diff --git a/src/main/java/net/gepafin/tendermanagement/TendermanagementApplication.java b/src/main/java/net/gepafin/tendermanagement/TendermanagementApplication.java index 07a51505..943dd254 100644 --- a/src/main/java/net/gepafin/tendermanagement/TendermanagementApplication.java +++ b/src/main/java/net/gepafin/tendermanagement/TendermanagementApplication.java @@ -4,8 +4,11 @@ import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.SpringBootApplication; import org.springframework.boot.autoconfigure.domain.EntityScan; import org.springframework.context.annotation.ComponentScan; +import org.springframework.context.annotation.Configuration; import org.springframework.data.jpa.repository.config.EnableJpaRepositories; import org.springframework.scheduling.annotation.EnableScheduling; +import org.springframework.web.servlet.config.annotation.CorsRegistry; +import org.springframework.web.servlet.config.annotation.WebMvcConfigurer; @EnableScheduling @ComponentScan(basePackages = {"net.gepafin.tendermanagement"}) @@ -18,6 +21,17 @@ public class TendermanagementApplication { SpringApplication.run(TendermanagementApplication.class, args); System.out.println("Spring Boot started"); } + + @Configuration + public class CorsConfig implements WebMvcConfigurer { + + @Override + public void addCorsMappings(CorsRegistry registry) { + + registry.addMapping("/**").allowedOrigins("http://localhost:3000") + .allowedMethods("GET", "POST", "PUT", "DELETE", "HEAD").allowCredentials(true); + } + } } diff --git a/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java b/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java index 1c97a2de..62ec6911 100644 --- a/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java +++ b/src/main/java/net/gepafin/tendermanagement/config/SecurityConfig.java @@ -14,6 +14,7 @@ import org.springframework.context.annotation.Configuration; import org.springframework.http.HttpMethod; import org.springframework.security.authentication.AuthenticationManager; import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration; +import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity; import org.springframework.security.config.annotation.web.builders.HttpSecurity; import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity; import org.springframework.security.config.annotation.web.configuration.WebSecurityCustomizer; @@ -32,6 +33,7 @@ import org.springframework.web.servlet.handler.HandlerMappingIntrospector; @Configuration @EnableWebSecurity +@EnableMethodSecurity(prePostEnabled = true) public class SecurityConfig { private final TokenProvider tokenProvider; diff --git a/src/main/java/net/gepafin/tendermanagement/dao/CallDao.java b/src/main/java/net/gepafin/tendermanagement/dao/CallDao.java index 470c0819..b4987c81 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/CallDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/CallDao.java @@ -50,24 +50,25 @@ public class CallDao { @Autowired private UserRepository userRepository; - public CreateCallResponseBean createCall(CreateCallRequest createCallRequest, Long userId) { - try { - CreateCallResponseBean createCallResponseBean=null; - CallEntity callEntity = convertToCallEntity(createCallRequest); - List evaluationCriteriaEntities = convertToEvaluationCriteriaEntities(createCallRequest.getCriteria(), callEntity); - List documentEntities = convertToDocumentEntities(createCallRequest.getDocs(), callEntity); - List imageEntities=convertToDocumentEntities(createCallRequest.getImages(),callEntity); - List faqEntities = convertToFaqEntities(createCallRequest.getFaq(), callEntity, userId); - List amiedTo=convertLookUpDataEntities(createCallRequest.getAimedTo(),callEntity,LookUpDataTypeEnum.AIMED_TO); - List checkList=convertLookUpDataEntities(createCallRequest.getAimedTo(),callEntity,LookUpDataTypeEnum.CHECKLIST); - createCallResponseBean= assembleCreateCallResponseBean(callEntity, evaluationCriteriaEntities, documentEntities, faqEntities,imageEntities); - createCallResponseBean.setAimedTo(amiedTo); - createCallResponseBean.setCheckList(checkList); - return createCallResponseBean; - } catch (Exception e) { - throw new RuntimeException("Error processing create call request", e); - } - } + public CreateCallResponseBean createCall(CreateCallRequest createCallRequest, Long userId) { + CreateCallResponseBean createCallResponseBean = null; + CallEntity callEntity = convertToCallEntity(createCallRequest); + List evaluationCriteriaEntities = convertToEvaluationCriteriaEntities( + createCallRequest.getCriteria(), callEntity); + List documentEntities = convertToDocumentEntities(createCallRequest.getDocs(), callEntity); + List imageEntities = convertToDocumentEntities(createCallRequest.getImages(), callEntity); + List faqEntities = convertToFaqEntities(createCallRequest.getFaq(), callEntity, userId); + List amiedTo = convertLookUpDataEntities(createCallRequest.getAimedTo(), callEntity, + LookUpDataTypeEnum.AIMED_TO); + List checkList = convertLookUpDataEntities(createCallRequest.getAimedTo(), callEntity, + LookUpDataTypeEnum.CHECKLIST); + createCallResponseBean = assembleCreateCallResponseBean(callEntity, evaluationCriteriaEntities, + documentEntities, faqEntities, imageEntities); + createCallResponseBean.setAimedTo(amiedTo); + createCallResponseBean.setCheckList(checkList); + return createCallResponseBean; + + } public CallEntity convertToCallEntity(CreateCallRequest createCallRequest) { diff --git a/src/main/java/net/gepafin/tendermanagement/dao/RegionDao.java b/src/main/java/net/gepafin/tendermanagement/dao/RegionDao.java index 9277b167..40493b04 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/RegionDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/RegionDao.java @@ -3,6 +3,8 @@ package net.gepafin.tendermanagement.dao; import net.gepafin.tendermanagement.config.Translator; import net.gepafin.tendermanagement.constants.GepafinConstant; import net.gepafin.tendermanagement.entities.RegionEntity; +import net.gepafin.tendermanagement.enums.RegionStatusEnum; +import net.gepafin.tendermanagement.enums.UserStatusEnum; import net.gepafin.tendermanagement.model.request.RegionReq; import net.gepafin.tendermanagement.model.response.RegionResponseBean; import net.gepafin.tendermanagement.repositories.RegionRepository; @@ -43,7 +45,7 @@ public class RegionDao { regionEntity.setAreaSize(regionReq.getAreaSize()); regionEntity.setPopulation(regionReq.getPopulation()); regionEntity.setEnvironmentalScore(regionReq.getEnvironmentalScore()); - regionEntity.setStatus(regionReq.getStatus()); + regionEntity.setStatus(regionReq.getStatus().getValue()); regionEntity.setHealthcareAccess(regionReq.getHealthcareAccess()); regionEntity.setInfrastructureScore(regionReq.getInfrastructureScore()); regionEntity.setPriorityArea(regionReq.getPriorityArea()); @@ -64,7 +66,7 @@ public class RegionDao { regionResponseBean.setAreaSize(regionEntity.getAreaSize()); regionResponseBean.setPopulation(regionEntity.getPopulation()); regionResponseBean.setEnvironmentalScore(regionEntity.getEnvironmentalScore()); - regionResponseBean.setStatus(regionEntity.getStatus()); + regionResponseBean.setStatus(RegionStatusEnum.valueOf(regionEntity.getStatus())); regionResponseBean.setHealthcareAccess(regionEntity.getHealthcareAccess()); regionResponseBean.setInfrastructureScore(regionEntity.getInfrastructureScore()); regionResponseBean.setPriorityArea(regionEntity.getPriorityArea()); @@ -78,11 +80,13 @@ public class RegionDao { RegionEntity existingRegion = getRegionById(id); log.info("Current region details: {}", existingRegion); log.info("New region details: {}", regionReq); - + String newStatus = regionReq.getStatus() != null ? regionReq.getStatus().getValue() : null; + if (Boolean.FALSE.equals(existingRegion.getStatus().equals(newStatus))) { + existingRegion.setStatus(newStatus); + } setIfUpdated(existingRegion::getRegionName, existingRegion::setRegionName, regionReq.getRegionName()); setIfUpdated(existingRegion::getDescription, existingRegion::setDescription, regionReq.getDescription()); setIfUpdated(existingRegion::getCountry, existingRegion::setCountry, regionReq.getCountry()); - setIfUpdated(existingRegion::getStatus, existingRegion::setStatus, regionReq.getStatus()); setIfUpdated(existingRegion::getPriorityArea, existingRegion::setPriorityArea, regionReq.getPriorityArea()); setIfUpdated(existingRegion::getPopulation, existingRegion::setPopulation, regionReq.getPopulation()); setIfUpdated(existingRegion::getAreaSize, existingRegion::setAreaSize, regionReq.getAreaSize()); diff --git a/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java b/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java index b2fd8190..8fb88a40 100644 --- a/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java +++ b/src/main/java/net/gepafin/tendermanagement/dao/UserDao.java @@ -4,6 +4,8 @@ import net.gepafin.tendermanagement.config.Translator; import net.gepafin.tendermanagement.constants.GepafinConstant; import net.gepafin.tendermanagement.entities.RoleEntity; import net.gepafin.tendermanagement.entities.UserEntity; +import net.gepafin.tendermanagement.enums.CallTypeEnum; +import net.gepafin.tendermanagement.enums.UserStatusEnum; import net.gepafin.tendermanagement.model.request.LoginReq; import net.gepafin.tendermanagement.model.request.UpdateUserReq; import net.gepafin.tendermanagement.model.request.UserReq; @@ -70,8 +72,10 @@ public class UserDao { .orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND, Translator.toLocale(GepafinConstant.REGION_NOT_FOUND_MSG))); log.info("Current user details: {}", userEntity); log.info("New user details: {}", userReq); - - setIfUpdated(userEntity::getStatus, userEntity::setStatus, userReq.getStatus()); + String newStatus = userReq.getStatus() != null ? userReq.getStatus().getValue() : null; + if (Boolean.FALSE.equals(userEntity.getStatus().equals(newStatus))) { + userEntity.setStatus(newStatus); + } setIfUpdated(userEntity::getFirstName, userEntity::setFirstName, userReq.getFirstName()); setIfUpdated(userEntity::getLastName, userEntity::setLastName, userReq.getLastName()); setIfUpdated(userEntity::getOrganization, userEntity::setOrganization, userReq.getOrganization()); @@ -91,7 +95,7 @@ public class UserDao { userEntity.setPassword(passwordEncoder.encode(userReq.getPassword())); userEntity.setEmail(userReq.getEmail()); userEntity.setFirstName(userReq.getFirstName()); - userEntity.setStatus(userReq.getStatus()); + userEntity.setStatus(userReq.getStatus().getValue()); userEntity.setLastName(userReq.getLastName()); userEntity.setOrganization(userReq.getOrganization()); userEntity.setAddress(userReq.getAddress()); @@ -113,7 +117,7 @@ public class UserDao { userResponseBean.setAddress(userEntity.getAddress()); userResponseBean.setCity(userEntity.getCity()); userResponseBean.setCountry(userEntity.getCountry()); - userResponseBean.setStatus(userEntity.getStatus()); + userResponseBean.setStatus(UserStatusEnum.valueOf(userEntity.getStatus())); RoleResponseBean roleResponseBean = roleDao.convertRoleEntityToRoleResponse(userEntity.getRoleEntity()); userResponseBean.setRole(roleResponseBean); userResponseBean.setLastLogin(userEntity.getLastLogin()); @@ -124,6 +128,10 @@ public class UserDao { log.info("Fetching user with ID: {}", id); UserEntity userEntity = userRepository.findById(id) .orElseThrow(() -> new ResourceNotFoundException(Status.NOT_FOUND, Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG))); + if (!UserStatusEnum.ACTIVE.getValue().equals(userEntity.getStatus())) { + log.info("User with ID: {} is not active", id); + throw new ResourceNotFoundException(Status.NOT_FOUND, Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)); + } log.info("User found: {}", userEntity); return convertUserEntityToUserResponse(userEntity); } diff --git a/src/main/java/net/gepafin/tendermanagement/entities/UserEntity.java b/src/main/java/net/gepafin/tendermanagement/entities/UserEntity.java index 719f9a5b..aac82db9 100644 --- a/src/main/java/net/gepafin/tendermanagement/entities/UserEntity.java +++ b/src/main/java/net/gepafin/tendermanagement/entities/UserEntity.java @@ -58,19 +58,4 @@ public class UserEntity extends BaseEntity { @Column(name = "COUNTRY", length = 50, nullable = true) private String country; - public enum UserStatusEnum { - ACTIVE("ACTIVE"), - INACTIVE("INACTIVE"); - - private String value; - - UserStatusEnum(String value) { - this.value = value; - } - - @JsonValue - public String getValue() { - return value; - } - } } diff --git a/src/main/java/net/gepafin/tendermanagement/enums/RegionStatusEnum.java b/src/main/java/net/gepafin/tendermanagement/enums/RegionStatusEnum.java new file mode 100644 index 00000000..599e8ea2 --- /dev/null +++ b/src/main/java/net/gepafin/tendermanagement/enums/RegionStatusEnum.java @@ -0,0 +1,18 @@ +package net.gepafin.tendermanagement.enums; +import com.fasterxml.jackson.annotation.JsonValue; + +public enum RegionStatusEnum { + ACTIVE("ACTIVE"), + INACTIVE("INACTIVE"); + + private String value; + + RegionStatusEnum(String value) { + this.value = value; + } + + @JsonValue + public String getValue() { + return value; + } +} \ No newline at end of file diff --git a/src/main/java/net/gepafin/tendermanagement/enums/UserStatusEnum.java b/src/main/java/net/gepafin/tendermanagement/enums/UserStatusEnum.java new file mode 100644 index 00000000..8df4f40b --- /dev/null +++ b/src/main/java/net/gepafin/tendermanagement/enums/UserStatusEnum.java @@ -0,0 +1,21 @@ +package net.gepafin.tendermanagement.enums; + +import com.fasterxml.jackson.annotation.JsonValue; + +public enum UserStatusEnum { + ACTIVE("ACTIVE"), + INACTIVE("INACTIVE"), + + PENDING_VERIFICATION("PENDING_VERIFICATION"); + + private String value; + + UserStatusEnum(String value) { + this.value = value; + } + + @JsonValue + public String getValue() { + return value; + } +} \ No newline at end of file diff --git a/src/main/java/net/gepafin/tendermanagement/model/request/RegionReq.java b/src/main/java/net/gepafin/tendermanagement/model/request/RegionReq.java index fae42f3c..d078155c 100644 --- a/src/main/java/net/gepafin/tendermanagement/model/request/RegionReq.java +++ b/src/main/java/net/gepafin/tendermanagement/model/request/RegionReq.java @@ -4,6 +4,7 @@ import jakarta.validation.constraints.NotEmpty; import jakarta.validation.constraints.NotNull; import lombok.Getter; import lombok.Setter; +import net.gepafin.tendermanagement.enums.RegionStatusEnum; import java.math.BigDecimal; @@ -17,7 +18,7 @@ public class RegionReq { private String country; - private String status; + private RegionStatusEnum status; private String priorityArea; diff --git a/src/main/java/net/gepafin/tendermanagement/model/request/RoleReq.java b/src/main/java/net/gepafin/tendermanagement/model/request/RoleReq.java index 1e4ec6f4..f1fd7d70 100644 --- a/src/main/java/net/gepafin/tendermanagement/model/request/RoleReq.java +++ b/src/main/java/net/gepafin/tendermanagement/model/request/RoleReq.java @@ -20,8 +20,6 @@ public class RoleReq { private String permissions; - private String status; - private Long regionId; } diff --git a/src/main/java/net/gepafin/tendermanagement/model/request/UpdateRegionReq.java b/src/main/java/net/gepafin/tendermanagement/model/request/UpdateRegionReq.java index 8d32dc83..1b62d403 100644 --- a/src/main/java/net/gepafin/tendermanagement/model/request/UpdateRegionReq.java +++ b/src/main/java/net/gepafin/tendermanagement/model/request/UpdateRegionReq.java @@ -2,6 +2,7 @@ package net.gepafin.tendermanagement.model.request; import lombok.Getter; import lombok.Setter; +import net.gepafin.tendermanagement.enums.RegionStatusEnum; @Getter @Setter @@ -12,7 +13,7 @@ public class UpdateRegionReq { private String country; - private String status; + private RegionStatusEnum status; private String priorityArea; diff --git a/src/main/java/net/gepafin/tendermanagement/model/request/UpdateUserReq.java b/src/main/java/net/gepafin/tendermanagement/model/request/UpdateUserReq.java index 63eb2b89..f4a8a107 100644 --- a/src/main/java/net/gepafin/tendermanagement/model/request/UpdateUserReq.java +++ b/src/main/java/net/gepafin/tendermanagement/model/request/UpdateUserReq.java @@ -4,6 +4,7 @@ import jakarta.validation.constraints.NotEmpty; import jakarta.validation.constraints.NotNull; import lombok.Getter; import lombok.Setter; +import net.gepafin.tendermanagement.enums.UserStatusEnum; @Getter @Setter @@ -16,6 +17,6 @@ public class UpdateUserReq { private String organization; private String address; private String city; - private String status; + private UserStatusEnum status; private String country; } diff --git a/src/main/java/net/gepafin/tendermanagement/model/request/UserReq.java b/src/main/java/net/gepafin/tendermanagement/model/request/UserReq.java index 97a59438..07761068 100644 --- a/src/main/java/net/gepafin/tendermanagement/model/request/UserReq.java +++ b/src/main/java/net/gepafin/tendermanagement/model/request/UserReq.java @@ -6,6 +6,7 @@ import jakarta.validation.constraints.NotEmpty; import jakarta.validation.constraints.NotNull; import lombok.Getter; import lombok.Setter; +import net.gepafin.tendermanagement.enums.UserStatusEnum; @Getter @Setter @@ -35,6 +36,6 @@ public class UserReq { private String country; - private String status; + private UserStatusEnum status; } diff --git a/src/main/java/net/gepafin/tendermanagement/model/response/RegionResponseBean.java b/src/main/java/net/gepafin/tendermanagement/model/response/RegionResponseBean.java index 55182822..23a4088a 100644 --- a/src/main/java/net/gepafin/tendermanagement/model/response/RegionResponseBean.java +++ b/src/main/java/net/gepafin/tendermanagement/model/response/RegionResponseBean.java @@ -2,6 +2,7 @@ package net.gepafin.tendermanagement.model.response; import lombok.Getter; import lombok.Setter; +import net.gepafin.tendermanagement.enums.RegionStatusEnum; import net.gepafin.tendermanagement.model.BaseBean; import java.math.BigDecimal; @@ -13,7 +14,7 @@ public class RegionResponseBean extends BaseBean { private String regionName; private String description; private String country; - private String status; + private RegionStatusEnum status; private String priorityArea; private Long population; private BigDecimal areaSize; diff --git a/src/main/java/net/gepafin/tendermanagement/model/response/UserResponseBean.java b/src/main/java/net/gepafin/tendermanagement/model/response/UserResponseBean.java index 1dcaa944..f23b6978 100644 --- a/src/main/java/net/gepafin/tendermanagement/model/response/UserResponseBean.java +++ b/src/main/java/net/gepafin/tendermanagement/model/response/UserResponseBean.java @@ -6,6 +6,7 @@ import jakarta.validation.constraints.NotNull; import lombok.Getter; import lombok.Setter; import net.gepafin.tendermanagement.entities.RoleEntity; +import net.gepafin.tendermanagement.enums.UserStatusEnum; import net.gepafin.tendermanagement.model.BaseBean; import java.time.LocalDateTime; @@ -32,7 +33,7 @@ public class UserResponseBean extends BaseBean { private String country; - private String status; + private UserStatusEnum status; private LocalDateTime lastLogin; diff --git a/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java b/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java index 1d76fc3c..6ad8cf5f 100644 --- a/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java +++ b/src/main/java/net/gepafin/tendermanagement/service/impl/AuthenticationService.java @@ -10,6 +10,7 @@ import net.gepafin.tendermanagement.model.response.LoginResponse; import net.gepafin.tendermanagement.model.response.RoleResponseBean; import net.gepafin.tendermanagement.model.util.JWTToken; import net.gepafin.tendermanagement.repositories.UserRepository; +import net.gepafin.tendermanagement.util.DateTimeUtil; import net.gepafin.tendermanagement.web.rest.api.errors.CustomValidationException; import net.gepafin.tendermanagement.web.rest.api.errors.Status; import org.slf4j.Logger; @@ -20,6 +21,7 @@ import org.springframework.security.authentication.UsernamePasswordAuthenticatio import org.springframework.security.core.Authentication; import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Service; +import java.time.LocalDateTime; @Service public class AuthenticationService { @@ -52,16 +54,37 @@ public class AuthenticationService { log.error("User not found for email: {}", loginReq.getEmail()); throw new CustomValidationException(Status.NOT_FOUND, Translator.toLocale(GepafinConstant.USER_NOT_FOUND_MSG)); } + user.setLastLogin(DateTimeUtil.DateServerToUTC(LocalDateTime.now())); + userRepository.save(user); String token = tokenProvider.createToken(authentication, loginReq.getRememberMe(), user); log.info("JWT token generated for email: {}", loginReq.getEmail()); RoleResponseBean roleResponseBean = roleDao.convertRoleEntityToRoleResponse(user.getRoleEntity()); - JWTToken jwtToken = new JWTToken(token, new LoginResponse(user.getId(), user.getEmail(), user.getFirstName(), - user.getLastName(), roleResponseBean, user.getPhoneNumber(), user.getAddress(), user.getOrganization(), - user.getCountry(), user.getStatus(), user.getCity(), user.getLastLogin(), user.getCreatedDate(), - user.getUpdatedDate())); + + LoginResponse loginResponse = getLoginResponse(user, roleResponseBean); + + JWTToken jwtToken = new JWTToken(token, loginResponse); log.info("Login successful for email: {}", loginReq.getEmail()); return jwtToken; } + + private static LoginResponse getLoginResponse(UserEntity user, RoleResponseBean roleResponseBean) { + LoginResponse loginResponse = new LoginResponse(); + loginResponse.setId(user.getId()); + loginResponse.setEmail(user.getEmail()); + loginResponse.setFirstName(user.getFirstName()); + loginResponse.setLastName(user.getLastName()); + loginResponse.setRole(roleResponseBean); + loginResponse.setPhoneNumber(user.getPhoneNumber()); + loginResponse.setAddress(user.getAddress()); + loginResponse.setOrganization(user.getOrganization()); + loginResponse.setCountry(user.getCountry()); + loginResponse.setStatus(user.getStatus()); + loginResponse.setCity(user.getCity()); + loginResponse.setLastLogin(user.getLastLogin()); + loginResponse.setCreatedDate(user.getCreatedDate()); + loginResponse.setUpdatedDate(user.getUpdatedDate()); + return loginResponse; + } } diff --git a/src/main/java/net/gepafin/tendermanagement/web/rest/api/CallApi.java b/src/main/java/net/gepafin/tendermanagement/web/rest/api/CallApi.java index 18bb89c8..b2b335de 100644 --- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/CallApi.java +++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/CallApi.java @@ -13,6 +13,7 @@ import net.gepafin.tendermanagement.model.util.Response; import net.gepafin.tendermanagement.web.rest.api.errors.ErrorConstants; import org.springframework.http.MediaType; import org.springframework.http.ResponseEntity; +import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestBody; @@ -30,6 +31,7 @@ public interface CallApi { @ExampleObject(value = ErrorConstants.BADREQUEST_ERROR_EXAMPLE) })) }) @PostMapping(value = "", produces = MediaType.APPLICATION_JSON_VALUE, consumes = MediaType.APPLICATION_JSON_VALUE) + @PreAuthorize("hasRole('SUPER_ADMIN')") public ResponseEntity> createCall(HttpServletRequest request, @Parameter(description = "Call request object", required = true) @Valid @RequestBody CreateCallRequest createCallRequest); diff --git a/src/main/java/net/gepafin/tendermanagement/web/rest/api/RoleApi.java b/src/main/java/net/gepafin/tendermanagement/web/rest/api/RoleApi.java index 2f94be9e..7225d87e 100644 --- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/RoleApi.java +++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/RoleApi.java @@ -21,7 +21,7 @@ import java.util.List; @Validated public interface RoleApi { - @Operation(summary = "API to create role", + @Operation(summary = "Api to create role", responses = { @ApiResponse(responseCode = "200", description = "OK"), @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = { @@ -36,7 +36,7 @@ public interface RoleApi { @Parameter(description = " Role request object", required = true) @Valid @RequestBody RoleReq roleReq); - @Operation(summary = "API to update role", + @Operation(summary = "Api to update role", responses = { @ApiResponse(responseCode = "200", description = "OK"), @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = { @@ -51,7 +51,7 @@ public interface RoleApi { @Parameter(description = "The role ID", required = true) @PathVariable("roleId") Long roleId, @Parameter(description = "Role request object", required = true) @Valid @RequestBody RoleReq roleReq); - @Operation(summary = "API to get role by id", + @Operation(summary = "Api to get role by id", responses = { @ApiResponse(responseCode = "200", description = "OK"), @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = { @@ -65,7 +65,7 @@ public interface RoleApi { ResponseEntity> getRoleById( @Parameter(description = "The role ID", required = true) @PathVariable("roleId") Long roleId); - @Operation(summary = "API to get all roles", + @Operation(summary = "Api to get all roles", responses = { @ApiResponse(responseCode = "200", description = "OK"), @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = { @@ -78,7 +78,7 @@ public interface RoleApi { produces = { "application/json" }) ResponseEntity>> getAllRoles(); - @Operation(summary = "API to delete role", + @Operation(summary = "Api to delete role", responses = { @ApiResponse(responseCode = "200", description = "OK"), @ApiResponse(responseCode = "404", description = "Not Found", content = @Content(mediaType = MediaType.APPLICATION_JSON_VALUE, examples = { diff --git a/src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/GlobalExceptionHandler.java b/src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/GlobalExceptionHandler.java index bf5d7123..addb9a99 100644 --- a/src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/GlobalExceptionHandler.java +++ b/src/main/java/net/gepafin/tendermanagement/web/rest/api/errors/GlobalExceptionHandler.java @@ -16,6 +16,7 @@ import org.springframework.web.bind.annotation.ResponseBody; import org.springframework.web.bind.annotation.ResponseStatus; import org.springframework.http.ResponseEntity; import org.springframework.security.authentication.BadCredentialsException; +import org.springframework.security.authorization.AuthorizationDeniedException; import org.springframework.security.core.AuthenticationException; import org.springframework.validation.FieldError; import org.springframework.validation.ObjectError; @@ -59,7 +60,7 @@ public class GlobalExceptionHandler { } @ResponseStatus(value = HttpStatus.UNAUTHORIZED) - @ExceptionHandler(UnauthorizedAccessException.class) + @ExceptionHandler({ UnauthorizedAccessException.class, AuthorizationDeniedException.class }) @ResponseBody public Response unauthorizedAccessException(final Throwable ex) { log.error(ex.getMessage());