byte/expensetracker
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

add validation

Browse Source
This commit is contained in:
mirrerror
2023-11-15 09:16:27 +02:00
parent 2d981c5af8
commit fb2695e58a
23 changed files with 314 additions and 62 deletions
Download Patch File Download Diff File Expand all files Collapse all files

59
src/main/java/com/faf223/expensetrackerfaf/service/ExpenseService.java
View File

@@ -1,11 +1,15 @@
package com.faf223.expensetrackerfaf.service;
import com.faf223.expensetrackerfaf.model.Credential;
import com.faf223.expensetrackerfaf.model.Expense;
import com.faf223.expensetrackerfaf.model.IMoneyTransaction;
import com.faf223.expensetrackerfaf.model.*;
import com.faf223.expensetrackerfaf.repository.CredentialRepository;
import com.faf223.expensetrackerfaf.repository.ExpenseRepository;
import com.faf223.expensetrackerfaf.repository.UserRepository;
import com.faf223.expensetrackerfaf.util.exceptions.UserNotAuthenticatedException;
import com.faf223.expensetrackerfaf.util.exceptions.UserNotFoundException;
import lombok.RequiredArgsConstructor;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.stereotype.Service;
import java.time.LocalDate;
@@ -20,6 +24,7 @@ public class ExpenseService implements ITransactionService {
private final ExpenseRepository expenseRepository;
private final CredentialRepository credentialRepository;
private final UserRepository userRepository;
public void createOrUpdate(IMoneyTransaction expense) {
expenseRepository.save((Expense) expense);
@@ -40,6 +45,19 @@ public class ExpenseService implements ITransactionService {
return expenseRepository.findByDate(date);
}
@Override
public List<Expense> getTransactionsByDate(LocalDate date, String email) {
return getTransactionsByDate(date)
.stream()
.filter(transaction -> {
Optional<Credential> credential = credentialRepository.findByEmail(email);
if(credential.isEmpty())
throw new UserNotFoundException("The user has not been found");
return credential.get().getUser().equals(transaction.getUser());
})
.toList();
}
// TODO: store transaction month in a separate field in the DB and change this logic
@Override
public List<Expense> getTransactionsByMonth(Month month) {
@@ -49,6 +67,19 @@ public class ExpenseService implements ITransactionService {
return expenseRepository.findByDateBetween(startOfMonth, endOfMonth);
}
@Override
public List<Expense> getTransactionsByMonth(Month month, String email) {
return getTransactionsByMonth(month)
.stream()
.filter(transaction -> {
Optional<Credential> credential = credentialRepository.findByEmail(email);
if(credential.isEmpty())
throw new UserNotFoundException("The user has not been found");
return credential.get().getUser().equals(transaction.getUser());
})
.toList();
}
public List<Expense> getTransactions() {
return expenseRepository.findAll();
}
@@ -60,4 +91,26 @@ public class ExpenseService implements ITransactionService {
public void deleteTransactionById(long id) {
expenseRepository.deleteById(id);
}
@Override
public boolean belongsToUser(IMoneyTransaction transaction) {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (authentication != null && authentication.getPrincipal() instanceof UserDetails userDetails) {
if(authentication.getAuthorities().stream().noneMatch(authority -> authority.getAuthority().equals("ADMIN"))) {
Optional<Credential> credential = credentialRepository.findByEmail(userDetails.getUsername());
if(credential.isEmpty()) throw new UserNotFoundException("The user has not been found");
Optional<User> user = userRepository.findById(credential.get().getUser().getUserUuid());
if(user.isEmpty()) throw new UserNotFoundException("The user has not been found");
return user.get().getExpenses().contains((Expense) transaction);
}
}
throw new UserNotAuthenticatedException("You are not authenticated");
}
}