Merge branch 'develop' of https://github.com/Kitzanos/GEPAFIN-BE into develop

2024-10-25 02:00:47 +05:30
parent b057984964 0d4fd3a6ae
commit a2a095ce71
30 changed files with 205 additions and 110 deletions
--- a/src/main/java/net/gepafin/tendermanagement/util/Validator.java
+++ b/src/main/java/net/gepafin/tendermanagement/util/Validator.java
@@ -72,12 +72,8 @@ public class Validator {
 	}

 	public CompanyEntity validateUserWithCompany(HttpServletRequest request, Long companyId) {
-		UserEntity user = validateUser(request);
 		CompanyEntity companyEntity = companyService.validateCompany(companyId);
-		if (Boolean.FALSE.equals(user.getHub().getId().equals(companyEntity.getHub().getId()))) {
-			throw new ForbiddenAccessException(Status.FORBIDDEN,
-					Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
-		}
+		validateHubId(request, companyEntity.getHub().getId());
 		if (checkIsSuperAdmin()) {
 			return companyEntity;
 		}
@@ -85,6 +81,15 @@ public class Validator {
 		companyService.validateUserWithCompny(getUserId(userInfo), companyId);
 		return companyService.validateCompany(companyId);
 	}
+	
+	public void validateHubId(HttpServletRequest request, Long hubId) {
+		UserEntity user = validateUser(request);
+		Long hubIdFromHttpRequest = user.getHub().getId();
+		if (Boolean.FALSE.equals(hubIdFromHttpRequest.equals(hubId))) {
+			throw new ForbiddenAccessException(Status.FORBIDDEN,
+					Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
+		}
+	} 

 	private Long getUserId(Map<String, Object> userInfo) {
 		return Long.parseLong(userInfo.get("userId").toString());
@@ -107,11 +112,11 @@ public class Validator {
 		UserEntity user = validateUser(request);
 		UserEntity requestedUser = userService.validateUser(userId);
 		
-		if(Boolean.FALSE.equals(requestedUser.getHub().getId().equals(user.getHub().getId()))) {
-			throw new ForbiddenAccessException(Status.FORBIDDEN, Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
-		}
-		if(user.getRoleEntity().getRoleType().equals(RoleStatusEnum.ROLE_BENEFICIARY.getValue()) && Boolean.FALSE.equals(user.getId().equals(userId))) {
-			throw new ForbiddenAccessException(Status.FORBIDDEN, Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
+		validateHubId(request, requestedUser.getHub().getId());
+		if (Boolean.FALSE.equals(user.getRoleEntity().getRoleType().equals(RoleStatusEnum.ROLE_SUPER_ADMIN.getValue()))
+				&& Boolean.FALSE.equals(user.getId().equals(userId))) {
+			throw new ForbiddenAccessException(Status.FORBIDDEN,
+					Translator.toLocale(GepafinConstant.PERMISSION_DENIED));
 		}
 		return requestedUser;
 	}