dev/2025-02-19-18-07

src/main/java/com/example/nto/config/WebSecurityConfig.java

@@ -26,6 +26,7 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
                 .csrf().disable()
                 .authorizeRequests()
                 .antMatchers("/api/employee/**").hasAnyAuthority("ROLE_EMPLOYEE", "ROLE_ADMIN")
+                .antMatchers("/api/admin/**").hasAuthority("ROLE_ADMIN")
                 /*
                 .antMatchers("url").permitAll()
                 .antMatchers("url").hasAuthority("ROLE_ADMIN")*/

src/main/java/com/example/nto/controller/AdminController.java

@@ -1,4 +1,46 @@
 package com.example.nto.controller;
 
+import com.example.nto.entity.EmployeeData;
+import com.example.nto.entity.Entry;
+import com.example.nto.service.AdminService;
+import lombok.RequiredArgsConstructor;
+import org.springframework.security.core.Authentication;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.web.bind.annotation.PostMapping;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.bind.annotation.RestController;
+
+import java.util.List;
+
+@RestController
+@RequiredArgsConstructor
+@RequestMapping("/api/admin")
 public class AdminController {
+    private final AdminService adminService;
+
+    @PostMapping("/am-i-admin")
+    private void amIAdmin() {}
+
+    @PostMapping("/panel/get-employee-info")
+    private EmployeeData getEmployeeInfo(@RequestParam("employee-login") String employeeLogin) {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        String login = authentication.getName();
+        return adminService.getEmployeeInfo(employeeLogin, login);
+    }
+
+    @PostMapping("/panel/set-block-condition")
+    private void setBlockCondition(@RequestParam("employee-login") String employeeLogin,
+                                   @RequestParam("block-condition") boolean blockCondition) {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        String login = authentication.getName();
+        adminService.setBlockCondition(employeeLogin, blockCondition, login);
+    }
+
+    @PostMapping("/panel/get-employee-entry-list")
+    private List<Entry> getEmployeeEntryList(@RequestParam("employee-login") String employeeLogin) {
+        Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
+        String login = authentication.getName();
+        return adminService.getEmployeeEntryList(employeeLogin, login);
+    }
 }

src/main/java/com/example/nto/exception/GlobalExceptionHandler.java

@@ -26,4 +26,9 @@ public class GlobalExceptionHandler {
     ResponseEntity<String> employeeIsBlockedExceptionHandler(EmployeeIsBlockedException e) {
         return new ResponseEntity<>(e.getMessage(), HttpStatus.LOCKED);
     }
+
+    @ExceptionHandler(SelfChangeException.class)
+    ResponseEntity<String> selfChangeExceptionHandler(SelfChangeException e) {
+        return new ResponseEntity<>(e.getMessage(), HttpStatus.NOT_ACCEPTABLE);
+    }
 }

src/main/java/com/example/nto/exception/SelfChangeException.java

@@ -0,0 +1,7 @@
+package com.example.nto.exception;
+
+public class SelfChangeException extends RuntimeException {
+    public SelfChangeException(String message) {
+        super(message);
+    }
+}

src/main/java/com/example/nto/repository/EmployeeRepository.java

@@ -17,4 +17,8 @@ public interface EmployeeRepository extends JpaRepository<Employee, Long> {
     Optional<Long> findIdByLogin(@Param("login") String login);
 
     Optional<Employee> findByLogin(String login);
+
+    @Modifying
+    @Query(value = "update Employee e set e.is_block = :value where e.id = :id", nativeQuery = true)
+    void updateBlockCondition(@Param("id") long id, @Param("value") boolean value);
 }

src/main/java/com/example/nto/service/AdminService.java

@@ -0,0 +1,12 @@
+package com.example.nto.service;
+
+import com.example.nto.entity.EmployeeData;
+import com.example.nto.entity.Entry;
+
+import java.util.List;
+
+public interface AdminService {
+    EmployeeData getEmployeeInfo(String employeeLogin, String selfLogin);
+    void setBlockCondition(String employeeLogin, boolean blockCondition, String selfLogin);
+    List<Entry> getEmployeeEntryList(String employeeLogin, String selfLogin);
+}

src/main/java/com/example/nto/service/impl/AdminServiceImpl.java

@@ -0,0 +1,73 @@
+package com.example.nto.service.impl;
+
+import com.example.nto.entity.EmployeeData;
+import com.example.nto.entity.Entry;
+import com.example.nto.exception.EmployeeDataNotFoundException;
+import com.example.nto.exception.EmployeeNotFoundException;
+import com.example.nto.exception.SelfChangeException;
+import com.example.nto.repository.EmployeeDataRepository;
+import com.example.nto.repository.EmployeeRepository;
+import com.example.nto.repository.EntryRepository;
+import com.example.nto.service.AdminService;
+import lombok.RequiredArgsConstructor;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+import java.util.List;
+import java.util.Optional;
+
+@Service
+@RequiredArgsConstructor
+public class AdminServiceImpl implements AdminService {
+    private final EmployeeRepository employeeRepository;
+    private final EmployeeDataRepository employeeDataRepository;
+    private final EntryRepository entryRepository;
+
+    @Override
+    public EmployeeData getEmployeeInfo(String employeeLogin, String selfLogin) {
+        if (employeeLogin.equals(selfLogin)) {
+            throw new SelfChangeException("Self View");
+        }
+
+        Optional<Long> employee = employeeRepository.findIdByLogin(employeeLogin);
+        if (employee.isEmpty()) {
+            throw new EmployeeNotFoundException("Employee Not Found");
+        }
+
+        Optional<EmployeeData> employeeData = employeeDataRepository.findByOwnerId(employee.get());
+        if (employeeData.isEmpty()) {
+            throw new EmployeeDataNotFoundException("Employee Data Not Found");
+        }
+
+        return employeeData.get();
+    }
+
+    @Transactional
+    @Override
+    public void setBlockCondition(String employeeLogin, boolean blockCondition, String selfLogin) {
+        if (employeeLogin.equals(selfLogin)) {
+            throw new SelfChangeException("Self Change");
+        }
+
+        Optional<Long> employee = employeeRepository.findIdByLogin(employeeLogin);
+        if (employee.isEmpty()) {
+            throw new EmployeeNotFoundException("Employee Not Found");
+        }
+
+        employeeRepository.updateBlockCondition(employee.get(), blockCondition);
+    }
+
+    @Override
+    public List<Entry> getEmployeeEntryList(String employeeLogin, String selfLogin) {
+        if (employeeLogin.equals(selfLogin)) {
+            throw new SelfChangeException("Self View");
+        }
+
+        Optional<Long> employee = employeeRepository.findIdByLogin(employeeLogin);
+        if (employee.isEmpty()) {
+            throw new EmployeeNotFoundException("Employee Not Found");
+        }
+
+        return entryRepository.findAllByEmployeeId(employee.get());
+    }
+}

src/main/resources/data.sql

@@ -7,9 +7,9 @@ INSERT INTO employee (login, password_hashed, is_block)
 VALUES ('employee', '$2a$12$tcu/4mrJaMwLO5Uskojstu45joSdR2E5/WrLRELDis554DAo.Y5tS', false);
 
 INSERT INTO employee_data (owner_id, name, photo, employee_position, last_visit)
-VALUES (1, 'dangeon master', 'photo', 'fucking slave', '2024-02-12T08:30');
+VALUES (1, 'peter', 'photo', 'backend developer', '2024-02-12T08:30');
 INSERT INTO employee_data (owner_id, name, photo, employee_position, last_visit)
-VALUES (2, 'dangeon master', 'photo', 'fucking slave', '2024-02-12T08:30');
+VALUES (2, 'semyon', 'photo', 'frontend developer', '2024-02-12T08:30');
 
 INSERT INTO relationship_employee_and_role (employee_id, role_id) VALUES (1, 2);
 INSERT INTO relationship_employee_and_role (employee_id, role_id) VALUES (2, 1);