Feature disable user birthdate change during event (#517)

* add rfidlink check when updating profile and disable date editing when link is present * clean up test file by reordering new tests to bottom * add comments to changed method * add information message for the user * change jpa query to exist and use it through Service * change profile change event to return bad request during event * remove bad request method and place it in line * update test by testing for no profile changes * remove unused imports * fix indentation in UserRestIntegraton.java * add rfidRepo test * add RFID service test
AreaFiftyLAN · Feb 16, 2020 · 378258b · 378258b
1 parent 1b95bb3
commit 378258b
Show file tree

Hide file tree

Showing 8 changed files with 116 additions and 10 deletions.
diff --git a/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDLinkRepository.java b/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDLinkRepository.java
@@ -28,4 +28,6 @@ public interface RFIDLinkRepository extends JpaRepository<RFIDLink, Long> {
     Optional<RFIDLink> findByRfid(String rfid);
 
     Optional<RFIDLink> findByTicketId(Long ticketId);
+
+    boolean existsRFIDLinkByTicket_Owner_Email(String email);
 }
diff --git a/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDService.java b/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDService.java
@@ -37,4 +37,6 @@ public interface RFIDService {
     RFIDLink removeRFIDLink(Long ticketId);
 
     boolean isTicketLinked(Long ticketId);
+
+    boolean isOwnerLinked(String email);
 }
diff --git a/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDServiceImpl.java b/src/main/java/ch/wisv/areafiftylan/extras/rfid/service/RFIDServiceImpl.java
@@ -100,6 +100,11 @@ public boolean isTicketLinked(Long ticketId) {
         return rfidLinkRepository.findByTicketId(ticketId).isPresent();
     }
 
+    @Override
+    public boolean isOwnerLinked(String email) {
+        return rfidLinkRepository.existsRFIDLinkByTicket_Owner_Email(email);
+    }
+
     private boolean isValidRfid(String rfid) {
         return rfid.length() == RFID_CHAR_COUNT;
     }

diff --git a/src/main/java/ch/wisv/areafiftylan/users/controller/UserProfileRestController.java b/src/main/java/ch/wisv/areafiftylan/users/controller/UserProfileRestController.java
@@ -17,6 +17,7 @@
 
 package ch.wisv.areafiftylan.users.controller;
 
+import ch.wisv.areafiftylan.extras.rfid.service.RFIDService;
 import ch.wisv.areafiftylan.users.model.Profile;
 import ch.wisv.areafiftylan.users.model.ProfileDTO;
 import ch.wisv.areafiftylan.users.model.User;
@@ -29,26 +30,29 @@
 import org.springframework.validation.annotation.Validated;
 import org.springframework.web.bind.annotation.*;
 
+import java.time.LocalDate;
+
 import static ch.wisv.areafiftylan.utils.ResponseEntityBuilder.createResponseEntity;
 
 @RestController
 @RequestMapping("/users")
 public class UserProfileRestController {
 
     private final UserService userService;
+    private final RFIDService rfidService;
 
     @Autowired
-    UserProfileRestController(UserService userService) {
+    UserProfileRestController(UserService userService, RFIDService rfidService) {
         this.userService = userService;
+        this.rfidService = rfidService;
     }
 
     /**
-     * Add a profile to a user. An empty profile is created when a user is created, so this method fills the existing
-     * fields
+     * Add a profile to a user. An empty profile is created when a user is created, so this method
+     * fills the existing fields
      *
      * @param userId The userId of the user to which the profile needs to be added
      * @param input  A representation of the profile
-     *
      * @return The user with the new profile
      */
     @PreAuthorize("@currentUserServiceImpl.canAccessUser(principal, #userId)")
@@ -60,16 +64,34 @@ public ResponseEntity<?> addProfile(@PathVariable Long userId, @Validated @Reque
     }
 
     /**
-     * Add a profile to the current user. An empty profile is created when a user is created, so this method fills the
-     * existing fields
+     * Add a profile to the current user. An empty profile is created when a user is created, so
+     * this method fills the existing fields.
+     * <p>
+     * This method is also called when users change their profile. It is unwanted behaviour that
+     * users can change their birth date during the event. This is checked before writing the
+     * changes in the function
      *
      * @param input A representation of the profile
-     *
      * @return The user with the new profile
      */
     @PreAuthorize("isAuthenticated()")
     @PostMapping("/current/profile")
     public ResponseEntity<?> addProfile(@AuthenticationPrincipal User user, @Validated @RequestBody ProfileDTO input) {
+        // Check profile for existing rfidLinks
+        boolean isUserCheckedIn = rfidService.isOwnerLinked(user.getEmail());
+
+        if (!isUserCheckedIn) {
+            return this.addProfile(user.getId(), input);
+        }
+
+        LocalDate currentBirthday = user.getProfile().getBirthday();
+        boolean isDateChanged = currentBirthday != input.getBirthday();
+
+        // If rfidLinks are present and the date is changed then return an error
+        if (isDateChanged) {
+            return createResponseEntity(HttpStatus.BAD_REQUEST, "Unable to change date during event", user.getProfile());
+        }
+
         return this.addProfile(user.getId(), input);
     }
 
@@ -78,7 +100,6 @@ public ResponseEntity<?> addProfile(@AuthenticationPrincipal User user, @Validat
      *
      * @param userId The userId of the user to which the profile needs to be added
      * @param input  A representation of the profile
-     *
      * @return The user with the changed profile
      */
     @PreAuthorize("@currentUserServiceImpl.canAccessUser(principal, #userId)")
@@ -90,10 +111,10 @@ public ResponseEntity<?> changeProfile(@PathVariable Long userId, @Validated @Re
     }
 
     /**
-     * Resets the profile fields to null. The profile can't actually be deleted as it is a required field.
+     * Resets the profile fields to null. The profile can't actually be deleted as it is a required
+     * field.
      *
      * @param userId The userId of the user which needs the profile reset
-     *
      * @return Empty body with StatusCode OK.
      */
     @PreAuthorize("hasRole('ADMIN')")

diff --git a/src/test/java/ch/wisv/areafiftylan/integration/RFIDIntegrationTest.java b/src/test/java/ch/wisv/areafiftylan/integration/RFIDIntegrationTest.java
@@ -438,4 +438,21 @@ public void testRemoveRFIDLinkInvalidRFIDAsAdmin() {
             .statusCode(HttpStatus.SC_NOT_FOUND);
         //@formatter:on
     }
+
+    @Test
+    public void testOwnerExistForRFIDLinkAsUser() {
+        User user = createUser();
+        Ticket ticket = createTicketForUser(user);
+        createRfidLink(ticket);
+
+        Assert.assertTrue(rfidLinkRepository.existsRFIDLinkByTicket_Owner_Email(user.getEmail()));
+    }
+
+    @Test
+    public void testOwnerDoesNotExistForRFIDLinkAsUser() {
+        User user = createUser();
+        createTicketForUser(user);
+
+        Assert.assertFalse(rfidLinkRepository.existsRFIDLinkByTicket_Owner_Email(user.getEmail()));
+    }
 }
diff --git a/src/test/java/ch/wisv/areafiftylan/integration/UserRestIntegrationTest.java b/src/test/java/ch/wisv/areafiftylan/integration/UserRestIntegrationTest.java
@@ -17,6 +17,7 @@
 
 package ch.wisv.areafiftylan.integration;
 
+import ch.wisv.areafiftylan.products.model.Ticket;
 import ch.wisv.areafiftylan.security.token.repository.VerificationTokenRepository;
 import ch.wisv.areafiftylan.users.model.Role;
 import ch.wisv.areafiftylan.users.model.RoleDTO;
@@ -928,4 +929,37 @@ public void testDeleteNullRole() {
         then().statusCode(HttpStatus.SC_BAD_REQUEST);
         //@formatter:on
     }
+
+    @Test
+    public void createProfileAsCurrentUserAndChangeDate() {
+        User user = createUser();
+        Ticket ticket = createTicketForUser(user);
+        createRFIDLink("", ticket);
+        user.resetProfile();
+        user = userRepository.save(user);
+
+        Map<String, String> profileDTO = getProfileDTO();
+        profileDTO.put("displayName", "TestdisplayName" + user.getId());
+
+        //@formatter:off
+        given().
+                header(getXAuthTokenHeaderForUser(user)).
+                when().
+                body(profileDTO).
+                contentType(ContentType.JSON).
+                post("/users/current/profile").
+                then().
+                statusCode(HttpStatus.SC_BAD_REQUEST).
+                body("object.birthday", not(equalTo("2000-01-02"))).
+                body("object.gender", equalTo(null)).
+                body("object.address", equalTo(null)).
+                body("object.zipcode", equalTo(null)).
+                body("object.city", equalTo(null)).
+                body("object.phoneNumber", equalTo(null)).
+                body("object.notes", equalTo(null)).
+                body("object.firstName", equalTo(null)).
+                body("object.lastName", equalTo(null)).
+                body("object.displayName", equalTo(null));
+        //@formatter:on
+    }
 }
diff --git a/src/test/java/ch/wisv/areafiftylan/integration/XAuthIntegrationTest.java b/src/test/java/ch/wisv/areafiftylan/integration/XAuthIntegrationTest.java
@@ -19,6 +19,8 @@
 
 import ch.wisv.areafiftylan.ApplicationTest;
 import ch.wisv.areafiftylan.exception.TicketOptionNotFoundException;
+import ch.wisv.areafiftylan.extras.rfid.model.RFIDLink;
+import ch.wisv.areafiftylan.extras.rfid.service.RFIDLinkRepository;
 import ch.wisv.areafiftylan.products.model.Ticket;
 import ch.wisv.areafiftylan.products.model.TicketOption;
 import ch.wisv.areafiftylan.products.model.TicketType;
@@ -78,6 +80,8 @@ public abstract class XAuthIntegrationTest {
     private TicketRepository ticketRepository;
     @Autowired
     private TeamRepository teamRepository;
+    @Autowired
+    private RFIDLinkRepository rfidLinkRepository;
 
     protected final String CH_MEMBER = "chMember";
     protected final String PICKUP_SERVICE = "pickupService";
@@ -126,6 +130,11 @@ protected Ticket createTicket(User user, List<String> options) {
         return ticketRepository.save(ticket);
     }
 
+    protected RFIDLink createRFIDLink(String rfidString, Ticket ticket){
+        RFIDLink rfidLink = new RFIDLink(rfidString, ticket);
+        return rfidLinkRepository.save(rfidLink);
+    }
+
     protected Ticket createTicketForUser(User user) {
         return createTicket(user, Collections.emptyList());
     }

diff --git a/src/test/java/ch/wisv/areafiftylan/unit/RFIDServiceTest.java b/src/test/java/ch/wisv/areafiftylan/unit/RFIDServiceTest.java
@@ -171,4 +171,20 @@ public void isTicketLinkedNotLinkedTest() throws Exception {
         Ticket ticket = persistTicketForUser(user);
         assertFalse(rfidService.isTicketLinked(ticket.getId()));
     }
+
+    @Test
+    public void isOwnerLinkedTest() throws Exception {
+        User user = persistUser();
+        Ticket ticket = persistTicketForUser(user);
+        String rfid = "0000000001";
+        rfidService.addRFIDLink(rfid, ticket.getId());
+        assertTrue(rfidService.isOwnerLinked(user.getEmail()));
+    }
+
+    @Test
+    public void isOwnerLinkedNotLinkedTest() throws Exception {
+        User user = persistUser();
+        persistTicketForUser(user);
+        assertFalse(rfidService.isOwnerLinked(user.getEmail()));
+    }
 }