- Increased varchar limit from 100 to 250 on PhotoUrl

- Added profile update request for admin panel
2025-02-20 11:44:43 +03:00 · 2025-02-20 11:44:43 +03:00 · 34169e70d2
commit 34169e70d2
parent 6309648c40
7 changed files with 43 additions and 7 deletions
--- a/src/main/java/com/indexzero/finals/config/SecurityConfig.java
+++ b/src/main/java/com/indexzero/finals/config/SecurityConfig.java
@ -5,7 +5,6 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.ProviderManager;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
 import org.springframework.security.config.Customizer;
@ -42,6 +41,7 @@ public class SecurityConfig {
                        .requestMatchers("/api/employee/{login}/{state}").hasAuthority("ADMIN")
                        .requestMatchers("/api/employee/{login}").hasAuthority("ADMIN")
                        .requestMatchers("/api/employee/all").hasAuthority("ADMIN")
+                        .requestMatchers("/api/employee/{login}/update").hasAuthority("ADMIN")

                        // Entrance for everyone
                        .requestMatchers("/api/entrance").authenticated()
--- a/src/main/java/com/indexzero/finals/controller/EmployeeController.java
+++ b/src/main/java/com/indexzero/finals/controller/EmployeeController.java
@ -30,7 +30,7 @@ public class EmployeeController {
            @ApiResponse(responseCode = "401", description = "Unauthorized"),
    })
    public ResponseEntity<Object> login() {
-        return new ResponseEntity(HttpStatus.OK);
+        return new ResponseEntity<>(HttpStatus.OK);
    }

    @PostMapping("/profile")
@ -96,7 +96,7 @@ public class EmployeeController {
    @GetMapping("/{login}")
    @Operation(description = "Get user's profile by login (ADMIN only)", summary = "Get user's profile by login")
    @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", description = "Modification Successful"),
+            @ApiResponse(responseCode = "200", description = "Request Successful"),
            @ApiResponse(responseCode = "401", description = "Unauthorized"),
            @ApiResponse(responseCode = "403", description = "Forbidden"),
            @ApiResponse(responseCode = "404", description = "User not found"),
@ -105,4 +105,16 @@ public class EmployeeController {
        return employeeService.getEmployeeByLogin(login);
    }

+    @PatchMapping("/{login}/update")
+    @Operation(description = "Update user's profile (ADMIN only). Accepts name, position and photo_url properties", summary = "Update user's profile")
+    @ApiResponses(value = {
+            @ApiResponse(responseCode = "200", description = "Modification Successful"),
+            @ApiResponse(responseCode = "401", description = "Unauthorized"),
+            @ApiResponse(responseCode = "403", description = "Forbidden"),
+            @ApiResponse(responseCode = "404", description = "User not found"),
+    })
+    public ResponseEntity<EmployeeDTO> updateEmployee(@PathVariable String login, @RequestBody EmployeeDTO updateDTO) {
+        return employeeService.updateEmployee(updateDTO, login);
+    }
+
 }
--- a/src/main/java/com/indexzero/finals/service/EmployeeService.java
+++ b/src/main/java/com/indexzero/finals/service/EmployeeService.java
@ -16,4 +16,5 @@ public interface EmployeeService {
    ResponseEntity<HttpStatusCode> changeState(String login, String state);
    ResponseEntity<Page<EmployeeDTO>> getAllEmployees(Pageable pageable);
    ResponseEntity<EmployeeDTO> getEmployeeByLogin(String login);
+    ResponseEntity<EmployeeDTO> updateEmployee(EmployeeDTO updateDTO, String login);
 }
--- a/src/main/java/com/indexzero/finals/service/impl/EmployeeServiceImpl.java
+++ b/src/main/java/com/indexzero/finals/service/impl/EmployeeServiceImpl.java
@ -128,4 +128,25 @@ public class EmployeeServiceImpl implements EmployeeService {
            return new ResponseEntity<>(HttpStatus.NOT_FOUND);
        }
    }
+
+    @Override
+    public ResponseEntity<EmployeeDTO> updateEmployee(EmployeeDTO updateDTO, String login) {
+        Employee e = employeeRepository.findByLogin(login);
+        if(e != null) {
+            if(updateDTO.getName() != null) {
+                e.setName(updateDTO.getName());
+            }
+            if (updateDTO.getPosition() != null) {
+                e.setPosition(updateDTO.getPosition());
+            }
+            if (updateDTO.getPhotoUrl() != null) {
+                e.setPhotoUrl(updateDTO.getPhotoUrl());
+            }
+            employeeRepository.save(e);
+            return new ResponseEntity<>(EmployeeMapper.convertToDTO(e), HttpStatus.OK);
+        }
+        else {
+            return new ResponseEntity<>(HttpStatus.NOT_FOUND);
+        }
+    }
 }
--- a/src/main/resources/db.changelog/1.0/2024-10-20--0002-employee.xml
+++ b/src/main/resources/db.changelog/1.0/2024-10-20--0002-employee.xml
@ -5,7 +5,7 @@
                   xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.0.xsd
        http://www.liquibase.org/xml/ns/dbchangelog-ext http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-ext.xsd">

-    <changeSet id="2024-10-20--0002-employee" author="okalugin">
+    <changeSet id="2024-10-20--0002-employee-02" author="okalugin">

        <preConditions onFail="MARK_RAN">
            <not>
@ -37,7 +37,7 @@
                <constraints nullable="false"/>
            </column>

-            <column name="photo_url" type="VARCHAR(100)">
+            <column name="photo_url" type="VARCHAR(250)">
                <constraints nullable="true"/>
            </column>

--- a/src/main/resources/db.changelog/data/csv/2024-10-20--0002-employee-data.csv
+++ b/src/main/resources/db.changelog/data/csv/2024-10-20--0002-employee-data.csv
@ -2,4 +2,5 @@ login;password;name;photo_url;position;is_enabled
 pivanov;$2a$10$Jzb9I5eeHC0UIn/q5Rhq..wkI7KicBEZKB2u5BvnH8.n12d4alTOK;Иванов Петр Федорович;https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg;Разработчик;true
 ipetrov;$2a$10$Jzb9I5eeHC0UIn/q5Rhq..wkI7KicBEZKB2u5BvnH8.n12d4alTOK;Петров Иван Константинович;https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg;Аналитик;false
 asemenov;$2a$10$Jzb9I5eeHC0UIn/q5Rhq..wkI7KicBEZKB2u5BvnH8.n12d4alTOK;Семенов Анатолий Анатольевич;https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg;Разработчик;true
-afedorov;$2a$10$Jzb9I5eeHC0UIn/q5Rhq..wkI7KicBEZKB2u5BvnH8.n12d4alTOK;Федоров Александр Сергеевич;https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg;Тестировщик;true
+afedorov;$2a$10$Jzb9I5eeHC0UIn/q5Rhq..wkI7KicBEZKB2u5BvnH8.n12d4alTOK;Федоров Александр Сергеевич;https://i.postimg.cc/R0tz9yFr/skala.jpg;Тестировщик;true
+alimasov;$2a$10$Jzb9I5eeHC0UIn/q5Rhq..wkI7KicBEZKB2u5BvnH8.n12d4alTOK;Андрей Лимасов;https://i.postimg.cc/L5zBsbnP/IMG-20250220-101919.jpg;Разработчик;true
--- a/src/main/resources/db.changelog/data/csv/2025-02-18--0004-employee-authorities-data.csv
+++ b/src/main/resources/db.changelog/data/csv/2025-02-18--0004-employee-authorities-data.csv
@ -2,4 +2,5 @@ employee_id;authorities_id
 1;2
 2;1
 3;1
-4;1
+4;1
+5;2