From 9a6e8e14782e638a5e3d8c2dbfaffa19690b21ee Mon Sep 17 00:00:00 2001 From: Anton Romanov Date: Tue, 15 Apr 2025 22:43:34 +0400 Subject: [PATCH] #21 -- Fix permissions --- .../ulstu/report/controller/ReportValueController.java | 6 +++++- .../java/ru/ulstu/report/service/ReportValueService.java | 9 ++++++++- src/main/resources/templates/report/editReportValue.html | 4 ++-- 3 files changed, 15 insertions(+), 4 deletions(-) diff --git a/src/main/java/ru/ulstu/report/controller/ReportValueController.java b/src/main/java/ru/ulstu/report/controller/ReportValueController.java index 8d0e6bd..b77e4b0 100644 --- a/src/main/java/ru/ulstu/report/controller/ReportValueController.java +++ b/src/main/java/ru/ulstu/report/controller/ReportValueController.java @@ -7,6 +7,7 @@ import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.PostMapping; import org.springframework.web.bind.annotation.RequestMapping; +import ru.ulstu.aspirant.service.AspirantService; import ru.ulstu.report.model.dto.ReportValueDto; import ru.ulstu.report.service.ReportValueService; @@ -16,9 +17,11 @@ import java.io.IOException; @RequestMapping("report-value") public class ReportValueController { private final ReportValueService reportValueService; + private final AspirantService aspirantService; - public ReportValueController(ReportValueService reportValueService) { + public ReportValueController(ReportValueService reportValueService, AspirantService aspirantService) { this.reportValueService = reportValueService; + this.aspirantService = aspirantService; } @GetMapping("edit-report-value/{reportId}/{indicatorId}") @@ -26,6 +29,7 @@ public class ReportValueController { @PathVariable("indicatorId") Integer indicatorId, Model model) { model.addAttribute("reportValue", reportValueService.getByIndicatorId(reportId, indicatorId)); + model.addAttribute("canEdit", reportValueService.canEdit(reportId)); return "report/editReportValue"; } diff --git a/src/main/java/ru/ulstu/report/service/ReportValueService.java b/src/main/java/ru/ulstu/report/service/ReportValueService.java index a4fb6d8..017675c 100644 --- a/src/main/java/ru/ulstu/report/service/ReportValueService.java +++ b/src/main/java/ru/ulstu/report/service/ReportValueService.java @@ -7,6 +7,7 @@ import ru.ulstu.indicator.service.IndicatorService; import ru.ulstu.report.model.ReportValue; import ru.ulstu.report.model.dto.ReportValueDto; import ru.ulstu.report.repository.ReportValueRepository; +import ru.ulstu.user.UserService; import java.io.IOException; import java.util.List; @@ -17,15 +18,17 @@ public class ReportValueService { private final IndicatorService indicatorService; private final FileService fileService; private final ReportService reportService; + private final UserService userService; public ReportValueService(ReportValueRepository reportValueRepository, IndicatorService indicatorService, FileService fileService, - ReportService reportService) { + ReportService reportService, UserService userService) { this.reportValueRepository = reportValueRepository; this.indicatorService = indicatorService; this.fileService = fileService; this.reportService = reportService; + this.userService = userService; } public ReportValue saveReportValue(ReportValueDto reportValueDto) throws IOException { @@ -66,4 +69,8 @@ public class ReportValueService { } return new ReportValueDto(reportValue, reportId); } + + public boolean canEdit(Integer reportId) { + return reportService.getReportById(reportId).getAspirant().getUser().equals(userService.getCurrentUser()); + } } diff --git a/src/main/resources/templates/report/editReportValue.html b/src/main/resources/templates/report/editReportValue.html index 498fc7e..dbd2ecf 100644 --- a/src/main/resources/templates/report/editReportValue.html +++ b/src/main/resources/templates/report/editReportValue.html @@ -11,7 +11,7 @@ -
+
@@ -34,7 +34,7 @@
-