Merge branch '29-check-if-device-is-currently-user-s-own-device-when-updating' into 'dev'
controllers now check if devices belong to the correct user Closes #29 See merge request sa4-2020/the-sanmarinoes/backend!46
This commit is contained in:
commit
cbfbb81c10
8 changed files with 57 additions and 16 deletions
|
@ -6,6 +6,7 @@ import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.ButtonDimmerDimRequest;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.GenericDeviceSaveReguest;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.GenericDeviceSaveReguest;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.error.NotFoundException;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.error.NotFoundException;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.*;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.*;
|
||||||
|
import java.security.Principal;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import javax.validation.Valid;
|
import javax.validation.Valid;
|
||||||
|
@ -52,10 +53,13 @@ public class ButtonDimmerController
|
||||||
}
|
}
|
||||||
|
|
||||||
@PutMapping("/dim")
|
@PutMapping("/dim")
|
||||||
public Set<DimmableLight> dim(@Valid @RequestBody final ButtonDimmerDimRequest bd)
|
public Set<DimmableLight> dim(
|
||||||
|
@Valid @RequestBody final ButtonDimmerDimRequest bd, final Principal principal)
|
||||||
throws NotFoundException {
|
throws NotFoundException {
|
||||||
final ButtonDimmer buttonDimmer =
|
final ButtonDimmer buttonDimmer =
|
||||||
buttonDimmerRepository.findById(bd.getId()).orElseThrow(NotFoundException::new);
|
buttonDimmerRepository
|
||||||
|
.findByIdAndUsername(bd.getId(), principal.getName())
|
||||||
|
.orElseThrow(NotFoundException::new);
|
||||||
|
|
||||||
switch (bd.getDimType()) {
|
switch (bd.getDimType()) {
|
||||||
case UP:
|
case UP:
|
||||||
|
|
|
@ -27,16 +27,17 @@ public class DeviceController {
|
||||||
}
|
}
|
||||||
|
|
||||||
@PutMapping
|
@PutMapping
|
||||||
public Device update(@Valid @RequestBody DeviceSaveRequest deviceSaveRequest)
|
public Device update(
|
||||||
|
@Valid @RequestBody DeviceSaveRequest deviceSaveRequest, final Principal principal)
|
||||||
throws NotFoundException, BadDataException {
|
throws NotFoundException, BadDataException {
|
||||||
final Device d =
|
final Device d =
|
||||||
deviceRepository
|
deviceRepository
|
||||||
.findById(deviceSaveRequest.getId())
|
.findByIdAndUsername(deviceSaveRequest.getId(), principal.getName())
|
||||||
.orElseThrow(NotFoundException::new);
|
.orElseThrow(NotFoundException::new);
|
||||||
|
|
||||||
// check if roomId is valid
|
// check if roomId is valid
|
||||||
roomRepository
|
roomRepository
|
||||||
.findById(deviceSaveRequest.getRoomId())
|
.findByIdAndUsername(deviceSaveRequest.getRoomId(), principal.getName())
|
||||||
.orElseThrow(() -> new BadDataException("roomId is not a valid room id"));
|
.orElseThrow(() -> new BadDataException("roomId is not a valid room id"));
|
||||||
|
|
||||||
d.setRoomId(deviceSaveRequest.getRoomId());
|
d.setRoomId(deviceSaveRequest.getRoomId());
|
||||||
|
|
|
@ -6,6 +6,7 @@ import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.DimmableLightSaveRequest;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.error.NotFoundException;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.error.NotFoundException;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.DimmableLight;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.DimmableLight;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.DimmableLightRepository;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.DimmableLightRepository;
|
||||||
|
import java.security.Principal;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import javax.validation.Valid;
|
import javax.validation.Valid;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
@ -43,10 +44,14 @@ public class DimmableLightController {
|
||||||
}
|
}
|
||||||
|
|
||||||
@PutMapping
|
@PutMapping
|
||||||
public DimmableLight update(@Valid @RequestBody DimmableLightSaveRequest sp)
|
public DimmableLight update(
|
||||||
|
@Valid @RequestBody DimmableLightSaveRequest sp, final Principal principal)
|
||||||
throws NotFoundException {
|
throws NotFoundException {
|
||||||
return save(
|
return save(
|
||||||
dimmableLightService.findById(sp.getId()).orElseThrow(NotFoundException::new), sp);
|
dimmableLightService
|
||||||
|
.findByIdAndUsername(sp.getId(), principal.getName())
|
||||||
|
.orElseThrow(NotFoundException::new),
|
||||||
|
sp);
|
||||||
}
|
}
|
||||||
|
|
||||||
@DeleteMapping("/{id}")
|
@DeleteMapping("/{id}")
|
||||||
|
|
|
@ -6,6 +6,7 @@ import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.GenericDeviceSaveReguest;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.KnobDimmerDimRequest;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.KnobDimmerDimRequest;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.error.NotFoundException;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.error.NotFoundException;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.*;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.*;
|
||||||
|
import java.security.Principal;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import java.util.Set;
|
import java.util.Set;
|
||||||
import javax.validation.Valid;
|
import javax.validation.Valid;
|
||||||
|
@ -53,10 +54,13 @@ public class KnobDimmerController
|
||||||
}
|
}
|
||||||
|
|
||||||
@PutMapping("/dimTo")
|
@PutMapping("/dimTo")
|
||||||
public Set<DimmableLight> dimTo(@Valid @RequestBody final KnobDimmerDimRequest bd)
|
public Set<DimmableLight> dimTo(
|
||||||
|
@Valid @RequestBody final KnobDimmerDimRequest bd, final Principal principal)
|
||||||
throws NotFoundException {
|
throws NotFoundException {
|
||||||
final KnobDimmer dimmer =
|
final KnobDimmer dimmer =
|
||||||
knobDimmerRepository.findById(bd.getId()).orElseThrow(NotFoundException::new);
|
knobDimmerRepository
|
||||||
|
.findByIdAndUsername(bd.getId(), principal.getName())
|
||||||
|
.orElseThrow(NotFoundException::new);
|
||||||
|
|
||||||
dimmer.setLightIntensity(bd.getIntensity());
|
dimmer.setLightIntensity(bd.getIntensity());
|
||||||
dimmableLightRepository.saveAll(dimmer.getOutputs());
|
dimmableLightRepository.saveAll(dimmer.getOutputs());
|
||||||
|
|
|
@ -6,6 +6,7 @@ import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.RegularLightSaveRequest;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.error.NotFoundException;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.error.NotFoundException;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.RegularLight;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.RegularLight;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.RegularLightRepository;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.RegularLightRepository;
|
||||||
|
import java.security.Principal;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import javax.validation.Valid;
|
import javax.validation.Valid;
|
||||||
import org.springframework.beans.factory.annotation.Autowired;
|
import org.springframework.beans.factory.annotation.Autowired;
|
||||||
|
@ -50,10 +51,14 @@ public class RegularLightController {
|
||||||
}
|
}
|
||||||
|
|
||||||
@PutMapping
|
@PutMapping
|
||||||
public RegularLight update(@Valid @RequestBody RegularLightSaveRequest rl)
|
public RegularLight update(
|
||||||
|
@Valid @RequestBody RegularLightSaveRequest rl, final Principal principal)
|
||||||
throws NotFoundException {
|
throws NotFoundException {
|
||||||
return save(
|
return save(
|
||||||
regularLightService.findById(rl.getId()).orElseThrow(NotFoundException::new), rl);
|
regularLightService
|
||||||
|
.findByIdAndUsername(rl.getId(), principal.getName())
|
||||||
|
.orElseThrow(NotFoundException::new),
|
||||||
|
rl);
|
||||||
}
|
}
|
||||||
|
|
||||||
@DeleteMapping("/{id}")
|
@DeleteMapping("/{id}")
|
||||||
|
|
|
@ -45,9 +45,13 @@ public class SmartPlugController {
|
||||||
}
|
}
|
||||||
|
|
||||||
@PutMapping
|
@PutMapping
|
||||||
public SmartPlug update(@Valid @RequestBody SmartPlugSaveRequest sp) throws NotFoundException {
|
public SmartPlug update(@Valid @RequestBody SmartPlugSaveRequest sp, final Principal principal)
|
||||||
|
throws NotFoundException {
|
||||||
return save(
|
return save(
|
||||||
smartPlugRepository.findById(sp.getId()).orElseThrow(NotFoundException::new), sp);
|
smartPlugRepository
|
||||||
|
.findByIdAndUsername(sp.getId(), principal.getName())
|
||||||
|
.orElseThrow(NotFoundException::new),
|
||||||
|
sp);
|
||||||
}
|
}
|
||||||
|
|
||||||
@DeleteMapping("/{id}/meter")
|
@DeleteMapping("/{id}/meter")
|
||||||
|
|
|
@ -6,6 +6,7 @@ import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.GenericDeviceSaveReguest;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.SwitchOperationRequest;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.dto.SwitchOperationRequest;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.error.NotFoundException;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.error.NotFoundException;
|
||||||
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.*;
|
import ch.usi.inf.sa4.sanmarinoes.smarthut.models.*;
|
||||||
|
import java.security.Principal;
|
||||||
import java.util.*;
|
import java.util.*;
|
||||||
import java.util.List;
|
import java.util.List;
|
||||||
import javax.validation.Valid;
|
import javax.validation.Valid;
|
||||||
|
@ -55,9 +56,13 @@ public class SwitchController extends InputDeviceConnectionController<Switch, Sw
|
||||||
}
|
}
|
||||||
|
|
||||||
@PutMapping("/operate")
|
@PutMapping("/operate")
|
||||||
public Set<Switchable> operate(@Valid @RequestBody final SwitchOperationRequest sr)
|
public Set<Switchable> operate(
|
||||||
|
@Valid @RequestBody final SwitchOperationRequest sr, final Principal principal)
|
||||||
throws NotFoundException {
|
throws NotFoundException {
|
||||||
final Switch s = switchRepository.findById(sr.getId()).orElseThrow(NotFoundException::new);
|
final Switch s =
|
||||||
|
switchRepository
|
||||||
|
.findByIdAndUsername(sr.getId(), principal.getName())
|
||||||
|
.orElseThrow(NotFoundException::new);
|
||||||
|
|
||||||
switch (sr.getType()) {
|
switch (sr.getType()) {
|
||||||
case ON:
|
case ON:
|
||||||
|
|
|
@ -1,5 +1,18 @@
|
||||||
package ch.usi.inf.sa4.sanmarinoes.smarthut.models;
|
package ch.usi.inf.sa4.sanmarinoes.smarthut.models;
|
||||||
|
|
||||||
|
import java.util.Optional;
|
||||||
|
import org.springframework.data.jpa.repository.Query;
|
||||||
import org.springframework.data.repository.CrudRepository;
|
import org.springframework.data.repository.CrudRepository;
|
||||||
|
|
||||||
public interface RoomRepository extends CrudRepository<Room, Long> {}
|
public interface RoomRepository extends CrudRepository<Room, Long> {
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Finds a room by their id and a username
|
||||||
|
*
|
||||||
|
* @param id the room id
|
||||||
|
* @param username a User's username
|
||||||
|
* @return an optional device, empty if none found
|
||||||
|
*/
|
||||||
|
@Query("SELECT r FROM Room r JOIN r.user u WHERE r.id = ?1 AND u.username = ?2")
|
||||||
|
Optional<Room> findByIdAndUsername(Long id, String username);
|
||||||
|
}
|
||||||
|
|
Loading…
Reference in a new issue