Bladeren bron

update project dupl sebelum auth?
add platform project name salah -> trim?
add member project not found

athrainsky 11 maanden geleden
bovenliggende
commit
3c495e5ee7

+ 4 - 3
qc.txt

@@ -1,5 +1,6 @@
-
-
+	update project dupl sebelum auth?
+	add platform project name salah -> trim?
+	add member project not found
 
 Ownersip 
 - user yang membuat project otomatis menjadi owner dari project tsb -> spring
@@ -23,7 +24,7 @@ Rights lain menyusul setelah ada table bug.
 
 
 insert  into `user`(`user_id`,`name`,`password`,`username`) values 
-(1,'test user','$2a$10$Y8LgDPJiAsbw7n5pURhGVOmi5.LWpfJaX7ZgSDbjsQXEnsCFPdhB2','user'),
+(1,'test user','$2a$10$Y8LgDPJiAsbw7n5pURhGVOmi5.LWpfJaX7ZgSDbjsQXEnsCFPdhB2','user')
 
 /projects
 get		200	ok

+ 22 - 19
src/main/kotlin/com/swagger/rest/controllers/MemberController.kt

@@ -24,7 +24,7 @@ class MemberController(
         return if (memberData.isNotEmpty()) {
             ResponseEntity<List<ProjectMember>>(memberData, HttpStatus.OK)
         } else {
-            ResponseEntity<List<ProjectMember>>(HttpStatus.NOT_FOUND)
+            arrayOf<String>()
         }
     }
 
@@ -34,7 +34,7 @@ class MemberController(
         return if (memberData.isPresent) {
             ResponseEntity<ProjectMember>(memberData.get(), HttpStatus.OK)
         } else {
-            ResponseEntity<ProjectMember>(HttpStatus.NOT_FOUND)
+            arrayOf<String>()
         }
     }
 
@@ -77,26 +77,29 @@ class MemberController(
             val user = userRepository.findById(member.user_id!!.toLong())
             val validOwner = projectRepository.validOwner(id.toString(), userId.id.toString())
             val validAdmin = memberRepository.validRole(id.toString(), userId.id.toString(), "2")
-            if (validOwner > 0 || validAdmin > 0) {
-                if (enumValues<Member>().any { it.name == member.role!!.uppercase() }) {
-                    val role = Member.valueOf(member.role!!.uppercase()).ordinal
-                    val dup = memberRepository.findDup(id.toString(), role.toString(), member.user_id.toString()).size
-                    if (found.isEmpty || user.isEmpty) {
-                        ResponseEntity<ProjectMember>(HttpStatus.NOT_FOUND)
-                    } else if (dup > 0) {//duplicate
-                        ResponseEntity<ProjectMember>(HttpStatus.CONFLICT)
-                    } else {
-                        val saveMember = ProjectMember()
-                        saveMember.project_id = found.get()
-                        saveMember.user_id = user.get()
-                        saveMember.role = role
-                        ResponseEntity<ProjectMember>(memberRepository.save(saveMember), HttpStatus.CREATED)
+            if (found.isPresent && user.isPresent) {
+                if (validOwner > 0 || validAdmin > 0) {
+                    if (enumValues<Member>().any { it.name == member.role!!.uppercase() }) {
+                        val role = Member.valueOf(member.role!!.uppercase()).ordinal
+                        val dup =
+                            memberRepository.findDup(id.toString(), role.toString(), member.user_id.toString()).size
+                        if (dup > 0) {//duplicate
+                            ResponseEntity<ProjectMember>(HttpStatus.CONFLICT)
+                        } else {
+                            val saveMember = ProjectMember()
+                            saveMember.project_id = found.get()
+                            saveMember.user_id = user.get()
+                            saveMember.role = role
+                            ResponseEntity<ProjectMember>(memberRepository.save(saveMember), HttpStatus.CREATED)
+                        }
+                    } else {// invalid
+                        ResponseEntity<ProjectMember>(HttpStatus.BAD_REQUEST)
                     }
-                } else {// invalid
-                    ResponseEntity<ProjectMember>(HttpStatus.BAD_REQUEST)
+                } else {
+                    ResponseEntity<ProjectMember>(HttpStatus.FORBIDDEN)
                 }
             } else {
-                ResponseEntity<ProjectMember>(HttpStatus.FORBIDDEN)
+                ResponseEntity<ProjectMember>(HttpStatus.NOT_FOUND)
             }
         } catch (e: Exception) {
             ResponseEntity<ProjectMember>(null, HttpStatus.INTERNAL_SERVER_ERROR)

+ 8 - 8
src/main/kotlin/com/swagger/rest/controllers/PlatformController.kt

@@ -53,10 +53,8 @@ class PlatformController(
     fun addPlatformByProjectId(
         @RequestBody platform: PlatformInput
     ): ResponseEntity<Platform> {
-        val proj = projectRepository.findByNameContaining(platform.project_name).size
-        return if (proj == 0 || platform.project_name!!.isBlank()) {
-            ResponseEntity<Platform>(HttpStatus.NOT_FOUND)
-        } else if (platform.project_name!!.isNotEmpty()) {
+        val proj = (projectRepository.countByName(platform.project_name))
+        return if (proj > 0 && platform.project_name!!.isNotBlank()) {
             val foundProject = projectRepository.findByName(platform.project_name)
             val found = platformRepository.findByName(platform.name, foundProject.id.toString()).size
             val userId = userRepository.getUserByUsername(SecurityContextHolder.getContext().authentication.name)
@@ -81,13 +79,13 @@ class PlatformController(
                 ResponseEntity<Platform>(HttpStatus.FORBIDDEN)
             }
         } else {
-            ResponseEntity<Platform>(null, HttpStatus.INTERNAL_SERVER_ERROR)
+            ResponseEntity<Platform>(HttpStatus.NOT_FOUND)
         }
     }
 
     @PutMapping("/platforms/{id}")
     fun updatePlatformById(@PathVariable("id") id: Long, @RequestBody input: PlatformInput): Any {
-        val targetProj = projectRepository.findByNameContaining(input.project_name).size
+        val targetProj = projectRepository.countByName(input.project_name)
         return if (targetProj > 0) {
             val targetProject = projectRepository.findByName(input.project_name)//target project
             val platformExist = platformRepository.findById(id)//exist data
@@ -129,8 +127,10 @@ class PlatformController(
             if (count) {
                 val find = platformRepository.findById(id)
                 val userId = userRepository.getUserByUsername(SecurityContextHolder.getContext().authentication.name)
-                val validOwner = projectRepository.validOwner(find.get().project_id!!.id.toString(), userId.id.toString())
-                val validAdmin = memberRepository.validRole(find.get().project_id!!.id.toString(), userId.id.toString(), "2")
+                val validOwner =
+                    projectRepository.validOwner(find.get().project_id!!.id.toString(), userId.id.toString())
+                val validAdmin =
+                    memberRepository.validRole(find.get().project_id!!.id.toString(), userId.id.toString(), "2")
                 if (validOwner > 0 || validAdmin > 0) {
                     if (find.isPresent) {
                         platformRepository.deleteById(id)

+ 21 - 19
src/main/kotlin/com/swagger/rest/controllers/ProjectController.kt

@@ -48,7 +48,7 @@ class ProjectController(
     @PostMapping("/projects")
     fun addProject(@RequestBody project: Project): ResponseEntity<Project> {
         return try {
-            val found = projectRepository.findByNameContaining(project.name).size
+            val found = projectRepository.countByName(project.name)
             if (project.name.isNotBlank()) {
                 if (project.name.length > 100 || project.description!!.length > 255) {//too long
                     ResponseEntity<Project>(HttpStatus.PAYLOAD_TOO_LARGE)
@@ -73,31 +73,33 @@ class ProjectController(
     @PutMapping("/projects/{id}")
     fun updateProjectById(@PathVariable("id") id: Long, @RequestBody project: Project): ResponseEntity<out Any?> {
         val projectData = projectRepository.findById(id)
-        val found = projectRepository.findByNameContaining(project.name).size
+        val found = projectRepository.countByName(project.name)
         val userId = userRepository.getUserByUsername(SecurityContextHolder.getContext().authentication.name)
         val validOwner = projectRepository.validOwner(id.toString(), userId.id.toString())
         val validAdmin = memberRepository.validRole(id.toString(), userId.id.toString(), "2")
-        return if (validOwner > 0 || validAdmin > 0) {
-            if (project.name.isNotBlank()) {
-                if (project.name.length > 100 || project.description!!.length > 255) {//too long
-                    ResponseEntity<Project>(HttpStatus.PAYLOAD_TOO_LARGE)
-                } else if (projectData.isPresent) {
-                    if ((project.name == projectData.get().name && found > 0) || (project.name !== projectData.get().name && found == 0)) {
-                        val saveProject = projectData.get()
-                        saveProject.name = project.name.trim()
-                        saveProject.description = project.description
-                        ResponseEntity<Any?>(projectRepository.save(saveProject), HttpStatus.OK)
-                    } else {//duplicate
-                        ResponseEntity<Project>(HttpStatus.CONFLICT)
+        return if (projectData.isPresent) {
+            if (validOwner > 0 || validAdmin > 0) {
+                if (project.name.isNotBlank()) {
+                    if (project.name.length > 100 || project.description!!.length > 255) {//too long
+                        ResponseEntity<Project>(HttpStatus.PAYLOAD_TOO_LARGE)
+                    } else {
+                        if ((project.name == projectData.get().name && found > 0) || (project.name !== projectData.get().name && found == 0)) {
+                            val saveProject = projectData.get()
+                            saveProject.name = project.name.trim()
+                            saveProject.description = project.description
+                            ResponseEntity<Any?>(projectRepository.save(saveProject), HttpStatus.OK)
+                        } else {//duplicate
+                            ResponseEntity<Project>(HttpStatus.CONFLICT)
+                        }
                     }
-                } else {//target invalid
-                    ResponseEntity<Project?>(HttpStatus.NOT_FOUND)
+                } else {//name invalid
+                    ResponseEntity<Project?>(HttpStatus.BAD_REQUEST)
                 }
-            } else {//name invalid
-                ResponseEntity<Project?>(HttpStatus.BAD_REQUEST)
+            } else {
+                ResponseEntity<Project>(HttpStatus.FORBIDDEN)
             }
         } else {
-            ResponseEntity<Project>(HttpStatus.FORBIDDEN)
+            ResponseEntity<Project?>(HttpStatus.NOT_FOUND)
         }
     }
 

+ 13 - 8
src/main/kotlin/com/swagger/rest/controllers/UserController.kt

@@ -101,16 +101,21 @@ class UserController(
         val userId = userRepository.getUserByUsername(SecurityContextHolder.getContext().authentication.name)
         val validAdmin = memberRepository.validRole("", userId.id.toString(), "2")
         val targetRole = memberRepository.validRole("", id.toString(), "2")
+        val notSelf = userRepository.countByUser(id.toString(), SecurityContextHolder.getContext().authentication.name)
         return try {
-            if (validAdmin > 0 && targetRole > 0) {
-                ResponseEntity(HttpStatus.FORBIDDEN)
-            } else if (used > 0) {
-                ResponseEntity(HttpStatus.RESET_CONTENT)
-            } else if (find.isPresent) {
-                userRepository.deleteById(id)
-                ResponseEntity(HttpStatus.OK)
+            if (notSelf == 0) {
+                if (validAdmin > 0 && targetRole > 0) {
+                    ResponseEntity(HttpStatus.FORBIDDEN)
+                } else if (used > 0) {
+                    ResponseEntity(HttpStatus.RESET_CONTENT)
+                } else if (find.isPresent) {
+                    userRepository.deleteById(id)
+                    ResponseEntity(HttpStatus.OK)
+                } else {
+                    ResponseEntity(HttpStatus.NOT_FOUND)
+                }
             } else {
-                ResponseEntity(HttpStatus.NOT_FOUND)
+                ResponseEntity(HttpStatus.FORBIDDEN)
             }
         } catch (e: Exception) {
             ResponseEntity(HttpStatus.INTERNAL_SERVER_ERROR)

+ 3 - 0
src/main/kotlin/com/swagger/rest/repositories/ProjectRepository.kt

@@ -10,6 +10,9 @@ interface ProjectRepository : JpaRepository<Project, Long> {
 
     fun findByName(name: String?): Project
 
+    @Query("SELECT COUNT(0) FROM project WHERE name=?1", nativeQuery = true)
+    fun countByName(name: String?): Int
+
     @Query("SELECT COUNT(0) FROM project WHERE project_id=?1 AND owner=?2", nativeQuery = true)
     fun validOwner(project: String?, owner: String?): Int
 }

+ 3 - 0
src/main/kotlin/com/swagger/rest/repositories/UserRepository.kt

@@ -9,4 +9,7 @@ interface UserRepository:JpaRepository<User, Long> {
     fun getUserByUsername(username: String): User
 
     fun findByUsernameContaining(username:String?):List<User>
+
+    @Query("SELECT COUNT(0) FROM user where user_id=?1 AND username=?2", nativeQuery = true)
+    fun countByUser(userId: String, username: String): Int
 }

+ 0 - 2
swagger3 project.yml

@@ -130,8 +130,6 @@ paths:
           $ref: '#/components/responses/getArrayMember'
         401:
           $ref: '#/components/responses/UnauthorizedError'
-        404:
-          $ref: '#/components/responses/404'
       security:
       - testAuth: []
     post: