diff --git a/src/main/java/net/gepafin/tendermanagement/dao/ApplicationDao.java b/src/main/java/net/gepafin/tendermanagement/dao/ApplicationDao.java index fe86a5c6..04eb8b95 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/ApplicationDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/ApplicationDao.java @@ -139,7 +139,7 @@ public class ApplicationDao { } formService.validateFormField(applicationRequestBean.getFormFields(),applicationEntity,formEntity); ApplicationFormEntity applicationFormEntity = getApplicationFormOrCreate(formEntity, applicationEntity); - createOrUpdateMultipleFormFields(applicationRequestBean.getFormFields(), applicationFormEntity,formEntity); + createOrUpdateMultipleFormFields(applicationRequestBean.getFormFields(), applicationFormEntity, formEntity); return getApplicationById(applicationEntity.getId(),formEntity.getId()); } public void validateDelegation(UserEntity user, CompanyEntity company) { @@ -288,7 +288,7 @@ public class ApplicationDao { log.info("Fetching applications for RoleType: {}", userEntity.getRoleEntity().getRoleType()); - Specification spec = search(userEntity.getId(), callId, companyId,status); + Specification spec = search(userEntity, callId, companyId,status); List applicationEntities = applicationRepository.findAll(spec); @@ -298,12 +298,12 @@ public class ApplicationDao { } - private Specification search(Long userId, Long callId, Long companyId,String status) { + private Specification search(UserEntity userEntity, Long callId, Long companyId,String status) { return (root, query, builder) -> { Boolean isBeneficiary = validator.checkIsBeneficiary(); Predicate predicate = builder.isFalse(root.get("isDeleted")); if (isBeneficiary) { - predicate = builder.and(predicate, builder.equal(root.get("userId"), userId)); + predicate = builder.and(predicate, builder.equal(root.get("userId"), userEntity.getId())); } if (callId != null) { predicate = builder.and(predicate, builder.equal(root.get("call").get("id"), callId)); @@ -314,7 +314,7 @@ public class ApplicationDao { if (status != null) { predicate = builder.and(predicate, builder.equal(root.get("status"), status)); } - + predicate = builder.and(predicate, builder.equal(root.get("hubId"), userEntity.getHub().getId())); return predicate; }; } @@ -601,7 +601,7 @@ public class ApplicationDao { throw new CustomValidationException(Status.BAD_REQUEST,Translator.toLocale(GepafinConstant.APPLICATION_ALREADY_IN_PREVIOUS_STATUS)); } if (status.equals(ApplicationStatusTypeEnum.SUBMIT) && Boolean.TRUE.equals(applicationEntity.getStatus().equals(ApplicationStatusTypeEnum.READY.getValue()))) { - callService.validatePublishedCall(applicationEntity.getCall().getId()); + callService.validatePublishedCall(applicationEntity.getCall().getId(), userEntity.getHub().getId()); Long protocolNumber = getProtocolNumber(userEntity.getHub()); ProtocolEntity protocolEntity = createProtocolEntity(applicationEntity,protocolNumber, userEntity.getHub().getId()); applicationEntity.setProtocol(protocolEntity); diff --git a/src/main/java/net/gepafin/tendermanagement/dao/AssignedApplicationsDao.java b/src/main/java/net/gepafin/tendermanagement/dao/AssignedApplicationsDao.java index 03f8f83a..bdf85b41 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/AssignedApplicationsDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/AssignedApplicationsDao.java @@ -9,6 +9,7 @@ import net.gepafin.tendermanagement.enums.ApplicationStatusTypeEnum; import net.gepafin.tendermanagement.enums.AssignedApplicationEnum; import net.gepafin.tendermanagement.model.request.AssignedApplicationsRequest; import net.gepafin.tendermanagement.model.response.AssignedApplicationsResponse; +import net.gepafin.tendermanagement.repositories.ApplicationRepository; import net.gepafin.tendermanagement.repositories.AssignedApplicationsRepository; import net.gepafin.tendermanagement.service.ApplicationService; import net.gepafin.tendermanagement.service.UserService; @@ -31,13 +32,16 @@ import static net.gepafin.tendermanagement.util.Utils.setIfUpdated; public class AssignedApplicationsDao { @Autowired - ApplicationService applicationService; + private ApplicationService applicationService; @Autowired - AssignedApplicationsRepository assignedApplicationsRepository; + private ApplicationRepository applicationRepository; @Autowired - UserService userService; + private AssignedApplicationsRepository assignedApplicationsRepository; + + @Autowired + private UserService userService; public AssignedApplicationsResponse createAssignedApplications(Long applicationId, Long userId, UserEntity assignedByUser, AssignedApplicationsRequest assignedApplicationsRequest){ log.info("Assigning application to pre-Instructor with details: {}", applicationId,userId); @@ -47,12 +51,16 @@ public class AssignedApplicationsDao { throw new CustomValidationException(Status.BAD_REQUEST, Translator.toLocale(GepafinConstant.APPLICATION_ALREADY_ASSIGNED)); } ApplicationEntity application = applicationService.validateApplication(applicationId); + + if (Boolean.FALSE.equals(ApplicationStatusTypeEnum.SUBMIT.getValue().equals(application.getStatus()))) { throw new CustomValidationException( Status.BAD_REQUEST, Translator.toLocale(GepafinConstant.INVALID_APPLICATION_STATUS) ); } + application.setStatus(ApplicationStatusTypeEnum.EVALUATION.getValue()); + applicationRepository.save(application); UserEntity user = userService.validateUser(userId); AssignedApplicationsEntity assignment = createAssignmentEntity(application, user.getId(), assignedByUser, assignedApplicationsRequest); AssignedApplicationsResponse assignApplicationToInstructorResponse = convertEntityToResponse(assignment); @@ -82,17 +90,44 @@ public class AssignedApplicationsDao { return assignedApplication; } - public AssignedApplicationsResponse convertEntityToResponse(AssignedApplicationsEntity application){ + public AssignedApplicationsResponse convertEntityToResponse(AssignedApplicationsEntity assignedApplications){ AssignedApplicationsResponse assignedApplicationsResponse = new AssignedApplicationsResponse(); - assignedApplicationsResponse.setId(application.getId()); - assignedApplicationsResponse.setApplicationId(application.getApplication().getId()); - assignedApplicationsResponse.setAssignedBy(application.getAssignedBy()); - assignedApplicationsResponse.setUserId(application.getUserId()); - assignedApplicationsResponse.setCreatedDate(application.getCreatedDate()); - assignedApplicationsResponse.setUpdatedDate(application.getUpdatedDate()); - assignedApplicationsResponse.setNote(application.getNote()); - assignedApplicationsResponse.setStatus(AssignedApplicationEnum.valueOf(application.getStatus())); - assignedApplicationsResponse.setAssignedAt(application.getAssignedAt()); + assignedApplicationsResponse.setId(assignedApplications.getId()); + assignedApplicationsResponse.setApplicationId(assignedApplications.getApplication().getId()); + + ApplicationEntity application = applicationService.validateApplication(assignedApplications.getApplication().getId()); + String callName = application.getCall() != null ? application.getCall().getName() : ""; + LocalDateTime callEndDate = application.getCall().getEndDate(); + LocalDateTime callStartDate = application.getCall().getStartDate(); + + Long protocolNumber = (application.getProtocol() != null && application.getProtocol().getProtocolNumber() != null) + ? application.getProtocol().getProtocolNumber() + : 0; + LocalDateTime submissionDate = application.getSubmissionDate(); + UserEntity userEntity = userService.validateUser(application.getUserId()); + + String firstName = userEntity.getBeneficiary() != null ? userEntity.getBeneficiary().getFirstName() : null; + String lastName = userEntity.getBeneficiary() != null ? userEntity.getBeneficiary().getLastName() : null; + + String beneficiaryName = (firstName != null && !firstName.isBlank() ? firstName : "") + + (lastName != null && !lastName.isBlank() ? " " + lastName : ""); + + beneficiaryName = beneficiaryName.isBlank() ? "" : beneficiaryName; + + assignedApplicationsResponse.setAssignedBy(assignedApplications.getAssignedBy()); + assignedApplicationsResponse.setUserId(assignedApplications.getUserId()); + assignedApplicationsResponse.setCreatedDate(assignedApplications.getCreatedDate()); + assignedApplicationsResponse.setUpdatedDate(assignedApplications.getUpdatedDate()); + assignedApplicationsResponse.setNote(assignedApplications.getNote()); + assignedApplicationsResponse.setStatus(AssignedApplicationEnum.valueOf(assignedApplications.getStatus())); + assignedApplicationsResponse.setAssignedAt(assignedApplications.getAssignedAt()); + assignedApplicationsResponse.setProtocolNumber(protocolNumber); + assignedApplicationsResponse.setCallName(callName); + assignedApplicationsResponse.setBeneficiaryName(beneficiaryName); + assignedApplicationsResponse.setSubmissionDate(submissionDate); + assignedApplicationsResponse.setCallEndDate(callEndDate); + assignedApplicationsResponse.setCallStartDate(callStartDate); + return assignedApplicationsResponse; } diff --git a/src/main/java/net/gepafin/tendermanagement/dao/CallDao.java b/src/main/java/net/gepafin/tendermanagement/dao/CallDao.java index d8cd0a5c..b52aa97b 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/CallDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/CallDao.java @@ -654,7 +654,7 @@ public class CallDao { if (Boolean.FALSE.equals(ROLE_SUPER_ADMIN.getValue().equals(type))) { callStatusList = List.of(CallStatusEnum.PUBLISH.getValue()); } - List calls = callRepository.findByStatusIn(callStatusList); + List calls = callRepository.findByStatusInAndHubId(callStatusList, user.getHub().getId()); return calls.stream() .map(this::convertToCallDetailsResponseBean) .collect(Collectors.toList()); @@ -672,13 +672,13 @@ public class CallDao { callResponseBean.setStatus(CallStatusEnum.valueOf(callEntity.getStatus())); return callResponseBean; } - public CallEntity getCallEntityById(Long id){ - CallEntity callEntity=callRepository.findByIdAndStatusNotIn(id,List.of(CallStatusEnum.PUBLISH.getValue())); - if(callEntity==null){ - throw new ResourceNotFoundException(Status.NOT_FOUND, Translator.toLocale(GepafinConstant.CALL_NOT_FOUND)); - } - return callEntity; - } +// public CallEntity getCallEntityById(Long id){ +// CallEntity callEntity=callRepository.findByIdAndStatusNotInAndHubId(id, List.of(CallStatusEnum.PUBLISH.getValue())); +// if(callEntity==null){ +// throw new ResourceNotFoundException(Status.NOT_FOUND, Translator.toLocale(GepafinConstant.CALL_NOT_FOUND)); +// } +// return callEntity; +// } public CallResponse updateCallStatus(CallEntity callEntity, CallStatusEnum statusReq) { CallStatusEnum currentStatus = CallStatusEnum.valueOf(callEntity.getStatus()); @@ -718,9 +718,9 @@ public class CallDao { } } - public CallEntity validatePublishedCall(Long callId) { + public CallEntity validatePublishedCall(Long callId, Long hubId) { CallEntity callEntity= callRepository - .findByIdAndStatus(callId, CallStatusEnum.PUBLISH.getValue()); + .findByIdAndStatusAndHubId(callId, CallStatusEnum.PUBLISH.getValue(), hubId); if(callEntity==null){ throw new ResourceNotFoundException( Status.NOT_FOUND, diff --git a/src/main/java/net/gepafin/tendermanagement/dao/CompanyDao.java b/src/main/java/net/gepafin/tendermanagement/dao/CompanyDao.java index 0f59fc08..84b01021 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/CompanyDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/CompanyDao.java @@ -54,7 +54,7 @@ public class CompanyDao { return convertCompanyEntityToCompanyResponse(existingCompany, userWithCompanyEntity); } else { validateCompany(userEntity, companyRequest); - CompanyEntity companyEntity = convertCompanyRequestToCompanyEntity(companyRequest); + CompanyEntity companyEntity = convertCompanyRequestToCompanyEntity(userEntity, companyRequest); companyRepository.save(companyEntity); userWithCompanyEntity = createUserWithCompanyRelation(userEntity, companyEntity, companyRequest.getIsLegalRepresentant()); return convertCompanyEntityToCompanyResponse(companyEntity, userWithCompanyEntity); @@ -91,7 +91,7 @@ public class CompanyDao { return userWithCompanyRepository.save(userWithCompanyEntity); } - private CompanyEntity convertCompanyRequestToCompanyEntity(CompanyRequest request) { + private CompanyEntity convertCompanyRequestToCompanyEntity(UserEntity userEntity, CompanyRequest request) { CompanyEntity entity = new CompanyEntity(); entity.setCompanyName(request.getCompanyName()); entity.setVatNumber(request.getVatNumber()); @@ -108,6 +108,7 @@ public class CompanyDao { entity.setAnnualRevenue(request.getAnnualRevenue()); entity.setContactName(request.getContactName()); entity.setContactEmail(request.getContactEmail()); + entity.setHub(userEntity.getHub()); return entity; } diff --git a/src/main/java/net/gepafin/tendermanagement/dao/DashboardDao.java b/src/main/java/net/gepafin/tendermanagement/dao/DashboardDao.java index de20f607..c76d14c9 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/DashboardDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/DashboardDao.java @@ -60,7 +60,7 @@ public class DashboardDao { } private void setActiveCalls(Widget1 widget1, UserEntity requestedUserEntity) { - Long activeCalls = callRepository.countByStatus(CallStatusEnum.PUBLISH.getValue()); + Long activeCalls = callRepository.countByStatusAndHubId(CallStatusEnum.PUBLISH.getValue(), requestedUserEntity.getHub().getId()); if (activeCalls != null) { widget1.setNumberOfActiveCalls(activeCalls); } @@ -74,20 +74,20 @@ public class DashboardDao { } } - private void setTotalActiveFinancing(Widget1 widget1, UserEntity requestedUserEntity) { - BigDecimal totalActiveFinancing = callRepository.findTotalAmountOfPublishedCalls(); + private void setTotalActiveFinancing(Widget1 widget1, UserEntity requestedUser) { + BigDecimal totalActiveFinancing = callRepository.findTotalAmountOfPublishedCallsAndHubId(requestedUser.getHub().getId()); widget1.setTotalActiveFinancing(totalActiveFinancing); } private void setSubmittedApplications(Widget1 widget1, UserEntity requestedUserEntity) { - Long submittedApplications = applicationRepository.countSubmittedApplications(); + Long submittedApplications = applicationRepository.countSubmittedApplicationsByHubId(requestedUserEntity.getHub().getId()); if (submittedApplications != null) { widget1.setNumberOfSubmittedApplications(submittedApplications); } } private void setDraftApplications(Widget1 widget1, UserEntity requestedUserEntity) { - Long draftApplications = applicationRepository.countDraftApplications(); + Long draftApplications = applicationRepository.countDraftApplicationsByHubId(requestedUserEntity.getHub().getId()); if (draftApplications != null) { widget1.setNumberOfDraftApplications(draftApplications); } @@ -104,7 +104,7 @@ public class DashboardDao { CompanyEntity company) { BeneficiaryWidgetResponseBean beneficiaryWidgetResponseBean = BeneficiaryWidgetResponseBean.builder() .numberOfApplications(0L).numberOfCalls(0L).numberOfIntegratedDocuments(0L).build(); - Long activeCalls = callRepository.countByStatus(CallStatusEnum.PUBLISH.getValue()); + Long activeCalls = callRepository.countByStatusAndHubId(CallStatusEnum.PUBLISH.getValue(), userEntity.getHub().getId()); if (activeCalls != null) { beneficiaryWidgetResponseBean.setNumberOfCalls(activeCalls); } diff --git a/src/main/java/net/gepafin/tendermanagement/dao/DelegationDao.java b/src/main/java/net/gepafin/tendermanagement/dao/DelegationDao.java index f609086f..1d9e904a 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/DelegationDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/DelegationDao.java @@ -14,6 +14,7 @@ import org.springframework.beans.factory.annotation.Value; import org.springframework.stereotype.Component; import org.springframework.web.multipart.MultipartFile; +import jakarta.servlet.http.HttpServletRequest; import net.gepafin.tendermanagement.config.Translator; import net.gepafin.tendermanagement.constants.GepafinConstant; import net.gepafin.tendermanagement.entities.CompanyEntity; @@ -31,6 +32,7 @@ import net.gepafin.tendermanagement.service.AmazonS3Service; import net.gepafin.tendermanagement.service.UserService; import net.gepafin.tendermanagement.util.DateTimeUtil; import net.gepafin.tendermanagement.util.Utils; +import net.gepafin.tendermanagement.util.Validator; import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException; import net.gepafin.tendermanagement.web.rest.api.errors.ResourceNotFoundException; import net.gepafin.tendermanagement.web.rest.api.errors.Status; @@ -38,7 +40,7 @@ import net.gepafin.tendermanagement.web.rest.api.errors.Status; @Component public class DelegationDao { - private static final String DEFAULT_PLACEHOLDER = "____________________"; +// private static final String DEFAULT_PLACEHOLDER = "____________________"; @Autowired private UserService userService; @@ -57,6 +59,9 @@ public class DelegationDao { @Autowired private UserCompanyDelegationRepository userCompanyDelegationRepository; + + @Autowired + private Validator validator; public ByteArrayOutputStream generateDocument(Map placeholders, String templateName) { @@ -89,9 +94,10 @@ public class DelegationDao { return new XWPFDocument(templateStream); } - public ByteArrayOutputStream downloadCompanyDelegation(UserEntity userEntity, Long companyId, CompanyDelegationRequest companyDelegationRequest) { + public ByteArrayOutputStream downloadCompanyDelegation(HttpServletRequest request, Long companyId, CompanyDelegationRequest companyDelegationRequest) { Map placeholders = getDefaultPlaceholders(); - UserResponseBean user = userService.getUserById(userEntity.getId()); + UserEntity userEntity = validator.validateUser(request); + UserResponseBean user = userService.getUserById(request, userEntity.getId()); CompanyEntity companyEntity = companyDao.validateCompany(companyId); companyDao.getUserWithCompany(userEntity.getId(), companyId); updatePlaceholdersForDelegation(user, companyEntity, placeholders, companyDelegationRequest); diff --git a/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java b/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java index 6a776f07..33f235a2 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java @@ -125,11 +125,12 @@ public class UserDao { if (tempToken == null) { validator.validateRequest(request,RoleStatusEnum.ROLE_SUPER_ADMIN); + UserEntity userEntity = validator.validateUser(request); + userReq.setHubUuid(userEntity.getHub().getUniqueUuid()); }else { samlSuccessHandler.validateToken(tempToken, userReq.getCodiceFiscale(), userReq.getHubUuid()); } - RoleEntity role = roleService.validateRole(userReq.getRoleId()); if (Boolean.FALSE.equals(Utils.isValidEmail(userReq.getEmail()))) { throw new CustomValidationException(Status.VALIDATION_ERROR, Translator.toLocale(GepafinConstant.VALIDATE_EMAIL)); @@ -153,10 +154,14 @@ public class UserDao { if (tempToken != null) { userReq.setRoleId(null); } - if(tempToken == null && Boolean.TRUE.equals(RoleStatusEnum.ROLE_BENEFICIARY.getValue().equals(role.getRoleType()))){ - throw new CustomValidationException(Status.VALIDATION_ERROR, - Translator.toLocale(GepafinConstant.CANNOT_CREATE_BENEFICIARY_USER)); - } + + if (tempToken == null) { + RoleEntity role = roleService.validateRole(userReq.getRoleId()); + if (Boolean.TRUE.equals(RoleStatusEnum.ROLE_BENEFICIARY.getValue().equals(role.getRoleType()))) { + throw new CustomValidationException(Status.VALIDATION_ERROR, + Translator.toLocale(GepafinConstant.CANNOT_CREATE_BENEFICIARY_USER)); + } + } } private void validatePassword(String password, String confirmPassword, String tempToken) { diff --git a/src/main/java/net/gepafin/tendermanagement/enums/ApplicationStatusTypeEnum.java b/src/main/java/net/gepafin/tendermanagement/enums/ApplicationStatusTypeEnum.java index 80420c15..e9c1fb7a 100644 --- a/src/main/java/net/gepafin/tendermanagement/enums/ApplicationStatusTypeEnum.java +++ b/src/main/java/net/gepafin/tendermanagement/enums/ApplicationStatusTypeEnum.java @@ -8,7 +8,8 @@ public enum ApplicationStatusTypeEnum { SUBMIT("SUBMIT"), AWAIT("AWAIT"), READY("READY"), - DISCARD("DISCARD"); + DISCARD("DISCARD"), + EVALUATION("EVALUATION"); private String value; diff --git a/src/main/java/net/gepafin/tendermanagement/model/request/CreateCallRequestStep1.java b/src/main/java/net/gepafin/tendermanagement/model/request/CreateCallRequestStep1.java index bdc0d015..6ca30e37 100644 --- a/src/main/java/net/gepafin/tendermanagement/model/request/CreateCallRequestStep1.java +++ b/src/main/java/net/gepafin/tendermanagement/model/request/CreateCallRequestStep1.java @@ -2,7 +2,6 @@ package net.gepafin.tendermanagement.model.request; import java.math.BigDecimal; import java.time.LocalDateTime; -import java.time.LocalTime; import java.util.List; import lombok.Data; diff --git a/src/main/java/net/gepafin/tendermanagement/model/response/AssignedApplicationsResponse.java b/src/main/java/net/gepafin/tendermanagement/model/response/AssignedApplicationsResponse.java index 8714d94c..b5ad3aae 100644 --- a/src/main/java/net/gepafin/tendermanagement/model/response/AssignedApplicationsResponse.java +++ b/src/main/java/net/gepafin/tendermanagement/model/response/AssignedApplicationsResponse.java @@ -14,6 +14,13 @@ public class AssignedApplicationsResponse extends BaseBean { private AssignedApplicationEnum status; private String note; private LocalDateTime assignedAt; + private Long protocolNumber; + private String callName; + private String beneficiaryName; + private LocalDateTime submissionDate; + private LocalDateTime callStartDate; + private LocalDateTime callEndDate; + } diff --git a/src/main/java/net/gepafin/tendermanagement/repositories/ApplicationRepository.java b/src/main/java/net/gepafin/tendermanagement/repositories/ApplicationRepository.java index 7b57fcf2..9d52b2aa 100644 --- a/src/main/java/net/gepafin/tendermanagement/repositories/ApplicationRepository.java +++ b/src/main/java/net/gepafin/tendermanagement/repositories/ApplicationRepository.java @@ -32,13 +32,13 @@ public interface ApplicationRepository extends JpaRepository findByCompanyIdAndUserIdAndIsDeletedFalse(Long companyId,Long userId); + @Query("SELECT COUNT(a) FROM ApplicationEntity a WHERE a.status = 'SUBMIT' And a.hubId = :hubId") + public Long countSubmittedApplicationsByHubId(@Param("hubId") Long hubId); + + @Query("SELECT COUNT(a) FROM ApplicationEntity a WHERE a.status = 'DRAFT' And a.hubId = :hubId") + public Long countDraftApplicationsByHubId(@Param("hubId") Long hubId); + } diff --git a/src/main/java/net/gepafin/tendermanagement/repositories/CallRepository.java b/src/main/java/net/gepafin/tendermanagement/repositories/CallRepository.java index 4e651fe0..12934e36 100644 --- a/src/main/java/net/gepafin/tendermanagement/repositories/CallRepository.java +++ b/src/main/java/net/gepafin/tendermanagement/repositories/CallRepository.java @@ -1,8 +1,8 @@ package net.gepafin.tendermanagement.repositories; import net.gepafin.tendermanagement.entities.CallEntity; -import net.gepafin.tendermanagement.enums.CallStatusEnum; import org.springframework.data.jpa.repository.JpaRepository; import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.query.Param; import org.springframework.stereotype.Repository; import java.math.BigDecimal; @@ -11,18 +11,30 @@ import java.util.List; @Repository public interface CallRepository extends JpaRepository { - public CallEntity findByIdAndStatusNotIn(Long id, List status); - List findByStatusIn(List callStatus); +// public CallEntity findByIdAndStatusNotIn(Long id, List status); + +// List findByStatusIn(List callStatus); - public CallEntity findByIdAndStatus(Long id,String status); +// public CallEntity findByIdAndStatus(Long id,String status); - public Long countByStatus(String status); +// public Long countByStatus(String status); - @Query("SELECT COALESCE(SUM(c.amount), 0) FROM CallEntity c WHERE c.status = 'PUBLISH'") - BigDecimal findTotalAmountOfPublishedCalls(); +// @Query("SELECT COALESCE(SUM(c.amount), 0) FROM CallEntity c WHERE c.status = 'PUBLISH'") +// BigDecimal findTotalAmountOfPublishedCalls(); - @Query("SELECT c.name, COUNT(a.id) " + - "FROM CallEntity c LEFT JOIN ApplicationEntity a ON c.id = a.call.id " + - "GROUP BY c.name") - List findApplicationsPerCall(); +// @Query("SELECT c.name, COUNT(a.id) " + +// "FROM CallEntity c LEFT JOIN ApplicationEntity a ON c.id = a.call.id " + +// "GROUP BY c.name") +// List findApplicationsPerCall(); + + public List findByStatusInAndHubId(List callStatus, Long hubId); + + public CallEntity findByIdAndStatusAndHubId(Long id, String status, Long hubId); + + public Long countByStatusAndHubId(String status, Long hubId); + + public CallEntity findByIdAndStatusNotInAndHubId(Long id, List status, Long hubId); + + @Query("SELECT COALESCE(SUM(c.amount), 0) FROM CallEntity c WHERE c.status = 'PUBLISH' And c.hub.id = :hubId") + BigDecimal findTotalAmountOfPublishedCallsAndHubId(@Param("hubId") Long hubId); } diff --git a/src/main/java/net/gepafin/tendermanagement/service/CallService.java b/src/main/java/net/gepafin/tendermanagement/service/CallService.java index 8abe4cb5..92a62f02 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/CallService.java +++ b/src/main/java/net/gepafin/tendermanagement/service/CallService.java @@ -29,6 +29,6 @@ public interface CallService { CallEntity validateCall(Long callId); - CallEntity validatePublishedCall(Long callId); - byte[] downloadCallDocumentsAsZip(Long callId); + CallEntity validatePublishedCall(Long callId, Long hubId); + byte[] downloadCallDocumentsAsZip(HttpServletRequest request, Long callId); } diff --git a/src/main/java/net/gepafin/tendermanagement/service/UserService.java b/src/main/java/net/gepafin/tendermanagement/service/UserService.java index 9a1bdf9a..21109a5e 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/UserService.java +++ b/src/main/java/net/gepafin/tendermanagement/service/UserService.java @@ -17,11 +17,11 @@ import java.util.List; public interface UserService { JWTToken createUser(HttpServletRequest request, String tempToken, UserReq userReq); - UserResponseBean updateUser(Long userId, UpdateUserReq userReq); + UserResponseBean updateUser(HttpServletRequest request, Long userId, UpdateUserReq userReq); - UserResponseBean getUserById(Long userId); + UserResponseBean getUserById(HttpServletRequest request, Long userId); - void deleteUser(Long userId); + void deleteUser(HttpServletRequest request, Long userId); JWTToken login(LoginReq loginReq,HttpServletRequest request); diff --git a/src/main/java/net/gepafin/tendermanagement/service/impl/ApplicationServiceImpl.java b/src/main/java/net/gepafin/tendermanagement/service/impl/ApplicationServiceImpl.java index e8e8f1f4..779a3d09 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/impl/ApplicationServiceImpl.java +++ b/src/main/java/net/gepafin/tendermanagement/service/impl/ApplicationServiceImpl.java @@ -65,6 +65,7 @@ public class ApplicationServiceImpl implements ApplicationService { public ApplicationResponse createApplication(HttpServletRequest request, Long companyId, ApplicationRequest applicationRequest, Long callId) { UserEntity userEntity = validator.validateUser(request); CompanyEntity companyEntity = validator.validateUserWithCompany(request, companyId); + validator.validateUserWithCall(userEntity, callId); return applicationDao.createApplicationByCallId(companyEntity, applicationRequest, callId, userEntity); } @@ -114,7 +115,6 @@ public class ApplicationServiceImpl implements ApplicationService { @Transactional(rollbackFor = Exception.class) public ApplicationResponse validateApplication(HttpServletRequest request, Long applicationId) { return applicationDao.validateApplication(request, applicationId); - } diff --git a/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java b/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java index 0d3dab12..5a2d9ded 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java +++ b/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java @@ -77,7 +77,7 @@ public class AuthenticationService { public JWTToken login(LoginReq loginReq, HttpServletRequest request) { UserEntity user=null; - + LoginAttemptEntity loginAttemptEntity = prepareLoginAttemptEntity(loginReq, request); log.info("Attempting login for email: {}", loginReq.getEmail()); String emailWithHubId = loginReq.getEmail()+":"+loginReq.getHubUuid(); diff --git a/src/main/java/net/gepafin/tendermanagement/service/impl/CallServiceImpl.java b/src/main/java/net/gepafin/tendermanagement/service/impl/CallServiceImpl.java index 281b33b1..8004008b 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/impl/CallServiceImpl.java +++ b/src/main/java/net/gepafin/tendermanagement/service/impl/CallServiceImpl.java @@ -91,13 +91,15 @@ public class CallServiceImpl implements CallService { } @Override - public CallEntity validatePublishedCall(Long callId) { - return callDao.validatePublishedCall(callId); + public CallEntity validatePublishedCall(Long callId, Long hubId) { + return callDao.validatePublishedCall(callId, hubId); } @Override @Transactional(readOnly = true) - public byte[] downloadCallDocumentsAsZip(Long callId) { + public byte[] downloadCallDocumentsAsZip(HttpServletRequest request, Long callId) { + UserEntity user = validator.validateUser(request); + validator.validateUserWithCall(user, callId); return callDao.downloadCallDocumentsAsZip(callId); } diff --git a/src/main/java/net/gepafin/tendermanagement/service/impl/CompanyServiceImpl.java b/src/main/java/net/gepafin/tendermanagement/service/impl/CompanyServiceImpl.java index 47656b4d..5ab99b13 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/impl/CompanyServiceImpl.java +++ b/src/main/java/net/gepafin/tendermanagement/service/impl/CompanyServiceImpl.java @@ -49,6 +49,7 @@ public class CompanyServiceImpl implements CompanyService { @Transactional(rollbackFor = Exception.class) public CompanyResponse updateCompany(HttpServletRequest request, Long companyId, CompanyRequest companyRequest) { UserEntity userEntity =validator.validateUser(request); + validator.validateUserWithCompany(request, companyId); return companyDao.updateCompany(userEntity, companyId, companyRequest); } @@ -93,8 +94,7 @@ public class CompanyServiceImpl implements CompanyService { @Override @Transactional(readOnly = true) public ByteArrayOutputStream downloadCompanyDelegation(HttpServletRequest request, Long companyId, CompanyDelegationRequest companyDelegationRequest) { - UserEntity userEntity =validator.validateUser(request); - return delegationDao.downloadCompanyDelegation(userEntity, companyId, companyDelegationRequest); + return delegationDao.downloadCompanyDelegation(request, companyId, companyDelegationRequest); } @Override diff --git a/src/main/java/net/gepafin/tendermanagement/service/impl/FlowServiceImpl.java b/src/main/java/net/gepafin/tendermanagement/service/impl/FlowServiceImpl.java index 2ae5546f..5bd9d4d5 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/impl/FlowServiceImpl.java +++ b/src/main/java/net/gepafin/tendermanagement/service/impl/FlowServiceImpl.java @@ -5,6 +5,8 @@ import net.gepafin.tendermanagement.dao.FlowDao; import net.gepafin.tendermanagement.model.request.FlowRequestBean; import net.gepafin.tendermanagement.model.response.FlowResponseBean; import net.gepafin.tendermanagement.service.FlowService; +import net.gepafin.tendermanagement.util.Validator; + import org.springframework.beans.factory.annotation.Autowired; import org.springframework.stereotype.Service; import org.springframework.transaction.annotation.Transactional; @@ -14,16 +16,21 @@ public class FlowServiceImpl implements FlowService { @Autowired private FlowDao flowDao; + + @Autowired + private Validator validator; @Override @Transactional(rollbackFor = Exception.class) public FlowResponseBean createOrUpdateFlow(HttpServletRequest httpServletRequest, FlowRequestBean flowRequestBean, Long callId) { + validator.validateUserWithCall(validator.validateUser(httpServletRequest), callId); return flowDao.createOrUpdateFlow(flowRequestBean,callId); } @Override @org.springframework.transaction.annotation.Transactional(readOnly = true) public FlowResponseBean getFlowByCallId(HttpServletRequest request, Long callId) { + validator.validateUserWithCall(validator.validateUser(request), callId); return flowDao.getFlowByCallId(callId); } } diff --git a/src/main/java/net/gepafin/tendermanagement/service/impl/UserServiceImpl.java b/src/main/java/net/gepafin/tendermanagement/service/impl/UserServiceImpl.java index 3f325320..5d3640f9 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/impl/UserServiceImpl.java +++ b/src/main/java/net/gepafin/tendermanagement/service/impl/UserServiceImpl.java @@ -40,19 +40,22 @@ public class UserServiceImpl implements UserService { @Override @Transactional(rollbackFor = Exception.class) - public UserResponseBean updateUser(Long userId, UpdateUserReq userReq) { + public UserResponseBean updateUser(HttpServletRequest request, Long userId, UpdateUserReq userReq) { + validator.validateUserId(request, userId); return userDao.updateUser(userId, userReq); } @Override @Transactional(readOnly = true) - public UserResponseBean getUserById(Long userId) { + public UserResponseBean getUserById(HttpServletRequest request, Long userId) { + validator.validateUserId(request, userId); return userDao.getUserById(userId); } @Override @Transactional(rollbackFor = Exception.class) - public void deleteUser(Long userId) { + public void deleteUser(HttpServletRequest request, Long userId) { + validator.validateUserId(request, userId); userDao.deleteUser(userId); } diff --git a/src/main/java/net/gepafin/tendermanagement/util/Validator.java b/src/main/java/net/gepafin/tendermanagement/util/Validator.java index 785ad3b9..ecf4b3ae 100644 --- a/src/main/java/net/gepafin/tendermanagement/util/Validator.java +++ b/src/main/java/net/gepafin/tendermanagement/util/Validator.java @@ -72,12 +72,8 @@ public class Validator { } public CompanyEntity validateUserWithCompany(HttpServletRequest request, Long companyId) { - UserEntity user = validateUser(request); CompanyEntity companyEntity = companyService.validateCompany(companyId); - if (Boolean.FALSE.equals(user.getHub().getId().equals(companyEntity.getHub().getId()))) { - throw new ForbiddenAccessException(Status.FORBIDDEN, - Translator.toLocale(GepafinConstant.PERMISSION_DENIED)); - } + validateHubId(request, companyEntity.getHub().getId()); if (checkIsSuperAdmin()) { return companyEntity; } @@ -85,6 +81,15 @@ public class Validator { companyService.validateUserWithCompny(getUserId(userInfo), companyId); return companyService.validateCompany(companyId); } + + public void validateHubId(HttpServletRequest request, Long hubId) { + UserEntity user = validateUser(request); + Long hubIdFromHttpRequest = user.getHub().getId(); + if (Boolean.FALSE.equals(hubIdFromHttpRequest.equals(hubId))) { + throw new ForbiddenAccessException(Status.FORBIDDEN, + Translator.toLocale(GepafinConstant.PERMISSION_DENIED)); + } + } private Long getUserId(Map userInfo) { return Long.parseLong(userInfo.get("userId").toString()); @@ -107,11 +112,11 @@ public class Validator { UserEntity user = validateUser(request); UserEntity requestedUser = userService.validateUser(userId); - if(Boolean.FALSE.equals(requestedUser.getHub().getId().equals(user.getHub().getId()))) { - throw new ForbiddenAccessException(Status.FORBIDDEN, Translator.toLocale(GepafinConstant.PERMISSION_DENIED)); - } - if(user.getRoleEntity().getRoleType().equals(RoleStatusEnum.ROLE_BENEFICIARY.getValue()) && Boolean.FALSE.equals(user.getId().equals(userId))) { - throw new ForbiddenAccessException(Status.FORBIDDEN, Translator.toLocale(GepafinConstant.PERMISSION_DENIED)); + validateHubId(request, requestedUser.getHub().getId()); + if (Boolean.FALSE.equals(user.getRoleEntity().getRoleType().equals(RoleStatusEnum.ROLE_SUPER_ADMIN.getValue())) + && Boolean.FALSE.equals(user.getId().equals(userId))) { + throw new ForbiddenAccessException(Status.FORBIDDEN, + Translator.toLocale(GepafinConstant.PERMISSION_DENIED)); } return requestedUser; } diff --git a/src/main/java/net/gepafin/tendermanagement/web/rest/api/UserApi.java b/src/main/java/net/gepafin/tendermanagement/web/rest/api/UserApi.java index 8982e45e..c7b8e530 100644 --- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/UserApi.java +++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/UserApi.java @@ -59,7 +59,7 @@ public interface UserApi { @RequestMapping(value = "/{userId}", produces = {"application/json"}, method = RequestMethod.PUT) - default ResponseEntity> updateUser( + default ResponseEntity> updateUser(HttpServletRequest request, @Parameter(description = "The user id", required = true) @PathVariable("userId") Long userId, @Parameter(description = "User request object", required = true) @Valid @RequestBody UpdateUserReq userReq) { return new ResponseEntity<>(HttpStatus.NOT_IMPLEMENTED); @@ -77,7 +77,7 @@ public interface UserApi { @RequestMapping(value = "/{userId}", produces = {"application/json"}, method = RequestMethod.GET) - default ResponseEntity> getUserById( + default ResponseEntity> getUserById(HttpServletRequest request, @Parameter(description = "The user id", required = true) @PathVariable("userId") Long userId) { return new ResponseEntity<>(HttpStatus.NOT_IMPLEMENTED); } @@ -93,7 +93,7 @@ public interface UserApi { @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE)}))}) @RequestMapping(value = "/{userId}", method = RequestMethod.DELETE) - default ResponseEntity> deleteUser( + default ResponseEntity> deleteUser(HttpServletRequest request, @Parameter(description = "The user id", required = true) @PathVariable("userId") Long userId) { return new ResponseEntity<>(HttpStatus.NOT_IMPLEMENTED); } diff --git a/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/CallApiController.java b/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/CallApiController.java index b06380e4..69154098 100644 --- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/CallApiController.java +++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/CallApiController.java @@ -88,7 +88,7 @@ public class CallApiController implements CallApi { } @Override public ResponseEntity downloadCallDocumentsAsZip(HttpServletRequest request, Long callId) { - byte[] zipFile = callService.downloadCallDocumentsAsZip(callId); + byte[] zipFile = callService.downloadCallDocumentsAsZip(request, callId); HttpHeaders headers = new HttpHeaders(); headers.setContentType(MediaType.APPLICATION_OCTET_STREAM); diff --git a/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/UserApiController.java b/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/UserApiController.java index 413feaac..1a3040c1 100644 --- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/UserApiController.java +++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/impl/UserApiController.java @@ -44,29 +44,29 @@ public class UserApiController implements UserApi { } @Override - public ResponseEntity> updateUser( + public ResponseEntity> updateUser(HttpServletRequest request, @PathVariable("userId") Long userId, @Valid @RequestBody UpdateUserReq userReq) { log.info("Update User - User ID: {}, Request Body: {}", userId, userReq); - UserResponseBean updatedUser = userService.updateUser(userId, userReq); + UserResponseBean updatedUser = userService.updateUser(request, userId, userReq); return ResponseEntity.status(HttpStatus.OK) .body(new Response<>(updatedUser, Status.SUCCESS, Translator.toLocale(GepafinConstant.USER_UPDATED_SUCCESS_MSG))); } @Override - public ResponseEntity> getUserById( + public ResponseEntity> getUserById(HttpServletRequest request, @PathVariable("userId") Long userId) { log.info("Get User by ID - User ID: {}", userId); - UserResponseBean user = userService.getUserById(userId); + UserResponseBean user = userService.getUserById(request, userId); return ResponseEntity.status(HttpStatus.OK) .body(new Response<>(user, Status.SUCCESS, Translator.toLocale(GepafinConstant.GET_USER_SUCCESS_MSG))); } @Override - public ResponseEntity> deleteUser( + public ResponseEntity> deleteUser(HttpServletRequest request, @PathVariable("userId") Long userId) { log.info("Delete User - User ID: {}", userId); - userService.deleteUser(userId); + userService.deleteUser(request, userId); return ResponseEntity.status(HttpStatus.OK) .body(new Response<>(null, Status.SUCCESS, Translator.toLocale(GepafinConstant.USER_DELETED_SUCCESS_MSG))); } diff --git a/src/main/resources/application-dev.properties b/src/main/resources/application-dev.properties index f7ccb81a..8fa5c7a6 100644 --- a/src/main/resources/application-dev.properties +++ b/src/main/resources/application-dev.properties @@ -8,7 +8,10 @@ spring.datasource.driver-class-name=org.postgresql.Driver spring.h2.console.enabled=true isVatCheckGloballyDisabled = false + isMailSendingEnabled = true default_System_Receiver_Email=antonio.manca@bflows.net gepafin_email=rinaldo.bonazzo@bflows.net -rinaldo_email=rinaldo.bonazzo@bflows.net \ No newline at end of file +rinaldo_email=rinaldo.bonazzo@bflows.net +carlo_email=test@test.test +default.hub.uuid=p4lk3bcx1RStqTaIVVbXs diff --git a/src/main/resources/application-local.properties b/src/main/resources/application-local.properties index 6b925e03..76aca344 100644 --- a/src/main/resources/application-local.properties +++ b/src/main/resources/application-local.properties @@ -6,4 +6,11 @@ spring.datasource.driver-class-name=org.postgresql.Driver # JPA Configuration spring.jpa.show-sql=true -base-url=http://localhost:8080 \ No newline at end of file +base-url=http://localhost:8080 + +isMailSendingEnabled = false +default_System_Receiver_Email=test@test.test +gepafin_email=test@test.test +rinaldo_email=test@test.test +carlo_email=test@test.test +default.hub.uuid=p4lk3bcx1RStqTaIVVbXs \ No newline at end of file diff --git a/src/main/resources/application-production.properties b/src/main/resources/application-production.properties index 725d9c8a..be007786 100644 --- a/src/main/resources/application-production.properties +++ b/src/main/resources/application-production.properties @@ -14,8 +14,10 @@ fe.base.url=https://bandi.gepafin.it #SPID configuration spid.ipd.base.url=https://login.regione.umbria.it active.profile.folder=production + isMailSendingEnabled = true default_System_Receiver_Email=antonio.manca@bflows.net gepafin_email=bandi@pec.gepafin.it rinaldo_email=rinaldo.bonazzo@bflows.net carlo_email=carlo.mancosu@bflows.net +default.hub.uuid=p4lk3bcx1RStqTaIVVbXs diff --git a/src/main/resources/application-testing.properties b/src/main/resources/application-testing.properties index 12b95acb..1dbc41cc 100644 --- a/src/main/resources/application-testing.properties +++ b/src/main/resources/application-testing.properties @@ -5,4 +5,10 @@ spring.datasource.password=sa # JPA Configuration spring.h2.console.enabled=true -base-url=http://localhost:8080 \ No newline at end of file +base-url=http://localhost:8080 +isMailSendingEnabled = false +default_System_Receiver_Email=test@test.test +gepafin_email=test@test.test +rinaldo_email=test@test.test +carlo_email=test@test.test +default.hub.uuid=p4lk3bcx1RStqTaIVVbXs \ No newline at end of file diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index 75ab20cf..c6b32a33 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -59,10 +59,4 @@ mailGun_base_url=https://api.eu.mailgun.net/ # SendinBlue API key apiKey=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 #senderEmail=mailer@bflows.net -isMailSendingEnabled = false -default_System_Receiver_Email=antonio.manca@bflows.net -gepafin_email=rinaldo.bonazzo@bflows.net -rinaldo_email=rinaldo.bonazzo@bflows.net -carlo_email=rinaldo.bonazzo@bflows.net -default.hub.uuid=p4lk3bcx1RStqTaIVVbXs diff --git a/src/main/resources/db/changelog/dynamic-triggers.xml b/src/main/resources/db/changelog/dynamic-triggers.xml index 23f1101e..9356279d 100644 --- a/src/main/resources/db/changelog/dynamic-triggers.xml +++ b/src/main/resources/db/changelog/dynamic-triggers.xml @@ -20,7 +20,7 @@ ) LOOP EXECUTE format( - 'CREATE OR REPLACE TRIGGER tg_gepafin_schema_updated_at_%I + 'CREATE OR REPLACE TRIGGER tg_gepafin_schema_updated_date_%I BEFORE UPDATE ON gepafin_schema.%I FOR EACH ROW EXECUTE FUNCTION gepafin_schema.clock_timestamp_updated_date_column()', @@ -37,7 +37,7 @@ ) LOOP EXECUTE format( - 'CREATE OR REPLACE TRIGGER tg_gepafin_schema_created_at_%I + 'CREATE OR REPLACE TRIGGER tg_gepafin_schema_created_date_%I BEFORE INSERT ON gepafin_schema.%I FOR EACH ROW EXECUTE FUNCTION gepafin_schema.clock_timestamp_created_date_column()',