diff --git a/src/main/java/org/springframework/cheapy/configuration/SecurityConfiguration.java b/src/main/java/org/springframework/cheapy/configuration/SecurityConfiguration.java index d9c57cdce..542e41f26 100644 --- a/src/main/java/org/springframework/cheapy/configuration/SecurityConfiguration.java +++ b/src/main/java/org/springframework/cheapy/configuration/SecurityConfiguration.java @@ -44,11 +44,14 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { .antMatchers("/owners/**").hasAnyAuthority("owner", "admin") + .antMatchers("/offers/**/edit").hasAnyAuthority("admin", "client") .antMatchers("/offers/**/new").hasAnyAuthority("admin", "client") .antMatchers("/offers/**/activate").hasAnyAuthority("admin","client") - + .antMatchers("/clients/new").permitAll() - .antMatchers("/offers/**").permitAll() + .antMatchers("/offers").permitAll() + .antMatchers("/offersCreate").hasAuthority("client") + .antMatchers("/reviews/**").authenticated() @@ -70,7 +73,7 @@ public class SecurityConfiguration extends WebSecurityConfigurerAdapter { public void configure(final AuthenticationManagerBuilder auth) throws Exception { auth.jdbcAuthentication().dataSource(this.dataSource) //[login de admin,owner y vet] .usersByUsernameQuery("select username,password,enabled " + "from users " + "where username = ?") - .usersByUsernameQuery("select username, password, enabled from users where username=?").authoritiesByUsernameQuery("select username, authority " + "from authorities " + "where username = ?") + .usersByUsernameQuery("select username, password, enabled from users where username=?").authoritiesByUsernameQuery("select username, authority " + "from authorities " + "where username = ?") .passwordEncoder(this.passwordEncoder()); } diff --git a/src/main/java/org/springframework/cheapy/model/TimeOffer.java b/src/main/java/org/springframework/cheapy/model/TimeOffer.java index a0684feaa..5fcfb28a1 100644 --- a/src/main/java/org/springframework/cheapy/model/TimeOffer.java +++ b/src/main/java/org/springframework/cheapy/model/TimeOffer.java @@ -6,6 +6,7 @@ import javax.persistence.Entity; import javax.persistence.Table; import javax.validation.constraints.NotNull; +import org.hibernate.validator.constraints.Range; import org.springframework.format.annotation.DateTimeFormat; @Entity @@ -25,6 +26,7 @@ public class TimeOffer extends Offer { private LocalTime finish; @NotNull(message = "Debe rellenar el descuento") + @Range(min = 0, max = 100, message = "El descuento debe estar entre 0 y 100 %") private Integer discount; public LocalTime getInit() { diff --git a/src/main/java/org/springframework/cheapy/service/NuOfferService.java b/src/main/java/org/springframework/cheapy/service/NuOfferService.java index b87093c3d..5268ac2db 100644 --- a/src/main/java/org/springframework/cheapy/service/NuOfferService.java +++ b/src/main/java/org/springframework/cheapy/service/NuOfferService.java @@ -35,6 +35,11 @@ public class NuOfferService { this.nuOfferRepository.save(nuOffer); } + @Transactional + public void saveUpdateNuOffer(final NuOffer nuOfferNew, final NuOffer nuOfferOld) throws DataAccessException { + this.nuOfferRepository.save(nuOfferNew); + } + public List findActiveNuOffer() { return this.nuOfferRepository.findActiveNuOffer(StatusOffer.active); } diff --git a/src/main/java/org/springframework/cheapy/web/FoodOfferController.java b/src/main/java/org/springframework/cheapy/web/FoodOfferController.java index 187d27e62..3cd695532 100644 --- a/src/main/java/org/springframework/cheapy/web/FoodOfferController.java +++ b/src/main/java/org/springframework/cheapy/web/FoodOfferController.java @@ -4,8 +4,10 @@ package org.springframework.cheapy.web; import java.time.format.DateTimeFormatter; import java.util.Map; +import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; +import org.springframework.beans.BeanUtils; import org.springframework.cheapy.model.Client; import org.springframework.cheapy.model.FoodOffer; import org.springframework.cheapy.model.StatusOffer; @@ -30,7 +32,7 @@ public class FoodOfferController { this.foodOfferService = foodOfferService; this.clientService = clientService; } - + private boolean checkIdentity(final int foodOfferId) { boolean res = false; Client client = this.clientService.getCurrentClient(); @@ -42,6 +44,23 @@ public class FoodOfferController { return res; } + private boolean checkOffer(final FoodOffer session, final FoodOffer offer) { + boolean res = false; + if (session.getId() == offer.getId() && session.getStatus() == offer.getStatus() + && (session.getCode() == null ? offer.getCode() == "" : session.getCode().equals(offer.getCode())) && !(session.getStatus().equals(StatusOffer.inactive))) { + res = true; + } + return res; + } + + private boolean checkDates(final FoodOffer foodOffer) { + boolean res = false; + if(foodOffer.getEnd().isAfter(foodOffer.getStart())) { + res = true; + } + return res; + } + @GetMapping("/offers/food/new") public String initCreationForm(Map model) { FoodOffer foodOffer = new FoodOffer(); @@ -54,6 +73,10 @@ public class FoodOfferController { if (result.hasErrors()) { return VIEWS_FOOD_OFFER_CREATE_OR_UPDATE_FORM; } else { + if(!this.checkDates(foodOffer)) { + //Poner aqui mensaje de error + return VIEWS_FOOD_OFFER_CREATE_OR_UPDATE_FORM; + } Client client = this.clientService.getCurrentClient(); foodOffer.setClient(client); foodOffer.setStatus(StatusOffer.hidden); @@ -61,7 +84,7 @@ public class FoodOfferController { return "redirect:/offers/food/" + foodOffer.getId(); } } - + @GetMapping(value = "/offers/food/{foodOfferId}/activate") public String activateFoodOffer(@PathVariable("foodOfferId") final int foodOfferId, ModelMap modelMap) { FoodOffer foodOffer = this.foodOfferService.findFoodOfferById(foodOfferId); @@ -73,7 +96,7 @@ public class FoodOfferController { } else { modelMap.addAttribute("message", "You don't have access to this food offer"); } - return "redirect:/offers/food/"+foodOfferId; + return "redirect:/offers/food/" + foodOfferId; } @@ -83,37 +106,53 @@ public class FoodOfferController { FoodOffer foodOffer = this.foodOfferService.findFoodOfferById(foodOfferId); model.put("foodOffer", foodOffer); - + model.put("localDateTimeFormat", DateTimeFormatter.ofPattern("dd/MM/yyyy HH:mm")); - + return "offers/food/foodOffersShow"; } @GetMapping(value = "/offers/food/{foodOfferId}/edit") - public String updateFoodOffer(@PathVariable("foodOfferId") final int foodOfferId, final ModelMap model) { - + public String updateFoodOffer(@PathVariable("foodOfferId") final int foodOfferId, final ModelMap model, + HttpServletRequest request) { + if (!this.checkIdentity(foodOfferId)) { return "error"; } - FoodOffer foodOffer = this.foodOfferService.findFoodOfferById(foodOfferId); + if (foodOffer.getStatus().equals(StatusOffer.inactive)) { + return "error"; + } model.addAttribute("foodOffer", foodOffer); + request.getSession().setAttribute("idFood", foodOfferId); return FoodOfferController.VIEWS_FOOD_OFFER_CREATE_OR_UPDATE_FORM; } @PostMapping(value = "/offers/food/{foodOfferId}/edit") - public String updateFoodOffer(@Valid final FoodOffer foodOfferEdit, final BindingResult result, final ModelMap model) { - + public String updateFoodOffer(@Valid final FoodOffer foodOfferEdit, final BindingResult result, + final ModelMap model, HttpServletRequest request) { + if (!this.checkIdentity(foodOfferEdit.getId())) { return "error"; } + Integer id = (Integer) request.getSession().getAttribute("idFood"); + FoodOffer foodOffer = this.foodOfferService.findFoodOfferById(id); + if (!this.checkOffer(foodOffer, foodOfferEdit)) { + return "error"; + } if (result.hasErrors()) { model.addAttribute("foodOffer", foodOfferEdit); return FoodOfferController.VIEWS_FOOD_OFFER_CREATE_OR_UPDATE_FORM; } else { + if(!this.checkDates(foodOfferEdit)) { + //Poner aqui mensaje de error + return FoodOfferController.VIEWS_FOOD_OFFER_CREATE_OR_UPDATE_FORM; + } + BeanUtils.copyProperties(this.foodOfferService.findFoodOfferById(foodOfferEdit.getId()), foodOfferEdit, + "start", "end", "food", "discount"); this.foodOfferService.saveFoodOffer(foodOfferEdit); return "redirect:/offers/food/" + foodOfferEdit.getId(); } @@ -121,7 +160,7 @@ public class FoodOfferController { @GetMapping(value = "/offers/food/{foodOfferId}/disable") public String disableFoodOffer(@PathVariable("foodOfferId") final int foodOfferId, final ModelMap model) { - + if (!this.checkIdentity(foodOfferId)) { return "error"; } @@ -133,7 +172,7 @@ public class FoodOfferController { @PostMapping(value = "/offers/food/{foodOfferId}/disable") public String disableFoodOfferForm(@PathVariable("foodOfferId") final int foodOfferId, final ModelMap model) { - + if (!this.checkIdentity(foodOfferId)) { return "error"; } diff --git a/src/main/java/org/springframework/cheapy/web/NuOfferController.java b/src/main/java/org/springframework/cheapy/web/NuOfferController.java index ec1b25dd4..7c8826521 100644 --- a/src/main/java/org/springframework/cheapy/web/NuOfferController.java +++ b/src/main/java/org/springframework/cheapy/web/NuOfferController.java @@ -4,15 +4,18 @@ import java.security.Principal; import java.time.format.DateTimeFormatter; import java.util.Map; +import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; import org.springframework.cheapy.model.NuOffer; +import org.springframework.cheapy.model.SpeedOffer; import org.springframework.cheapy.model.StatusOffer; +import org.springframework.beans.BeanUtils; import org.springframework.cheapy.model.Client; +import org.springframework.cheapy.model.FoodOffer; import org.springframework.cheapy.service.ClientService; import org.springframework.cheapy.service.NuOfferService; import org.springframework.stereotype.Controller; - import org.springframework.ui.ModelMap; import org.springframework.validation.BindingResult; import org.springframework.web.bind.annotation.GetMapping; @@ -31,13 +34,6 @@ public class NuOfferController { this.nuOfferService = nuOfferService; this.clientService = clientService; } - - @GetMapping("/offers/nu/new") - public String initCreationForm(Map model) { - NuOffer nuOffer = new NuOffer(); - model.put("nuOffer", nuOffer); - return VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM; - } private boolean checkIdentity(final int nuOfferId) { boolean res = false; @@ -50,11 +46,63 @@ public class NuOfferController { return res; } + private boolean checkOffer(final NuOffer session, final NuOffer offer) { + boolean res = false; + if (session.getId() == offer.getId() && session.getStatus() == offer.getStatus() + && (session.getCode() == null ? offer.getCode() == "" : session.getCode().equals(offer.getCode())) && !(session.getStatus().equals(StatusOffer.inactive))) { + res = true; + } + return res; + } + + private boolean checkDates(final NuOffer nuOffer) { + boolean res = false; + if(nuOffer.getEnd().isAfter(nuOffer.getStart())) { + res = true; + } + return res; + } + + private boolean checkConditions(final NuOffer NuOffer) { + boolean res = false; + if(NuOffer.getGold() > NuOffer.getSilver() && NuOffer.getSilver() > NuOffer.getBronze()) { + res = true; + } + return res; + } + + private boolean checkDiscounts(final NuOffer NuOffer) { + boolean res = false; + if(NuOffer.getDiscountGold() > NuOffer.getDiscountSilver() && NuOffer.getDiscountSilver() > NuOffer.getDiscountBronze()) { + res = true; + } + return res; + } + + @GetMapping("/offers/nu/new") + public String initCreationForm(Map model) { + NuOffer nuOffer = new NuOffer(); + model.put("nuOffer", nuOffer); + return VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM; + } + @PostMapping("/offers/nu/new") public String processCreationForm(@Valid NuOffer nuOffer, BindingResult result) { if (result.hasErrors()) { return VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM; } else { + if(!this.checkDates(nuOffer)) { + //Poner aqui mensaje de error + return VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM; + } + if(!this.checkConditions(nuOffer)) { + //Poner aqui mensaje de error + return VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM; + } + if(!this.checkDiscounts(nuOffer)) { + //Poner aqui mensaje de error + return VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM; + } nuOffer.setStatus(StatusOffer.hidden); Client client = this.clientService.getCurrentClient(); @@ -62,11 +110,11 @@ public class NuOfferController { nuOffer.setClient(client); this.nuOfferService.saveNuOffer(nuOffer); - return "redirect:/offers/nu/"+nuOffer.getId(); + return "redirect:/offers/nu/" + nuOffer.getId(); } } - @GetMapping(value ="/offers/nu/{nuOfferId}/activate") + @GetMapping(value = "/offers/nu/{nuOfferId}/activate") public String activateNuOffer(@PathVariable("nuOfferId") final int nuOfferId, final ModelMap modelMap) { Client client = this.clientService.getCurrentClient(); NuOffer nuOffer = this.nuOfferService.findNuOfferById(nuOfferId); @@ -74,11 +122,11 @@ public class NuOfferController { nuOffer.setStatus(StatusOffer.active); nuOffer.setCode("NU-" + nuOfferId); this.nuOfferService.saveNuOffer(nuOffer); - + } else { modelMap.addAttribute("message", "You don't have access to this number offer"); } - return "redirect:/offers/nu/"+ nuOffer.getId(); + return "redirect:/offers/nu/" + nuOffer.getId(); } @@ -93,36 +141,61 @@ public class NuOfferController { } @GetMapping(value = "/offers/nu/{nuOfferId}/edit") - public String updateNuOffer(@PathVariable("nuOfferId") final int nuOfferId, final ModelMap model) { - + public String updateNuOffer(@PathVariable("nuOfferId") final int nuOfferId, final ModelMap model, + HttpServletRequest request) { + if (!this.checkIdentity(nuOfferId)) { return "error"; } - NuOffer nuOffer = this.nuOfferService.findNuOfferById(nuOfferId); + if (nuOffer.getStatus().equals(StatusOffer.inactive)) { + return "error"; + } model.addAttribute("nuOffer", nuOffer); + request.getSession().setAttribute("idNu", nuOfferId); return NuOfferController.VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM; } @PostMapping(value = "/offers/nu/{nuOfferId}/edit") - public String updateNuOffer(@Valid final NuOffer nuOfferEdit, final BindingResult result, final ModelMap model) { - + public String updateNuOffer(@Valid final NuOffer nuOfferEdit, final BindingResult result, final ModelMap model, + HttpServletRequest request) { + if (!this.checkIdentity(nuOfferEdit.getId())) { return "error"; } + Integer id = (Integer) request.getSession().getAttribute("idNu"); + NuOffer nuOffer = this.nuOfferService.findNuOfferById(id); + if (!this.checkOffer(nuOffer, nuOfferEdit)) { + return "error"; + } if (result.hasErrors()) { model.addAttribute("nuOffer", nuOfferEdit); return NuOfferController.VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM; } else { + if(!this.checkDates(nuOffer)) { + //Poner aqui mensaje de error + return VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM; + } + if(!this.checkConditions(nuOffer)) { + //Poner aqui mensaje de error + return VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM; + } + if(!this.checkDiscounts(nuOffer)) { + //Poner aqui mensaje de error + return VIEWS_NU_OFFER_CREATE_OR_UPDATE_FORM; + } + BeanUtils.copyProperties(this.nuOfferService.findNuOfferById(nuOfferEdit.getId()), nuOfferEdit, "start", + "end", "gold", "discount_gold", "silver", "discount_silver", "bronze", "discount_bronze"); this.nuOfferService.saveNuOffer(nuOfferEdit); return "redirect:/offers/nu/" + nuOfferEdit.getId(); } } @GetMapping(value = "/offers/nu/{nuOfferId}/disable") - public String disableNuOffer(@PathVariable("nuOfferId") final int nuOfferId, final Principal principal, final ModelMap model) { + public String disableNuOffer(@PathVariable("nuOfferId") final int nuOfferId, final Principal principal, + final ModelMap model) { if (!this.checkIdentity(nuOfferId)) { return "error"; @@ -134,12 +207,13 @@ public class NuOfferController { } @PostMapping(value = "/offers/nu/{nuOfferId}/disable") - public String disableNuOfferForm(@PathVariable("nuOfferId") final int nuOfferId, final Principal principal, final ModelMap model) { + public String disableNuOfferForm(@PathVariable("nuOfferId") final int nuOfferId, final Principal principal, + final ModelMap model) { if (!this.checkIdentity(nuOfferId)) { return "error"; } - + NuOffer nuOffer = this.nuOfferService.findNuOfferById(nuOfferId); nuOffer.setStatus(StatusOffer.inactive); this.nuOfferService.saveNuOffer(nuOffer); diff --git a/src/main/java/org/springframework/cheapy/web/OfertaController.java b/src/main/java/org/springframework/cheapy/web/OfertaController.java index 73b3553cd..2ae80261c 100644 --- a/src/main/java/org/springframework/cheapy/web/OfertaController.java +++ b/src/main/java/org/springframework/cheapy/web/OfertaController.java @@ -13,16 +13,19 @@ import org.springframework.cheapy.service.FoodOfferService; import org.springframework.cheapy.service.NuOfferService; import org.springframework.cheapy.service.SpeedOfferService; import org.springframework.cheapy.service.TimeOfferService; +import org.springframework.security.authentication.AnonymousAuthenticationToken; +import org.springframework.security.core.Authentication; +import org.springframework.security.core.context.SecurityContextHolder; import org.springframework.stereotype.Controller; import org.springframework.web.bind.annotation.GetMapping; @Controller public class OfertaController { - + private final ClientService clientService; - + private final FoodOfferService foodOfferService; - private final NuOfferService nuOfferService; + private final NuOfferService nuOfferService; private final SpeedOfferService speedOfferService; private final TimeOfferService timeOfferService; @@ -42,40 +45,49 @@ public class OfertaController { List nuOfferLs=this.nuOfferService.findActiveNuOffer(); List speedOfferLs=this.speedOfferService.findActiveSpeedOffer(); List timeOfferLs=this.timeOfferService.findActiveTimeOffer(); - + model.put("foodOfferLs", foodOfferLs); model.put("nuOfferLs", nuOfferLs); model.put("speedOfferLs", speedOfferLs); model.put("timeOfferLs", timeOfferLs); - - //Se añade formateador de fecha al modelo + + //Se añade formateador de fecha al modelo model.put("localDateTimeFormat", DateTimeFormatter.ofPattern("dd/MM/yyyy HH:mm")); - + return "offers/offersList"; } - + + @GetMapping("/myOffers") public String processMyOffersForm( Map model) { - + int actual = this.clientService.getCurrentClient().getId(); - + List foodOfferLs = this.foodOfferService.findFoodOfferByUserId(actual); List nuOfferLs = this.nuOfferService.findNuOfferByUserId(actual); List speedOfferLs = this.speedOfferService.findSpeedOfferByUserId(actual); List timeOfferLs = this.timeOfferService.findTimeOfferByUserId(actual); - + model.put("foodOfferLs", foodOfferLs); model.put("nuOfferLs", nuOfferLs); model.put("speedOfferLs", speedOfferLs); model.put("timeOfferLs", timeOfferLs); - - //Se añade formateador de fecha al modelo - model.put("localDateTimeFormat", DateTimeFormatter.ofPattern("dd/MM/yyyy HH:mm")); - - return "offers/myOffersList"; - } + //Se añade formateador de fecha al modelo + model.put("localDateTimeFormat", DateTimeFormatter.ofPattern("dd/MM/yyyy HH:mm")); + + return "offers/myOffersList"; + } + + @GetMapping("/offersCreate") + public String createOffers() { + + return "offers/offersCreate"; + } + + + // @GetMapping("/owners/{ownerId}/edit") // public String initUpdateOwnerForm(@PathVariable("ownerId") int ownerId, Model model) { // Owner owner = this.ownerService.findOwnerById(ownerId); @@ -99,10 +111,10 @@ public class OfertaController { // public ModelAndView showOwner(@PathVariable("ownerId") int ownerId) { // ModelAndView mav = new ModelAndView("owners/ownerDetails"); // Owner owner = this.ownerService.findOwnerById(ownerId); -// +// // mav.addObject(owner); // return mav; // } - - + + } diff --git a/src/main/java/org/springframework/cheapy/web/SpeedOfferController.java b/src/main/java/org/springframework/cheapy/web/SpeedOfferController.java index 8739479d4..5b7e5aada 100644 --- a/src/main/java/org/springframework/cheapy/web/SpeedOfferController.java +++ b/src/main/java/org/springframework/cheapy/web/SpeedOfferController.java @@ -3,11 +3,14 @@ package org.springframework.cheapy.web; import java.time.format.DateTimeFormatter; import java.util.Map; +import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; import org.springframework.cheapy.model.SpeedOffer; import org.springframework.cheapy.model.StatusOffer; +import org.springframework.beans.BeanUtils; import org.springframework.cheapy.model.Client; +import org.springframework.cheapy.model.FoodOffer; import org.springframework.cheapy.service.ClientService; import org.springframework.cheapy.service.SpeedOfferService; import org.springframework.stereotype.Controller; @@ -29,7 +32,7 @@ public class SpeedOfferController { this.speedOfferService = speedOfferService; this.clientService = clientService; } - + private boolean checkIdentity(final int speedOfferId) { boolean res = false; Client client = this.clientService.getCurrentClient(); @@ -41,6 +44,39 @@ public class SpeedOfferController { return res; } + private boolean checkOffer(final SpeedOffer session, final SpeedOffer offer) { + boolean res = false; + if (session.getId() == offer.getId() && session.getStatus() == offer.getStatus() + && (session.getCode() == null ? offer.getCode() == "" : session.getCode().equals(offer.getCode())) && !(session.getStatus().equals(StatusOffer.inactive))) { + res = true; + } + return res; + } + + private boolean checkDates(final SpeedOffer speedOffer) { + boolean res = false; + if(speedOffer.getEnd().isAfter(speedOffer.getStart())) { + res = true; + } + return res; + } + + private boolean checkConditions(final SpeedOffer speedOffer) { + boolean res = false; + if(speedOffer.getGold() < speedOffer.getSilver() && speedOffer.getSilver() < speedOffer.getBronze()) { + res = true; + } + return res; + } + + private boolean checkDiscounts(final SpeedOffer speedOffer) { + boolean res = false; + if(speedOffer.getDiscountGold() > speedOffer.getDiscountSilver() && speedOffer.getDiscountSilver() > speedOffer.getDiscountBronze()) { + res = true; + } + return res; + } + @GetMapping("/offers/speed/new") public String initCreationForm(Map model) { SpeedOffer speedOffer = new SpeedOffer(); @@ -53,6 +89,18 @@ public class SpeedOfferController { if (result.hasErrors()) { return VIEWS_SPEED_OFFER_CREATE_OR_UPDATE_FORM; } else { + if(!this.checkDates(speedOffer)) { + //Poner aqui mensaje de error + return VIEWS_SPEED_OFFER_CREATE_OR_UPDATE_FORM; + } + if(!this.checkConditions(speedOffer)) { + //Poner aqui mensaje de error + return VIEWS_SPEED_OFFER_CREATE_OR_UPDATE_FORM; + } + if(!this.checkDiscounts(speedOffer)) { + //Poner aqui mensaje de error + return VIEWS_SPEED_OFFER_CREATE_OR_UPDATE_FORM; + } Client client = this.clientService.getCurrentClient(); speedOffer.setClient(client); speedOffer.setStatus(StatusOffer.hidden); @@ -61,7 +109,6 @@ public class SpeedOfferController { } } - @GetMapping(value = "/offers/speed/{speedOfferId}/activate") public String activateSpeedOffer(@PathVariable("speedOfferId") final int speedOfferId, ModelMap modelMap) { SpeedOffer speedOffer = this.speedOfferService.findSpeedOfferById(speedOfferId); @@ -87,29 +134,53 @@ public class SpeedOfferController { } @GetMapping(value = "/offers/speed/{speedOfferId}/edit") - public String updateSpeedOffer(@PathVariable("speedOfferId") final int speedOfferId, final ModelMap model) { - + public String updateSpeedOffer(@PathVariable("speedOfferId") final int speedOfferId, final ModelMap model, HttpServletRequest request) { + if (!this.checkIdentity(speedOfferId)) { return "error"; } - SpeedOffer speedOffer = this.speedOfferService.findSpeedOfferById(speedOfferId); + if (speedOffer.getStatus().equals(StatusOffer.inactive)) { + return "error"; + } + model.addAttribute("speedOffer", speedOffer); + request.getSession().setAttribute("idSpeed", speedOfferId); return SpeedOfferController.VIEWS_SPEED_OFFER_CREATE_OR_UPDATE_FORM; } @PostMapping(value = "/offers/speed/{speedOfferId}/edit") - public String updateSpeedOffer(@Valid final SpeedOffer speedOfferEdit, final BindingResult result, final ModelMap model) { - + public String updateSpeedOffer(@Valid final SpeedOffer speedOfferEdit, final BindingResult result, + final ModelMap model, HttpServletRequest request) { + if (!this.checkIdentity(speedOfferEdit.getId())) { return "error"; } - + Integer id = (Integer) request.getSession().getAttribute("idSpeed"); + SpeedOffer speedOffer = this.speedOfferService.findSpeedOfferById(id); + if (!this.checkOffer(speedOffer, speedOfferEdit)) { + return "error"; + } + if (result.hasErrors()) { model.addAttribute("speedOffer", speedOfferEdit); return SpeedOfferController.VIEWS_SPEED_OFFER_CREATE_OR_UPDATE_FORM; } else { + if(!this.checkDates(speedOffer)) { + //Poner aqui mensaje de error + return VIEWS_SPEED_OFFER_CREATE_OR_UPDATE_FORM; + } + if(!this.checkConditions(speedOffer)) { + //Poner aqui mensaje de error + return VIEWS_SPEED_OFFER_CREATE_OR_UPDATE_FORM; + } + if(!this.checkDiscounts(speedOffer)) { + //Poner aqui mensaje de error + return VIEWS_SPEED_OFFER_CREATE_OR_UPDATE_FORM; + } + BeanUtils.copyProperties(this.speedOfferService.findSpeedOfferById(speedOfferEdit.getId()), speedOfferEdit, + "start", "end", "gold", "discount_gold", "silver", "discount_silver", "bronze", "discount_bronze"); this.speedOfferService.saveSpeedOffer(speedOfferEdit); return "redirect:/offers/speed/" + speedOfferEdit.getId(); } @@ -118,7 +189,7 @@ public class SpeedOfferController { @GetMapping(value = "/offers/speed/{speedOfferId}/disable") public String disableSpeedOffer(@PathVariable("speedOfferId") final int speedOfferId, final ModelMap model) { - + if (!this.checkIdentity(speedOfferId)) { return "error"; } @@ -130,7 +201,7 @@ public class SpeedOfferController { @PostMapping(value = "/offers/speed/{speedOfferId}/disable") public String disableSpeedOfferForm(@PathVariable("speedOfferId") final int speedOfferId, final ModelMap model) { - + if (!this.checkIdentity(speedOfferId)) { return "error"; } diff --git a/src/main/java/org/springframework/cheapy/web/TimeOfferController.java b/src/main/java/org/springframework/cheapy/web/TimeOfferController.java index eb795cf35..5b58bed76 100644 --- a/src/main/java/org/springframework/cheapy/web/TimeOfferController.java +++ b/src/main/java/org/springframework/cheapy/web/TimeOfferController.java @@ -1,12 +1,14 @@ package org.springframework.cheapy.web; - import java.time.format.DateTimeFormatter; import java.util.Map; +import javax.servlet.http.HttpServletRequest; import javax.validation.Valid; +import org.springframework.beans.BeanUtils; import org.springframework.cheapy.model.Client; +import org.springframework.cheapy.model.FoodOffer; import org.springframework.cheapy.model.StatusOffer; import org.springframework.cheapy.model.TimeOffer; import org.springframework.cheapy.service.ClientService; @@ -29,7 +31,7 @@ public class TimeOfferController { this.timeOfferService = timeOfferService; this.clientService = clientService; } - + private boolean checkIdentity(final int timeOfferId) { boolean res = false; Client client = this.clientService.getCurrentClient(); @@ -41,6 +43,31 @@ public class TimeOfferController { return res; } + private boolean checkOffer(final TimeOffer session, final TimeOffer offer) { + boolean res = false; + if (session.getId() == offer.getId() && session.getStatus() == offer.getStatus() + && (session.getCode() == null ? offer.getCode() == "" : session.getCode().equals(offer.getCode())) && !(session.getStatus().equals(StatusOffer.inactive))) { + res = true; + } + return res; + } + + private boolean checkDates(final TimeOffer timeOffer) { + boolean res = false; + if(timeOffer.getEnd().isAfter(timeOffer.getStart())) { + res = true; + } + return res; + } + + private boolean checkTimes(final TimeOffer timeOffer) { + boolean res = false; + if(timeOffer.getFinish().isAfter(timeOffer.getInit())) { + res = true; + } + return res; + } + @GetMapping("/offers/time/new") public String initCreationForm(Map model) { TimeOffer timeOffer = new TimeOffer(); @@ -53,6 +80,16 @@ public class TimeOfferController { if (result.hasErrors()) { return VIEWS_TIME_OFFER_CREATE_OR_UPDATE_FORM; } else { + if(!this.checkDates(timeOffer)) { + //Poner aqui mensaje de error + return VIEWS_TIME_OFFER_CREATE_OR_UPDATE_FORM; + } + + if(!this.checkTimes(timeOffer)) { + //Poner aqui mensaje de error + return VIEWS_TIME_OFFER_CREATE_OR_UPDATE_FORM; + } + timeOffer.setStatus(StatusOffer.hidden); Client client = this.clientService.getCurrentClient(); @@ -64,7 +101,7 @@ public class TimeOfferController { } } - @GetMapping(value ="/offers/time/{timeOfferId}/activate") + @GetMapping(value = "/offers/time/{timeOfferId}/activate") public String activateTimeOffer(@PathVariable("timeOfferId") final int timeOfferId, final ModelMap modelMap) { Client client = this.clientService.getCurrentClient(); TimeOffer timeOffer = this.timeOfferService.findTimeOfferById(timeOfferId); @@ -73,13 +110,11 @@ public class TimeOfferController { timeOffer.setCode("TI-" + timeOfferId); this.timeOfferService.saveTimeOffer(timeOffer); - } else { modelMap.addAttribute("message", "You don't have access to this time offer"); } return "redirect:/offers/time/" + timeOffer.getId(); - } @GetMapping("/offers/time/{timeOfferId}") @@ -90,35 +125,56 @@ public class TimeOfferController { model.put("timeOffer", timeOffer); model.put("localDateTimeFormat", DateTimeFormatter.ofPattern("dd/MM/yyyy HH:mm")); - + return "offers/time/timeOffersShow"; } @GetMapping(value = "/offers/time/{timeOfferId}/edit") - public String updateTimeOffer(@PathVariable("timeOfferId") final int timeOfferId, final ModelMap model) { - + public String updateTimeOffer(@PathVariable("timeOfferId") final int timeOfferId, final ModelMap model, + HttpServletRequest request) { + if (!this.checkIdentity(timeOfferId)) { return "error"; } - TimeOffer timeOffer = this.timeOfferService.findTimeOfferById(timeOfferId); + if (timeOffer.getStatus().equals(StatusOffer.inactive)) { + return "error"; + } + model.addAttribute("timeOffer", timeOffer); + request.getSession().setAttribute("idTime", timeOfferId); return TimeOfferController.VIEWS_TIME_OFFER_CREATE_OR_UPDATE_FORM; } @PostMapping(value = "/offers/time/{timeOfferId}/edit") - public String updateTimeOffer(@Valid final TimeOffer timeOfferEdit, final BindingResult result, final ModelMap model) { - + public String updateTimeOffer(@Valid final TimeOffer timeOfferEdit, final BindingResult result, + final ModelMap model, HttpServletRequest request) { + if (!this.checkIdentity(timeOfferEdit.getId())) { return "error"; } + Integer id = (Integer) request.getSession().getAttribute("idTime"); + TimeOffer timeOffer = this.timeOfferService.findTimeOfferById(id); + if (!this.checkOffer(timeOffer, timeOfferEdit)) { + return "error"; + } if (result.hasErrors()) { model.addAttribute("timeOffer", timeOfferEdit); return TimeOfferController.VIEWS_TIME_OFFER_CREATE_OR_UPDATE_FORM; } else { + if(!this.checkDates(timeOffer)) { + //Poner aqui mensaje de error + return VIEWS_TIME_OFFER_CREATE_OR_UPDATE_FORM; + } + if(!this.checkTimes(timeOffer)) { + //Poner aqui mensaje de error + return VIEWS_TIME_OFFER_CREATE_OR_UPDATE_FORM; + } + BeanUtils.copyProperties(this.timeOfferService.findTimeOfferById(timeOfferEdit.getId()), timeOfferEdit, + "start", "end", "init", "finish", "discount"); this.timeOfferService.saveTimeOffer(timeOfferEdit); return "redirect:/offers/time/" + timeOfferEdit.getId(); } @@ -127,7 +183,7 @@ public class TimeOfferController { @GetMapping(value = "/offers/time/{timeOfferId}/disable") public String disableTimeOffer(@PathVariable("timeOfferId") final int timeOfferId, final ModelMap model) { - + if (!this.checkIdentity(timeOfferId)) { return "error"; } @@ -139,7 +195,7 @@ public class TimeOfferController { @PostMapping(value = "/offers/time/{timeOfferId}/disable") public String disableTimeOfferForm(@PathVariable("timeOfferId") final int timeOfferId, final ModelMap model) { - + if (!this.checkIdentity(timeOfferId)) { return "error"; } @@ -152,7 +208,6 @@ public class TimeOfferController { return "redirect:/myOffers"; - } } diff --git a/src/main/less/cheapy.less b/src/main/less/cheapy.less index 2ad446686..a0bff3551 100644 --- a/src/main/less/cheapy.less +++ b/src/main/less/cheapy.less @@ -56,7 +56,7 @@ .table-filter { background-color: @spring-brown; - padding: 9px 12px; + padding: 5px 12px; } .nav > li > a { @@ -240,20 +240,81 @@ img.img-responsive{ background-color: rgb(40, 140, 215); } +.btn-home{ + display: table; + margin: 0 auto; +} + +.btn-create button { + background-color: rgb(40, 140, 215); + border: 1px solid rgb(0, 0, 160); + color: white; + padding: 10px 24px; + cursor: pointer; + width: 70%; + display: block; + +} + +.btn-create button:not(:last-child) { + border-bottom: none; +} + + +.btn-create button:hover { + background-color: rgb(0, 64, 128) +} + +.btn-create-max button { + padding: 20px; + margin-left:auto; + margin-right: auto; + margin-bottom: 20px; +} + +.btn-mod{ + display: table; + margin: 0 auto; + float:left; +} + +.btn-mod button { + background-color: rgb(0, 64, 128); + border: 1px solid rgb(0, 0, 160); + color: white; + padding: 10px 24px; + cursor: pointer; + display: block; +} + +.btn-mod button:not(:last-child) { + border-bottom: none; +} + + +.btn-mod button:hover { + background-color: rgb(40, 140, 215); +} + #foodOfferTable th { width: 25%; + text-align: center; + } #nuOfferTable th { - width: 33%; + width: 25%; +text-align: center; } #speedOfferTable th { - width: 33%; + width: 25%; +text-align: center; } #timeOfferTable th { - width: 33%; + width: 25%; +text-align: center; } .btn-detalles button { @@ -278,7 +339,52 @@ img.img-responsive{ .btn-return{ display: table; margin: 0 auto; - width: 100%; + float:left; +} + +.btns-edit{ + display: table; + margin: 0 auto; + float:right; +} + +.btns-edit button{ + background-color: rgb(0, 64, 128); + border: 1px solid rgb(0, 0, 160); + color: white; + padding: 10px 24px; + cursor: pointer; +} + +.btns-edit button:not(:last-child) { + border-bottom: none; +} + + +.btns-edit button:hover { + background-color: rgb(40, 140, 215); +} + +.btns-delete{ + display: table; + margin: 0 auto; + float:left; +} + +.btns-delete button{ + background-color: rgb(0, 64, 128); + border: 1px solid rgb(0, 0, 160); + color: white; + padding: 10px 24px; + cursor: pointer; +} + +.btns-delete button:not(:last-child) { + border-bottom: none; +} + +.btns-delete button:hover { + background-color: rgb(40, 140, 215); } .btn-return button { @@ -288,32 +394,50 @@ img.img-responsive{ padding: 10px 24px; cursor: pointer; display: block; - left: 0%; } .btn-return button:not(:last-child) { border-bottom: none; } - .btn-return button:hover { background-color: rgb(40, 140, 215); } #foodOfferTable td{ vertical-align:middle; +text-align: center; } #nuOfferTable td{ vertical-align:middle; +text-align: center; } #speedOfferTable td{ vertical-align:middle; +text-align: center; } #timeOfferTable td{ vertical-align:middle; +text-align: center; +} + +#nuOffer-table th{ + text-align: center; +} + +#nuOffer-table td{ + text-align: center; +} + +#speedOffer-table th{ + text-align: center; +} + +#speedOffer-table td{ + text-align: center; } #nuOffer-table tr:nth-child(3){ @@ -364,6 +488,13 @@ img.img-responsive{ background-color: rgb(204, 128, 51); } +#vacio { + text-align:center; + font-size: 120%; + padding:10px; + color: rgb(29, 142, 226); +} + .alert-success { .alert-variant(fade(@alert-success-bg, 70%); @alert-success-border; @alert-success-text); } diff --git a/src/main/resources/db/mysql/data.sql b/src/main/resources/db/mysql/data.sql index 39f0ca7b1..c279eadf3 100644 --- a/src/main/resources/db/mysql/data.sql +++ b/src/main/resources/db/mysql/data.sql @@ -11,8 +11,8 @@ INSERT INTO owners VALUES (10, 'Carlos', 'Estaban', '2335 Independence La.', 'Wa INSERT INTO users (dtype,username,password,enabled) VALUES ('User','admin','admin', TRUE ); INSERT INTO authorities VALUES ('admin','admin'); -INSERT INTO users (dtype,username,password,enabled) VALUES ('User','manoli','manoli', TRUE ); +INSERT INTO users (dtype,username,password,enabled) VALUES ('User','manoli','manoli', TRUE ); INSERT INTO authorities VALUES ('manoli','client'); INSERT INTO users (dtype,username,password,enabled) VALUES ('User','david','david', TRUE ); INSERT INTO authorities VALUES ('david','client'); @@ -32,8 +32,18 @@ INSERT INTO usuarios VALUES (4, 'Pepe', 'Lopez', '12456776V', 'C/Macarena', '690 INSERT INTO clients (id, name, email, address, init, finish, telephone, description, code, food, username) VALUES (1,'bar manoli','manoli@gmail.com','C/Betis','10:00','22:00','608726190', 'description 1', 'code1', 'ESPAÑOLA','manoli'); INSERT INTO clients (id, name, email, address, init, finish, telephone, description, code, food, username) VALUES (2,'bar david','david@gmail.com','C/Sevilla','09:30','22:00','608726190', 'description 2', 'code2', 'americana','david'); -INSERT INTO food_offers(start, end, code, status, client_id, food, discount) VALUES ('2021-06-15 12:00:00', '2021-06-16 12:00:00', 'FO-1', 'inactive', 1, 'macarrones', 15); -INSERT INTO time_offers(start, end, code, status, client_id, init, finish, discount) VALUES ('2021-06-15 12:00:00', '2021-06-16 12:00:00', 'T-1', 'active', 1, '12:00:00', '13:00:00', 10); -INSERT INTO speed_offers(start, end, code, status, client_id, gold, discount_gold, silver, discount_silver, bronze, discount_bronze) VALUES ('2021-06-15 12:00:00', '2021-06-16 12:00:00', 'SP-1', 'active',1,5,25,10,15,15,10); -INSERT INTO nu_offers(start, end, code, status, client_id, gold, discount_gold, silver, discount_silver, bronze, discount_bronze) VALUES ('2021-06-15 12:00:00', '2021-06-16 12:00:00', 'NU-1', 'active',1,15,25,10,15,5,10); +INSERT INTO food_offers(start, end, code, status, client_id, food, discount) VALUES ('2021-08-14 12:00:00', '2021-08-15 12:00:00', 'FO-1', 'inactive', 1, 'macarrones', 15); +INSERT INTO food_offers(start, end, code, status, client_id, food, discount) VALUES ('2021-08-15 12:00:00', '2021-08-16 12:00:00', 'FO-2', 'active', 1, 'macarrones con tomate', 10); +INSERT INTO food_offers(start, end, code, status, client_id, food, discount) VALUES ('2021-08-16 12:00:00', '2021-08-17 12:00:00', null, 'hidden', 1, 'macarrones con queso', 5); +INSERT INTO time_offers(start, end, code, status, client_id, init, finish, discount) VALUES ('2021-08-14 12:00:00', '2021-08-15 12:00:00', 'T-1', 'inactive', 1, '12:00:00', '13:00:00', 5); +INSERT INTO time_offers(start, end, code, status, client_id, init, finish, discount) VALUES ('2021-08-15 12:00:00', '2021-08-16 12:00:00', 'T-2', 'active', 1, '12:00:00', '13:00:00', 10); +INSERT INTO time_offers(start, end, code, status, client_id, init, finish, discount) VALUES ('2021-08-16 12:00:00', '2021-08-17 12:00:00', null, 'hidden', 1, '12:00:00', '13:00:00', 15); + +INSERT INTO speed_offers(start, end, code, status, client_id, gold, discount_gold, silver, discount_silver, bronze, discount_bronze) VALUES ('2021-08-14 12:00:00', '2021-08-15 12:00:00', 'SP-1', 'inactive',1,5,25,10,15,15,10); +INSERT INTO speed_offers(start, end, code, status, client_id, gold, discount_gold, silver, discount_silver, bronze, discount_bronze) VALUES ('2021-08-15 12:00:00', '2021-08-16 12:00:00', 'SP-2', 'active',1,5,25,10,15,15,10); +INSERT INTO speed_offers(start, end, code, status, client_id, gold, discount_gold, silver, discount_silver, bronze, discount_bronze) VALUES ('2021-08-16 12:00:00', '2021-08-17 12:00:00', null, 'hidden',1,5,25,10,15,15,10); + +INSERT INTO nu_offers(start, end, code, status, client_id, gold, discount_gold, silver, discount_silver, bronze, discount_bronze) VALUES ('2021-08-14 12:00:00', '2021-08-15 12:00:00', 'NU-1', 'inactive',1,15,25,10,15,5,10); +INSERT INTO nu_offers(start, end, code, status, client_id, gold, discount_gold, silver, discount_silver, bronze, discount_bronze) VALUES ('2021-08-15 12:00:00', '2021-08-16 12:00:00', 'NU-2', 'active',1,15,25,10,15,5,10); +INSERT INTO nu_offers(start, end, code, status, client_id, gold, discount_gold, silver, discount_silver, bronze, discount_bronze) VALUES ('2021-08-16 12:00:00', '2021-08-17 12:00:00', null, 'hidden',1,15,25,10,15,5,10); diff --git a/src/main/resources/messages/messages_es.properties b/src/main/resources/messages/messages_es.properties index a4d3a0ddf..a4aebbe00 100644 --- a/src/main/resources/messages/messages_es.properties +++ b/src/main/resources/messages/messages_es.properties @@ -1,5 +1,10 @@ welcome=Bienvenido a +new=Nueva +deleteOffer=Eliminar Oferta +cancel=Cancelar +deleteOfferMessage=Confirme que quiere eliminar su oferta listOffers=Ver Ofertas +createOffers=Crear Ofertas foodOffers=Ofertas por plato específico foodOffer=Oferta por plato específico nuOffers=Ofertas por número de comensales @@ -37,3 +42,9 @@ reviews= Reseñas stars= Estrellas opinion= Opinión user = Nombre de usuario +createFoodOffers= Crear ofertas por plato específico +createNuOffers= Crear ofertas por número de comensales +createSpeedOffers= Crear ofertas por rapidez comiendo +createTimeOffers= Crear ofertas por franja horaria +init= Inicio del intervalo +finish= Fin del intervalo diff --git a/src/main/webapp/WEB-INF/jsp/login.jsp b/src/main/webapp/WEB-INF/jsp/login.jsp index d48b3e296..7c1b61609 100644 --- a/src/main/webapp/WEB-INF/jsp/login.jsp +++ b/src/main/webapp/WEB-INF/jsp/login.jsp @@ -1,6 +1,8 @@ <%@ page session="false" trimDirectiveWhitespaces="true" %> <%@ taglib prefix="spring" uri="http://www.springframework.org/tags" %> <%@ taglib prefix="fmt" uri="http://java.sun.com/jsp/jstl/fmt" %> +<%@ taglib prefix="c" uri="http://java.sun.com/jsp/jstl/core" %> +<%@ taglib prefix="fn" uri="http://java.sun.com/jsp/jstl/functions" %> <%@ taglib prefix="cheapy" tagdir="/WEB-INF/tags" %> <%@ taglib prefix="sec" uri="http://www.springframework.org/security/tags" %> @@ -275,25 +277,29 @@
- +
+ +

El usuario y/o la contraseña son incorrectos

+ +
-

Nombre de usuario o contraseña inválido

+

Nombre de usuario o contraseña inválido