SchoolController.java
package edu.ucsb.cs156.organic.controllers;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import edu.ucsb.cs156.organic.errors.EntityNotFoundException;
import org.springframework.security.access.AccessDeniedException;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.extern.slf4j.Slf4j;
import javax.validation.Valid;
import java.time.LocalDateTime;
import java.util.Optional;
import com.fasterxml.jackson.core.JsonProcessingException;
import com.fasterxml.jackson.databind.ObjectMapper;
import edu.ucsb.cs156.organic.entities.School;
import edu.ucsb.cs156.organic.entities.User;
import edu.ucsb.cs156.organic.repositories.SchoolRepository;
import edu.ucsb.cs156.organic.repositories.UserRepository;
@Tag(name = "school")
@RequestMapping("/api/schools")
@RestController
@Slf4j // what does this do
public class SchoolController extends ApiController{
@Autowired
SchoolRepository schoolRepository;
@Autowired
ObjectMapper mapper;
@Autowired
UserRepository userRepository;
@Operation(summary = "Update information for a school")
// allow for roles of ADMIN or INSTRUCTOR but only if the user is a staff member
// for the course
@PreAuthorize("hasAnyRole('ROLE_ADMIN', 'ROLE_INSTRUCTOR')")
@PutMapping("/update")
public School updateSchool(
@Parameter(name = "abbrev") @RequestParam String abbrev,
@RequestBody @Valid School incoming) {
School school = schoolRepository.findById(abbrev)
.orElseThrow(() -> new EntityNotFoundException(School.class, abbrev));
school.setName(incoming.getName());
school.setTermRegex(incoming.getTermRegex());
school.setTermDescription(incoming.getTermDescription());
school.setTermError(incoming.getTermError());
schoolRepository.save(school);
log.info("school={}", school);
return school;
}
@Operation(summary= "List all schools")
@PreAuthorize("hasRole('ROLE_USER')")
@GetMapping("/all")
public Iterable<School> allSchools() {
Iterable<School> schools = schoolRepository.findAll();
return schools;
}
@Operation(summary= "Get a single school by abbreviation")
@PreAuthorize("hasRole('ROLE_USER')")
@GetMapping("")
public School getById(
@Parameter(name="abbrev") @RequestParam String abbrev) {
Optional<School> schoolOptional = schoolRepository.findById(abbrev);
School school = schoolOptional.orElseThrow(() -> new EntityNotFoundException(School.class, abbrev));
return school;
}
@Operation(summary= "Delete a school")
@PreAuthorize("hasRole('ROLE_ADMIN')")
@DeleteMapping("")
public Object deleteSchool(
@Parameter(name="abbrev") @RequestParam String abbrev) {
School school = schoolRepository.findById(abbrev)
.orElseThrow(() -> new EntityNotFoundException(School.class, abbrev));
schoolRepository.delete(school);
return genericMessage("School with id %s deleted".formatted(abbrev));
}
@Operation(summary= "Create a new school")
@PreAuthorize("hasRole('ROLE_ADMIN')")
@PostMapping("/post")
public School postSchool(
@Parameter(name = "school", description="school in json format") @RequestBody School school
)
{
if (!school.getAbbrev().equals(school.getAbbrev().toLowerCase())){
throw new IllegalArgumentException("Invalid abbrev format. Abbrev must be all lowercase");
}
School savedSchool = schoolRepository.save(school);
return savedSchool;
}
}