diff --git a/src/main/java/com/infinity/nto/config/WebSecurityConfig.java b/src/main/java/com/infinity/nto/config/WebSecurityConfig.java index b2eb0a1..98f9521 100644 --- a/src/main/java/com/infinity/nto/config/WebSecurityConfig.java +++ b/src/main/java/com/infinity/nto/config/WebSecurityConfig.java @@ -25,10 +25,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter { http .csrf().disable() .authorizeRequests() - /*.antMatchers("/api/employee/**").hasAnyAuthority("ROLE_EMPLOYEE", "ROLE_ADMIN")*/ .antMatchers("/api/admin/**").hasAuthority("ROLE_ADMIN") - /*.antMatchers("url").permitAll() - .antMatchers("url").hasAuthority("ROLE_ADMIN")*/ .anyRequest().authenticated() .and() .httpBasic() diff --git a/src/main/java/com/infinity/nto/controller/AdminController.java b/src/main/java/com/infinity/nto/controller/AdminController.java index 68dc727..b08c089 100644 --- a/src/main/java/com/infinity/nto/controller/AdminController.java +++ b/src/main/java/com/infinity/nto/controller/AdminController.java @@ -42,4 +42,11 @@ public class AdminController { String login = authentication.getName(); return adminService.getEmployeeEntryList(employeeLogin, login); } + + @PostMapping("/panel/is-employee-blocked") + private boolean isEmployeeBlocked(@RequestParam("employee-login") String employeeLogin, + Authentication authentication) { + String login = authentication.getName(); + return adminService.isEmployeeBlocked(employeeLogin, login); + } } diff --git a/src/main/java/com/infinity/nto/service/AdminService.java b/src/main/java/com/infinity/nto/service/AdminService.java index 42b54b7..e764ee5 100644 --- a/src/main/java/com/infinity/nto/service/AdminService.java +++ b/src/main/java/com/infinity/nto/service/AdminService.java @@ -9,4 +9,5 @@ public interface AdminService { EmployeeDataDto getEmployeeInfo(String employeeLogin, String selfLogin); void setBlockCondition(String employeeLogin, boolean blockCondition, String selfLogin); List getEmployeeEntryList(String employeeLogin, String selfLogin); + boolean isEmployeeBlocked(String employeeLogin, String selfLogin); } diff --git a/src/main/java/com/infinity/nto/service/impl/AdminServiceImpl.java b/src/main/java/com/infinity/nto/service/impl/AdminServiceImpl.java index c8e4496..dcd50df 100644 --- a/src/main/java/com/infinity/nto/service/impl/AdminServiceImpl.java +++ b/src/main/java/com/infinity/nto/service/impl/AdminServiceImpl.java @@ -4,6 +4,7 @@ import com.infinity.nto.dto.EmployeeDataDto; import com.infinity.nto.dto.EntryDto; import com.infinity.nto.dto.mapper.EmployeeDataMapper; import com.infinity.nto.dto.mapper.EntryMapper; +import com.infinity.nto.entity.Employee; import com.infinity.nto.entity.EmployeeData; import com.infinity.nto.exception.EmployeeDataNotFoundException; import com.infinity.nto.exception.EmployeeNotFoundException; @@ -76,4 +77,18 @@ public class AdminServiceImpl implements AdminService { .map(EntryMapper::toEntryDto) .collect(Collectors.toList()); } + + @Override + public boolean isEmployeeBlocked(String employeeLogin, String selfLogin) { + if (employeeLogin.equals(selfLogin)) { + throw new SelfChangeException("Self View"); + } + + Optional employee = employeeRepository.findByLogin(employeeLogin); + if (employee.isEmpty()) { + throw new EmployeeNotFoundException("Employee Not Found"); + } + + return employee.get().isBlock(); + } }