Merge branch '41-l-endpoint-employee-current-retourne-une-erreur-500-lorsque-l-employe-n-a-pas-ete-trouve-alors' into 'master'

Resolve "L'endpoint /employee/current retourne une erreur 500 lorsque l'employé n'a pas été trouvé, alors qu'il devrait retourner l'erreur 404" Closes #41 See merge request color-recipes-explorer/backend!3
2021-02-16 20:54:56 +00:00 · 2021-02-16 20:54:56 +00:00 · 0cae167a99
parent 0efef85949 a026c4a7a0
commit 0cae167a99
4 changed files with 48 additions and 30 deletions
--- a/src/main/kotlin/dev/fyloz/trial/colorrecipesexplorer/config/WebSecurityConfig.kt
+++ b/src/main/kotlin/dev/fyloz/trial/colorrecipesexplorer/config/WebSecurityConfig.kt
@ -1,6 +1,7 @@
 package dev.fyloz.trial.colorrecipesexplorer.config

 import com.fasterxml.jackson.module.kotlin.jacksonObjectMapper
+import dev.fyloz.trial.colorrecipesexplorer.exception.model.EntityNotFoundRestException
 import dev.fyloz.trial.colorrecipesexplorer.model.Employee
 import dev.fyloz.trial.colorrecipesexplorer.model.EmployeeLoginRequest
 import dev.fyloz.trial.colorrecipesexplorer.model.EmployeePermission
@ -53,7 +54,6 @@ import javax.servlet.http.HttpServletResponse
@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableConfigurationProperties(SecurityConfigurationProperties::class)
 class WebSecurityConfig(
-    val restAuthenticationEntryPoint: RestAuthenticationEntryPoint,
    val securityConfigurationProperties: SecurityConfigurationProperties,
    @Lazy val userDetailsService: EmployeeUserDetailsServiceImpl,
    @Lazy val employeeService: EmployeeServiceImpl,
@ -288,9 +288,11 @@ class JwtAuthorizationFilter(
        }
    }

-    private fun getAuthenticationToken(employeeId: String): UsernamePasswordAuthenticationToken {
+    private fun getAuthenticationToken(employeeId: String): UsernamePasswordAuthenticationToken? = try {
        val employeeDetails = userDetailsService.loadUserByEmployeeId(employeeId.toLong(), false)
-        return UsernamePasswordAuthenticationToken(employeeDetails.username, null, employeeDetails.authorities)
+        UsernamePasswordAuthenticationToken(employeeDetails.username, null, employeeDetails.authorities)
+    } catch (_: EntityNotFoundRestException) {
+        null
    }
 }

--- a/src/main/kotlin/dev/fyloz/trial/colorrecipesexplorer/rest/AccountControllers.kt
+++ b/src/main/kotlin/dev/fyloz/trial/colorrecipesexplorer/rest/AccountControllers.kt
@ -19,36 +19,54 @@ private const val EMPLOYEE_GROUP_CONTROLLER_PATH = "api/employee/group"
@RequestMapping(EMPLOYEE_CONTROLLER_PATH)
@Profile("rest")
 class EmployeeController(employeeService: EmployeeServiceImpl) :
-        AbstractModelRestApiController<Employee, EmployeeSaveDto, EmployeeUpdateDto, EmployeeServiceImpl>(employeeService, EMPLOYEE_CONTROLLER_PATH) {
+    AbstractModelRestApiController<Employee, EmployeeSaveDto, EmployeeUpdateDto, EmployeeServiceImpl>(
+        employeeService,
+        EMPLOYEE_CONTROLLER_PATH
+    ) {
    @GetMapping("current")
    @ResponseStatus(HttpStatus.OK)
-    fun getCurrent(loggedInEmployee: Principal): ResponseEntity<Employee> = ResponseEntity.ok(service.getById(loggedInEmployee.name.toLong(), ignoreDefaultGroupUsers = false, ignoreSystemUsers = false))
+    fun getCurrent(loggedInEmployee: Principal?): ResponseEntity<Employee> = if (loggedInEmployee != null)
+        ResponseEntity.ok(
+            service.getById(
+                loggedInEmployee.name.toLong(),
+                ignoreDefaultGroupUsers = false,
+                ignoreSystemUsers = false
+            )
+        )
+    else
+        ResponseEntity.status(HttpStatus.FORBIDDEN).build()

    @PutMapping("{id}/password", consumes = [MediaType.TEXT_PLAIN_VALUE])
    @ResponseStatus(HttpStatus.NO_CONTENT)
    fun updatePassword(@PathVariable id: Long, @RequestBody password: String): ResponseEntity<Void> {
        service.updatePassword(id, password)
        return ResponseEntity
-                .noContent()
-                .build()
+            .noContent()
+            .build()
    }

    @PutMapping("{employeeId}/permissions/{permission}")
    @ResponseStatus(HttpStatus.NO_CONTENT)
-    fun addPermission(@PathVariable employeeId: Long, @PathVariable permission: EmployeePermission): ResponseEntity<Void> {
+    fun addPermission(
+        @PathVariable employeeId: Long,
+        @PathVariable permission: EmployeePermission
+    ): ResponseEntity<Void> {
        service.addPermission(employeeId, permission)
        return ResponseEntity
-                .noContent()
-                .build()
+            .noContent()
+            .build()
    }

    @DeleteMapping("{employeeId}/permissions/{permission}")
    @ResponseStatus(HttpStatus.NO_CONTENT)
-    fun removePermission(@PathVariable employeeId: Long, @PathVariable permission: EmployeePermission): ResponseEntity<Void> {
+    fun removePermission(
+        @PathVariable employeeId: Long,
+        @PathVariable permission: EmployeePermission
+    ): ResponseEntity<Void> {
        service.removePermission(employeeId, permission)
        return ResponseEntity
-                .noContent()
-                .build()
+            .noContent()
+            .build()
    }

    @GetMapping("logout")
@ -63,32 +81,36 @@ class EmployeeController(employeeService: EmployeeServiceImpl) :
@RequestMapping(EMPLOYEE_GROUP_CONTROLLER_PATH)
@Profile("rest")
 class GroupsController(groupService: EmployeeGroupServiceImpl) :
-        AbstractModelRestApiController<EmployeeGroup, EmployeeGroupSaveDto, EmployeeGroupUpdateDto, EmployeeGroupServiceImpl>(groupService, EMPLOYEE_GROUP_CONTROLLER_PATH) {
+    AbstractModelRestApiController<EmployeeGroup, EmployeeGroupSaveDto, EmployeeGroupUpdateDto, EmployeeGroupServiceImpl>(
+        groupService,
+        EMPLOYEE_GROUP_CONTROLLER_PATH
+    ) {
    @GetMapping("{id}/employees")
    @ResponseStatus(HttpStatus.OK)
-    fun getEmployeesForGroup(@PathVariable id: Long): ResponseEntity<Collection<Employee>> = ResponseEntity.ok(service.getEmployeesForGroup(id))
+    fun getEmployeesForGroup(@PathVariable id: Long): ResponseEntity<Collection<Employee>> =
+        ResponseEntity.ok(service.getEmployeesForGroup(id))

    @PostMapping("default/{groupId}")
    @ResponseStatus(HttpStatus.NO_CONTENT)
    fun setDefaultGroup(@PathVariable groupId: Long, response: HttpServletResponse): ResponseEntity<Void> {
        service.setResponseDefaultGroup(groupId, response)
        return ResponseEntity
-                .noContent()
-                .build()
+            .noContent()
+            .build()
    }

    @GetMapping("default")
    @ResponseStatus(HttpStatus.OK)
    fun getRequestDefaultGroup(request: HttpServletRequest): ResponseEntity<EmployeeGroup> =
-            ResponseEntity.ok(service.getRequestDefaultGroup(request))
+        ResponseEntity.ok(service.getRequestDefaultGroup(request))

    @PutMapping("{groupId}/{employeeId}")
    @ResponseStatus(HttpStatus.NO_CONTENT)
    fun addEmployeeToGroup(@PathVariable groupId: Long, @PathVariable employeeId: Long): ResponseEntity<Void> {
        service.addEmployeeToGroup(groupId, employeeId)
        return ResponseEntity
-                .noContent()
-                .build()
+            .noContent()
+            .build()
    }

    @DeleteMapping("{groupId}/{employeeId}")
@ -96,7 +118,7 @@ class GroupsController(groupService: EmployeeGroupServiceImpl) :
    fun removeEmployeeFromGroup(@PathVariable groupId: Long, @PathVariable employeeId: Long): ResponseEntity<Void> {
        service.removeEmployeeFromGroup(groupId, employeeId)
        return ResponseEntity
-                .noContent()
-                .build()
+            .noContent()
+            .build()
    }
 }
--- a/src/main/kotlin/dev/fyloz/trial/colorrecipesexplorer/service/AccountService.kt
+++ b/src/main/kotlin/dev/fyloz/trial/colorrecipesexplorer/service/AccountService.kt
@ -322,8 +322,7 @@ class EmployeeGroupServiceImpl(

@Service
 class EmployeeUserDetailsServiceImpl(
-    val employeeService: EmployeeService,
-    val securityConfigurationProperties: SecurityConfigurationProperties
+    val employeeService: EmployeeService
 ) :
    EmployeeUserDetailsService {
    override fun loadUserByUsername(username: String): UserDetails {
--- a/src/test/kotlin/dev/fyloz/trial/colorrecipesexplorer/service/AccountsServiceTest.kt
+++ b/src/test/kotlin/dev/fyloz/trial/colorrecipesexplorer/service/AccountsServiceTest.kt
@ -398,12 +398,7 @@ class EmployeeGroupServiceTest : AbstractExternalModelServiceTest<EmployeeGroup,

 class EmployeeUserDetailsServiceTest {
    private val employeeService: EmployeeService = mock()
-    private val securityConfigurationProperties = SecurityConfigurationProperties().apply {
-        jwtSecret = "secret"
-        jwtDuration = 1000L
-        root = SecurityConfigurationProperties.SystemUserCredentials(999L, "root")
-    }
-    private val service = spy(EmployeeUserDetailsServiceImpl(employeeService, securityConfigurationProperties))
+    private val service = spy(EmployeeUserDetailsServiceImpl(employeeService))

    private val employee = employee(id = 0L)