Merge branch 'master' of https://github.com/mehedikhan72/pathfinder-api

# Conflicts: # src/main/java/com/amplifiers/pathfinder/entity/gig/GigService.java
mehedikhan72 · Aug 29, 2024 · 62e5bc1 · 62e5bc1
2 parents 3b9a3ce + 125f8a8
commit 62e5bc1
Show file tree

Hide file tree

Showing 10 changed files with 198 additions and 163 deletions.
diff --git a/src/main/java/com/amplifiers/pathfinder/config/SecurityConfiguration.java b/src/main/java/com/amplifiers/pathfinder/config/SecurityConfiguration.java
@@ -1,9 +1,13 @@
 package com.amplifiers.pathfinder.config;
 
 import com.amplifiers.pathfinder.auth.CustomAuthenticationEntryPoint;
+import com.amplifiers.pathfinder.exception.GlobalExceptionHandler;
+import com.fasterxml.jackson.databind.ObjectMapper;
 import lombok.RequiredArgsConstructor;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
 import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity;
 import org.springframework.security.config.annotation.web.builders.HttpSecurity;
@@ -17,6 +21,8 @@
 import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
 
 import java.util.Arrays;
+import java.util.HashMap;
+import java.util.Map;
 
 import static com.amplifiers.pathfinder.entity.user.Permission.*;
 import static com.amplifiers.pathfinder.entity.user.Role.ADMIN;
@@ -47,13 +53,13 @@ public class SecurityConfiguration {
     private final AuthenticationProvider authenticationProvider;
     private final LogoutService logoutService;
     private final CustomAuthenticationEntryPoint customAuthenticationEntryPoint;
-
+    private final GlobalExceptionHandler globalExceptionHandler;
 
     @Bean
     public CorsConfigurationSource corsConfigurationSource() {
         CorsConfiguration configuration = new CorsConfiguration();
         configuration.setAllowedOriginPatterns(Arrays.asList("*"));
-        configuration.setAllowedMethods(Arrays.asList("GET","POST","PATCH", "PUT", "DELETE", "OPTIONS", "HEAD"));
+        configuration.setAllowedMethods(Arrays.asList("GET", "POST", "PATCH", "PUT", "DELETE", "OPTIONS", "HEAD"));
         configuration.setAllowCredentials(true);
         configuration.setAllowedHeaders(Arrays.asList("*"));
         configuration.setExposedHeaders(Arrays.asList("X-Get-Header"));
@@ -65,7 +71,7 @@ public CorsConfigurationSource corsConfigurationSource() {
     @Bean
     public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
         http
-                .cors((cors)->cors.configurationSource(corsConfigurationSource()))
+                .cors((cors) -> cors.configurationSource(corsConfigurationSource()))
                 .csrf(AbstractHttpConfigurer::disable)
                 .authorizeHttpRequests(req ->
                         req.requestMatchers(WHITE_LIST_URL)
@@ -88,7 +94,17 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
                 )
                 .exceptionHandling(exceptionHandling ->
                         exceptionHandling
-                                .defaultAuthenticationEntryPointFor(customAuthenticationEntryPoint, request -> true)
+                                .authenticationEntryPoint(customAuthenticationEntryPoint) // 401 Unauthorized
+                                .accessDeniedHandler((request, response, accessDeniedException) -> { // 403 Forbidden
+                                    response.setContentType(MediaType.APPLICATION_JSON_VALUE);
+                                    response.setStatus(HttpStatus.FORBIDDEN.value());
+                                    Map<String, Object> body = new HashMap<>();
+                                    body.put("status_code", HttpStatus.FORBIDDEN.value());
+                                    body.put("error", "Forbidden");
+                                    body.put("message", "Access denied. You do not have permission to access this resource.");
+                                    body.put("path", request.getServletPath());
+                                    new ObjectMapper().writeValue(response.getOutputStream(), body);
+                                })
                 );
         return http.build();
     }

diff --git a/src/main/java/com/amplifiers/pathfinder/entity/enrollment/EnrollmentService.java b/src/main/java/com/amplifiers/pathfinder/entity/enrollment/EnrollmentService.java
@@ -83,6 +83,9 @@ public Enrollment createEnrollment(EnrollmentCreateRequest request, Integer gigI
 
         Enrollment savedEnrollment = enrollmentRepository.save(enrollment);
 
+        gig.setScore(gig.getScore() + 5);
+        gigRepository.save(gig);
+
         // Sending notification to receiver
         String notificationTxt = savedEnrollment.getGig().getSeller().getFullName()
                 + " has offered you a new enrollment.";

diff --git a/src/main/java/com/amplifiers/pathfinder/entity/gig/Gig.java b/src/main/java/com/amplifiers/pathfinder/entity/gig/Gig.java
@@ -9,19 +9,19 @@
 import jakarta.persistence.*;
 import jakarta.validation.constraints.NotBlank;
 import jakarta.validation.constraints.NotNull;
-import java.time.OffsetDateTime;
-import java.util.List;
-import java.util.Set;
 import lombok.AllArgsConstructor;
 import lombok.Builder;
 import lombok.Data;
 import lombok.NoArgsConstructor;
 import org.hibernate.annotations.Formula;
 import org.hibernate.annotations.OnDelete;
 import org.hibernate.annotations.OnDeleteAction;
-import org.springframework.data.annotation.CreatedDate;
 import org.springframework.data.jpa.domain.support.AuditingEntityListener;
 
+import java.time.OffsetDateTime;
+import java.util.List;
+import java.util.Set;
+
 @Data
 @Builder
 @NoArgsConstructor
@@ -52,25 +52,25 @@ public class Gig {
     private String offerText;
 
     @Formula(
-        """
-        (select avg(r.rating) from review r where r.gig_id = id)
-        """
+            """
+                    (select avg(r.rating) from review r where r.gig_id = id)
+                    """
     )
     @Basic(fetch = FetchType.LAZY)
     private Float rating;
 
     @Formula(
-        """
-        (select count(*) from enrollment e where e.gig_id = id and e.paid)
-        """
+            """
+                    (select count(*) from enrollment e where e.gig_id = id and e.paid)
+                    """
     )
     //    @Basic(fetch = FetchType.LAZY)
     private Integer totalOrders;
 
     private boolean accepted;
 
     // @JsonIgnore
-    @JsonIgnoreProperties({ "hibernateLazyInitializer", "handler" })
+    @JsonIgnoreProperties({"hibernateLazyInitializer", "handler"})
     @ManyToOne(fetch = FetchType.LAZY)
     @JoinColumn(name = "userId")
     @OnDelete(action = OnDeleteAction.CASCADE)
@@ -104,4 +104,6 @@ public class Gig {
     // a number of gigs will be featured every once in a while. there will be rolling substitution.
     // TODO: improve featured idea later.
     //    private boolean featured;
+
+    private Integer score = 0;
 }