fix admin / student permissions when setting inscriptions on / off (#111

)
MatiasComercio · Feb 5, 2017 · b6279cb · b6279cb
1 parent fc098b3
commit b6279cb
Show file tree

Hide file tree

Showing 3 changed files with 40 additions and 42 deletions.
diff --git a/persistence/src/main/java/ar/edu/itba/paw/persistence/AdminHibernateDao.java b/persistence/src/main/java/ar/edu/itba/paw/persistence/AdminHibernateDao.java
@@ -58,9 +58,9 @@ public List<Admin> getAllAdmins() {
 		final CriteriaQuery<Admin> queryForAdmins = builder.createQuery(Admin.class);
 		final Root<Admin> fromAdmins = queryForAdmins.from(Admin.class);
 		final CriteriaQuery<Admin> orderBy = queryForAdmins.orderBy(
-				builder.asc(fromAdmins.get("lastName")),
-				builder.asc(fromAdmins.get("firstName")),
-				builder.asc(fromAdmins.get("dni"))
+						builder.asc(fromAdmins.get("lastName")),
+						builder.asc(fromAdmins.get("firstName")),
+						builder.asc(fromAdmins.get("dni"))
 		);
 
 		final TypedQuery<Admin> query = em.createQuery(orderBy);
@@ -122,33 +122,42 @@ public List<Admin> getByFilter(final AdminFilter adminFilter) {
 		return em.createQuery(queryFilter.getQuery()).getResultList();
 	}
 
-	/* +++xchange: all this logic should be on the service when authorities are migrated to runtime */
 	private boolean disableAddInscriptions() {
-		final TypedQuery<RoleClass> query = em.createQuery(GET_ROLE, RoleClass.class);
-		query.setParameter(ROLE_COLUMN, Role.STUDENT);
-		query.setMaxResults(ONE);
-		final List<RoleClass> roles = query.getResultList();
-		final RoleClass role =  roles.get(FIRST);
-		final Collection<Authority> authorities = role.getMutableAuthorities();
+		removeAuthority(Role.STUDENT, "ADD_INSCRIPTION");
+		removeAuthority(Role.ADMIN,   "ADD_INSCRIPTION");
 
-		authorities.remove(new Authority("ADD_INSCRIPTION"));
+		return true;
+	}
 
-		em.persist(role);
+	private boolean disableDeleteInscriptions() {
+		removeAuthority(Role.STUDENT, "DELETE_INSCRIPTION");
+		removeAuthority(Role.ADMIN,   "DELETE_INSCRIPTION");
 
 		return true;
 	}
 
-	private boolean disableDeleteInscriptions() {
+	private void removeAuthority(final Role role, final String authority) {
 		final TypedQuery<RoleClass> query = em.createQuery(GET_ROLE, RoleClass.class);
-		query.setParameter(ROLE_COLUMN, Role.STUDENT);
+		query.setParameter(ROLE_COLUMN, role);
 		query.setMaxResults(ONE);
-		final List<RoleClass> roles = query.getResultList();
-		final RoleClass role =  roles.get(FIRST);
-		final Collection<Authority> authorities = role.getMutableAuthorities();
+		final RoleClass roleClass = query.getResultList().get(FIRST);
+		final Collection<Authority> authorities = roleClass.getMutableAuthorities();
+
+		authorities.remove(new Authority(authority));
+
+		em.persist(roleClass);
+	}
+
+	private boolean addAuthority(final Role role, final String authority) {
+		final TypedQuery<RoleClass> query = em.createQuery(GET_ROLE, RoleClass.class);
+		query.setParameter(ROLE_COLUMN, role);
+		query.setMaxResults(ONE);
+		final RoleClass roleClass = query.getResultList().get(FIRST);
+		final Collection<Authority> authorities = roleClass.getMutableAuthorities();
 
-		authorities.remove(new Authority("DELETE_INSCRIPTION"));
+		authorities.add(new Authority(authority));
 
-		em.persist(role);
+		em.persist(roleClass);
 
 		return true;
 	}
@@ -178,31 +187,15 @@ public boolean enableInscriptions() {
 	}
 
 	private boolean enableAddInscriptions() {
-		final TypedQuery<RoleClass> query = em.createQuery(GET_ROLE, RoleClass.class);
-		query.setParameter(ROLE_COLUMN, Role.STUDENT);
-		query.setMaxResults(ONE);
-		final List<RoleClass> roles = query.getResultList();
-		final RoleClass role =  roles.get(FIRST);
-		final Collection<Authority> authorities = role.getMutableAuthorities();
-
-		authorities.add(new Authority("ADD_INSCRIPTION"));
-
-		em.persist(role);
+		addAuthority(Role.STUDENT, "ADD_INSCRIPTION");
+		addAuthority(Role.ADMIN, "ADD_INSCRIPTION");
 
 		return true;
 	}
 
 	private boolean enableDeleteInscriptions() {
-		final TypedQuery<RoleClass> query = em.createQuery(GET_ROLE, RoleClass.class);
-		query.setParameter(ROLE_COLUMN, Role.STUDENT);
-		query.setMaxResults(ONE);
-		final List<RoleClass> roles = query.getResultList();
-		final RoleClass role =  roles.get(FIRST);
-		final Collection<Authority> authorities = role.getMutableAuthorities();
-
-		authorities.add(new Authority("DELETE_INSCRIPTION"));
-
-		em.persist(role);
+		addAuthority(Role.STUDENT, "DELETE_INSCRIPTION");
+		addAuthority(Role.ADMIN, "DELETE_INSCRIPTION");
 
 		return true;
 	}

diff --git a/services/src/main/java/ar/edu/itba/paw/services/AdminServiceImpl.java b/services/src/main/java/ar/edu/itba/paw/services/AdminServiceImpl.java
@@ -77,7 +77,10 @@ public Admin getByDni(final int dni) {
     @Transactional
     @Override
     public boolean disableInscriptions() {
-        return adminDao.disableInscriptions();
+        if(isInscriptionEnabled()) {
+            return adminDao.disableInscriptions();
+        }
+        return false;
 //        final boolean done = adminDao.disableAddInscriptions();
 //
 //        if(!done) {
@@ -89,7 +92,10 @@ public boolean disableInscriptions() {
     @Transactional
     @Override
     public boolean enableInscriptions() {
-        return adminDao.enableInscriptions();
+        if(!isInscriptionEnabled()) {
+            return adminDao.enableInscriptions();
+        }
+        return false;
 //        // +++ ximprove: this should be only one method.
 //        boolean enableAddResult = adminDao.enableAddInscriptions();
 //        boolean enableDeleteResult = adminDao.enableDeleteInscriptions();

diff --git a/webapp/src/main/java/ar/edu/itba/paw/webapp/models/InscriptionSwitchDTO.java b/webapp/src/main/java/ar/edu/itba/paw/webapp/models/InscriptionSwitchDTO.java
@@ -3,7 +3,6 @@
 import javax.validation.constraints.NotNull;
 
 public class InscriptionSwitchDTO {
-  //TODO ask if it should receive a string and parse it so that other thing different from true is not considered false, except for false
   @NotNull
   private boolean enabled;