1 | package edu.ucsb.cs156.organic.controllers; | |
2 | ||
3 | import edu.ucsb.cs156.organic.entities.Course; | |
4 | import edu.ucsb.cs156.organic.entities.School; | |
5 | import edu.ucsb.cs156.organic.entities.Staff; | |
6 | import edu.ucsb.cs156.organic.entities.User; | |
7 | import edu.ucsb.cs156.organic.repositories.CourseRepository; | |
8 | import edu.ucsb.cs156.organic.repositories.SchoolRepository; | |
9 | import edu.ucsb.cs156.organic.repositories.StaffRepository; | |
10 | import edu.ucsb.cs156.organic.repositories.UserRepository; | |
11 | import io.swagger.v3.oas.annotations.Operation; | |
12 | import io.swagger.v3.oas.annotations.Parameter; | |
13 | import io.swagger.v3.oas.annotations.tags.Tag; | |
14 | import lombok.extern.slf4j.Slf4j; | |
15 | ||
16 | import com.fasterxml.jackson.core.JsonProcessingException; | |
17 | ||
18 | import org.springframework.beans.factory.annotation.Autowired; | |
19 | import org.springframework.format.annotation.DateTimeFormat; | |
20 | import org.springframework.security.access.prepost.PreAuthorize; | |
21 | import org.springframework.web.bind.annotation.DeleteMapping; | |
22 | import org.springframework.web.bind.annotation.GetMapping; | |
23 | import org.springframework.web.bind.annotation.DeleteMapping; | |
24 | import org.springframework.web.bind.annotation.PostMapping; | |
25 | import org.springframework.web.bind.annotation.PutMapping; | |
26 | import org.springframework.web.bind.annotation.RequestMapping; | |
27 | import org.springframework.web.bind.annotation.RequestParam; | |
28 | import org.springframework.web.bind.annotation.RestController; | |
29 | ||
30 | import edu.ucsb.cs156.organic.errors.EntityNotFoundException; | |
31 | import org.springframework.security.access.AccessDeniedException; | |
32 | ||
33 | import java.time.LocalDateTime; | |
34 | ||
35 | import javax.validation.Valid; | |
36 | ||
37 | import java.util.Optional; | |
38 | ||
39 | @Tag(name = "Courses") | |
40 | @RequestMapping("/api/courses") | |
41 | @RestController | |
42 | @Slf4j | |
43 | public class CoursesController extends ApiController { | |
44 | ||
45 | @Autowired | |
46 | CourseRepository courseRepository; | |
47 | ||
48 | @Autowired | |
49 | StaffRepository courseStaffRepository; | |
50 | ||
51 | @Autowired | |
52 | UserRepository userRepository; | |
53 | ||
54 | @Autowired | |
55 | SchoolRepository schoolRepository; | |
56 | ||
57 | @Operation(summary = "List all courses") | |
58 | @PreAuthorize("hasAnyRole('ROLE_USER', 'ROLE_ADMIN')") | |
59 | @GetMapping("/all") | |
60 | public Iterable<Course> allCourses() { | |
61 | User u = getCurrentUser().getUser(); | |
62 | log.info("u={}", u); | |
63 |
1
1. allCourses : negated conditional → KILLED |
if (u.isAdmin()) { |
64 |
1
1. allCourses : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::allCourses → KILLED |
return courseRepository.findAll(); |
65 | } else { | |
66 |
1
1. allCourses : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::allCourses → KILLED |
return courseRepository.findCoursesStaffedByUser(u.getGithubId()); |
67 | } | |
68 | } | |
69 | ||
70 | @Operation(summary= "Get a single course by id") | |
71 | @PreAuthorize("hasAnyRole('ROLE_USER', 'ROLE_ADMIN')") | |
72 | @GetMapping("/get") | |
73 | public Course getById( | |
74 | @Parameter(name="id") @RequestParam Long id) { | |
75 | User u = getCurrentUser().getUser(); | |
76 | ||
77 | Course course = courseRepository.findById(id) | |
78 |
1
1. lambda$getById$0 : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::lambda$getById$0 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(Course.class, id)); |
79 | | |
80 |
1
1. getById : negated conditional → KILLED |
if(!u.isAdmin()){ |
81 | courseStaffRepository.findByCourseIdAndGithubId(id, u.getGithubId()) | |
82 |
1
1. lambda$getById$1 : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::lambda$getById$1 → KILLED |
.orElseThrow(() -> new AccessDeniedException( |
83 | String.format("User %s is not authorized to get course %d", u.getGithubLogin(), id))); | |
84 | } | |
85 | ||
86 |
1
1. getById : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::getById → KILLED |
return course; |
87 | } | |
88 | ||
89 | @Operation(summary = "Create a new course") | |
90 | @PreAuthorize("hasAnyRole('ROLE_ADMIN','ROLE_INSTRUCTOR')") | |
91 | @PostMapping("/post") | |
92 | public Course postCourse( | |
93 | @Parameter(name = "name", description = "course name, e.g. CMPSC 156") @RequestParam String name, | |
94 | @Parameter(name = "schoolAbbrev", description = "school abbreviation e.g. UCSB") @RequestParam String schoolAbbrev, | |
95 | @Parameter(name = "term", description = "quarter or semester, e.g. F23") @RequestParam String term, | |
96 | @Parameter(name = "startDate", description = "in iso format, i.e. YYYY-mm-ddTHH:MM:SS; e.g. 2023-10-01T00:00:00 see https://en.wikipedia.org/wiki/ISO_8601") @RequestParam("startDate") @DateTimeFormat(iso = DateTimeFormat.ISO.DATE_TIME) LocalDateTime startDate, | |
97 | @Parameter(name = "endDate", description = "in iso format, i.e. YYYY-mm-ddTHH:MM:SS; e.g. 2023-12-31T11:59:59 see https://en.wikipedia.org/wiki/ISO_8601") @RequestParam("endDate") @DateTimeFormat(iso = DateTimeFormat.ISO.DATE_TIME) LocalDateTime endDate, | |
98 | @Parameter(name = "githubOrg", description = "for example ucsb-cs156-f23") @RequestParam String githubOrg) | |
99 | throws JsonProcessingException { | |
100 | ||
101 | School school = schoolRepository.findById(schoolAbbrev) | |
102 |
1
1. lambda$postCourse$2 : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::lambda$postCourse$2 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(School.class, schoolAbbrev)); |
103 | ||
104 | Course course = Course.builder() | |
105 | .name(name) | |
106 | .schoolAbbrev(schoolAbbrev) | |
107 | .term(term) | |
108 | .startDate(startDate) | |
109 | .endDate(endDate) | |
110 | .githubOrg(githubOrg) | |
111 | .school(school) | |
112 | .build(); | |
113 | ||
114 | Course savedCourse = courseRepository.save(course); | |
115 | User u = getCurrentUser().getUser(); | |
116 | ||
117 | Staff courseStaff = Staff.builder() | |
118 | .courseId(savedCourse.getId()) | |
119 | .githubId(u.getGithubId()) | |
120 | .build(); | |
121 | ||
122 | log.info("courseStaff={}", courseStaff); | |
123 | courseStaffRepository.save(courseStaff); | |
124 | ||
125 |
1
1. postCourse : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::postCourse → KILLED |
return savedCourse; |
126 | } | |
127 | ||
128 | @Operation(summary = "Add a staff member to a course") | |
129 | @PreAuthorize("hasRole('ROLE_ADMIN')") | |
130 | @PostMapping("/addStaff") | |
131 | public Staff addStaff( | |
132 | @Parameter(name = "courseId") @RequestParam Long courseId, | |
133 | @Parameter(name = "githubLogin") @RequestParam String githubLogin) | |
134 | throws JsonProcessingException { | |
135 | ||
136 | Course course = courseRepository.findById(courseId) | |
137 |
1
1. lambda$addStaff$3 : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::lambda$addStaff$3 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(Course.class, courseId.toString())); |
138 | ||
139 | User user = userRepository.findByGithubLogin(githubLogin) | |
140 |
1
1. lambda$addStaff$4 : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::lambda$addStaff$4 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(User.class, githubLogin.toString())); |
141 | ||
142 | Staff courseStaff = Staff.builder() | |
143 | .courseId(course.getId()) | |
144 | .githubId(user.getGithubId()) | |
145 | .user(user) | |
146 | .build(); | |
147 | ||
148 | courseStaff = courseStaffRepository.save(courseStaff); | |
149 | log.info("courseStaff={}", courseStaff); | |
150 | ||
151 |
1
1. addStaff : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::addStaff → KILLED |
return courseStaff; |
152 | } | |
153 | ||
154 | @Operation(summary = "Get Staff for course") | |
155 | @PreAuthorize("hasRole('ROLE_ADMIN')") | |
156 | @GetMapping("/getStaff") | |
157 | public Iterable<Staff> getStaff( | |
158 | @Parameter(name = "courseId") @RequestParam Long courseId) | |
159 | throws JsonProcessingException { | |
160 | ||
161 | Course course = courseRepository.findById(courseId) | |
162 |
1
1. lambda$getStaff$5 : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::lambda$getStaff$5 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(Course.class, courseId.toString())); |
163 | ||
164 | Iterable<Staff> courseStaff = courseStaffRepository.findByCourseId(course.getId()); | |
165 |
1
1. getStaff : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::getStaff → KILLED |
return courseStaff; |
166 | } | |
167 | ||
168 | @Operation(summary = "Delete a Course Staff by id") | |
169 | @PreAuthorize("hasRole('ROLE_ADMIN')") | |
170 | @DeleteMapping("/staff") | |
171 | public Object deleteStaff( | |
172 | @Parameter(name = "id") @RequestParam Long id) { | |
173 | Staff staff = courseStaffRepository.findById(id) | |
174 |
1
1. lambda$deleteStaff$6 : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::lambda$deleteStaff$6 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(Staff.class, id.toString())); |
175 | ||
176 |
1
1. deleteStaff : removed call to edu/ucsb/cs156/organic/repositories/StaffRepository::delete → KILLED |
courseStaffRepository.delete(staff); |
177 |
1
1. deleteStaff : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::deleteStaff → KILLED |
return genericMessage("Staff with id %s is deleted".formatted(id)); |
178 | } | |
179 | ||
180 | @Operation(summary = "Update information for a course") | |
181 | // allow for roles of ADMIN or INSTRUCTOR but only if the user is a staff member | |
182 | // for the course | |
183 | @PreAuthorize("hasAnyRole('ROLE_ADMIN', 'ROLE_INSTRUCTOR')") | |
184 | @PutMapping("/update") | |
185 | public Course updateCourse( | |
186 | @Parameter(name = "id") @RequestParam Long id, | |
187 | @Parameter(name = "name", description = "course name, e.g. CMPSC 156") @RequestParam String name, | |
188 | @Parameter(name = "schoolAbbrev", description = "school abbreviation e.g. UCSB") @RequestParam String schoolAbbrev, | |
189 | @Parameter(name = "term", description = "quarter or semester, e.g. F23") @RequestParam String term, | |
190 | @Parameter(name = "startDate", description = "in iso format, i.e. YYYY-mm-ddTHH:MM:SS; e.g. 2023-10-01T00:00:00 see https://en.wikipedia.org/wiki/ISO_8601") @RequestParam("startDate") @DateTimeFormat(iso = DateTimeFormat.ISO.DATE_TIME) LocalDateTime startDate, | |
191 | @Parameter(name = "endDate", description = "in iso format, i.e. YYYY-mm-ddTHH:MM:SS; e.g. 2023-12-31T11:59:59 see https://en.wikipedia.org/wiki/ISO_8601") @RequestParam("endDate") @DateTimeFormat(iso = DateTimeFormat.ISO.DATE_TIME) LocalDateTime endDate, | |
192 | @Parameter(name = "githubOrg", description = "for example ucsb-cs156-f23") @RequestParam String githubOrg) | |
193 | throws JsonProcessingException { | |
194 | ||
195 | Course course = courseRepository.findById(id) | |
196 |
1
1. lambda$updateCourse$7 : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::lambda$updateCourse$7 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(Course.class, id.toString())); |
197 | ||
198 | // Check if the current user is a staff member for this course or an admin. If | |
199 | // not, throw AccessDeniedException | |
200 | ||
201 | User u = getCurrentUser().getUser(); | |
202 |
1
1. updateCourse : negated conditional → KILLED |
if (!u.isAdmin()) { |
203 | courseStaffRepository.findByCourseIdAndGithubId(course.getId(), u.getGithubId()) | |
204 |
1
1. lambda$updateCourse$8 : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::lambda$updateCourse$8 → KILLED |
.orElseThrow(() -> new AccessDeniedException( |
205 | "User is not a staff member for this course")); | |
206 | } | |
207 | ||
208 | School school = schoolRepository.findById(schoolAbbrev) | |
209 |
1
1. lambda$updateCourse$9 : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::lambda$updateCourse$9 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(School.class, schoolAbbrev)); |
210 | ||
211 |
1
1. updateCourse : removed call to edu/ucsb/cs156/organic/entities/Course::setName → KILLED |
course.setName(name); |
212 |
1
1. updateCourse : removed call to edu/ucsb/cs156/organic/entities/Course::setSchool → KILLED |
course.setSchool(school); |
213 |
1
1. updateCourse : removed call to edu/ucsb/cs156/organic/entities/Course::setTerm → KILLED |
course.setTerm(term); |
214 |
1
1. updateCourse : removed call to edu/ucsb/cs156/organic/entities/Course::setStartDate → KILLED |
course.setStartDate(startDate); |
215 |
1
1. updateCourse : removed call to edu/ucsb/cs156/organic/entities/Course::setEndDate → KILLED |
course.setEndDate(endDate); |
216 |
1
1. updateCourse : removed call to edu/ucsb/cs156/organic/entities/Course::setGithubOrg → KILLED |
course.setGithubOrg(githubOrg); |
217 |
1
1. updateCourse : removed call to edu/ucsb/cs156/organic/entities/Course::setSchoolAbbrev → KILLED |
course.setSchoolAbbrev(school.getAbbrev()); |
218 | ||
219 | course = courseRepository.save(course); | |
220 | log.info("course={}", course); | |
221 | ||
222 |
1
1. updateCourse : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::updateCourse → KILLED |
return course; |
223 | } | |
224 | ||
225 | // delete a course if the user is an admin or instructor for the course | |
226 | @Operation(summary = "Delete a course") | |
227 | @PreAuthorize("hasAnyRole('ROLE_ADMIN', 'ROLE_INSTRUCTOR')") | |
228 | @DeleteMapping("/delete") | |
229 | public Course deleteCourse( | |
230 | @Parameter(name = "id") @RequestParam Long id) | |
231 | throws JsonProcessingException { | |
232 | ||
233 | Course course = courseRepository.findById(id) | |
234 |
1
1. lambda$deleteCourse$10 : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::lambda$deleteCourse$10 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(Course.class, id.toString())); |
235 | ||
236 | // Check if the current user is a staff member for this course or an admin. If | |
237 | // not, throw AccessDeniedException | |
238 | ||
239 | User u = getCurrentUser().getUser(); | |
240 |
1
1. deleteCourse : negated conditional → KILLED |
if (!u.isAdmin()) { |
241 | courseStaffRepository.findByCourseIdAndGithubId(course.getId(), u.getGithubId()) | |
242 |
1
1. lambda$deleteCourse$11 : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::lambda$deleteCourse$11 → KILLED |
.orElseThrow(() -> new AccessDeniedException( |
243 | "User is not a staff member for this course")); | |
244 | } | |
245 | ||
246 |
1
1. deleteCourse : removed call to edu/ucsb/cs156/organic/repositories/CourseRepository::delete → KILLED |
courseRepository.delete(course); |
247 |
1
1. deleteCourse : replaced return value with null for edu/ucsb/cs156/organic/controllers/CoursesController::deleteCourse → KILLED |
return course; |
248 | } | |
249 | ||
250 | } | |
Mutations | ||
63 |
1.1 |
|
64 |
1.1 |
|
66 |
1.1 |
|
78 |
1.1 |
|
80 |
1.1 |
|
82 |
1.1 |
|
86 |
1.1 |
|
102 |
1.1 |
|
125 |
1.1 |
|
137 |
1.1 |
|
140 |
1.1 |
|
151 |
1.1 |
|
162 |
1.1 |
|
165 |
1.1 |
|
174 |
1.1 |
|
176 |
1.1 |
|
177 |
1.1 |
|
196 |
1.1 |
|
202 |
1.1 |
|
204 |
1.1 |
|
209 |
1.1 |
|
211 |
1.1 |
|
212 |
1.1 |
|
213 |
1.1 |
|
214 |
1.1 |
|
215 |
1.1 |
|
216 |
1.1 |
|
217 |
1.1 |
|
222 |
1.1 |
|
234 |
1.1 |
|
240 |
1.1 |
|
242 |
1.1 |
|
246 |
1.1 |
|
247 |
1.1 |