add permitted authorities for a user in the /api/v1/user endpoint && …

…removed /api/v1/users endpoint (to get all the authorities) (#99)

webapp/src/main/java/ar/edu/itba/paw/webapp/controllers/DTOEntityMapper.java

@@ -8,8 +8,11 @@
 import org.modelmapper.ModelMapper;
 import org.modelmapper.convention.MatchingStrategies;
 import org.modelmapper.spi.MatchingStrategy;
+import org.springframework.security.core.GrantedAuthority;
 
+import java.util.Collection;
 import java.util.Set;
+import java.util.stream.Collectors;
 
 public class DTOEntityMapper {
 
@@ -103,23 +106,38 @@ Admin convertToAdmin(final AdminsUpdateDTO adminsUpdateDTO) {
     return modelMapper.map(adminsUpdateDTO, Admin.class);
   }
 
-  UserSessionDTO convertToAdminSessionDTO(final User user) {
-    final UserSessionDTO userSessionDTO = modelMapper.map(user, UserSessionDTO.class);
+  UserSessionDTO convertToAdminSessionDTO(final User user, Collection<? extends GrantedAuthority> authorities) {
+    final UserSessionDTO adminSessionDTO = new UserSessionDTO();
     final AddressDTO addressDTO = convertToAddressDTO(user.getAddress());
 
-    userSessionDTO.setAddress(addressDTO);
-    userSessionDTO.setRole(Role.ADMIN);
-
-    return userSessionDTO;
-  }
-
-  StudentSessionDTO convertToStudentSessionDTO(final User user) {
-    final StudentSessionDTO userSessionDTO = modelMapper.map(user, StudentSessionDTO.class);
-    final AddressDTO addressDTO = convertToAddressDTO(user.getAddress());
-
-    userSessionDTO.setAddress(addressDTO);
-    userSessionDTO.setRole(Role.STUDENT);
-
-    return userSessionDTO;
+    adminSessionDTO.setDni(user.getDni());
+    adminSessionDTO.setFirstName(user.getFirstName());
+    adminSessionDTO.setLastName(user.getLastName());
+    adminSessionDTO.setGenre(user.getGenre());
+    adminSessionDTO.setBirthday(user.getBirthday());
+    adminSessionDTO.setEmail(user.getEmail());
+    adminSessionDTO.setRole(user.getRole());
+    adminSessionDTO.setAddress(addressDTO);
+    adminSessionDTO.setAuthorities(authorities.stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList()));
+
+    return adminSessionDTO;
+  }
+
+  StudentSessionDTO convertToStudentSessionDTO(final Student student, final Collection<? extends GrantedAuthority> authorities) {
+    final StudentSessionDTO studentSessionDTO = new StudentSessionDTO();
+    final AddressDTO addressDTO = convertToAddressDTO(student.getAddress());
+
+    studentSessionDTO.setDni(student.getDni());
+    studentSessionDTO.setFirstName(student.getFirstName());
+    studentSessionDTO.setLastName(student.getLastName());
+    studentSessionDTO.setGenre(student.getGenre());
+    studentSessionDTO.setBirthday(student.getBirthday());
+    studentSessionDTO.setEmail(student.getEmail());
+    studentSessionDTO.setRole(student.getRole());
+    studentSessionDTO.setDocket(student.getDocket());
+    studentSessionDTO.setAddress(addressDTO);
+    studentSessionDTO.setAuthorities(authorities.stream().map(GrantedAuthority::getAuthority).collect(Collectors.toList()));
+
+    return studentSessionDTO;
   }
 }

webapp/src/main/java/ar/edu/itba/paw/webapp/controllers/SessionController.java

@@ -12,13 +12,15 @@
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.GrantedAuthority;
 import org.springframework.stereotype.Component;
 
 import javax.ws.rs.GET;
 import javax.ws.rs.Path;
 import javax.ws.rs.Produces;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
+import java.util.Collection;
 import java.util.List;
 
 @Component
@@ -42,16 +44,17 @@ public class SessionController {
 	@Produces(MediaType.APPLICATION_JSON)
 	public Response sessionShow() {
 		final int dni = LoggedUser.getDni();
+		final Collection<? extends GrantedAuthority> authorities = LoggedUser.getAuthorities();
 		final List<Role> roles = us.getRole(dni);
 
 		if(roles.contains(Role.ADMIN)) {
 			final Admin admin = as.getByDni(dni);
-			final UserSessionDTO adminSessionDTO = mapper.convertToAdminSessionDTO(admin);
+			final UserSessionDTO adminSessionDTO = mapper.convertToAdminSessionDTO(admin, authorities);
 
 			return Response.ok(adminSessionDTO).build();
 		} else if(roles.contains(Role.STUDENT)) {
 			final Student student = ss.getByDni(dni);
-			final StudentSessionDTO studentSessionDTO = mapper.convertToStudentSessionDTO(student);
+			final StudentSessionDTO studentSessionDTO = mapper.convertToStudentSessionDTO(student, authorities);
 
 			return Response.ok(studentSessionDTO).build();
 		} else {

webapp/src/main/java/ar/edu/itba/paw/webapp/controllers/UserController.java

@@ -3,22 +3,18 @@
 import ar.edu.itba.paw.interfaces.UserService;
 import ar.edu.itba.paw.webapp.auth.LoggedUser;
 import ar.edu.itba.paw.webapp.forms.PasswordDTO;
-import ar.edu.itba.paw.webapp.models.AuthoritiesDTO;
-import ar.edu.itba.paw.webapp.models.AuthorityDTO;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Component;
 
 import javax.validation.Valid;
-import javax.ws.rs.*;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
-import java.util.Arrays;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import java.util.stream.Collectors;
 
 import static javax.ws.rs.core.Response.*;
 
@@ -28,85 +24,9 @@ public class UserController {
 
   private final static Logger LOGGER = LoggerFactory.getLogger(UserController.class);
 
-  private static final Map<String, String> authoritiesMap =
-          Arrays.stream(new String[][] {
-                  // -- Roles
-
-                  { "STUDENT", ""},
-                  { "ADMIN", ""},
-
-                  // -- StudentController
-
-                  { "VIEW_STUDENTS", "/students"}, // Permit All
-                  { "ADD_STUDENT", "/students"},
-                  { "VIEW_STUDENT", "/students/{docket}"}, // Permit All
-                  { "EDIT_STUDENT", "/students/{docket}"}, // Permit All
-                  { "DELETE_STUDENT", "/students/{docket}"},
-
-                  { "VIEW_INSCRIPTIONS", "/students/{docket}/courses"}, // Permit All
-                  { "ADD_INSCRIPTION", "/students/{docket}/courses"}, // Permit All
-                  { "DELETE_INSCRIPTION", "/students/{docket}/courses"}, // Permit All
-                  //* { "VIEW_INSCRIPTIONS_AVAILABLE "/{docket}/courses/available" // Permit All
-
-                  { "VIEW_GRADES", "/students/{docket}/grades"}, // Permit All
-                  { "ADD_GRADE", "/students/{docket}/grades"},
-                  { "EDIT_GRADE", "/students/{docket}/grades/{gradeId}"},
-
-                  //* { "VIEW_FINAL_INSCRIPTIONS", "students/{docket}/finalInscriptions"}, // Permit All
-                  //* {"VIEW_FINAL_INSCRIPTION", "students/{docket}/finalInscriptions/{finalInscriptionId}"}, // Permit All
-                  { "ADD_FINAL_INSCRIPTION", "students/{docket}/finalInscriptions/{finalInscriptionId}"}, // Permit All
-                  { "DELETE_FINAL_INSCRIPTION", "students/{docket}/finalInscriptions/{finalInscriptionId}"}, // Permit All
-                  //* { "VIEW_FINAL_INSCRIPTIONS_AVAILABLE", "students/{docket}/finalInscriptions/available"}, // Permit All
-
-                  // -- CourseController
-
-                  { "VIEW_COURSES", "/courses"}, // Permit All
-                  { "ADD_COURSE", "/courses"},
-                  { "VIEW_COURSE", "/courses/{courseId}"}, // Permit All
-                  { "EDIT_COURSE", "/courses/{courseId}"},
-                  { "DELETE_COURSE", "/courses/{courseId}"},
-
-                  //* {"VIEW_COURSE_STUDENTS", "/courses/{courseId}/students"} // Permit All
-                  { "VIEW_STUDENTS_APPROVED", "/courses/{courseId}/students/passed"},
-
-                  { "ADD_CORRELATIVE", "/courses/{courseId}/correlatives"},
-                  { "DELETE_CORRELATIVE", "/courses/{courseId}/correlatives/{correlativeId}"},
-
-                  //*{"VIEW_COURSE_FINAL_INSCRIPTIONS", "courses/finalInscriptions/{finalInscriptionId}"},
-                  //*{"QUALIFY_COURSE_FINAL", "courses/finalInscriptions/{finalInscriptionId}/grades"},
-
-                  // -- AdminController
-
-                  { "VIEW_ADMINS", "/admins"},
-                  { "ADD_ADMIN", "/admins"},
-                  { "VIEW_ADMIN", "/admins/{dni}"},
-                  { "EDIT_ADMIN", "/admins/{dni}"},
-                  { "DELETE_ADMIN", "/admins/{dni}"},
-
-                  { "DISABLE_INSCRIPTION", "/admins/inscriptions"},
-
-                  // -- UserController
-
-                  { "CHANGE_PASSWORD", "/users/{dni}/password/change"}, // Permit All
-                  { "RESET_PASSWORD", "/users/{dni}/password/reset"},
-          }).collect(Collectors.toMap(kv -> kv[0], kv -> kv[1]));
-
   @Autowired
   private UserService us;
 
-  @GET
-  @Produces(MediaType.APPLICATION_JSON)
-  public Response usersAuthorities(){
-    List<String> actions = LoggedUser.getAuthorities().stream().map(Object::toString).collect(Collectors.toList());
-    List<AuthorityDTO> authoritiesList = new LinkedList<>();
-
-    for(String action: actions){
-      authoritiesList.add(new AuthorityDTO(action, authoritiesMap.get(action)));
-    }
-
-    return ok().entity(new AuthoritiesDTO(authoritiesList)).build();
-  }
-
   @POST
   @Path("/{dni}/password/change")
   @Consumes(MediaType.APPLICATION_JSON)

webapp/src/main/java/ar/edu/itba/paw/webapp/models/AuthorityDTO.java

@@ -1,31 +1,25 @@
 package ar.edu.itba.paw.webapp.models;
 
+import org.springframework.security.core.GrantedAuthority;
+
 public class AuthorityDTO {
 
-  private String action;
-  private String location;
 
-  public AuthorityDTO() {}
+  private String authority;
 
-  public AuthorityDTO(String action, String location) {
-    this.action = action;
-    this.location = location;
-  }
+  public AuthorityDTO() {
 
-  public String getAction() {
-    return action;
   }
 
-  public void setAction(String action) {
-    this.action = action;
+  public AuthorityDTO(final GrantedAuthority authority) {
+    this.authority = authority.getAuthority();
   }
 
-  public String getLocation() {
-    return location;
+  public String getAuthority() {
+    return authority;
   }
 
-  public void setLocation(String location) {
-    this.location = location;
+  public void setAuthority(String authority) {
+    this.authority = authority;
   }
-
 }

webapp/src/main/java/ar/edu/itba/paw/webapp/models/StudentSessionDTO.java

@@ -4,6 +4,7 @@
 import ar.edu.itba.paw.models.users.User;
 
 import java.time.LocalDate;
+import java.util.List;
 
 /**
  * Used for returning info about the logged in user with role STUDENT
@@ -24,6 +25,7 @@ public class StudentSessionDTO {
 	private Role role;
 	private AddressDTO address;
 	private int docket;
+	private List<String> authorities;
 
 	public StudentSessionDTO() {
 	}
@@ -99,4 +101,12 @@ public int getDocket() {
 	public void setDocket(int docket) {
 		this.docket = docket;
 	}
+
+	public List<String> getAuthorities() {
+		return authorities;
+	}
+
+	public void setAuthorities(List<String> authorities) {
+		this.authorities = authorities;
+	}
 }

webapp/src/main/java/ar/edu/itba/paw/webapp/models/UserSessionDTO.java

@@ -4,6 +4,7 @@
 import ar.edu.itba.paw.models.users.User;
 
 import java.time.LocalDate;
+import java.util.List;
 
 /**
  * Used for returning info about the logged in user with role ADMIN
@@ -19,9 +20,14 @@ public class UserSessionDTO {
 	private Role role;
 	private AddressDTO address;
 
+
+	private List<String> authorities;
+
 	public UserSessionDTO() {
 	}
 
+
+
 	public Integer getDni() {
 		return dni;
 	}
@@ -85,4 +91,12 @@ public AddressDTO getAddress() {
 	public void setAddress(final AddressDTO address) {
 		this.address = address;
 	}
+
+	public List<String> getAuthorities() {
+		return authorities;
+	}
+
+	public void setAuthorities(final List<String> authorities) {
+		this.authorities = authorities;
+	}
 }