From af32747c1eae5249724059d90fa5057227620bb3 Mon Sep 17 00:00:00 2001 From: unknown Date: Wed, 18 Sep 2024 14:46:48 +0200 Subject: [PATCH] removed check for COMPANY_OWNER role when no role was needed --- .../com/MeetMate/company/CompanyController.java | 7 ++++--- .../java/com/MeetMate/company/CompanyService.java | 13 +++---------- .../java/com/MeetMate/security/SecurityConfig.java | 4 ++-- 3 files changed, 9 insertions(+), 15 deletions(-) diff --git a/src/main/java/com/MeetMate/company/CompanyController.java b/src/main/java/com/MeetMate/company/CompanyController.java index 2810e1f..970bc71 100644 --- a/src/main/java/com/MeetMate/company/CompanyController.java +++ b/src/main/java/com/MeetMate/company/CompanyController.java @@ -28,13 +28,14 @@ public Company getCompany(@Argument long id) { } catch (Throwable t) { Class tc = t.getClass(); - return null; + return new Company(-1, "error", "error"); + // if (tc == EntityNotFoundException.class) // return ResponseEntity.status(HttpStatus.NOT_FOUND).body("message: " + t.getMessage()); -// + // if (tc == IllegalArgumentException.class) // return ResponseEntity.status(HttpStatus.BAD_REQUEST).body("message: " + t.getMessage()); -// + // return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("message: " + t.getMessage()); } } diff --git a/src/main/java/com/MeetMate/company/CompanyService.java b/src/main/java/com/MeetMate/company/CompanyService.java index b282145..e74c332 100644 --- a/src/main/java/com/MeetMate/company/CompanyService.java +++ b/src/main/java/com/MeetMate/company/CompanyService.java @@ -27,13 +27,6 @@ public class CompanyService { private final SequenceService sequenceService; public Company getCompany(long id) throws IllegalArgumentException { - - //Test if user is a company owner - if (userRepository.findUserById(id) - .orElseThrow(() -> new EntityNotFoundException("User not found!")) - .getRole() != UserRole.COMPANY_OWNER) - throw new IllegalArgumentException("User is not a company owner"); - return companyRepository.findCompanyById(id) .orElseThrow(() -> new EntityNotFoundException("Company not found")); } @@ -57,7 +50,7 @@ public void createCompany(String companyName, String ownerEmail, String ownerNam @Transactional public void editCompany(String token, String companyName, String description, String businessType) { - String ownerEmail = getCompanyWithToken(token).getOwnerEmail(); + String ownerEmail = getCompanyWithOwnerEmail(token).getOwnerEmail(); Query query = new Query(Criteria.where("ownerEmail").is(ownerEmail)); Update update = new Update(); @@ -69,7 +62,7 @@ public void editCompany(String token, String companyName, String description, St @Transactional public void deleteCompany(String token) { - Company company = getCompanyWithToken(token); + Company company = getCompanyWithOwnerEmail(token); try { userController.deleteUser(token); } catch (Throwable t) { @@ -78,7 +71,7 @@ public void deleteCompany(String token) { companyRepository.delete(company); } - private Company getCompanyWithToken(String ownerEmail) throws IllegalArgumentException { + private Company getCompanyWithOwnerEmail(String ownerEmail) throws IllegalArgumentException { //Test if user is a company owner if (userRepository.findUserByEmail(ownerEmail) diff --git a/src/main/java/com/MeetMate/security/SecurityConfig.java b/src/main/java/com/MeetMate/security/SecurityConfig.java index 6e3f21e..2189bb5 100644 --- a/src/main/java/com/MeetMate/security/SecurityConfig.java +++ b/src/main/java/com/MeetMate/security/SecurityConfig.java @@ -26,8 +26,8 @@ public SecurityFilterChain securityFilterChain(HttpSecurity httpSecurity) throws .authorizeHttpRequests( authorizeRequests -> authorizeRequests -// .requestMatchers("/api/user/login", "/api/user/signup", "/test/test", "/graphql/**") - .requestMatchers("/**") + .requestMatchers("/api/user/login", "/api/user/signup", "/test/test", "/graphql/**") +// .requestMatchers("/**") .permitAll() // Whitelist .anyRequest().authenticated() // Everything else should be authenticated )