UserController.java

/**
 * TFG 75.678 - TFG Desarrollo web 2020 e-Learning for Schools
 * Copyright (C) 2020  Eduardo Rodriguez Carro
 *
 * This program is free software: you can redistribute it and/or modify
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation, either version 3 of the License, or
 * (at your option) any later version.
 *
 * This program is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with this program.  If not, see <http://www.gnu.org/licenses/>.
 */
package org.uoc.tfg.sel.web;

import java.util.List;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RestController;
import org.uoc.tfg.sel.repository.model.EventJob;
import org.uoc.tfg.sel.repository.model.User;
import org.uoc.tfg.sel.repository.model.UserType;
import org.uoc.tfg.sel.service.UserService;
import org.uoc.tfg.sel.web.model.UserRelations;

/**
 * The Class UserController.
 * @author Eduardo Rodriguez Carro
 */
@RestController
@CrossOrigin
@RequestMapping("/users")
public class UserController {

	/** The user service. */
	@Autowired
	private UserService userService;
	
	/** The encoder. */
	@Autowired
	private PasswordEncoder encoder;
	
	/**
	 * Tipos de usuario.
	 *
	 * @return the user types
	 * @throws Exception the exception
	 */
	@PreAuthorize("isAuthenticated()")
	@RequestMapping(value = "/types", method = RequestMethod.GET)
	public ResponseEntity<List<UserType>> getUserTypes() throws Exception {
		return ResponseEntity.ok(userService.getUserTypes());
	}
	
	/**
	 * Listado de usuarios por tipo.
	 *
	 * @return the users all
	 * @throws Exception the exception
	 */
	@PreAuthorize("hasRole('ROLE_API_USERS')")
	@RequestMapping(value = "/all", method = RequestMethod.GET)
	public ResponseEntity<List<User>> getUsersAll() throws Exception {
		return ResponseEntity.ok(userService.getUserAll());
	}
	
	/**
	 * Listado de usuarios por tipo.
	 *
	 * @return the users tutors
	 * @throws Exception the exception
	 */
	@PreAuthorize("hasRole('ROLE_API_USERS_TUTORS')")
	@RequestMapping(value = "/tutors", method = RequestMethod.GET)
	public ResponseEntity<List<User>> getUsersTutors() throws Exception {
		return ResponseEntity.ok(userService.getUserTutor());
	}
	
	/**
	 * Listado de usuarios por tipo.
	 *
	 * @return the users teachers
	 * @throws Exception the exception
	 */
	@PreAuthorize("hasRole('ROLE_API_USERS_TEACHERS')")
	@RequestMapping(value = "/teachers", method = RequestMethod.GET)
	public ResponseEntity<List<User>> getUsersTeachers() throws Exception {
		return ResponseEntity.ok(userService.getUserTeachers());
	}
	
	/**
	 * Listado de usuarios por tipo.
	 *
	 * @param id the id
	 * @return the users by id
	 * @throws Exception the exception
	 */
	@PreAuthorize("hasRole('ROLE_API_USERS')")
	@RequestMapping(value = "/item/{id}", method = RequestMethod.GET)
	public ResponseEntity<User> getUsersById(@PathVariable("id") Integer id) throws Exception {
		User user = userService.getUserById(id);
		return ResponseEntity.ok(user);
	}
	
	/**
	 * Listado de usuarios por tipo.
	 *
	 * @return the response entity
	 * @throws Exception the exception
	 */
	 @PreAuthorize("hasRole('ROLE_API_USERS_STUDENTS')") 
	 @RequestMapping(value = "/students", method = RequestMethod.GET)
	 public ResponseEntity<List<User>> getStudents() throws Exception {
		 return ResponseEntity.ok( userService.getUserStudents());
	 }
	 
	/**
	 * Listado de usuarios por tipo.
	 *
	 * @param user the user
	 * @return the response entity
	 * @throws Exception the exception
	 */
	@PreAuthorize("hasRole('ROLE_API_USERS_EDIT')")
	@RequestMapping(value = "/save", method = RequestMethod.POST)
	public ResponseEntity<User> saveUser(@RequestBody User user) throws Exception {
		if (user.getPassword() != null) {
			user.setPassword(encoder.encode(user.getPassword()));
		}
		User newUser = userService.save(user);
		newUser.setPassword(null);
		return ResponseEntity.ok(newUser);
	}
	
	/**
	 * User delete.
	 *
	 * @param id the id
	 * @return the response entity
	 * @throws Exception the exception
	 */
	@PreAuthorize("hasRole('ROLE_API_USERS_DELETE')")
	@RequestMapping(value = "/delete/{id}", method = RequestMethod.DELETE)
	public ResponseEntity<Void> userDelete(@PathVariable("id") Integer id) throws Exception {
		userService.delete(id);
		return ResponseEntity.ok().build();
	}
	
	/**
	 * User delete.
	 *
	 * @param relations the relations
	 * @return the response entity
	 * @throws Exception the exception
	 */
	@PreAuthorize("hasRole('ROLE_API_USERS_ASSIGN')")
	@RequestMapping(value = "/relations/save", method = RequestMethod.POST)
	public ResponseEntity<Void> userRelationsSave(@RequestBody UserRelations relations) throws Exception {
		userService.saveUserRelations(relations.getTutor(), relations.getUsers());
		return ResponseEntity.ok().build();
	}
	
	/**
	 * User jobs report.
	 *
	 * @param authentication the authentication
	 * @return the response entity
	 */
	@PreAuthorize("hasRole('ROLE_API_USERS_JOBSREPORT')")
	@RequestMapping(value = "/jobs/report", method = RequestMethod.GET)
	public ResponseEntity<List<EventJob>> userJobsReport(Authentication authentication){
		User user = ControllerUtils.getUser(authentication);
		List<EventJob> jobs = userService.userJobsReport(user);
		return ResponseEntity.ok(jobs);
	}
}