Code cleanup

2021-03-27 15:22:39 +01:00
parent b4ce6600a4
commit 148fb7b7db
7 changed files with 45 additions and 18 deletions
--- a/build.gradle.kts
+++ b/build.gradle.kts
@@ -26,8 +26,7 @@ dependencies {
 	implementation("org.jetbrains.kotlin:kotlin-stdlib-jdk8")
 	implementation("io.github.microutils:kotlin-logging-jvm:2.0.6")
 	// https://mvnrepository.com/artifact/net.folivo/matrix-spring-boot-bot
-	implementation ("net.folivo:matrix-spring-boot-bot:0.4.5")
-//	implementation (group = "net.folivo", name = "matrix-spring-boot-bot", version = "0.4.6")
+	implementation ("net.folivo:matrix-spring-boot-bot:0.4.6")
 	developmentOnly("org.springframework.boot:spring-boot-devtools")
 	runtimeOnly("com.h2database:h2")
 	runtimeOnly("io.r2dbc:r2dbc-h2")
--- a/src/main/kotlin/eu/fosil/okupamicoche/spring/controller/PrivateTravelRestController.kt
+++ b/src/main/kotlin/eu/fosil/okupamicoche/spring/controller/PrivateTravelRestController.kt
@@ -9,9 +9,13 @@ import eu.fosil.okupamicoche.repositories.UserRepository
 import eu.fosil.okupamicoche.spring.services.AuthService
 import eu.fosil.okupamicoche.spring.services.UseCaseService
 import eu.fosil.okupamicoche.usecases.travel.*
+import mu.KotlinLogging
 import org.springframework.data.repository.findByIdOrNull
 import org.springframework.validation.annotation.Validated
-import org.springframework.web.bind.annotation.*
+import org.springframework.web.bind.annotation.RequestBody
+import org.springframework.web.bind.annotation.RequestMapping
+import org.springframework.web.bind.annotation.RequestParam
+import org.springframework.web.bind.annotation.RestController

@RestController
@RequestMapping("/api/travel")
@@ -21,6 +25,7 @@ class PrivateTravelRestController(
    private val travelRepository: TravelRepository,
    private val useCaseService: UseCaseService
 ) : ApiRestController {
+    private val logger = KotlinLogging.logger {}

    @RequestMapping("/create")
    suspend fun createTravel(@RequestBody @Validated travel: TravelDto): ApiResponse<Unit> {
@@ -39,6 +44,7 @@ class PrivateTravelRestController(
    @RequestMapping("/cancel")
    suspend fun cancelTravel(@RequestParam @Validated travelId: TravelId): ApiResponse<Unit> {
        return response {
+            throwErrorIfCannotEditTravel(travelId)
            CancelTravel(travelRepository).cancelTravel(travelId)
        }
    }
@@ -46,8 +52,7 @@ class PrivateTravelRestController(
    @RequestMapping("/delete")
    suspend fun deleteTravel(@RequestParam @Validated travelId: TravelId): ApiResponse<Unit> {
        return response {
-            if (!authService.canEditTravel(travelId))
-                throw InsufficientPermissions("Only admins and travel driver can delete this travel.")
+            throwErrorIfCannotEditTravel(travelId)
            DeleteTravel(travelRepository).deleteTravel(travelId)
        }
    }
@@ -55,8 +60,7 @@ class PrivateTravelRestController(
    @RequestMapping("/edit")
    suspend fun editTravel(@RequestBody @Validated travel: TravelDto): ApiResponse<Unit> {
        return response {
-            if (!authService.canEditTravel(travel.id))
-                throw InsufficientPermissions("Only admins and travel driver can edit this travel.")
+            throwErrorIfCannotEditTravel(travel.id)
            EditTravel(travelRepository).editTravel(travel.toTravel(userRepository))
        }
    }
@@ -67,7 +71,7 @@ class PrivateTravelRestController(
            val userId = authService.currentUser().id
            val useCase = ListUserTravels(travelRepository)
            val travels = useCase.listUserTravels(userId).map { t -> TravelDto(t) }
-            println("travels=$travels")
+            logger.debug { "travels=$travels" }
            ListDto(useCase.countUserTravels(userId), travels)
        }
    }
@@ -94,6 +98,7 @@ class PrivateTravelRestController(
        @RequestParam @Validated userId: UserId
    ): ApiResponse<Unit> {
        return response {
+            throwErrorIfCannotEditTravel(travelId)
            AddTraveler(userRepository, travelRepository).addTraveler(travelId, userId)
        }
    }
@@ -104,7 +109,16 @@ class PrivateTravelRestController(
        @RequestParam @Validated userId: UserId
    ): ApiResponse<Unit> {
        return response {
+            throwErrorIfCannotEditTravel(travelId)
            RemoveTraveler(userRepository, travelRepository).removeTraveler(travelId, userId)
        }
    }
+
+    private fun throwErrorIfCannotEditTravel(
+        travelId: TravelId?,
+        message: String = "Only admins and travel driver can modify this travel."
+    ) {
+        if (!authService.canEditTravel(travelId))
+            throw InsufficientPermissions(message)
+    }
 }
--- a/src/main/kotlin/eu/fosil/okupamicoche/spring/controller/PrivateUserRestController.kt
+++ b/src/main/kotlin/eu/fosil/okupamicoche/spring/controller/PrivateUserRestController.kt
@@ -39,7 +39,7 @@ class PrivateUserRestController(
    @RequestMapping("/create")
    suspend fun createUser(@RequestBody @Validated createUserDto: CreateUserDto): ApiResponse<Unit> {
        return response {
-            if (!authService.currentUser().admin)
+            if (!authService.isAdmin())
                throw InsufficientPermissions("Only admins can create users.")
            CreateUser(userRepository).createUser(createUserDto.toUser())
        }
@@ -55,6 +55,7 @@ class PrivateUserRestController(
    @RequestMapping("/delete")
    suspend fun deleteUser(@RequestBody @Validated userId: UserId): ApiResponse<Unit> {
        return response {
+            throwErrorIfCannotEditUser(userId)
            DeleteUser(userRepository).deleteUser(userId)
        }
    }
@@ -62,6 +63,7 @@ class PrivateUserRestController(
    @RequestMapping("/edit")
    suspend fun editUser(@RequestBody @Validated userDto: UserDto): ApiResponse<Unit> {
        return response {
+            throwErrorIfCannotEditUser(userDto.id)
            EditUser(userRepository).editUser(userDto.toUser(userRepository))
        }
    }
@@ -72,4 +74,12 @@ class PrivateUserRestController(
            ListUsers(userRepository).listUsers().map { UserDto(it) }
        }
    }
+
+    private fun throwErrorIfCannotEditUser(
+        userId: UserId?,
+        message: String = "Only admins and travel driver can modify this user."
+    ) {
+        if (!authService.canEditUser(userId))
+            throw InsufficientPermissions(message)
+    }
 }
--- a/src/main/kotlin/eu/fosil/okupamicoche/spring/services/AuthService.kt
+++ b/src/main/kotlin/eu/fosil/okupamicoche/spring/services/AuthService.kt
@@ -25,12 +25,17 @@ class AuthService(
        throw UserIdNotFoundException()
    }

+    fun isAdmin(): Boolean {
+        return currentUser().admin
+    }
+
    fun canEditTravel(travelId: TravelId?): Boolean {
        val travel = travelRepository.findByIdOrNull(travelId) ?: return false
        return currentUser().admin || currentUser().id == travel.driver.id
    }

-    fun canEditUser(user: User): Boolean {
-        return currentUser().admin || currentUser().id == user.id
+    fun canEditUser(userId: UserId?): Boolean {
+        if (userId == null) return false
+        return currentUser().admin || currentUser().id == userId
    }
 }
--- a/src/main/kotlin/eu/fosil/okupamicoche/spring/services/MatrixService.kt
+++ b/src/main/kotlin/eu/fosil/okupamicoche/spring/services/MatrixService.kt
@@ -18,7 +18,7 @@ class MatrixService(private val matrixClient: MatrixClient): MatrixApi {
        val roomId = matrixClient.roomsApi.createRoom(
            name = name,
            roomAliasId = MatrixId.RoomAliasId("#$alias:synapse"),
-            invite = usersToInviteId.collect(Collectors.toSet()),
+//            invite = usersToInviteId.collect(Collectors.toSet()),
            topic = topic
        )
        return roomId.full
--- a/src/main/kotlin/eu/fosil/okupamicoche/usecases/travel/ListUserTravels.kt
+++ b/src/main/kotlin/eu/fosil/okupamicoche/usecases/travel/ListUserTravels.kt
@@ -6,7 +6,6 @@ import eu.fosil.okupamicoche.repositories.TravelRepository

 class ListUserTravels(private val travelRepository: TravelRepository) {
    fun listUserTravels(idUser: UserId): List<Travel> {
-        println("idUser=$idUser")
        return listOf(
            travelRepository.findUserTravelsAsDriver(idUser),
            travelRepository.findUserTravelsAsTraveler(idUser)
--- a/src/main/resources/application.yml
+++ b/src/main/resources/application.yml
@@ -38,12 +38,12 @@ matrix:
    # (optional) Configure if ALL membership changes should be tracked/saved with help of MatrixAppserviceRoomService
    # or only membership changes of users, which are MANAGED by the bridge. Default is ALL (no tracking/saving).
    trackMembership: ALL
-    # Connection settings to the database (only r2dbc drivers are supported)
+    # Connection setting to the database for migration purpose only (only jdbc drivers ar supported)
    migration:
      url: jdbc:h2:file:./matrix
      username: sa
      password:
-    # Connection setting to the database for migration purpose only (only jdbc drivers ar supported)
+    # Connection settings to the database (only r2dbc drivers are supported)
    database:
      url: r2dbc:h2:file:///./matrix
      username: sa
@@ -57,13 +57,13 @@ matrix:
      # (optional) Use http or https. Default is true (so uses https).
      secure: false
    # The token to authenticate against the Homeserver.
-    token: 30c05ae90a248a4188e620216fa72e349803310ec83e2a77b34fe90be6081f46
+    token: "30c05ae90a248a4188e620216fa72e349803310ec83e2a77b34fe90be6081f46"
  appservice:
    # A unique token for Homeservers to use to authenticate requests to application services.
-    hsToken: 312df522183efd404ec1cd22d2ffa4bbc76a8c1ccf541dd692eef281356bb74e
+    hsToken: "312df522183efd404ec1cd22d2ffa4bbc76a8c1ccf541dd692eef281356bb74e"
    # A list of users, aliases and rooms namespaces that the application service controls.
    namespaces:
      users: [ ]
      aliases:
-        - localpartRegex: "#viaje_.*"
+        - localpartRegex: "viaje_.*"
      rooms: [ ]