Conflict Resolved

2024-10-26 14:24:25 +05:30
parent f152241e15 0dd40c2804
commit 24d4f6a65c
131 changed files with 4492 additions and 1183 deletions
--- a/src/main/java/net/gepafin/tendermanagement/util/Validator.java
+++ b/src/main/java/net/gepafin/tendermanagement/util/Validator.java
@@ -4,9 +4,11 @@ import jakarta.servlet.http.HttpServletRequest;
 import net.gepafin.tendermanagement.config.Translator;
 import net.gepafin.tendermanagement.config.jwt.TokenProvider;
 import net.gepafin.tendermanagement.constants.GepafinConstant;
+import net.gepafin.tendermanagement.entities.CallEntity;
 import net.gepafin.tendermanagement.entities.CompanyEntity;
 import net.gepafin.tendermanagement.entities.UserEntity;
 import net.gepafin.tendermanagement.enums.RoleStatusEnum;
+import net.gepafin.tendermanagement.service.CallService;
 import net.gepafin.tendermanagement.service.CompanyService;
 import net.gepafin.tendermanagement.service.UserService;
 import net.gepafin.tendermanagement.web.rest.api.errors.ForbiddenAccessException;
@@ -14,11 +16,13 @@ import net.gepafin.tendermanagement.web.rest.api.errors.Status;
 import net.gepafin.tendermanagement.web.rest.api.errors.UnauthorizedAccessException;

 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.env.Environment;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.GrantedAuthority;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.stereotype.Component;

+import java.util.Arrays;
 import java.util.Map;

@Component
@@ -32,6 +36,12 @@ public class Validator {
    
    @Autowired
    private CompanyService companyService;
+    
+    @Autowired
+    private CallService callService;
+    
+    @Autowired
+	private Environment environment;

    public Map<String, Object> getUserInfoFromToken(HttpServletRequest request) {
        return tokenProvider.getUserInfoAndUserIdFromToken(request);
@@ -54,6 +64,20 @@ public class Validator {
 		}
 		return false;
 	}
+	
+	public Boolean checkIsPreInstructor() {
+		Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+
+		if (authentication != null && authentication.isAuthenticated()) {
+			// Check if the user has the ROLE_SUPER_ADMIN authority
+			for (GrantedAuthority authority : authentication.getAuthorities()) {
+				if (RoleStatusEnum.ROLE_PRE_INSTRUCTOR.getValue().equals(authority.getAuthority())) {
+					return true;
+				}
+			}
+		}
+		return false;
+	}

 	public void validateRequest(HttpServletRequest request,RoleStatusEnum role) {
 		if (RoleStatusEnum.ROLE_SUPER_ADMIN.equals(role) && Boolean.FALSE.equals(checkIsSuperAdmin())) {
@@ -62,13 +86,24 @@ public class Validator {
 	}

 	public CompanyEntity validateUserWithCompany(HttpServletRequest request, Long companyId) {
+		CompanyEntity companyEntity = companyService.validateCompany(companyId);
+		validateHubId(request, companyEntity.getHub().getId());
 		if (checkIsSuperAdmin()) {
-			return companyService.validateCompany(companyId);
+			return companyEntity;
 		}
 		Map<String, Object> userInfo = tokenProvider.getUserInfoAndUserIdFromToken(request);
 		companyService.validateUserWithCompny(getUserId(userInfo), companyId);
 		return companyService.validateCompany(companyId);
 	}
+	
+	public void validateHubId(HttpServletRequest request, Long hubId) {
+		UserEntity user = validateUser(request);
+		Long hubIdFromHttpRequest = user.getHub().getId();
+		if (Boolean.FALSE.equals(hubIdFromHttpRequest.equals(hubId))) {
+			throw new ForbiddenAccessException(Status.FORBIDDEN,
+					Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
+		}
+	} 

 	private Long getUserId(Map<String, Object> userInfo) {
 		return Long.parseLong(userInfo.get("userId").toString());
@@ -89,10 +124,15 @@ public class Validator {

 	public UserEntity validateUserId(HttpServletRequest request, Long userId) {
 		UserEntity user = validateUser(request);
-		if(user.getRoleEntity().getRoleType().equals(RoleStatusEnum.ROLE_BENEFICIARY.getValue()) && Boolean.FALSE.equals(user.getId().equals(userId))) {
-			throw new ForbiddenAccessException(Status.FORBIDDEN, Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
+		UserEntity requestedUser = userService.validateUser(userId);
+		
+		validateHubId(request, requestedUser.getHub().getId());
+		if (Boolean.FALSE.equals(user.getRoleEntity().getRoleType().equals(RoleStatusEnum.ROLE_SUPER_ADMIN.getValue()))
+				&& Boolean.FALSE.equals(user.getId().equals(userId))) {
+			throw new ForbiddenAccessException(Status.FORBIDDEN,
+					Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
 		}
-		return userService.validateUser(userId);
+		return requestedUser;
 	}
 	
 	public Long getUserIdFromToken(HttpServletRequest request) {
@@ -106,4 +146,33 @@ public class Validator {
 		}
 		return userService.validateUser(userId);
 	}
+	
+	public CallEntity validateUserWithCall(UserEntity user, Long callId) {
+		CallEntity callEntity = callService.validateCall(callId);
+		if(Boolean.FALSE.equals(user.getHub().getId().equals(callEntity.getHub().getId()))) {
+			throw new ForbiddenAccessException(Status.FORBIDDEN, Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
+		}
+		return callEntity;
+	}
+	
+	public Boolean isProductionProfileActivated() {
+		String[] activeProfiles = environment.getActiveProfiles();
+		return Arrays.stream(activeProfiles).anyMatch("production"::equals);
+	}
+
+	public UserEntity validatePreInstructor(HttpServletRequest request, Long preInstructorUserId) {
+		UserEntity preInstructorUser = userService.validateUser(preInstructorUserId);
+		if (checkIsSuperAdmin()) {
+			if (preInstructorUserId != null) {
+				validateHubId(request, preInstructorUser.getHub().getId());
+			}
+			return preInstructorUser;
+		} else if (checkIsPreInstructor()) {
+			return validateUserId(request, preInstructorUserId);
+		} else {
+			throw new ForbiddenAccessException(Status.FORBIDDEN,
+					Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
+		}
+	}
+	
 }