Sprint2 yugo

src/main/java/edu/uark/registerapp/commands/activeUsers/ValidateActiveUserCommand.java

@@ -0,0 +1,41 @@
+package edu.uark.registerapp.commands.activeUsers;
+
+import java.util.Optional;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.stereotype.Service;
+
+import edu.uark.registerapp.commands.ResultCommandInterface;
+import edu.uark.registerapp.commands.exceptions.UnauthorizedException;
+import edu.uark.registerapp.models.entities.ActiveUserEntity;
+import edu.uark.registerapp.models.repositories.ActiveUserRepository;
+
+@Service
+public class ValidateActiveUserCommand implements ResultCommandInterface<ActiveUserEntity> {
+	@Override
+	public ActiveUserEntity execute() {
+		final Optional<ActiveUserEntity> activeUserEntity =
+			this.activeUserRepository.findBySessionKey(this.sessionKey);
+
+		if (!activeUserEntity.isPresent()) {
+			throw new UnauthorizedException();
+		}
+
+		return activeUserEntity.get();
+	}
+
+	// Properties
+	private String sessionKey;
+
+	public String getSessionKey() {
+		return this.sessionKey;
+	}
+
+	public ValidateActiveUserCommand setSessionKey(final String sessionKey) {
+		this.sessionKey = sessionKey;
+		return this;
+	}
+
+	@Autowired
+	private ActiveUserRepository activeUserRepository;
+}

src/main/java/edu/uark/registerapp/commands/employees/helpers/EmployeeHelper.java

@@ -0,0 +1,23 @@
+package edu.uark.registerapp.commands.employees.helpers;
+
+import org.apache.commons.lang3.StringUtils;
+
+public class EmployeeHelper {
+	public static String padEmployeeId(final int employeeId) {
+		final String employeeIdAsString = Integer.toString(employeeId);
+
+		return ((employeeIdAsString.length() < EMPLOYEE_ID_MAXIMUM_LENGTH)
+			? StringUtils.leftPad(
+				employeeIdAsString,
+				EMPLOYEE_ID_MAXIMUM_LENGTH,
+				"0")
+			: employeeIdAsString);
+	}
+
+	public static byte[] hashPassword(final String password) {
+		// TODO: Hash the password using a MessageDigest. An example can be found at http://tutorials.jenkov.com/java-cryptography/messagedigest.html
+		return new byte[0];
+	}
+
+	private static final int EMPLOYEE_ID_MAXIMUM_LENGTH = 5;
+}

src/main/java/edu/uark/registerapp/controllers/BaseRestController.java

@@ -0,0 +1,89 @@
+package edu.uark.registerapp.controllers;
+
+import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.HttpServletResponse;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.http.HttpStatus;
+import org.springframework.web.bind.annotation.ExceptionHandler;
+import org.springframework.web.bind.annotation.ResponseBody;
+
+import edu.uark.registerapp.commands.activeUsers.ValidateActiveUserCommand;
+import edu.uark.registerapp.commands.exceptions.ConflictException;
+import edu.uark.registerapp.commands.exceptions.NotFoundException;
+import edu.uark.registerapp.commands.exceptions.UnauthorizedException;
+import edu.uark.registerapp.commands.exceptions.UnprocessableEntityException;
+import edu.uark.registerapp.controllers.enums.QueryParameterMessages;
+import edu.uark.registerapp.controllers.enums.QueryParameterNames;
+import edu.uark.registerapp.controllers.enums.ViewNames;
+import edu.uark.registerapp.models.api.ApiResponse;
+import edu.uark.registerapp.models.entities.ActiveUserEntity;
+import edu.uark.registerapp.models.enums.EmployeeClassification;
+
+public class BaseRestController extends BaseController {
+	protected ApiResponse redirectSessionNotActive(
+		final HttpServletResponse response
+	) {
+
+		response.setStatus(HttpStatus.FOUND.value());
+		return (new ApiResponse())
+			.setRedirectUrl(
+				ViewNames.SIGN_IN.getRoute().concat(
+					this.buildInitialQueryParameter(
+						QueryParameterNames.ERROR_CODE.getValue(),
+						QueryParameterMessages.SESSION_NOT_ACTIVE.getKeyAsString())));
+	}
+
+	protected ApiResponse redirectUserNotElevated(
+		final HttpServletRequest request,
+		final HttpServletResponse response
+	) {
+
+		return this.redirectUserNotElevated(request, response, ViewNames.MAIN_MENU.getRoute());
+	}
+
+	protected ApiResponse redirectUserNotElevated(
+		final HttpServletRequest request,
+		final HttpServletResponse response,
+		final String redirectRoute
+	) {
+
+		try {
+			final ActiveUserEntity activeUserEntity =
+				this.validateActiveUserCommand
+					.setSessionKey(request.getSession().getId())
+					.execute();
+
+			if (activeUserEntity == null) {
+				return this.redirectSessionNotActive(response);
+			} else if (!EmployeeClassification.isElevatedUser(activeUserEntity.getClassification())) {
+				response.setStatus(HttpStatus.FOUND.value());
+
+				return (new ApiResponse())
+					.setRedirectUrl(
+						redirectRoute.concat(
+							this.buildInitialQueryParameter(
+								QueryParameterNames.ERROR_CODE.getValue(),
+								QueryParameterMessages.NO_PERMISSIONS_FOR_ACTION.getKeyAsString())));
+			}
+		} catch (final UnauthorizedException e) {
+			return this.redirectSessionNotActive(response);
+		}
+
+		return new ApiResponse();
+	}
+
+	@ExceptionHandler({
+		ConflictException.class,
+		NotFoundException.class,
+		UnauthorizedException.class,
+		UnprocessableEntityException.class
+	})
+	public @ResponseBody ApiResponse handleError(final Exception e) {
+		return (new ApiResponse()).setErrorMessage(e.getMessage());
+	}
+
+	// Properties
+	@Autowired
+	private ValidateActiveUserCommand validateActiveUserCommand;
+}

src/main/java/edu/uark/registerapp/controllers/BaseRouteController.java

@@ -0,0 +1,117 @@
+package edu.uark.registerapp.controllers;
+
+import java.util.Map;
+import java.util.Optional;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.apache.commons.lang3.StringUtils;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.web.servlet.ModelAndView;
+
+import edu.uark.registerapp.commands.activeUsers.ValidateActiveUserCommand;
+import edu.uark.registerapp.commands.exceptions.UnauthorizedException;
+import edu.uark.registerapp.controllers.enums.ViewModelNames;
+import edu.uark.registerapp.controllers.enums.QueryParameterMessages;
+import edu.uark.registerapp.controllers.enums.QueryParameterNames;
+import edu.uark.registerapp.controllers.enums.ViewNames;
+import edu.uark.registerapp.models.entities.ActiveUserEntity;
+import edu.uark.registerapp.models.enums.EmployeeClassification;
+
+public abstract class BaseRouteController extends BaseController {
+	protected ModelAndView setErrorMessageFromQueryString(
+		ModelAndView modelAndView,
+		final Map<String, String> queryParameters
+	) {
+
+		if (!queryParameters.containsKey(QueryParameterNames.ERROR_CODE.getValue())) {
+			return modelAndView;
+		}
+
+		try {
+			modelAndView =
+				this.setErrorMessageFromQueryString(
+					modelAndView,
+					Integer.parseInt(
+						queryParameters.get(
+							QueryParameterNames.ERROR_CODE.getValue())));
+		} catch (final NumberFormatException e) { }
+
+		return modelAndView;
+	}
+	protected ModelAndView setErrorMessageFromQueryString(
+		final ModelAndView modelAndView,
+		final Optional<Integer> errorCode
+	) {
+
+		if (!errorCode.isPresent()) {
+			return modelAndView;
+		}
+
+		return this.setErrorMessageFromQueryString(modelAndView, errorCode.get());
+	}
+
+	protected Optional<ActiveUserEntity> getCurrentUser(
+		final HttpServletRequest request
+	) {
+
+		try {
+			return Optional.of(
+				this.validateActiveUserCommand
+					.setSessionKey(request.getSession().getId())
+					.execute());
+		} catch (final UnauthorizedException e) {
+			return Optional.ofNullable(null);
+		}
+	}
+
+	protected ModelAndView buildInvalidSessionResponse() {
+		return new ModelAndView(
+			REDIRECT_PREPEND.concat(
+				ViewNames.SIGN_IN.getRoute().concat(
+					this.buildInitialQueryParameter(
+						QueryParameterNames.ERROR_CODE.getValue(),
+						QueryParameterMessages.SESSION_NOT_ACTIVE.getKeyAsString()))));
+	}
+
+	protected boolean isElevatedUser(final ActiveUserEntity activeUserEntity) {
+		return EmployeeClassification.isElevatedUser(
+			activeUserEntity.getClassification());
+	}
+
+	protected ModelAndView buildNoPermissionsResponse() {
+		return this.buildNoPermissionsResponse(ViewNames.MAIN_MENU.getRoute());
+	}
+
+	protected ModelAndView buildNoPermissionsResponse(final String redirectRoute) {
+		return new ModelAndView(
+			REDIRECT_PREPEND.concat(
+				redirectRoute.concat(
+					this.buildInitialQueryParameter(
+						QueryParameterNames.ERROR_CODE.getValue(),
+						QueryParameterMessages.NO_PERMISSIONS_TO_VIEW.getKeyAsString()))));
+	}
+
+	protected static final String REDIRECT_PREPEND = "redirect:";
+
+	// Helper methods
+	private ModelAndView setErrorMessageFromQueryString(
+		final ModelAndView modelAndView,
+		final int errorCode
+	) {
+
+		final String errorMessage = QueryParameterMessages.mapMessage(errorCode);
+
+		if (!StringUtils.isBlank(errorMessage)) {
+			modelAndView.addObject(
+				ViewModelNames.ERROR_MESSAGE.getValue(),
+				errorMessage);
+		}
+
+		return modelAndView;
+	}
+
+	// Properties
+	@Autowired
+	private ValidateActiveUserCommand validateActiveUserCommand;
+}

src/main/java/edu/uark/registerapp/controllers/MainMenuRouteController.java

@@ -0,0 +1,45 @@
+package edu.uark.registerapp.controllers;
+
+import java.util.Map;
+import java.util.Optional;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.RequestParam;
+import org.springframework.web.servlet.ModelAndView;
+
+import edu.uark.registerapp.controllers.enums.ViewModelNames;
+import edu.uark.registerapp.controllers.enums.ViewNames;
+import edu.uark.registerapp.models.entities.ActiveUserEntity;
+
+@Controller
+@RequestMapping(value = "/mainMenu")
+public class MainMenuRouteController extends BaseRouteController {
+	@RequestMapping(method = RequestMethod.GET)
+	public ModelAndView start(
+		@RequestParam final Map<String, String> queryParameters,
+		final HttpServletRequest request
+	) {
+
+		final Optional<ActiveUserEntity> activeUserEntity =
+			this.getCurrentUser(request);
+		if (!activeUserEntity.isPresent()) {
+			return this.buildInvalidSessionResponse();
+		}
+
+		ModelAndView modelAndView =
+			this.setErrorMessageFromQueryString(
+				new ModelAndView(ViewNames.MAIN_MENU.getViewName()),
+				queryParameters);
+
+		// TODO: Examine the ActiveUser classification if you want this information
+		modelAndView.addObject(
+			ViewModelNames.IS_ELEVATED_USER.getValue(),
+			true);
+
+		return modelAndView;
+	}
+}

src/main/java/edu/uark/registerapp/controllers/SignInRestController.java

@@ -0,0 +1,32 @@
+package edu.uark.registerapp.controllers;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.bind.annotation.ResponseBody;
+import org.springframework.web.bind.annotation.RestController;
+import org.springframework.beans.factory.annotation.Autowired;
+
+import edu.uark.registerapp.controllers.enums.ViewNames;
+import edu.uark.registerapp.models.api.ApiResponse;
+import edu.uark.registerapp.commands.activeUsers.ActiveUserDeleteCommand;
+
+@RestController
+@RequestMapping(value = "/api")
+public class SignInRestController extends BaseRestController {
+	@RequestMapping(value="/signOut", method = RequestMethod.DELETE)
+	public @ResponseBody ApiResponse removeActiveUser(
+		final HttpServletRequest request
+	) {
+
+		this.deleteUserCommand
+			.setSessionKey(request.getSession().getId())
+			.execute();
+
+		return (new ApiResponse())
+			.setRedirectUrl(ViewNames.SIGN_IN.getRoute());
+	}
+	@Autowired
+	private DeleteUserCommand deleteUserCommand;
+}

src/main/java/edu/uark/registerapp/controllers/SignInRouteController.java

@@ -0,0 +1,32 @@
+package edu.uark.registerapp.controllers;
+
+import javax.servlet.http.HttpServletRequest;
+
+import org.springframework.http.MediaType;
+import org.springframework.stereotype.Controller;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RequestMethod;
+import org.springframework.web.servlet.ModelAndView;
+
+import edu.uark.registerapp.controllers.enums.ViewNames;
+
+@Controller
+@RequestMapping(value = "/")
+public class SignInRouteController extends BaseRouteController {
+	// TODO: Route for initial page load
+
+	@RequestMapping(method = RequestMethod.POST, consumes = MediaType.APPLICATION_FORM_URLENCODED_VALUE)
+	public ModelAndView performSignIn(
+		// TODO: Define an object that will represent the sign in request and add it as a parameter here
+		HttpServletRequest request
+	) {
+
+		// TODO: Use the credentials provided in the request body
+		//  and the "id" property of the (HttpServletRequest)request.getSession() variable
+		//  to sign in the user
+
+		return new ModelAndView(
+			REDIRECT_PREPEND.concat(
+				ViewNames.MAIN_MENU.getRoute()));
+	}
+}