diff --git a/server/src/main/java/com/vpr/server/controller/EventController.java b/server/src/main/java/com/vpr/server/controller/EventController.java index b168eff..fbcd2f7 100644 --- a/server/src/main/java/com/vpr/server/controller/EventController.java +++ b/server/src/main/java/com/vpr/server/controller/EventController.java @@ -4,7 +4,8 @@ import com.vpr.server.data.Event; import com.vpr.server.data.User; import com.vpr.server.data.UserEvent; import com.vpr.server.dao.interfaces.EventDAO; -import com.vpr.server.json.EventJSONMapper; +import com.vpr.server.json.JSONMapper; +import com.vpr.server.json.Validator; import com.vpr.server.repository.EventRepository; import com.vpr.server.repository.UserEventRepository; import com.vpr.server.repository.UserRepository; @@ -38,68 +39,24 @@ public class EventController { @PostMapping(path = "/add") public @ResponseBody ResponseEntity addEvent( - @RequestParam Integer userId, + @RequestHeader("Authorization") String authorizationHeader, + @RequestParam long userId, @RequestParam String date, @RequestParam String name, @RequestParam String start, @RequestParam String end, - @RequestParam Integer prority, + @RequestParam Integer priority, @RequestParam Boolean isFullDay, @RequestParam Boolean isPrivate ) { - String errorString = ""; - - Event event = new Event(); - - System.out.println(name.length() + ". name " + name); - if (name.length() > 3) { - event.setName(name); - } else { - System.out.println("NAME IST ZU KURZ"); - return new ResponseEntity<>("Der Name ist zu kurz", HttpStatus.BAD_REQUEST); + User authUser = userRepository.findByToken(authorizationHeader.split("\\s")[1]); + if (authUser == null || (!authUser.isAdmin() && authUser.getId() != userId)) { + return new ResponseEntity<>("Du hast keine Rechte um den Termin zu erstellen", HttpStatus.UNAUTHORIZED); } - try { - SimpleDateFormat simpleDateFormat = new SimpleDateFormat("hh:mm"); - long ms = simpleDateFormat.parse(start).getTime(); - event.setStart(new Time(ms)); - } catch (Exception e) { - event.setStart(null); - } + ResponseEntity BAD_REQUEST = createEventAndUserEvent(userId, date, name, start, end, priority, isFullDay, isPrivate); + if (BAD_REQUEST != null) return BAD_REQUEST; - try { - SimpleDateFormat simpleDateFormat = new SimpleDateFormat("hh:mm"); - long ms = simpleDateFormat.parse(end).getTime(); - event.setEnd(new Time(ms)); - } catch (Exception e) { - event.setEnd(null); - } - - event.setPriority(prority); - event.setFullDay(isFullDay); - event.setPrivate(isPrivate); - - UserEvent userEvent = new UserEvent(); - - try { - System.out.println("date " + date); - SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd"); - userEvent.setDate(new java.sql.Date(simpleDateFormat.parse(date).getTime())); - } catch (Exception e) { - System.out.println("DATE FORMAT NOT CORRECT"); - return new ResponseEntity<>("Datumformat nicht korrekt", HttpStatus.BAD_REQUEST); - } - - userEvent.setEvent(event); - long uId = Long.valueOf(userId); - User user = userRepository.findById(uId); - userEvent.setUser(user); - - System.out.println(userEvent); - System.out.println(user); - - eventRepository.save(event); - userEventRepository.save(userEvent); return new ResponseEntity<>("", HttpStatus.OK); } @@ -111,52 +68,105 @@ public class EventController { @RequestParam long userId, @RequestParam String date ) { - System.out.println("authorizationHeader " + authorizationHeader); User authUser = userRepository.findByToken(authorizationHeader.split("\\s")[1]); - if(authUser == null || (!authUser.isAdmin() && authUser.getId() != userId)){ - return new ResponseEntity<>( "Du hast keine Rechte um den Termin zu löschen", HttpStatus.UNAUTHORIZED); + if (authUser == null || (!authUser.isAdmin() && authUser.getId() != userId)) { + return new ResponseEntity<>("Du hast keine Rechte um den Termin zu löschen", HttpStatus.UNAUTHORIZED); } - EventRepository.UserEventInterface userEvent = eventRepository.findUserEventByEventIdUserIdAndDate(eventId, authUser.getId(), date); - - //Optional event = eventRepository.findById(eventId); - - if (userEvent == null){ - return new ResponseEntity<>( "Der Termin exestiert nicht", HttpStatus.BAD_REQUEST); + eventRepository.deleteUserEventsById(userId, eventId, date); + if(eventDAO.getAllEventsWithId(eventId).size() == 0){ + eventRepository.deleteById(eventId); } - return new ResponseEntity<>( "Der Termin exestiert", HttpStatus.OK); -/* - eventRepository.deleteUserEventsById(eventId); - eventRepository.deleteById(eventId); return new ResponseEntity<>("", HttpStatus.OK); - */ } - /* + @PostMapping(path = "/all") public @ResponseBody - List getAllEvents( - @RequestParam long userId, + ResponseEntity getAllEvents( + @RequestHeader("Authorization") String authorizationHeader, @RequestParam String startDate, @RequestParam String endDate ) { - return eventRepository.findEventsInDateRange(userId, startDate, endDate); + User authUser = userRepository.findByToken(authorizationHeader.split("\\s")[1]); + if (authUser == null) { + return new ResponseEntity<>("Bitte erneut einloggen", HttpStatus.UNAUTHORIZED); + } + + List eventList = eventDAO.getAllEventsInTimespan(authUser.getId(), startDate, endDate); + + return new ResponseEntity<>(JSONMapper.ToJSON(eventList), HttpStatus.OK); } - */ + @PostMapping(path = "/edit") public @ResponseBody - String editEvent( + ResponseEntity editEvent( + @RequestHeader("Authorization") String authorizationHeader, @RequestParam Long eventId, @RequestParam Long userId, - @RequestParam String date + @RequestParam String date, + @RequestParam String newDate, + @RequestParam String newName, + @RequestParam String newStart, + @RequestParam String newEnd, + @RequestParam Integer newPriority, + @RequestParam Boolean newIsFullDay, + @RequestParam Boolean newIsPrivate ) { - //EventRepository.UserEventInterface userEvent = eventRepository.findUserEventByEventIdUserIdAndDate(eventId, userId, date); - //List userEvent = eventRepository.findByNativeQuery(); - List eventList = eventDAO.getAllEvents(); + User authUser = userRepository.findByToken(authorizationHeader.split("\\s")[1]); + if (authUser == null || (!authUser.isAdmin() && authUser.getId() != userId)) { + return new ResponseEntity<>("Du hast keine Rechte um den Termin zu bearbeiten", HttpStatus.UNAUTHORIZED); + } - return EventJSONMapper.ToJSON(eventList); + List eventList = eventDAO.getAllEventsWithIdAndDate(userId, eventId, date); + + if (eventList == null || eventList.size() == 0) { + return new ResponseEntity<>("Der Termin exestiert nicht in der Datenbank", HttpStatus.BAD_REQUEST); + } + if (eventList.size() > 1) { + return new ResponseEntity<>("Drr Termin ist doppelt vorhanden. (Um das zu lösen versuche den Termin zu löschen und erneut zu erstellen)", HttpStatus.BAD_REQUEST); + } + + eventRepository.deleteUserEventsById(userId, eventId, date); + if(eventDAO.getAllEventsWithId(eventId).size() == 0){ + eventRepository.deleteById(eventId); + } + + ResponseEntity BAD_REQUEST = createEventAndUserEvent(userId, newDate, newName, newStart, newEnd, newPriority, newIsFullDay, newIsPrivate); + if (BAD_REQUEST != null) return BAD_REQUEST; + + return new ResponseEntity<>("", HttpStatus.OK); } + private ResponseEntity createEventAndUserEvent(long userId, String date, String name, String start, String end, Integer priority, Boolean isFullDay, Boolean isPrivate) { + User user = userRepository.findById(userId); + if(user == null){ + return new ResponseEntity<>("UserId nicht korrekt", HttpStatus.BAD_REQUEST); + } + + try { + Event event = new Event(); + + event.setName(Validator.ValidateEventName(name)); + event.setStart(Validator.ValidateEventTime(start)); + event.setEnd(Validator.ValidateEventTime(end)); + event.setPriority(priority); + event.setFullDay(isFullDay); + event.setPrivate(isPrivate); + + UserEvent userEvent = new UserEvent(); + + userEvent.setDate(Validator.ValidateEventDate(date)); + userEvent.setEvent(event); + userEvent.setUser(user); + + eventRepository.save(event); + userEventRepository.save(userEvent); + }catch (IllegalArgumentException exception){ + return new ResponseEntity<>(exception.getMessage(), HttpStatus.BAD_REQUEST); + } + return null; + } } diff --git a/server/src/main/java/com/vpr/server/dao/implementation/EventDAOImplementation.java b/server/src/main/java/com/vpr/server/dao/implementation/EventDAOImplementation.java index 68d028a..93b6b9f 100644 --- a/server/src/main/java/com/vpr/server/dao/implementation/EventDAOImplementation.java +++ b/server/src/main/java/com/vpr/server/dao/implementation/EventDAOImplementation.java @@ -20,4 +20,29 @@ public class EventDAOImplementation implements EventDAO { public List getAllEvents() { return manager.createNamedQuery("getAllEvents", Event.class).getResultList(); } + + @Override + public List getAllEventsWithId(long eventId) { + return manager.createNamedQuery("getAllEventsWithId", Event.class) + .setParameter("eventId", eventId) + .getResultList(); + } + + @Override + public List getAllEventsInTimespan(long userId, String startDate, String endDate) { + return manager.createNamedQuery("getAllEventsInTimespan", Event.class) + .setParameter("userId", userId) + .setParameter("startDate", startDate) + .setParameter("endDate", endDate) + .getResultList(); + } + + @Override + public List getAllEventsWithIdAndDate(long userId, long eventId, String date) { + return manager.createNamedQuery("getAllEventsWithIdAndDate", Event.class) + .setParameter("userId", userId) + .setParameter("eventId", eventId) + .setParameter("date", date) + .getResultList(); + } } diff --git a/server/src/main/java/com/vpr/server/dao/interfaces/EventDAO.java b/server/src/main/java/com/vpr/server/dao/interfaces/EventDAO.java index 7f51211..f9d8b96 100644 --- a/server/src/main/java/com/vpr/server/dao/interfaces/EventDAO.java +++ b/server/src/main/java/com/vpr/server/dao/interfaces/EventDAO.java @@ -5,5 +5,12 @@ import com.vpr.server.data.Event; import java.util.List; public interface EventDAO { + List getAllEvents(); + + List getAllEventsInTimespan(long userId, String startDate, String endDate); + + List getAllEventsWithIdAndDate(long userId, long eventId, String date); + + List getAllEventsWithId(long eventId); } diff --git a/server/src/main/java/com/vpr/server/data/Event.java b/server/src/main/java/com/vpr/server/data/Event.java index 744a6ca..dc11e4e 100644 --- a/server/src/main/java/com/vpr/server/data/Event.java +++ b/server/src/main/java/com/vpr/server/data/Event.java @@ -38,6 +38,37 @@ import java.util.List; name = "getAllEvents", query = "SELECT * FROM event", resultClass = Event.class + ), + @NamedNativeQuery( + name = "getAllEventsInTimespan", + query = "SELECT * " + + "FROM event e " + + "INNER JOIN user_event ue " + + "ON e.id = ue.event_id " + + "WHERE (ue.user_id = :userId OR e.is_private = 0) " + + "AND ue.date > :startDate " + + "AND ue.date < :endDate", + resultClass = Event.class + ), + @NamedNativeQuery( + name = "getAllEventsWithIdAndDate", + query = "SELECT * " + + "FROM event e " + + "INNER JOIN user_event ue " + + "ON e.id = ue.event_id " + + "WHERE ue.user_id = :userId " + + "AND ue.event_id = :eventId " + + "AND ue.date = :date", + resultClass = Event.class + ), + @NamedNativeQuery( + name = "getAllEventsWithId", + query = "SELECT * " + + "FROM event e " + + "INNER JOIN user_event ue " + + "ON e.id = ue.event_id " + + "WHERE ue.event_id = :eventId", + resultClass = Event.class ) }) public class Event implements Serializable { diff --git a/server/src/main/java/com/vpr/server/json/EventJSONMapper.java b/server/src/main/java/com/vpr/server/json/JSONMapper.java similarity index 58% rename from server/src/main/java/com/vpr/server/json/EventJSONMapper.java rename to server/src/main/java/com/vpr/server/json/JSONMapper.java index a56cb19..0d0c224 100644 --- a/server/src/main/java/com/vpr/server/json/EventJSONMapper.java +++ b/server/src/main/java/com/vpr/server/json/JSONMapper.java @@ -7,25 +7,23 @@ import java.sql.Time; import java.util.ArrayList; import java.util.List; -public class EventJSONMapper { +public class JSONMapper { public static List ToJSON(Event event){ List eventListJSON = new ArrayList<>(); for (UserEvent userEvent : event.getUserEvent()) { String eventJSON = "{" + - "\"ownerId\": " + - userEvent.getUser().getId() + - ", \"ownerId\": \"" + - userEvent.getUser().getName() + - ", \"date\": \"" + - userEvent.getDate() + - "\", " + - "\"id\": " + event.getId() + "," + - "\"name\": \"" + event.getName() + "\"," + - "\"priority\": " + event.getPriority() + "," + - "\"start\": " + ToJSON(event.getStart()) + "," + - "\"end\": " + ToJSON(event.getEnd()) + + "\"ownerId\": " + userEvent.getUser().getId() + ", " + + "\"ownerName\": \"" + userEvent.getUser().getForename() + " " + userEvent.getUser().getName() + "\", " + + "\"date\": \"" + userEvent.getDate() + "\", " + + "\"id\": " + event.getId() + "," + + "\"name\": \"" + event.getName() + "\"," + + "\"priority\": " + event.getPriority() + "," + + "\"isFullDay\": " + event.isFullDay() + "," + + "\"isPrivate\": " + event.isPrivate() + "," + + "\"start\": " + ToJSON(event.getStart()) + "," + + "\"end\": " + ToJSON(event.getEnd()) + "}"; eventListJSON.add(eventJSON); diff --git a/server/src/main/java/com/vpr/server/json/Validator.java b/server/src/main/java/com/vpr/server/json/Validator.java new file mode 100644 index 0000000..54b3d98 --- /dev/null +++ b/server/src/main/java/com/vpr/server/json/Validator.java @@ -0,0 +1,47 @@ +package com.vpr.server.json; + +import com.vpr.server.data.UserEvent; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; + +import java.sql.Date; +import java.sql.Time; +import java.text.SimpleDateFormat; +import java.util.regex.Matcher; +import java.util.regex.Pattern; + +public class Validator { + public static String ValidateEventName(String name) throws IllegalArgumentException { + if (name.length() < 3) { + System.out.println("NAME TO SHORT"); + throw new IllegalArgumentException("Der Name ist zu kurz"); + } + Pattern pattern = Pattern.compile("[A-Za-z\u00e4\u00f6\u00fc\u00c4\u00d6\u00dc\u00df0-9 =!?+*/$.:,;_<>()-]*"); + Matcher matcher = pattern.matcher(name); + if(!matcher.matches()){ + System.out.println("NAME HAS ILLEGALCHARS"); + throw new IllegalArgumentException("Der Name enthält nicht erlaubte Zeichen"); + } + return name; + } + + public static Time ValidateEventTime(String time) throws IllegalArgumentException { + try { + SimpleDateFormat simpleDateFormat = new SimpleDateFormat("hh:mm"); + long ms = simpleDateFormat.parse(time).getTime(); + return new Time(ms); + } catch (Exception e) { + return null; + } + } + + public static Date ValidateEventDate(String date) throws IllegalArgumentException { + try { + SimpleDateFormat simpleDateFormat = new SimpleDateFormat("yyyy-MM-dd"); + return new Date(simpleDateFormat.parse(date).getTime()); + } catch (Exception e) { + System.out.println("DATE FORMAT NOT CORRECT"); + throw new IllegalArgumentException("Datumformat nicht korrekt"); + } + } +} diff --git a/server/src/main/java/com/vpr/server/repository/EventRepository.java b/server/src/main/java/com/vpr/server/repository/EventRepository.java index 0754a44..2b9d51e 100644 --- a/server/src/main/java/com/vpr/server/repository/EventRepository.java +++ b/server/src/main/java/com/vpr/server/repository/EventRepository.java @@ -65,10 +65,10 @@ public interface EventRepository extends CrudRepository { @Modifying @Transactional @Query( - value = "DELETE ue FROM user_event ue WHERE ue.event_id = ?1", + value = "DELETE ue FROM user_event ue WHERE ue.event_id = :eventId AND ue.user_id = :userId AND ue.date = :date", nativeQuery = true ) - void deleteUserEventsById(long id); + void deleteUserEventsById(long userId, long eventId, String date); @Modifying