35,4 +39,15 @@ public NotificationDto viewNotificationById(@RequestParam Long notificationId, @
         log.info("Viewing notification with id: {}, user id: {}", notificationId, userId);
         return notificationConverter.convertToDto(notificationService.viewNotificationById(userId, notificationId));
     }
+
+    @PostMapping("/sendNotification")
+    @PreAuthorize("hasRole('ADMIN')")
+    public void sendSystemNotification(@RequestParam String title, @RequestParam Long userId,
+                                       @RequestParam Long relatedEntityId, @RequestParam ENotificationEntityType notificationType) {
+        String body = String.format(NotificationMessages.SYSTEM_MESSAGE, userId, relatedEntityId);
+        log.info("Sending notification with title: {}, body: {}, user id: {}, related entity id: {}, notification type: {}"
+                , title, body, userId, relatedEntityId, notificationType);
+        notificationService.sendNotification(title, body, userId, relatedEntityId, notificationType);
+    }
+
 }
diff --git a/resq/backend/resq/src/main/java/com/groupa1/resq/controller/UserController.java b/resq/backend/resq/src/main/java/com/groupa1/resq/controller/UserController.java
@@ -33,6 +33,22 @@ public String requestRole(@RequestParam Long userId, @RequestParam String role)
         return "Role successfully inserted to " + user.getName() + ".";
     }
 
+    @PostMapping("/assignRole")
+    @PreAuthorize("hasRole('ADMIN') or hasRole('COORDINATOR') or hasRole('FACILITATOR')")
+    public String assignRole(@RequestParam Long assignerId, @RequestParam Long assigneeId, @RequestParam String role) {
+        log.info("Requested role: {} requested for user: {}", role, assigneeId);
+        User user = userService.assignRole(assignerId, assigneeId, role);
+        return "Role successfully inserted to " + user.getName() + ".";
+    }
+
+    @PostMapping("/removeRole")
+    @PreAuthorize("hasRole('ADMIN') or hasRole('COORDINATOR') or hasRole('FACILITATOR')")
+    public String removeRole(@RequestParam Long assignerId, @RequestParam Long assigneeId, @RequestParam String role) {
+        log.info("Requested role to be removed: {} requested for user: {}", role, assigneeId);
+        User user = userService.removeRole(assignerId, assigneeId, role);
+        return "Role successfully removed from " + user.getName() + ".";
+    }
+
     @GetMapping("/getUserInfo")
     @PreAuthorize("hasRole('ADMIN') or hasRole('COORDINATOR') or hasRole('FACILITATOR') or hasRole('RESPONDER') or hasRole('VICTIM')")
     public UserDto getUserInfo(@RequestParam Long userId) {

diff --git a/resq/backend/resq/src/main/java/com/groupa1/resq/exception/EntityNotAllowedException.java b/resq/backend/resq/src/main/java/com/groupa1/resq/exception/EntityNotAllowedException.java
@@ -0,0 +1,11 @@
+package com.groupa1.resq.exception;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ResponseStatus;
+
+@ResponseStatus(HttpStatus.METHOD_NOT_ALLOWED)
+public class EntityNotAllowedException extends RuntimeException  {
+    public EntityNotAllowedException(String message) {
+        super(message);
+    }
+}
diff --git a/resq/backend/resq/src/main/java/com/groupa1/resq/service/UserService.java b/resq/backend/resq/src/main/java/com/groupa1/resq/service/UserService.java
@@ -2,6 +2,7 @@
 
 import com.groupa1.resq.entity.User;
 import com.groupa1.resq.entity.enums.EUserRole;
+import com.groupa1.resq.exception.EntityNotAllowedException;
 import com.groupa1.resq.exception.EntityNotFoundException;
 import com.groupa1.resq.repository.UserRepository;
 import lombok.extern.slf4j.Slf4j;
@@ -38,6 +39,40 @@ public User requestRole(Long userId, String role) {
         return save(user);
     }
 
+    public User assignRole(Long assignerId, Long assigneeId, String role) {
+        if (checkUserHierarchy(assignerId, role)) {
+            return requestRole(assigneeId, role);
+        }else{
+            throw new EntityNotAllowedException("User not allowed to assign this role");
+        }
+    }
+
+    public User removeRole(Long assignerId, Long assigneeId, String role) {
+        if (checkUserHierarchy(assignerId, role)) {
+            User user = userRepository.findById(assigneeId).orElseThrow(() -> new EntityNotFoundException("User not found"));
+            Set<EUserRole> roles = user.getRoles();
+            roles.remove(EUserRole.getEnumByStr(role.toUpperCase()));
+            user.setRoles(roles);
+            return save(user);
+        } else {
+            throw new EntityNotAllowedException("User not allowed to remove this role");
+        }
+    }
+
+
+    private boolean checkUserHierarchy(Long userId, String role) {
+        User user = userRepository.findById(userId).orElseThrow(() -> new EntityNotFoundException("User not found"));
+        Set<EUserRole> roles = user.getRoles();
+        EUserRole roleEnum = EUserRole.getEnumByStr(role.toUpperCase());
+        if (roles.contains(EUserRole.ADMIN)) {
+            return true;
+        }else if(roles.contains(EUserRole.COORDINATOR)){
+            return roleEnum != EUserRole.ADMIN;
+        }else{
+            return roleEnum != EUserRole.ADMIN && roleEnum != EUserRole.COORDINATOR;
+        }
+    }
+
     public User findById(Long userId) {
         return userRepository.findById(userId).orElseThrow(() -> new EntityNotFoundException("User not found"));
     }

diff --git a/resq/backend/resq/src/main/java/com/groupa1/resq/util/NotificationMessages.java b/resq/backend/resq/src/main/java/com/groupa1/resq/util/NotificationMessages.java
@@ -7,5 +7,6 @@ public class NotificationMessages {
     public static final String TASK_ASSIGNED = "Coordinator %s assigned Task #%s";
     public static final String ACTION_VERIFIED = "Action #%s is verified by %s";
     public static final String ACTION_WAITING_FOR_VERIFICATION = "Action #%s is waiting for verification";
+    public static final String SYSTEM_MESSAGE = "System Message from User #%s, related entity #%s";
     public static final String TASK_UPDATED = "Task #%s is updated by %s";
 }