From 34169e70d249493b217c098ebbf4d3e2cdbc523b Mon Sep 17 00:00:00 2001
From: IndexZero <l0rmin@yandex.ru>
Date: Thu, 20 Feb 2025 11:44:43 +0300
Subject: [PATCH] - Increased varchar limit from 100 to 250 on PhotoUrl - Added
 profile update request for admin panel

---
 .../finals/config/SecurityConfig.java         |  2 +-
 .../finals/controller/EmployeeController.java | 16 ++++++++++++--
 .../finals/service/EmployeeService.java       |  1 +
 .../service/impl/EmployeeServiceImpl.java     | 21 +++++++++++++++++++
 .../1.0/2024-10-20--0002-employee.xml         |  4 ++--
 .../csv/2024-10-20--0002-employee-data.csv    |  3 ++-
 ...-02-18--0004-employee-authorities-data.csv |  3 ++-
 7 files changed, 43 insertions(+), 7 deletions(-)

diff --git a/src/main/java/com/indexzero/finals/config/SecurityConfig.java b/src/main/java/com/indexzero/finals/config/SecurityConfig.java
index 112eccb..56473c1 100644
--- a/src/main/java/com/indexzero/finals/config/SecurityConfig.java
+++ b/src/main/java/com/indexzero/finals/config/SecurityConfig.java
@@ -5,7 +5,6 @@ import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.security.authentication.AuthenticationManager;
-import org.springframework.security.authentication.AuthenticationProvider;
 import org.springframework.security.authentication.ProviderManager;
 import org.springframework.security.authentication.dao.DaoAuthenticationProvider;
 import org.springframework.security.config.Customizer;
@@ -42,6 +41,7 @@ public class SecurityConfig {
                         .requestMatchers("/api/employee/{login}/{state}").hasAuthority("ADMIN")
                         .requestMatchers("/api/employee/{login}").hasAuthority("ADMIN")
                         .requestMatchers("/api/employee/all").hasAuthority("ADMIN")
+                        .requestMatchers("/api/employee/{login}/update").hasAuthority("ADMIN")
 
                         // Entrance for everyone
                         .requestMatchers("/api/entrance").authenticated()
diff --git a/src/main/java/com/indexzero/finals/controller/EmployeeController.java b/src/main/java/com/indexzero/finals/controller/EmployeeController.java
index d132af1..e9bbd3e 100644
--- a/src/main/java/com/indexzero/finals/controller/EmployeeController.java
+++ b/src/main/java/com/indexzero/finals/controller/EmployeeController.java
@@ -30,7 +30,7 @@ public class EmployeeController {
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
     })
     public ResponseEntity<Object> login() {
-        return new ResponseEntity(HttpStatus.OK);
+        return new ResponseEntity<>(HttpStatus.OK);
     }
 
     @PostMapping("/profile")
@@ -96,7 +96,7 @@ public class EmployeeController {
     @GetMapping("/{login}")
     @Operation(description = "Get user's profile by login (ADMIN only)", summary = "Get user's profile by login")
     @ApiResponses(value = {
-            @ApiResponse(responseCode = "200", description = "Modification Successful"),
+            @ApiResponse(responseCode = "200", description = "Request Successful"),
             @ApiResponse(responseCode = "401", description = "Unauthorized"),
             @ApiResponse(responseCode = "403", description = "Forbidden"),
             @ApiResponse(responseCode = "404", description = "User not found"),
@@ -105,4 +105,16 @@ public class EmployeeController {
         return employeeService.getEmployeeByLogin(login);
     }
 
+    @PatchMapping("/{login}/update")
+    @Operation(description = "Update user's profile (ADMIN only). Accepts name, position and photo_url properties", summary = "Update user's profile")
+    @ApiResponses(value = {
+            @ApiResponse(responseCode = "200", description = "Modification Successful"),
+            @ApiResponse(responseCode = "401", description = "Unauthorized"),
+            @ApiResponse(responseCode = "403", description = "Forbidden"),
+            @ApiResponse(responseCode = "404", description = "User not found"),
+    })
+    public ResponseEntity<EmployeeDTO> updateEmployee(@PathVariable String login, @RequestBody EmployeeDTO updateDTO) {
+        return employeeService.updateEmployee(updateDTO, login);
+    }
+
 }
diff --git a/src/main/java/com/indexzero/finals/service/EmployeeService.java b/src/main/java/com/indexzero/finals/service/EmployeeService.java
index 0e5cfe4..91605e0 100644
--- a/src/main/java/com/indexzero/finals/service/EmployeeService.java
+++ b/src/main/java/com/indexzero/finals/service/EmployeeService.java
@@ -16,4 +16,5 @@ public interface EmployeeService {
     ResponseEntity<HttpStatusCode> changeState(String login, String state);
     ResponseEntity<Page<EmployeeDTO>> getAllEmployees(Pageable pageable);
     ResponseEntity<EmployeeDTO> getEmployeeByLogin(String login);
+    ResponseEntity<EmployeeDTO> updateEmployee(EmployeeDTO updateDTO, String login);
 }
diff --git a/src/main/java/com/indexzero/finals/service/impl/EmployeeServiceImpl.java b/src/main/java/com/indexzero/finals/service/impl/EmployeeServiceImpl.java
index 01ab2a6..33f6e30 100644
--- a/src/main/java/com/indexzero/finals/service/impl/EmployeeServiceImpl.java
+++ b/src/main/java/com/indexzero/finals/service/impl/EmployeeServiceImpl.java
@@ -128,4 +128,25 @@ public class EmployeeServiceImpl implements EmployeeService {
             return new ResponseEntity<>(HttpStatus.NOT_FOUND);
         }
     }
+
+    @Override
+    public ResponseEntity<EmployeeDTO> updateEmployee(EmployeeDTO updateDTO, String login) {
+        Employee e = employeeRepository.findByLogin(login);
+        if(e != null) {
+            if(updateDTO.getName() != null) {
+                e.setName(updateDTO.getName());
+            }
+            if (updateDTO.getPosition() != null) {
+                e.setPosition(updateDTO.getPosition());
+            }
+            if (updateDTO.getPhotoUrl() != null) {
+                e.setPhotoUrl(updateDTO.getPhotoUrl());
+            }
+            employeeRepository.save(e);
+            return new ResponseEntity<>(EmployeeMapper.convertToDTO(e), HttpStatus.OK);
+        }
+        else {
+            return new ResponseEntity<>(HttpStatus.NOT_FOUND);
+        }
+    }
 }
diff --git a/src/main/resources/db.changelog/1.0/2024-10-20--0002-employee.xml b/src/main/resources/db.changelog/1.0/2024-10-20--0002-employee.xml
index a0b0f98..da586cd 100644
--- a/src/main/resources/db.changelog/1.0/2024-10-20--0002-employee.xml
+++ b/src/main/resources/db.changelog/1.0/2024-10-20--0002-employee.xml
@@ -5,7 +5,7 @@
                    xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-3.0.xsd
         http://www.liquibase.org/xml/ns/dbchangelog-ext http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-ext.xsd">
 
-    <changeSet id="2024-10-20--0002-employee" author="okalugin">
+    <changeSet id="2024-10-20--0002-employee-02" author="okalugin">
 
         <preConditions onFail="MARK_RAN">
             <not>
@@ -37,7 +37,7 @@
                 <constraints nullable="false"/>
             </column>
 
-            <column name="photo_url" type="VARCHAR(100)">
+            <column name="photo_url" type="VARCHAR(250)">
                 <constraints nullable="true"/>
             </column>
 
diff --git a/src/main/resources/db.changelog/data/csv/2024-10-20--0002-employee-data.csv b/src/main/resources/db.changelog/data/csv/2024-10-20--0002-employee-data.csv
index a9cb984..367b0df 100644
--- a/src/main/resources/db.changelog/data/csv/2024-10-20--0002-employee-data.csv
+++ b/src/main/resources/db.changelog/data/csv/2024-10-20--0002-employee-data.csv
@@ -2,4 +2,5 @@ login;password;name;photo_url;position;is_enabled
 pivanov;$2a$10$Jzb9I5eeHC0UIn/q5Rhq..wkI7KicBEZKB2u5BvnH8.n12d4alTOK;Иванов Петр Федорович;https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg;Разработчик;true
 ipetrov;$2a$10$Jzb9I5eeHC0UIn/q5Rhq..wkI7KicBEZKB2u5BvnH8.n12d4alTOK;Петров Иван Константинович;https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg;Аналитик;false
 asemenov;$2a$10$Jzb9I5eeHC0UIn/q5Rhq..wkI7KicBEZKB2u5BvnH8.n12d4alTOK;Семенов Анатолий Анатольевич;https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg;Разработчик;true
-afedorov;$2a$10$Jzb9I5eeHC0UIn/q5Rhq..wkI7KicBEZKB2u5BvnH8.n12d4alTOK;Федоров Александр Сергеевич;https://funnyducks.ru/upload/iblock/0cd/0cdeb7ec3ed6fddda0f90fccee05557d.jpg;Тестировщик;true
\ No newline at end of file
+afedorov;$2a$10$Jzb9I5eeHC0UIn/q5Rhq..wkI7KicBEZKB2u5BvnH8.n12d4alTOK;Федоров Александр Сергеевич;https://i.postimg.cc/R0tz9yFr/skala.jpg;Тестировщик;true
+alimasov;$2a$10$Jzb9I5eeHC0UIn/q5Rhq..wkI7KicBEZKB2u5BvnH8.n12d4alTOK;Андрей Лимасов;https://i.postimg.cc/L5zBsbnP/IMG-20250220-101919.jpg;Разработчик;true
diff --git a/src/main/resources/db.changelog/data/csv/2025-02-18--0004-employee-authorities-data.csv b/src/main/resources/db.changelog/data/csv/2025-02-18--0004-employee-authorities-data.csv
index 3cb2443..f99f4fb 100644
--- a/src/main/resources/db.changelog/data/csv/2025-02-18--0004-employee-authorities-data.csv
+++ b/src/main/resources/db.changelog/data/csv/2025-02-18--0004-employee-authorities-data.csv
@@ -2,4 +2,5 @@ employee_id;authorities_id
 1;2
 2;1
 3;1
-4;1
\ No newline at end of file
+4;1
+5;2
\ No newline at end of file