DevFW-CICD/spring-petclinic
16
0
Fork 1
mirror of https://github.com/spring-projects/spring-petclinic.git synced 2025-07-23 15:55:49 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

Modificar y eliminar ofertas con seguridad

Browse source
This commit is contained in:
Javier 2021-03-27 19:47:45 +01:00
parent fe623f2c6f
commit 1b211c32d5
15 changed files with 320 additions and 201 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
src/main/java/org/springframework/cheapy/configuration/SecurityConfiguration.java
View file

@ -36,7 +36,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
.antMatchers(HttpMethod.GET, "/", "/oups").permitAll()
.antMatchers("/users/new").permitAll()
.antMatchers("/nuOffers/**").hasAnyAuthority("admin","client")
.antMatchers("/nuOffers/**").hasAnyAuthority("admin","cliente")
.antMatchers("/timeOffers/**").hasAnyAuthority("admin","client")
.antMatchers("/login/**").anonymous()
@ -49,7 +49,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter {
.antMatchers("/owners/**").hasAnyAuthority("owner", "admin")
.antMatchers("/clients/new").permitAll()
.antMatchers("/offers/**").hasAnyAuthority("admin")
.antMatchers("/offers/**").hasAnyAuthority("admin", "cliente")
.and().formLogin()
.loginPage("/login").permitAll()

6
src/main/java/org/springframework/cheapy/service/NuOfferService.java
View file

@ -4,7 +4,6 @@ package org.springframework.cheapy.service;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cheapy.model.NuOffer;
import org.springframework.cheapy.repository.NuOfferRepository;
import java.util.Collection;
import java.util.List;
import org.springframework.dao.DataAccessException;
import org.springframework.stereotype.Service;
@ -15,7 +14,6 @@ public class NuOfferService {
private NuOfferRepository nuOfferRepository;
@Autowired
public NuOfferService(final NuOfferRepository nuOfferRepository) {
this.nuOfferRepository = nuOfferRepository;
@ -27,12 +25,12 @@ public class NuOfferService {
}
@Transactional
public List<NuOffer> findAllNuOffer() { //
public List<NuOffer> findAllNuOffer() {
return this.nuOfferRepository.findAllNuOffer();
}
@Transactional
public void saveNuOffer(final NuOffer nuOffer) throws DataAccessException { //
public void saveNuOffer(final NuOffer nuOffer) throws DataAccessException {
this.nuOfferRepository.save(nuOffer);
}
}

1
src/main/java/org/springframework/cheapy/service/SpeedOfferService.java
View file

@ -1,7 +1,6 @@
package org.springframework.cheapy.service;
import java.util.Collection;
import java.util.List;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.cheapy.model.SpeedOffer;

84
src/main/java/org/springframework/cheapy/web/FoodOfferController.java
View file

@ -11,9 +11,7 @@ import org.springframework.cheapy.service.FoodOfferService;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
@ -25,15 +23,20 @@ public class FoodOfferController {
private final FoodOfferService foodOfferService;
private final ClientService clientService;
public FoodOfferController(final FoodOfferService foodOfferService, final ClientService clientService) {
this.foodOfferService = foodOfferService;
this.clientService = clientService;
}
@InitBinder
public void setAllowedFields(WebDataBinder dataBinder) {
dataBinder.setDisallowedFields("id");
private boolean checkIdentity(final int foodOfferId) {
boolean res = false;
Client client = this.clientService.getCurrentClient();
FoodOffer foodOffer = this.foodOfferService.findFoodOfferById(foodOfferId);
Client clientOffer = foodOffer.getClient();
if (client.equals(clientOffer)) {
res = true;
}
return res;
}
@GetMapping("/foodOffers/new")
@ -47,8 +50,7 @@ public class FoodOfferController {
public String processCreationForm(@Valid FoodOffer foodOffer, BindingResult result) {
if (result.hasErrors()) {
return VIEWS_FOOD_OFFER_CREATE_OR_UPDATE_FORM;
}
else {
} else {
Client client = this.clientService.getCurrentClient();
foodOffer.setClient(client);
foodOffer.setType(StatusOffer.hidden);
@ -61,23 +63,83 @@ public class FoodOfferController {
public String activateFoodOffer(@PathVariable("foodOfferId") final int foodOfferId, ModelMap modelMap) {
FoodOffer foodOffer = this.foodOfferService.findFoodOfferById(foodOfferId);
Client client = this.clientService.getCurrentClient();
if(foodOffer.getClient().equals(client)) {
if (foodOffer.getClient().equals(client)) {
foodOffer.setType(StatusOffer.active);
foodOffer.setCode("FO-"+foodOfferId);
foodOffer.setCode("FO-" + foodOfferId);
this.foodOfferService.saveFoodOffer(foodOffer);
} else {
modelMap.addAttribute("message", "You don't have access to this food offer");
}
return "redirect:/foodOffers/";
}
@GetMapping("/offers/food/{foodOfferId}")
public String processShowForm(@PathVariable("foodOfferId") int foodOfferId, Map<String, Object> model) {
FoodOffer foodOffer=this.foodOfferService.findFoodOfferById(foodOfferId);
FoodOffer foodOffer = this.foodOfferService.findFoodOfferById(foodOfferId);
model.put("foodOffer", foodOffer);
return "foodOffers/foodOffersShow";
}
@GetMapping(value = "/offers/food/{foodOfferId}/edit")
public String updateFoodOffer(@PathVariable("foodOfferId") final int foodOfferId, final ModelMap model) {
if (!this.checkIdentity(foodOfferId)) {
return "error";
}
FoodOffer foodOffer = this.foodOfferService.findFoodOfferById(foodOfferId);
model.addAttribute("foodOffer", foodOffer);
return FoodOfferController.VIEWS_FOOD_OFFER_CREATE_OR_UPDATE_FORM;
}
@PostMapping(value = "/offers/food/{foodOfferId}/edit")
public String updateFoodOffer(@Valid final FoodOffer foodOfferEdit, final BindingResult result,
final ModelMap model) {
if (!this.checkIdentity(foodOfferEdit.getId())) {
return "error";
}
if (result.hasErrors()) {
model.addAttribute("foodOffer", foodOfferEdit);
return FoodOfferController.VIEWS_FOOD_OFFER_CREATE_OR_UPDATE_FORM;
} else {
this.foodOfferService.saveFoodOffer(foodOfferEdit);
return "redirect:/offers/food/" + foodOfferEdit.getId();
}
}
@GetMapping(value = "/offers/food/{foodOfferId}/disable")
public String disableFoodOffer(@PathVariable("foodOfferId") final int foodOfferId, final ModelMap model) {
if (!this.checkIdentity(foodOfferId)) {
return "error";
}
FoodOffer foodOffer = this.foodOfferService.findFoodOfferById(foodOfferId);
model.put("foodOffer", foodOffer);
return "foodOffers/foodOffersDisable";
}
@PostMapping(value = "/offers/food/{foodOfferId}/disable")
public String disableFoodOfferForm(@PathVariable("foodOfferId") final int foodOfferId, final ModelMap model) {
if (!this.checkIdentity(foodOfferId)) {
return "error";
}
FoodOffer foodOffer = this.foodOfferService.findFoodOfferById(foodOfferId);
foodOffer.setType(StatusOffer.inactive);
this.foodOfferService.saveFoodOffer(foodOffer);
return "redirect:/offers";
}
}

116
src/main/java/org/springframework/cheapy/web/NuOfferController.java
View file

@ -5,57 +5,42 @@ import java.util.Map;
import javax.validation.Valid;
import org.springframework.beans.BeanUtils;
import org.springframework.cheapy.model.FoodOffer;
import org.springframework.cheapy.model.NuOffer;
import org.springframework.cheapy.model.Owner;
import org.springframework.cheapy.model.SpeedOffer;
import org.springframework.cheapy.model.StatusOffer;
import org.springframework.cheapy.service.FoodOfferService;
import org.springframework.cheapy.model.Client;
import org.springframework.cheapy.model.NuOffer;
import org.springframework.cheapy.model.StatusOffer;
import org.springframework.cheapy.service.ClientService;
import org.springframework.cheapy.service.NuOfferService;
import org.springframework.stereotype.Controller;
import org.springframework.ui.Model;
import org.springframework.ui.ModelMap;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
@Controller
public class NuOfferController {
private static final String VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM = "nuOffers/createOrUpdateNuOfferForm";
private static final String VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM = "nuOffers/createOrUpdateNuOfferForm";
private final FoodOfferService foodOfferService;
private final NuOfferService nuOfferService;
private final SpeedOfferService speedOfferService;
private final TimeOfferService timeOfferService;
private final NuOfferService nuOfferService;
private final ClientService clientService;
public NuOfferController(final FoodOfferService foodOfferService, final NuOfferService nuOfferService, final SpeedOfferService speedOfferService, final TimeOfferService timeOfferService) {
this.foodOfferService = foodOfferService;
public NuOfferController(final NuOfferService nuOfferService, final ClientService clientService) {
this.nuOfferService = nuOfferService;
this.clientService = clientService;
}
@InitBinder
public void setAllowedFields(WebDataBinder dataBinder) {
dataBinder.setDisallowedFields("id");
}
@InitBinder
public void setAllowedFields(WebDataBinder dataBinder) {
dataBinder.setDisallowedFields("id");
private boolean checkIdentity(final int nuOfferId) {
boolean res = false;
Client client = this.clientService.getCurrentClient();
NuOffer nuOffer = this.nuOfferService.findNuOfferById(nuOfferId);
Client clientOffer = nuOffer.getClient();
if (client.equals(clientOffer)) {
res = true;
}
return res;
}
@GetMapping("/nuOffers/new")
@ -69,48 +54,49 @@ public class NuOfferController {
public String processCreationForm(@Valid NuOffer nuOffer, BindingResult result) {
if (result.hasErrors()) {
return VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM;
}
else {
} else {
nuOffer.setType(StatusOffer.hidden);
Client client = this.clientService.getCurrentClient();
nuOffer.setClient(client);
this.nuOfferService.saveNuOffer(nuOffer);
return "redirect:/nuOffers/" + nuOffer.getId();
}
}
@GetMapping(value ="/nuOffers/{nuOfferId}/activate")
@GetMapping(value = "/nuOffers/{nuOfferId}/activate")
public String activateNuOffer(@PathVariable("nuOfferId") final int nuOfferId, final ModelMap modelMap) {
Client client = this.clientService.getCurrentClient();
NuOffer nuOffer=this.nuOfferService.findNuOfferById(nuOfferId);
if(nuOffer.getClient().equals(client)) {
NuOffer nuOffer = this.nuOfferService.findNuOfferById(nuOfferId);
if (nuOffer.getClient().equals(client)) {
nuOffer.setType(StatusOffer.active);
nuOffer.setCode("NU-"+nuOfferId);
nuOffer.setCode("NU-" + nuOfferId);
this.nuOfferService.saveNuOffer(nuOffer);
return "redirect:/nuOffers/" + nuOffer.getId();
} else {
modelMap.addAttribute("message", "You don't have access to this number offer");
}
return "redirect:/nuOffers/";
modelMap.addAttribute("message", "You don't have access to this number offer");
}
return "redirect:/nuOffers/";
}
@GetMapping("/offers/nu/{nuOfferId}")
@GetMapping("/offers/nu/{nuOfferId}")
public String processShowForm(@PathVariable("nuOfferId") int nuOfferId, Map<String, Object> model) {
model.put("nuOffer", nuOffer);
NuOffer nuOffer = this.nuOfferService.findNuOfferById(nuOfferId);
model.put("nuOffer", nuOffer);
return "nuOffers/nuOffersShow";
}
@GetMapping(value = "/offers/nu/{nuOfferId}/edit")
public String updateNuOffer(@PathVariable("nuOfferId") final int nuOfferId, final Principal principal, final ModelMap model) {
public String updateNuOffer(@PathVariable("nuOfferId") final int nuOfferId, final ModelMap model) {
if (!this.checkIdentity(nuOfferId)) {
return "error";
}
NuOffer nuOffer = this.nuOfferService.findNuOfferById(nuOfferId);
model.addAttribute("nuOffer", nuOffer);
@ -118,7 +104,11 @@ public class NuOfferController {
}
@PostMapping(value = "/offers/nu/{nuOfferId}/edit")
public String updateNuOffer(@Valid final NuOffer nuOfferEdit, final BindingResult result, final Principal principal, final ModelMap model) {
public String updateNuOffer(@Valid final NuOffer nuOfferEdit, final BindingResult result, final ModelMap model) {
if (!this.checkIdentity(nuOfferEdit.getId())) {
return "error";
}
if (result.hasErrors()) {
model.addAttribute("nuOffer", nuOfferEdit);
@ -131,18 +121,12 @@ public class NuOfferController {
}
@GetMapping(value = "/offers/nu/{nuOfferId}/disable")
public String disableNuOffer(@PathVariable("nuOfferId") final int nuOfferId, final Principal principal, final ModelMap model) {
public String disableNuOffer(@PathVariable("nuOfferId") final int nuOfferId, final Principal principal,
final ModelMap model) {
// if (!this.comprobarIdentidad(principal, vehiculoId)) {
// return "exception";
// }
//
// if (this.tieneCitasAceptadasYPendientes(vehiculoId)) {
// model.addAttribute("x", true);
//
// } else {
// model.addAttribute("x", false);
// }
if (!this.checkIdentity(nuOfferId)) {
return "error";
}
NuOffer nuOffer = this.nuOfferService.findNuOfferById(nuOfferId);
model.put("nuOffer", nuOffer);
@ -150,23 +134,17 @@ public class NuOfferController {
}
@PostMapping(value = "/offers/nu/{nuOfferId}/disable")
public String disableNuOfferForm(@PathVariable("nuOfferId") final int nuOfferId, final Principal principal, final ModelMap model) {
public String disableNuOfferForm(@PathVariable("nuOfferId") final int nuOfferId, final Principal principal,
final ModelMap model) {
if (!this.checkIdentity(nuOfferId)) {
return "error";
}
// if (!this.comprobarIdentidad(principal, vehiculoId)) {
// return "exception";
// }
//
// if (this.tieneCitasAceptadasYPendientes(vehiculoId)) {
// return "redirect:/cliente/vehiculos/{vehiculoId}/disable";
//
// } else {
NuOffer nuOffer = this.nuOfferService.findNuOfferById(nuOfferId);
nuOffer.setType(StatusOffer.inactive);
this.nuOfferService.saveNuOffer(nuOffer);
return "redirect:";
return "redirect:/offers";
}

74
src/main/java/org/springframework/cheapy/web/SpeedOfferController.java
View file

@ -1,26 +1,18 @@
package org.springframework.cheapy.web;
import java.security.Principal;
import java.util.Map;
import javax.validation.Valid;
import org.springframework.cheapy.model.SpeedOffer;
import org.springframework.cheapy.model.StatusOffer;
import org.springframework.cheapy.service.FoodOfferService;
import org.springframework.cheapy.service.NuOfferService;
import org.springframework.cheapy.model.Client;
import org.springframework.cheapy.model.SpeedOffer;
import org.springframework.cheapy.model.StatusOffer;
import org.springframework.cheapy.service.ClientService;
import org.springframework.cheapy.service.SpeedOfferService;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
@ -37,9 +29,15 @@ public class SpeedOfferController {
this.clientService = clientService;
}
@InitBinder
public void setAllowedFields(WebDataBinder dataBinder) {
dataBinder.setDisallowedFields("id");
private boolean checkIdentity(final int speedOfferId) {
boolean res = false;
Client client = this.clientService.getCurrentClient();
SpeedOffer speedOffer = this.speedOfferService.findSpeedOfferById(speedOfferId);
Client clientOffer = speedOffer.getClient();
if (client.equals(clientOffer)) {
res = true;
}
return res;
}
@GetMapping("/speedOffers/new")
@ -53,8 +51,7 @@ public class SpeedOfferController {
public String processCreationForm(@Valid SpeedOffer speedOffer, BindingResult result) {
if (result.hasErrors()) {
return VIEWS_SPEED_OFFER_CREATE_OR_UPDATE_FORM;
}
else {
} else {
Client client = this.clientService.getCurrentClient();
speedOffer.setClient(client);
speedOffer.setType(StatusOffer.hidden);
@ -67,9 +64,9 @@ public class SpeedOfferController {
public String activateSpeedOffer(@PathVariable("speedOfferId") final int speedOfferId, ModelMap modelMap) {
SpeedOffer speedOffer = this.speedOfferService.findSpeedOfferById(speedOfferId);
Client client = this.clientService.getCurrentClient();
if(speedOffer.getClient().equals(client)) {
if (speedOffer.getClient().equals(client)) {
speedOffer.setType(StatusOffer.active);
speedOffer.setCode("SP-"+speedOfferId);
speedOffer.setCode("SP-" + speedOfferId);
this.speedOfferService.saveSpeedOffer(speedOffer);
} else {
modelMap.addAttribute("message", "You don't have access to this speed offer");
@ -77,16 +74,20 @@ public class SpeedOfferController {
return "redirect:/speedOffers/";
}
@GetMapping("/offers/speed/{speedOfferId}")
@GetMapping("/offers/speed/{speedOfferId}")
public String processShowForm(@PathVariable("speedOfferId") int speedOfferId, Map<String, Object> model) {
SpeedOffer speedOffer=this.speedOfferService.findSpeedOfferById(speedOfferId);
SpeedOffer speedOffer = this.speedOfferService.findSpeedOfferById(speedOfferId);
model.put("speedOffer", speedOffer);
return "speedOffers/speedOffersShow";
}
@GetMapping(value = "/offers/speed/{speedOfferId}/edit")
public String updateNuOffer(@PathVariable("speedOfferId") final int speedOfferId, final Principal principal, final ModelMap model) {
public String updateSpeedOffer(@PathVariable("speedOfferId") final int speedOfferId, final ModelMap model) {
if (!this.checkIdentity(speedOfferId)) {
return "error";
}
SpeedOffer speedOffer = this.speedOfferService.findSpeedOfferById(speedOfferId);
model.addAttribute("speedOffer", speedOffer);
@ -94,7 +95,11 @@ public class SpeedOfferController {
}
@PostMapping(value = "/offers/speed/{speedOfferId}/edit")
public String updateNuOffer(@Valid final SpeedOffer speedOfferEdit, final BindingResult result, final Principal principal, final ModelMap model) {
public String updateSpeedOffer(@Valid final SpeedOffer speedOfferEdit, final BindingResult result, final ModelMap model) {
if (!this.checkIdentity(speedOfferEdit.getId())) {
return "error";
}
if (result.hasErrors()) {
model.addAttribute("speedOffer", speedOfferEdit);
@ -108,18 +113,11 @@ public class SpeedOfferController {
}
@GetMapping(value = "/offers/speed/{speedOfferId}/disable")
public String disableSpeedOffer(@PathVariable("speedOfferId") final int speedOfferId, final Principal principal, final ModelMap model) {
public String disableSpeedOffer(@PathVariable("speedOfferId") final int speedOfferId, final ModelMap model) {
// if (!this.comprobarIdentidad(principal, vehiculoId)) {
// return "exception";
// }
//
// if (this.tieneCitasAceptadasYPendientes(vehiculoId)) {
// model.addAttribute("x", true);
//
// } else {
// model.addAttribute("x", false);
// }
if (!this.checkIdentity(speedOfferId)) {
return "error";
}
SpeedOffer speedOffer = this.speedOfferService.findSpeedOfferById(speedOfferId);
model.put("speedOffer", speedOffer);
@ -127,23 +125,19 @@ public class SpeedOfferController {
}
@PostMapping(value = "/offers/speed/{speedOfferId}/disable")
public String disableNuOfferForm(@PathVariable("speedOfferId") final int speedOfferId, final Principal principal, final ModelMap model) {
public String disableSpeedOfferForm(@PathVariable("speedOfferId") final int speedOfferId, final ModelMap model) {
if (!this.checkIdentity(speedOfferId)) {
return "error";
}
// if (!this.comprobarIdentidad(principal, vehiculoId)) {
// return "exception";
// }
//
// if (this.tieneCitasAceptadasYPendientes(vehiculoId)) {
// return "redirect:/cliente/vehiculos/{vehiculoId}/disable";
//
// } else {
SpeedOffer speedOffer = this.speedOfferService.findSpeedOfferById(speedOfferId);
speedOffer.setType(StatusOffer.inactive);
this.speedOfferService.saveSpeedOffer(speedOffer);
return "redirect:";
return "redirect:/offers";
}
}

111
src/main/java/org/springframework/cheapy/web/TimeOfferController.java
View file

@ -1,90 +1,91 @@
package org.springframework.cheapy.web;
import java.util.Map;
import javax.validation.Valid;
import org.springframework.cheapy.model.Client;
import org.springframework.cheapy.model.TimeOffer;
import org.springframework.cheapy.model.StatusOffer;
import org.springframework.cheapy.model.TimeOffer;
import org.springframework.cheapy.service.ClientService;
import org.springframework.cheapy.service.TimeOfferService;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.validation.BindingResult;
import org.springframework.web.bind.WebDataBinder;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
@Controller
public class TimeOfferController {
private static final String VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM = "timeOffers/createOrUpdateTimeOfferForm";
private static final String VIEWS_TIME_OFFER_CREATE_OR_UPDATE_FORM = "timeOffers/createOrUpdateTimeOfferForm";
private final TimeOfferService timeOfferService;
private final ClientService clientService;
public TimeOfferController(final TimeOfferService timeOfferService,ClientService clientService) {
public TimeOfferController(final TimeOfferService timeOfferService, ClientService clientService) {
this.timeOfferService = timeOfferService;
this.clientService = clientService;
}
@InitBinder
public void setAllowedFields(WebDataBinder dataBinder) {
dataBinder.setDisallowedFields("id");
private boolean checkIdentity(final int timeOfferId) {
boolean res = false;
Client client = this.clientService.getCurrentClient();
TimeOffer timeOffer = this.timeOfferService.findTimeOfferById(timeOfferId);
Client clientOffer = timeOffer.getClient();
if (client.equals(clientOffer)) {
res = true;
}
return res;
}
@GetMapping("/timeOffers/new")
public String initCreationForm(Map<String, Object> model) {
TimeOffer timeOffer = new TimeOffer();
model.put("timeOffer", timeOffer);
return VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM;
return VIEWS_TIME_OFFER_CREATE_OR_UPDATE_FORM;
}
@PostMapping("/timeOffers/new")
public String processCreationForm(@Valid TimeOffer timeOffer, BindingResult result) {
if (result.hasErrors()) {
return VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM;
}
else {
return VIEWS_TIME_OFFER_CREATE_OR_UPDATE_FORM;
} else {
timeOffer.setType(StatusOffer.hidden);
Client client = this.clientService.getCurrentClient();
timeOffer.setClient(client);
this.timeOfferService.saveTimeOffer(timeOffer);
return "redirect:/TimeOffers/" + timeOffer.getId();
}
}
@GetMapping(value ="/timeOffers/{timeOfferId}/activate")
@GetMapping(value = "/timeOffers/{timeOfferId}/activate")
public String activateTimeOffer(@PathVariable("timeOfferId") final int timeOfferId, final ModelMap modelMap) {
Client client = this.clientService.getCurrentClient();
TimeOffer timeOffer=this.timeOfferService.findTimeOfferById(timeOfferId);
if(timeOffer.getClient().equals(client)) {
TimeOffer timeOffer = this.timeOfferService.findTimeOfferById(timeOfferId);
if (timeOffer.getClient().equals(client)) {
timeOffer.setType(StatusOffer.active);
timeOffer.setCode("TI-"+timeOfferId);
timeOffer.setCode("TI-" + timeOfferId);
this.timeOfferService.saveTimeOffer(timeOffer);
return "redirect:/timeOffers/" + timeOffer.getId();
} else {
modelMap.addAttribute("message", "You don't have access to this time offer");
}
return "redirect:/timeOffers/";
modelMap.addAttribute("message", "You don't have access to this time offer");
}
return "redirect:/timeOffers/";
}
@GetMapping("/offers/time/{timeOfferId}")
@GetMapping("/offers/time/{timeOfferId}")
public String processShowForm(@PathVariable("timeOfferId") int timeOfferId, Map<String, Object> model) {
TimeOffer timeOffer=this.timeOfferService.findTimeOfferById(timeOfferId);
TimeOffer timeOffer = this.timeOfferService.findTimeOfferById(timeOfferId);
model.put("timeOffer", timeOffer);
@ -92,5 +93,63 @@ public class TimeOfferController {
}
@GetMapping(value = "/offers/time/{timeOfferId}/edit")
public String updateTimeOffer(@PathVariable("timeOfferId") final int timeOfferId, final ModelMap model) {
if (!this.checkIdentity(timeOfferId)) {
return "error";
}
TimeOffer timeOffer = this.timeOfferService.findTimeOfferById(timeOfferId);
model.addAttribute("timeOffer", timeOffer);
return TimeOfferController.VIEWS_TIME_OFFER_CREATE_OR_UPDATE_FORM;
}
@PostMapping(value = "/offers/time/{timeOfferId}/edit")
public String updateTimeOffer(@Valid final TimeOffer timeOfferEdit, final BindingResult result, final ModelMap model) {
if (!this.checkIdentity(timeOfferEdit.getId())) {
return "error";
}
if (result.hasErrors()) {
model.addAttribute("timeOffer", timeOfferEdit);
return TimeOfferController.VIEWS_TIME_OFFER_CREATE_OR_UPDATE_FORM;
} else {
this.timeOfferService.saveTimeOffer(timeOfferEdit);
return "redirect:/offers/time/" + timeOfferEdit.getId();
}
}
@GetMapping(value = "/offers/time/{timeOfferId}/disable")
public String disableTimeOffer(@PathVariable("timeOfferId") final int timeOfferId, final ModelMap model) {
if (!this.checkIdentity(timeOfferId)) {
return "error";
}
TimeOffer timeOffer = this.timeOfferService.findTimeOfferById(timeOfferId);
model.put("timeOffer", timeOffer);
return "timeOffers/timeOffersDisable";
}
@PostMapping(value = "/offers/time/{timeOfferId}/disable")
public String disableTimeOfferForm(@PathVariable("timeOfferId") final int timeOfferId, final ModelMap model) {
if (!this.checkIdentity(timeOfferId)) {
return "error";
}
TimeOffer timeOffer = this.timeOfferService.findTimeOfferById(timeOfferId);
timeOffer.setType(StatusOffer.inactive);
this.timeOfferService.saveTimeOffer(timeOffer);
return "redirect:/offers";
}
}

24
src/main/resources/db/mysql/data.sql
View file

@ -9,17 +9,17 @@ INSERT INTO owners VALUES (8, 'Maria', 'Escobito', '345 Maple St.', 'Madison', '
INSERT INTO owners VALUES (9, 'David', 'Schroeder', '2749 Blackhawk Trail', 'Madison', '6085559435');
INSERT INTO owners VALUES (10, 'Carlos', 'Estaban', '2335 Independence La.', 'Waunakee', '6085555487');
INSERT INTO users (dtype,username,password,enabled) VALUES ('user','admin','admin', TRUE );
INSERT INTO users (dtype,username,password,enabled) VALUES ('User','admin','admin', TRUE );
INSERT INTO authorities VALUES ('admin','admin');
INSERT INTO users (dtype,username,password,enabled) VALUES ('user','manoli','manoli', TRUE );
INSERT INTO users (dtype,username,password,enabled) VALUES ('User','manoli','manoli', TRUE );
INSERT INTO authorities VALUES ('manoli','cliente');
INSERT INTO users (dtype,username,password,enabled) VALUES ('user','david','david', TRUE );
INSERT INTO users (dtype,username,password,enabled) VALUES ('User','david','david', TRUE );
INSERT INTO authorities VALUES ('david','cliente');
INSERT INTO users (dtype,username,password,enabled) VALUES ('user','paco','paco', TRUE );
INSERT INTO users (dtype,username,password,enabled) VALUES ('User','paco','paco', TRUE );
INSERT INTO authorities VALUES ('paco','usuario');
INSERT INTO users (dtype,username,password,enabled) VALUES ('user','lolo','lolo', TRUE );
INSERT INTO users (dtype,username,password,enabled) VALUES ('User','lolo','lolo', TRUE );
INSERT INTO authorities VALUES ('lolo','usuario');
INSERT INTO users (dtype,username,password,enabled) VALUES ('user','pepe','pepe', TRUE );
INSERT INTO users (dtype,username,password,enabled) VALUES ('User','pepe','pepe', TRUE );
INSERT INTO authorities VALUES ('pepe','usuario');
INSERT INTO usuarios VALUES (1, 'admin', 'admin', 'admin', 'C/admin', '000000000', 'admin@gmail.com','admin');
@ -27,11 +27,11 @@ INSERT INTO usuarios VALUES (2, 'Paco', 'Naranjo', '21154416G', 'C/Esperanza', '
INSERT INTO usuarios VALUES (3, 'Lolo', 'Lopez', '25486596L', 'C/Macarena', '690670547' ,'Lolo@gmail.com','lolo');
INSERT INTO usuarios VALUES (4, 'Pepe', 'Lopez', '12456776V', 'C/Macarena', '690670547', 'Pepe@gmail.com','pepe');
INSERT INTO clients VALUES (1,'manoli@gmail.com','C/Betis','10:00','22:00','608726190', 'description 1', 'code1', 'ESPAÑOLA','manoli');
INSERT INTO clients VALUES (2,'david@gmail.com','C/Sevilla','09:30','22:00','608726190', 'description 2', 'code2', 'americana','david');
INSERT INTO clients (id, email, address, init, finish, telephone, description, code, food, username) VALUES (1,'manoli@gmail.com','C/Betis','10:00','22:00','608726190', 'description 1', 'code1', 'ESPAÑOLA','manoli');
INSERT INTO clients (id, email, address, init, finish, telephone, description, code, food, username) VALUES (2,'david@gmail.com','C/Sevilla','09:30','22:00','608726190', 'description 2', 'code2', 'americana','david');
INSERT INTO food_offers(start, end, code, type, client_id, food, discount, units) VALUES ('2021-06-15 12:00:00', '2021-06-16 12:00:00', 'FO-1', 'active', null, 'macarrones', '15%', 10);
INSERT INTO time_offers(start, end, code, type, client_id, init, finish, discount) VALUES ('2021-06-15 12:00:00', '2021-06-16 12:00:00', 'T-1', 'active', null, '12:00:00', '13:00:00', '10%');
INSERT INTO speed_offers(start, end, code, type, client_id, gold, discount_gold, silver, discount_silver, bronze, discount_bronze) VALUES ('2021-06-15 12:00:00', '2021-06-16 12:00:00', 'SP-1', 'active', null,5,'25%',10,'15%',15,'10%' );
INSERT INTO nu_offers(start, end, code, type, client_id, gold, discount_gold, silver, discount_silver, bronze, discount_bronze) VALUES ('2021-06-15 12:00:00', '2021-06-16 12:00:00', 'NU-1', 'active', null,15,'25%',10,'15%',5,'10%' );
INSERT INTO food_offers(start, end, code, type, client_id, food, discount, units) VALUES ('2021-06-15 12:00:00', '2021-06-16 12:00:00', 'FO-1', 'active', 1, 'macarrones', '15%', 10);
INSERT INTO time_offers(start, end, code, type, client_id, init, finish, discount) VALUES ('2021-06-15 12:00:00', '2021-06-16 12:00:00', 'T-1', 'active', 1, '12:00:00', '13:00:00', '10%');
INSERT INTO speed_offers(start, end, code, type, client_id, gold, discount_gold, silver, discount_silver, bronze, discount_bronze) VALUES ('2021-06-15 12:00:00', '2021-06-16 12:00:00', 'SP-1', 'active', 1,5,'25%',10,'15%',15,'10%' );
INSERT INTO nu_offers(start, end, code, type, client_id, gold, discount_gold, silver, discount_silver, bronze, discount_bronze) VALUES ('2021-06-15 12:00:00', '2021-06-16 12:00:00', 'NU-1', 'active', 1,15,'25%',10,'15%',5,'10%' );

6
src/main/webapp/WEB-INF/jsp/foodOffers/createOrUpdateFoodOfferForm.jsp
View file

@ -12,6 +12,9 @@
</h2>
<form:form modelAttribute="foodOffer" class="form-horizontal" id="add-foodOffer-form">
<div class="form-group has-feedback">
<form:hidden path="id"/>
<form:hidden path="code"/>
<form:hidden path="type"/>
<petclinic:inputField label="Start Date" name="start"/>
<petclinic:inputField label="End Date" name="end"/>
<petclinic:inputField label="Food" name="food"/>
@ -24,6 +27,9 @@
<c:when test="${foodOffer['new']}">
<button class="btn btn-default" type="submit">Add Food Offer</button>
</c:when>
<c:otherwise>
<button class="btn btn-default" type="submit">Modificar</button>
</c:otherwise>
</c:choose>
</div>
</div>

13
src/main/webapp/WEB-INF/jsp/foodOffers/foodOffersShow.jsp
View file

@ -6,7 +6,7 @@
<cheapy:layout pageName="foodOffer">
<h2>Oferta por plato específico</h2>
<h2>Oferta por plato espec<EFBFBD>fico</h2>
<table class="table table-striped">
@ -36,9 +36,14 @@
</tr>
</table>
<%-- <spring:url value="{ownerId}/edit" var="editUrl">
<spring:param name="ownerId" value="${owner.id}"/>
<spring:url value="{foodOfferId}/edit" var="editUrl">
<spring:param name="foodOfferId" value="${foodOffer.id}"/>
</spring:url>
<a href="${fn:escapeXml(editUrl)}" class="btn btn-default">Edit Owner</a> --%>
<a href="${fn:escapeXml(editUrl)}" class="btn btn-default">Editar oferta</a>
<spring:url value="{foodOfferId}/disable" var="editUrl">
<spring:param name="foodOfferId" value="${foodOffer.id}"/>
</spring:url>
<a href="${fn:escapeXml(editUrl)}" class="btn btn-default">Desactivar oferta</a>
</cheapy:layout>

4
src/main/webapp/WEB-INF/jsp/nuOffers/nuOffersShow.jsp
View file

@ -49,13 +49,13 @@
</table>
<spring:url value="{nuOfferId}/edit" var="editUrl">
<spring:param name="nuOfferId" value="${nuOffer.id}"/>
<spring:param name="nuOfferId" value="${nuOffer.id}"/>
</spring:url>
<a href="${fn:escapeXml(editUrl)}" class="btn btn-default">Editar oferta</a>
<spring:url value="{nuOfferId}/disable" var="editUrl">
<spring:param name="nuOfferId" value="${nuOffer.id}"/>
</spring:url>
<a href="${fn:escapeXml(editUrl)}" class="btn btn-default">Desactiva oferta</a>
<a href="${fn:escapeXml(editUrl)}" class="btn btn-default">Desactivar oferta</a>
</cheapy:layout>

7
src/main/webapp/WEB-INF/jsp/speedOffers/speedOffersShow.jsp
View file

@ -49,8 +49,13 @@
</table>
<spring:url value="{speedOfferId}/edit" var="editUrl">
<spring:param name="speedOfferId" value="${speedOffer.id}"/>
<spring:param name="speedOfferId" value="${speedOffer.id}"/>
</spring:url>
<a href="${fn:escapeXml(editUrl)}" class="btn btn-default">Editar oferta</a>
<spring:url value="{speedOfferId}/disable" var="editUrl">
<spring:param name="speedOfferId" value="${speedOffer.id}"/>
</spring:url>
<a href="${fn:escapeXml(editUrl)}" class="btn btn-default">Desactivar oferta</a>
</cheapy:layout>

3
src/main/webapp/WEB-INF/jsp/timeOffers/createOrUpdateTimeOfferForm.jsp
View file

@ -12,6 +12,9 @@
</h2>
<form:form modelAttribute="timeOffer" class="form-horizontal" id="add-timeOffer-form">
<div class="form-group has-feedback">
<form:hidden path="id"/>
<form:hidden path="code"/>
<form:hidden path="type"/>
<petclinic:inputField label="Fecha de inicio" name="start"/>
<petclinic:inputField label="Fecha de fin" name="end"/>

12
src/main/webapp/WEB-INF/jsp/timeOffers/timeOffersShow.jsp
View file

@ -6,7 +6,7 @@
<cheapy:layout pageName="timeOffer">
<h2>Oferta por franja horária</h2>
<h2>Oferta por franja horaria</h2>
<table class="table table-striped">
@ -28,4 +28,14 @@
</tr>
</table>
<spring:url value="{timeOfferId}/edit" var="editUrl">
<spring:param name="timeOfferId" value="${timeOffer.id}"/>
</spring:url>
<a href="${fn:escapeXml(editUrl)}" class="btn btn-default">Editar oferta</a>
<spring:url value="{timeOfferId}/disable" var="editUrl">
<spring:param name="timeOfferId" value="${timeOffer.id}"/>
</spring:url>
<a href="${fn:escapeXml(editUrl)}" class="btn btn-default">Desactivar oferta</a>
</cheapy:layout>