From a4f2cf2fcb09a557b61212749b5bc685dd26e1e2 Mon Sep 17 00:00:00 2001 From: Anton Romanov Date: Wed, 26 Feb 2025 12:03:11 +0400 Subject: [PATCH 1/4] #6 -- Check permissions to the fuzzy rule --- .../ru/ulstu/fc/rule/service/FuzzyRuleService.java | 14 ++++++++++---- 1 file changed, 10 insertions(+), 4 deletions(-) diff --git a/src/main/java/ru/ulstu/fc/rule/service/FuzzyRuleService.java b/src/main/java/ru/ulstu/fc/rule/service/FuzzyRuleService.java index 8093133..bde8fb2 100644 --- a/src/main/java/ru/ulstu/fc/rule/service/FuzzyRuleService.java +++ b/src/main/java/ru/ulstu/fc/rule/service/FuzzyRuleService.java @@ -11,15 +11,18 @@ public class FuzzyRuleService { private final FuzzyRuleRepository ruleRepository; private final ProjectService projectService; - public FuzzyRuleService(FuzzyRuleRepository ruleRepository, ProjectService projectService) { + public FuzzyRuleService(FuzzyRuleRepository ruleRepository, + ProjectService projectService) { this.ruleRepository = ruleRepository; this.projectService = projectService; } public FuzzyRule getById(Integer id) { - return ruleRepository + FuzzyRule fuzzyRule = ruleRepository .findById(id) .orElseThrow(() -> new RuntimeException("Rule not found by id")); + checkIsCurrentUserFuzzyRuleWithThrow(fuzzyRule); + return fuzzyRule; } public FuzzyRule save(FuzzyRuleForm ruleForm) { @@ -35,7 +38,10 @@ public class FuzzyRuleService { } public void delete(FuzzyRuleForm ruleForm) { - getById(ruleForm.getId()); - ruleRepository.deleteById(ruleForm.getId()); + ruleRepository.delete(getById(ruleForm.getId())); + } + + public void checkIsCurrentUserFuzzyRuleWithThrow(FuzzyRule fuzzyRule) { + projectService.checkIsCurrentUserProjectWithThrow(fuzzyRule.getProject()); } } -- 2.34.1 From d5a6074e1f1b39fbf0d067350ea3cb587e1e9dbc Mon Sep 17 00:00:00 2001 From: Anton Romanov Date: Wed, 26 Feb 2025 12:03:34 +0400 Subject: [PATCH 2/4] #6 -- Check permissions to the project --- .../java/ru/ulstu/fc/project/service/ProjectService.java | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/src/main/java/ru/ulstu/fc/project/service/ProjectService.java b/src/main/java/ru/ulstu/fc/project/service/ProjectService.java index 39a9cb5..e41034e 100644 --- a/src/main/java/ru/ulstu/fc/project/service/ProjectService.java +++ b/src/main/java/ru/ulstu/fc/project/service/ProjectService.java @@ -28,7 +28,7 @@ public class ProjectService { Project project = projectRepository .findById(id) .orElseThrow(() -> new RuntimeException("Project not found by id")); - checkUserProjectWithThrow(project, userService.getCurrentUser()); + checkIsCurrentUserProjectWithThrow(project); return project; } @@ -52,8 +52,8 @@ public class ProjectService { projectRepository.deleteById(projectForm.getId()); } - private void checkUserProjectWithThrow(Project project, User currentUser) { - if (!isUserProject(project, currentUser)) { + public void checkIsCurrentUserProjectWithThrow(Project project) { + if (!isUserProject(project, userService.getCurrentUser())) { throw new RuntimeException("User can not get access to project"); } } -- 2.34.1 From 0093416e6c3154d189934b4008262c98a9377459 Mon Sep 17 00:00:00 2001 From: Anton Romanov Date: Wed, 26 Feb 2025 12:04:12 +0400 Subject: [PATCH 3/4] #6 -- Check permissions to the variable --- .../ru/ulstu/fc/rule/service/VariableService.java | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) diff --git a/src/main/java/ru/ulstu/fc/rule/service/VariableService.java b/src/main/java/ru/ulstu/fc/rule/service/VariableService.java index 20cc790..732aebb 100644 --- a/src/main/java/ru/ulstu/fc/rule/service/VariableService.java +++ b/src/main/java/ru/ulstu/fc/rule/service/VariableService.java @@ -14,15 +14,18 @@ public class VariableService { private final VariableRepository variableRepository; private final ProjectService projectService; - public VariableService(VariableRepository variableRepository, ProjectService projectService) { + public VariableService(VariableRepository variableRepository, + ProjectService projectService) { this.variableRepository = variableRepository; this.projectService = projectService; } public Variable getById(Integer id) { - return variableRepository + Variable variable = variableRepository .findById(id) .orElseThrow(() -> new RuntimeException("Variable not found by id")); + checkIsCurrentUserVariableWithThrow(variable); + return variable; } public Variable save(VariableForm variableForm) { @@ -65,4 +68,8 @@ public class VariableService { public List getAllByProject(Integer projectId) { return variableRepository.getByProject(projectService.getById(projectId)); } + + public void checkIsCurrentUserVariableWithThrow(Variable variable) { + projectService.checkIsCurrentUserProjectWithThrow(variable.getProject()); + } } -- 2.34.1 From 4bec9ee87070c237b2a5c31423df337d365d3b53 Mon Sep 17 00:00:00 2001 From: Anton Romanov Date: Wed, 26 Feb 2025 12:04:37 +0400 Subject: [PATCH 4/4] #6 -- Check permissions to the terms --- .../controller/FuzzyTermRestController.java | 13 +++++------ .../rule/repository/FuzzyTermRepository.java | 5 +++++ .../fc/rule/service/FuzzyTermService.java | 22 ++++++++++++++----- 3 files changed, 26 insertions(+), 14 deletions(-) diff --git a/src/main/java/ru/ulstu/fc/rule/controller/FuzzyTermRestController.java b/src/main/java/ru/ulstu/fc/rule/controller/FuzzyTermRestController.java index 4247ef5..96d8075 100644 --- a/src/main/java/ru/ulstu/fc/rule/controller/FuzzyTermRestController.java +++ b/src/main/java/ru/ulstu/fc/rule/controller/FuzzyTermRestController.java @@ -22,16 +22,13 @@ public class FuzzyTermRestController { this.fuzzyTermService = fuzzyTermService; } - @GetMapping("/list/{projectId}/{variableId}") - public List getList(@PathVariable(value = "projectId") Integer projectId, - @PathVariable(value = "variableId") Integer variableId) { - return fuzzyTermService.getAll(projectId, variableId); + @GetMapping("/list/{variableId}") + public List getList(@PathVariable(value = "variableId") Integer variableId) { + return fuzzyTermService.getAll(variableId); } - @GetMapping("/get/{projectId}/{variableId}/{fuzzyTermId}") - public FuzzyTerm getById(@PathVariable(value = "projectId") Integer projectId, - @PathVariable(value = "variableId") Integer variableId, - @PathVariable(value = "fuzzyTermId") Integer fuzzyTermId) { + @GetMapping("/get/{fuzzyTermId}") + public FuzzyTerm getById(@PathVariable(value = "fuzzyTermId") Integer fuzzyTermId) { return fuzzyTermService.getById(fuzzyTermId); } diff --git a/src/main/java/ru/ulstu/fc/rule/repository/FuzzyTermRepository.java b/src/main/java/ru/ulstu/fc/rule/repository/FuzzyTermRepository.java index 54ca372..7f5f7ff 100644 --- a/src/main/java/ru/ulstu/fc/rule/repository/FuzzyTermRepository.java +++ b/src/main/java/ru/ulstu/fc/rule/repository/FuzzyTermRepository.java @@ -1,8 +1,13 @@ package ru.ulstu.fc.rule.repository; import org.springframework.data.jpa.repository.JpaRepository; +import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.query.Param; import ru.ulstu.fc.rule.model.FuzzyTerm; +import ru.ulstu.fc.rule.model.Variable; public interface FuzzyTermRepository extends JpaRepository { + @Query("SELECT v FROM Variable v LEFT JOIN v.fuzzyTerms ft WHERE ft = :fuzzyTerm") + Variable findByFuzzyTerm(@Param("fuzzyTerm") FuzzyTerm fuzzyTerm); } diff --git a/src/main/java/ru/ulstu/fc/rule/service/FuzzyTermService.java b/src/main/java/ru/ulstu/fc/rule/service/FuzzyTermService.java index 1548f13..7d9fc1e 100644 --- a/src/main/java/ru/ulstu/fc/rule/service/FuzzyTermService.java +++ b/src/main/java/ru/ulstu/fc/rule/service/FuzzyTermService.java @@ -1,6 +1,7 @@ package ru.ulstu.fc.rule.service; import org.springframework.stereotype.Service; +import ru.ulstu.fc.project.service.ProjectService; import ru.ulstu.fc.rule.model.FuzzyTerm; import ru.ulstu.fc.rule.model.FuzzyTermForm; import ru.ulstu.fc.rule.repository.FuzzyTermRepository; @@ -12,20 +13,26 @@ import java.util.List; public class FuzzyTermService { private final FuzzyTermRepository fuzzyTermRepository; private final VariableService variableService; + private final ProjectService projectService; public FuzzyTermService(FuzzyTermRepository fuzzyTermRepository, - VariableService variableService) { + VariableService variableService, + ProjectService projectService) { this.fuzzyTermRepository = fuzzyTermRepository; this.variableService = variableService; + this.projectService = projectService; } public FuzzyTerm getById(Integer id) { - return fuzzyTermRepository + FuzzyTerm fuzzyTerm = fuzzyTermRepository .findById(id) .orElseThrow(() -> new RuntimeException("Term not found by id")); + checkIsCurrentUserFuzzyTermWithThrow(fuzzyTerm); + return fuzzyTerm; } public FuzzyTerm save(FuzzyTermForm fuzzyTermForm) { + variableService.getById(fuzzyTermForm.getVariableId()); FuzzyTerm term; if (fuzzyTermForm.getId() == null || fuzzyTermForm.getId() == 0) { term = new FuzzyTerm(); @@ -39,12 +46,10 @@ public class FuzzyTermService { variableService.addFuzzyTerm(fuzzyTermForm.getVariableId(), ft); } return ft; - } public void delete(FuzzyTermForm fuzzyTermForm) { - getById(fuzzyTermForm.getId()); - fuzzyTermRepository.deleteById(fuzzyTermForm.getId()); + fuzzyTermRepository.delete(getById(fuzzyTermForm.getId())); } public List getByVariableId(Integer variableId) { @@ -54,7 +59,12 @@ public class FuzzyTermService { return variableService.getById(variableId).getFuzzyTerms(); } - public List getAll(Integer projectId, Integer variableId) { + public List getAll(Integer variableId) { + variableService.getById(variableId); return getByVariableId(variableId); } + + public void checkIsCurrentUserFuzzyTermWithThrow(FuzzyTerm fuzzyTerm) { + projectService.checkIsCurrentUserProjectWithThrow(fuzzyTermRepository.findByFuzzyTerm(fuzzyTerm).getProject()); + } } -- 2.34.1