Compare commits
10 Commits
feature/do
...
8ff73cda2b
| Author | SHA1 | Date | |
|---|---|---|---|
| 8ff73cda2b | |||
| 08d0b1730a | |||
| 48b2ffd7b2 | |||
| 877e134166 | |||
| ec2bb1bcc6 | |||
| 6c3c94c5a3 | |||
| a34d2ddcf0 | |||
| b3801eb5e7 | |||
| 4dfdb54bb4 | |||
| 0a278530fb |
@@ -3,7 +3,7 @@ WORKDIR /app
|
||||
COPY gradlew .
|
||||
COPY gradle/ gradle/
|
||||
COPY build.gradle.kts settings.gradle.kts ./
|
||||
RUN ./gradlew dependencies --no-daemon
|
||||
RUN chmod +x gradlew && ./gradlew dependencies --no-daemon
|
||||
COPY src/ src/
|
||||
RUN ./gradlew bootJar --no-daemon
|
||||
|
||||
|
||||
@@ -1,20 +1,13 @@
|
||||
# All services use host networking so inter-service traffic goes over loopback with no bridge overhead.
|
||||
# Ports (all bound directly on the host):
|
||||
# API: 8080
|
||||
# MariaDB: 3306
|
||||
# Adminer: 8888
|
||||
# MinIO API: 9000
|
||||
# MinIO Console: 9001
|
||||
|
||||
services:
|
||||
mariadb:
|
||||
image: mariadb:11
|
||||
network_mode: host
|
||||
image: mariadb
|
||||
environment:
|
||||
MYSQL_ROOT_PASSWORD: ${DB_ROOT_PASSWORD}
|
||||
MYSQL_DATABASE: ${DB_NAME}
|
||||
MYSQL_USER: ${DB_USER}
|
||||
MYSQL_PASSWORD: ${DB_PASSWORD}
|
||||
MARIADB_ROOT_PASSWORD: ${DB_ROOT_PASSWORD}
|
||||
MARIADB_DATABASE: ${DB_NAME}
|
||||
MARIADB_USER: ${DB_USER}
|
||||
MARIADB_PASSWORD: ${DB_PASSWORD}
|
||||
ports:
|
||||
- 3306:3306
|
||||
volumes:
|
||||
- mariadb_data:/var/lib/mysql
|
||||
healthcheck:
|
||||
@@ -24,55 +17,54 @@ services:
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
restart: unless-stopped
|
||||
|
||||
adminer:
|
||||
image: adminer
|
||||
network_mode: host
|
||||
command: php -S [::]:8888 -t /var/www/html
|
||||
ports:
|
||||
- 8080:8080
|
||||
restart: unless-stopped
|
||||
|
||||
minio:
|
||||
image: minio/minio
|
||||
network_mode: host
|
||||
command: server /data --console-address :9001
|
||||
command: server /data --console-address ":9001"
|
||||
environment:
|
||||
MINIO_ROOT_USER: ${MINIO_ACCESS_KEY}
|
||||
MINIO_ROOT_PASSWORD: ${MINIO_SECRET_KEY}
|
||||
ports:
|
||||
- 15900:9000 # API
|
||||
- 15901:9001 # Web UI
|
||||
volumes:
|
||||
- minio_data:/data
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost:9000/minio/health/live"]
|
||||
test: ["CMD", "curl", "-f", "http://192.168.187.181:15900/minio/health/live"]
|
||||
start_period: 10s
|
||||
interval: 10s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
restart: unless-stopped
|
||||
|
||||
api:
|
||||
build: .
|
||||
network_mode: host
|
||||
image: git.halfbinary.net/aarbit/scavengerhunt-api:2
|
||||
environment:
|
||||
DB_URL: jdbc:mariadb://localhost:3306/${DB_NAME}
|
||||
DB_URL: jdbc:mariadb://192.168.187.181:3306/${DB_NAME}
|
||||
DB_USER: ${DB_USER}
|
||||
DB_PASSWORD: ${DB_PASSWORD}
|
||||
JWT_SECRET: ${JWT_SECRET}
|
||||
MINIO_ENDPOINT: http://localhost:9000
|
||||
MINIO_ENDPOINT: http://192.168.187.181:15900
|
||||
MINIO_ACCESS_KEY: ${MINIO_ACCESS_KEY}
|
||||
MINIO_SECRET_KEY: ${MINIO_SECRET_KEY}
|
||||
MINIO_BUCKET: ${MINIO_BUCKET}
|
||||
ports:
|
||||
- 15808:8080
|
||||
depends_on:
|
||||
mariadb:
|
||||
condition: service_healthy
|
||||
minio:
|
||||
condition: service_healthy
|
||||
healthcheck:
|
||||
test: ["CMD", "curl", "-f", "http://localhost:8080/actuator/health"]
|
||||
test: ["CMD", "curl", "-f", "http://192.168.187.181:15808/actuator/health"]
|
||||
start_period: 30s
|
||||
interval: 15s
|
||||
timeout: 5s
|
||||
retries: 5
|
||||
restart: unless-stopped
|
||||
|
||||
volumes:
|
||||
mariadb_data:
|
||||
minio_data:
|
||||
@@ -27,9 +27,10 @@ class JwtUtil {
|
||||
}
|
||||
|
||||
// Generate JWT token
|
||||
fun generateToken(email: String): String {
|
||||
fun generateToken(email: String, isAdmin: Boolean): String {
|
||||
return Jwts.builder()
|
||||
.subject(email)
|
||||
.claim("isAdmin", isAdmin)
|
||||
.issuedAt(Date())
|
||||
.expiration(Date(System.currentTimeMillis() + jwtExpirationMs))
|
||||
.signWith(key)
|
||||
|
||||
@@ -7,7 +7,6 @@ import org.springframework.security.authentication.AuthenticationManager
|
||||
import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration
|
||||
import org.springframework.security.config.annotation.method.configuration.EnableMethodSecurity
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity
|
||||
import org.springframework.security.config.annotation.web.configurers.CorsConfigurer
|
||||
import org.springframework.security.config.annotation.web.configurers.CsrfConfigurer
|
||||
import org.springframework.security.config.annotation.web.configurers.ExceptionHandlingConfigurer
|
||||
import org.springframework.security.config.annotation.web.configurers.SessionManagementConfigurer
|
||||
@@ -16,6 +15,10 @@ import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder
|
||||
import org.springframework.security.crypto.password.PasswordEncoder
|
||||
import org.springframework.security.web.SecurityFilterChain
|
||||
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter
|
||||
import org.springframework.web.cors.CorsConfiguration
|
||||
import org.springframework.web.cors.CorsConfigurationSource
|
||||
import org.springframework.web.cors.UrlBasedCorsConfigurationSource
|
||||
|
||||
|
||||
|
||||
@Configuration
|
||||
@@ -48,13 +51,25 @@ class SecurityConfig(private val authEntrypointJwt: AuthEntrypointJwt,
|
||||
return BCryptPasswordEncoder()
|
||||
}
|
||||
|
||||
@Bean
|
||||
fun corsConfigurationSource(): CorsConfigurationSource {
|
||||
val config = CorsConfiguration()
|
||||
config.allowedOriginPatterns = listOf("*")
|
||||
config.allowedMethods = listOf("GET", "POST", "PUT", "PATCH", "DELETE", "OPTIONS")
|
||||
config.allowedHeaders = listOf("*")
|
||||
config.allowCredentials = true
|
||||
val source = UrlBasedCorsConfigurationSource()
|
||||
source.registerCorsConfiguration("/**", config)
|
||||
return source
|
||||
}
|
||||
|
||||
@Bean
|
||||
@Throws(Exception::class)
|
||||
fun securityFilterChain(http: HttpSecurity): SecurityFilterChain? {
|
||||
// Updated configuration for Spring Security 6.x
|
||||
http
|
||||
.csrf { csrf: CsrfConfigurer<HttpSecurity> -> csrf.disable() } // Disable CSRF
|
||||
.cors { cors: CorsConfigurer<HttpSecurity> -> cors.disable() } // Disable CORS (or configure if needed)
|
||||
.csrf { csrf: CsrfConfigurer<HttpSecurity> -> csrf.disable() }
|
||||
.cors { cors -> cors.configurationSource(corsConfigurationSource()) }
|
||||
.exceptionHandling { exceptionHandling: ExceptionHandlingConfigurer<HttpSecurity> ->
|
||||
exceptionHandling.authenticationEntryPoint(
|
||||
authEntrypointJwt
|
||||
@@ -67,7 +82,7 @@ class SecurityConfig(private val authEntrypointJwt: AuthEntrypointJwt,
|
||||
}
|
||||
.authorizeHttpRequests { authorizeRequests ->
|
||||
authorizeRequests
|
||||
.requestMatchers("/auth/**", "/signup", "/docs/**")
|
||||
.requestMatchers("/auth/**", "/signup", "/docs/**", "/actuator/**")
|
||||
.permitAll()
|
||||
.anyRequest().authenticated()
|
||||
}
|
||||
|
||||
@@ -24,9 +24,9 @@ class AuthController(private val loginService: LoginService, private val jwtUtil
|
||||
@PostMapping("/login")
|
||||
fun login(@Valid @RequestBody body: LoginRequest): ResponseEntity<LoginResponse> {
|
||||
val result = loginService.login(body.toDomain())
|
||||
val accessToken = jwtUtils.generateToken(result.email)
|
||||
val accessToken = jwtUtils.generateToken(result.email, result.isAdmin)
|
||||
val refreshToken = refreshTokenService.generateRefreshToken(result.email)
|
||||
val loginResponse = LoginResponse(accessToken, refreshToken)
|
||||
val loginResponse = LoginResponse(accessToken, refreshToken, result.name)
|
||||
return ResponseEntity.ok(loginResponse)
|
||||
}
|
||||
|
||||
|
||||
@@ -16,7 +16,6 @@ import org.springframework.web.bind.annotation.GetMapping
|
||||
import org.springframework.web.bind.annotation.PathVariable
|
||||
import org.springframework.web.bind.annotation.PostMapping
|
||||
import org.springframework.web.bind.annotation.RequestMapping
|
||||
import org.springframework.web.bind.annotation.RequestParam
|
||||
import org.springframework.web.bind.annotation.RestController
|
||||
|
||||
@RestController
|
||||
@@ -27,13 +26,13 @@ class HunterController(private val hunterService: HunterService,
|
||||
|
||||
@GetMapping("/hunt/ongoing")
|
||||
@Operation(summary = "Gets list of all currently running Hunts (filtered by the calling hunter)")
|
||||
fun getOngoingHunts(authentication: Authentication, @RequestParam status: HuntStatus?): ResponseEntity<List<HuntResponse>> {
|
||||
fun getOngoingHunts(authentication: Authentication): ResponseEntity<List<HuntResponse>> {
|
||||
val email = authentication.name
|
||||
val isAdmin = hunterService.getHunterByEmail(email).isAdmin
|
||||
return if(isAdmin) {
|
||||
ResponseEntity.ok(huntService.getAllHunts(HuntStatus.ONGOING).map { it.toResponse() })
|
||||
} else {
|
||||
ResponseEntity.ok(huntService.getHuntsByEmail(email, status).map { it.toResponse() })
|
||||
ResponseEntity.ok(huntService.getHuntsByEmail(email, HuntStatus.ONGOING).map { it.toResponse() })
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
@@ -8,11 +8,15 @@ import net.halfbinary.scavengerhuntapi.model.ItemId
|
||||
import net.halfbinary.scavengerhuntapi.model.converter.toDomain
|
||||
import net.halfbinary.scavengerhuntapi.model.converter.toResponse
|
||||
import net.halfbinary.scavengerhuntapi.model.request.ItemRequest
|
||||
import net.halfbinary.scavengerhuntapi.model.request.ItemUpdateRequest
|
||||
import net.halfbinary.scavengerhuntapi.model.response.ItemResponse
|
||||
import net.halfbinary.scavengerhuntapi.service.HuntService
|
||||
import org.springframework.http.ResponseEntity
|
||||
import org.springframework.security.access.prepost.PreAuthorize
|
||||
import org.springframework.security.core.Authentication
|
||||
import org.springframework.web.bind.annotation.DeleteMapping
|
||||
import org.springframework.web.bind.annotation.GetMapping
|
||||
import org.springframework.web.bind.annotation.PatchMapping
|
||||
import org.springframework.web.bind.annotation.PathVariable
|
||||
import org.springframework.web.bind.annotation.PostMapping
|
||||
import org.springframework.web.bind.annotation.RequestBody
|
||||
@@ -24,8 +28,8 @@ import org.springframework.web.bind.annotation.RestController
|
||||
class ItemController(private val huntService: HuntService) {
|
||||
|
||||
@GetMapping
|
||||
fun getItemsForHunt(@PathVariable huntId: HuntId): ResponseEntity<List<ItemResponse>> {
|
||||
return ResponseEntity.ok(huntService.getItemsForHunt(huntId).map { it.toResponse() })
|
||||
fun getItemsForHunt(@PathVariable huntId: HuntId, authentication: Authentication): ResponseEntity<List<ItemResponse>> {
|
||||
return ResponseEntity.ok(huntService.getItemsForHunt(huntId, authentication.name).map { it.toResponse() })
|
||||
}
|
||||
|
||||
@GetMapping("/{itemId}")
|
||||
@@ -41,4 +45,21 @@ class ItemController(private val huntService: HuntService) {
|
||||
return ResponseEntity.ok(huntService.addItemToHunt(huntId, body.toDomain()).toResponse())
|
||||
}
|
||||
|
||||
@PreAuthorize("hasRole('ADMIN')")
|
||||
@Tag(name = "Admin")
|
||||
@PatchMapping("/{itemId}")
|
||||
@Operation(summary = "Updates name and/or points for the specified Item in the specified Hunt")
|
||||
fun updateItem(@PathVariable huntId: HuntId, @PathVariable itemId: ItemId, @RequestBody body: ItemUpdateRequest): ResponseEntity<ItemResponse> {
|
||||
return ResponseEntity.ok(huntService.updateItem(huntId, itemId, body).toResponse())
|
||||
}
|
||||
|
||||
@PreAuthorize("hasRole('ADMIN')")
|
||||
@Tag(name = "Admin")
|
||||
@DeleteMapping("/{itemId}")
|
||||
@Operation(summary = "Deletes the specified Item from the specified Hunt")
|
||||
fun deleteItem(@PathVariable huntId: HuntId, @PathVariable itemId: ItemId): ResponseEntity<Unit> {
|
||||
huntService.deleteItem(huntId, itemId)
|
||||
return ResponseEntity.noContent().build()
|
||||
}
|
||||
|
||||
}
|
||||
@@ -10,4 +10,7 @@ data class Hunt(
|
||||
val startDateTime: LocalDateTime,
|
||||
val endDateTime: LocalDateTime,
|
||||
val isTerminated: Boolean
|
||||
)
|
||||
) {
|
||||
val isOngoing: Boolean
|
||||
get() = !isTerminated && startDateTime < LocalDateTime.now() && endDateTime > LocalDateTime.now()
|
||||
}
|
||||
@@ -0,0 +1,6 @@
|
||||
package net.halfbinary.scavengerhuntapi.model.request
|
||||
|
||||
data class ItemUpdateRequest(
|
||||
val name: String?,
|
||||
val points: Int?
|
||||
)
|
||||
@@ -4,5 +4,6 @@ import net.halfbinary.scavengerhuntapi.model.RefreshId
|
||||
|
||||
data class LoginResponse(
|
||||
val accessToken: String,
|
||||
val refreshToken: RefreshId
|
||||
val refreshToken: RefreshId,
|
||||
val name: String
|
||||
)
|
||||
|
||||
@@ -1,9 +1,13 @@
|
||||
package net.halfbinary.scavengerhuntapi.repository
|
||||
|
||||
import net.halfbinary.scavengerhuntapi.model.HuntId
|
||||
import net.halfbinary.scavengerhuntapi.model.ItemId
|
||||
import net.halfbinary.scavengerhuntapi.model.record.HuntItemRecord
|
||||
import org.springframework.data.jpa.repository.JpaRepository
|
||||
import org.springframework.stereotype.Repository
|
||||
import java.util.*
|
||||
|
||||
@Repository
|
||||
interface HuntItemRepository : JpaRepository<HuntItemRecord, UUID>
|
||||
interface HuntItemRepository : JpaRepository<HuntItemRecord, UUID> {
|
||||
fun findByHuntIdAndItemId(huntId: HuntId, itemId: ItemId): HuntItemRecord?
|
||||
}
|
||||
|
||||
@@ -1,14 +1,17 @@
|
||||
package net.halfbinary.scavengerhuntapi.service
|
||||
|
||||
import net.halfbinary.scavengerhuntapi.error.exception.ForbiddenException
|
||||
import net.halfbinary.scavengerhuntapi.error.exception.NotFoundException
|
||||
import net.halfbinary.scavengerhuntapi.model.HuntId
|
||||
import net.halfbinary.scavengerhuntapi.model.HunterId
|
||||
import net.halfbinary.scavengerhuntapi.model.ItemId
|
||||
import net.halfbinary.scavengerhuntapi.model.converter.toDomain
|
||||
import net.halfbinary.scavengerhuntapi.model.converter.toRecord
|
||||
import net.halfbinary.scavengerhuntapi.model.domain.Hunt
|
||||
import net.halfbinary.scavengerhuntapi.model.domain.HuntItem
|
||||
import net.halfbinary.scavengerhuntapi.model.domain.Item
|
||||
import net.halfbinary.scavengerhuntapi.model.request.HuntStatus
|
||||
import net.halfbinary.scavengerhuntapi.model.request.ItemUpdateRequest
|
||||
import net.halfbinary.scavengerhuntapi.repository.HuntItemRepository
|
||||
import net.halfbinary.scavengerhuntapi.repository.HuntRepository
|
||||
import net.halfbinary.scavengerhuntapi.repository.ItemRepository
|
||||
@@ -20,7 +23,8 @@ import java.time.LocalDateTime
|
||||
class HuntService(
|
||||
private val huntRepository: HuntRepository,
|
||||
private val itemRepository: ItemRepository,
|
||||
private val huntItemRepository: HuntItemRepository
|
||||
private val huntItemRepository: HuntItemRepository,
|
||||
private val hunterService: HunterService
|
||||
) {
|
||||
fun getHunt(huntId: HuntId): Hunt {
|
||||
return huntRepository.findByIdOrNull(huntId)?.toDomain() ?: throw NotFoundException("No hunt with id $huntId found")
|
||||
@@ -64,8 +68,10 @@ class HuntService(
|
||||
return huntRepository.save(hunt.toRecord()).toDomain()
|
||||
}
|
||||
|
||||
fun getItemsForHunt(huntId: HuntId): List<Item> {
|
||||
huntRepository.findByIdOrNull(huntId) ?: throw NotFoundException("No hunt with id $huntId found")
|
||||
fun getItemsForHunt(huntId: HuntId, email: String): List<Item> {
|
||||
val hunt = huntRepository.findByIdOrNull(huntId)?.toDomain() ?: throw NotFoundException("No hunt with id $huntId found")
|
||||
val hunter = hunterService.getHunterByEmail(email)
|
||||
if (!hunter.isAdmin && !hunt.isOngoing) throw ForbiddenException()
|
||||
return itemRepository.findAllByHuntId(huntId).map { it.toDomain() }
|
||||
}
|
||||
|
||||
@@ -75,4 +81,23 @@ class HuntService(
|
||||
huntItemRepository.save(HuntItem(huntId = huntId, itemId = savedItem.id).toRecord())
|
||||
return savedItem
|
||||
}
|
||||
|
||||
fun updateItem(huntId: HuntId, itemId: ItemId, request: ItemUpdateRequest): Item {
|
||||
huntItemRepository.findByHuntIdAndItemId(huntId, itemId)
|
||||
?: throw NotFoundException("No item with id $itemId found in hunt $huntId")
|
||||
val existing = itemRepository.findByIdOrNull(itemId)
|
||||
?: throw NotFoundException("No item with id $itemId found")
|
||||
val updated = existing.copy(
|
||||
name = request.name ?: existing.name,
|
||||
points = request.points ?: existing.points
|
||||
)
|
||||
return itemRepository.save(updated).toDomain()
|
||||
}
|
||||
|
||||
fun deleteItem(huntId: HuntId, itemId: ItemId) {
|
||||
val huntItem = huntItemRepository.findByHuntIdAndItemId(huntId, itemId)
|
||||
?: throw NotFoundException("No item with id $itemId found in hunt $huntId")
|
||||
huntItemRepository.delete(huntItem)
|
||||
itemRepository.deleteById(itemId)
|
||||
}
|
||||
}
|
||||
@@ -36,10 +36,15 @@ class PhotoService(
|
||||
private val photoRepository: PhotoRepository,
|
||||
private val hunterService: HunterService,
|
||||
private val teamService: TeamService,
|
||||
private val huntService: HuntService,
|
||||
private val s3StorageService: S3StorageService,
|
||||
private val fileProbeService: FileProbeService
|
||||
) {
|
||||
fun submitPhoto(huntId: HuntId, itemId: ItemId, email: String, file: MultipartFile) {
|
||||
val hunter = hunterService.getHunterByEmail(email)
|
||||
val hunt = huntService.getHunt(huntId)
|
||||
if (!hunter.isAdmin && !hunt.isOngoing) throw ForbiddenException()
|
||||
|
||||
val originalBytes = file.bytes
|
||||
val fileType = fileProbeService.getFileType(originalBytes)
|
||||
|
||||
@@ -51,7 +56,6 @@ class PhotoService(
|
||||
throw BadFileException("Image type is not supported")
|
||||
}
|
||||
|
||||
val hunter = hunterService.getHunterByEmail(email)
|
||||
val now = LocalDateTime.now()
|
||||
val photo = Photo(
|
||||
itemId = itemId,
|
||||
@@ -76,6 +80,8 @@ class PhotoService(
|
||||
?: throw NotFoundException(PHOTO_NOT_FOUND)
|
||||
|
||||
if (!requestingHunter.isAdmin) {
|
||||
val hunt = huntService.getHunt(huntId)
|
||||
if (!hunt.isOngoing) throw ForbiddenException()
|
||||
val team = try {
|
||||
teamService.getTeamForHunterInHunt(huntId, email)
|
||||
} catch (_: NotFoundException) {
|
||||
@@ -121,6 +127,8 @@ class PhotoService(
|
||||
val requestingHunter = hunterService.getHunterByEmail(email)
|
||||
|
||||
if (!requestingHunter.isAdmin) {
|
||||
val hunt = huntService.getHunt(huntId)
|
||||
if (!hunt.isOngoing) throw ForbiddenException()
|
||||
val team = try {
|
||||
teamService.getTeamForHunterInHunt(huntId, email)
|
||||
} catch (_: NotFoundException) {
|
||||
@@ -142,15 +150,24 @@ class PhotoService(
|
||||
}
|
||||
|
||||
fun removePhoto(huntId: HuntId, teamId: TeamId, itemId: ItemId, photoId: PhotoId, email: String) {
|
||||
val requestingHunter = hunterService.getHunterByEmail(email)
|
||||
|
||||
if (!requestingHunter.isAdmin) {
|
||||
val hunt = huntService.getHunt(huntId)
|
||||
if (!hunt.isOngoing) throw ForbiddenException()
|
||||
}
|
||||
|
||||
val photoRecord = photoRepository.findByIdAndItemIdAndHuntId(photoId, itemId, huntId)
|
||||
?: throw NotFoundException(PHOTO_NOT_FOUND)
|
||||
|
||||
val team = try {
|
||||
teamService.getTeamForHunterInHunt(huntId, email)
|
||||
} catch (_: NotFoundException) {
|
||||
throw ForbiddenException()
|
||||
if (!requestingHunter.isAdmin) {
|
||||
val team = try {
|
||||
teamService.getTeamForHunterInHunt(huntId, email)
|
||||
} catch (_: NotFoundException) {
|
||||
throw ForbiddenException()
|
||||
}
|
||||
if (team.id != teamId) throw ForbiddenException()
|
||||
}
|
||||
if (team.id != teamId) throw ForbiddenException()
|
||||
|
||||
if (photoRecord.status == PhotoStatus.APPROVED) throw ConflictException("Cannot remove an approved photo")
|
||||
|
||||
@@ -161,6 +178,8 @@ class PhotoService(
|
||||
val requestingHunter = hunterService.getHunterByEmail(email)
|
||||
|
||||
if (!requestingHunter.isAdmin) {
|
||||
val hunt = huntService.getHunt(huntId)
|
||||
if (!hunt.isOngoing) throw ForbiddenException()
|
||||
val team = try {
|
||||
teamService.getTeamForHunterInHunt(huntId, email)
|
||||
} catch (_: NotFoundException) {
|
||||
|
||||
@@ -5,6 +5,7 @@ import net.halfbinary.scavengerhuntapi.error.exception.ExpiredRefreshTokenExcept
|
||||
import net.halfbinary.scavengerhuntapi.error.exception.InvalidRefreshTokenException
|
||||
import net.halfbinary.scavengerhuntapi.model.RefreshId
|
||||
import net.halfbinary.scavengerhuntapi.model.record.RefreshTokenRecord
|
||||
import net.halfbinary.scavengerhuntapi.repository.HunterRepository
|
||||
import net.halfbinary.scavengerhuntapi.repository.RefreshTokenRepository
|
||||
import org.slf4j.LoggerFactory
|
||||
import org.springframework.data.repository.findByIdOrNull
|
||||
@@ -13,7 +14,7 @@ import java.time.LocalDateTime
|
||||
import java.time.temporal.ChronoUnit
|
||||
|
||||
@Service
|
||||
class RefreshTokenService(private val refreshTokenRepository: RefreshTokenRepository, private val jwtUtil: JwtUtil) {
|
||||
class RefreshTokenService(private val refreshTokenRepository: RefreshTokenRepository, private val jwtUtil: JwtUtil, private val hunterRepository: HunterRepository) {
|
||||
|
||||
companion object {
|
||||
private val log = LoggerFactory.getLogger(RefreshTokenService::class.java)
|
||||
@@ -25,7 +26,8 @@ class RefreshTokenService(private val refreshTokenRepository: RefreshTokenReposi
|
||||
removeToken(tokenId)
|
||||
throw ExpiredRefreshTokenException(tokenId)
|
||||
} else {
|
||||
jwtUtil.generateToken(refreshToken.email)
|
||||
val isAdmin = hunterRepository.findByEmail(refreshToken.email)?.isAdmin ?: false
|
||||
jwtUtil.generateToken(refreshToken.email, isAdmin)
|
||||
}
|
||||
}?: throw InvalidRefreshTokenException(tokenId)
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user