jessebrault/meals-made-easy-api
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Require principal for star mutations.

Browse Source
This commit is contained in:
Jesse Brault 2024-08-14 09:29:11 -05:00
parent 73fdced131
commit 1484a7023c
1 changed files with 13 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

16
src/main/java/app/mealsmadeeasy/api/recipe/RecipeController.java
View File

@ -11,6 +11,7 @@ import org.springframework.data.domain.Pageable;
import org.springframework.data.domain.Slice; import org.springframework.data.domain.Slice;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.annotation.AuthenticationPrincipal; import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
@ -70,8 +71,11 @@ public class RecipeController {
public ResponseEntity<RecipeStar> addStar( public ResponseEntity<RecipeStar> addStar(
@PathVariable String username, @PathVariable String username,
@PathVariable String slug, @PathVariable String slug,
@AuthenticationPrincipal User principal @Nullable @AuthenticationPrincipal User principal
) throws RecipeException { ) throws RecipeException {
if (principal == null) {
throw new AccessDeniedException("Must be logged in to star a recipe.");
}
return ResponseEntity.status(HttpStatus.CREATED).body(this.recipeStarService.create(username, slug, principal)); return ResponseEntity.status(HttpStatus.CREATED).body(this.recipeStarService.create(username, slug, principal));
} }
@ -79,8 +83,11 @@ public class RecipeController {
public ResponseEntity<Map<String, Object>> getStar( public ResponseEntity<Map<String, Object>> getStar(
@PathVariable String username, @PathVariable String username,
@PathVariable String slug, @PathVariable String slug,
@AuthenticationPrincipal User principal @Nullable @AuthenticationPrincipal User principal
) throws RecipeException { ) throws RecipeException {
if (principal == null) {
throw new AccessDeniedException("Must be logged in to get a recipe star.");
}
final @Nullable RecipeStar star = this.recipeStarService.find(username, slug, principal).orElse(null); final @Nullable RecipeStar star = this.recipeStarService.find(username, slug, principal).orElse(null);
if (star != null) { if (star != null) {
return ResponseEntity.ok(Map.of("isStarred", true, "star", star)); return ResponseEntity.ok(Map.of("isStarred", true, "star", star));
@ -93,8 +100,11 @@ public class RecipeController {
public ResponseEntity<Object> removeStar( public ResponseEntity<Object> removeStar(
@PathVariable String username, @PathVariable String username,
@PathVariable String slug, @PathVariable String slug,
@AuthenticationPrincipal User principal @Nullable @AuthenticationPrincipal User principal
) throws RecipeException { ) throws RecipeException {
if (principal == null) {
throw new AccessDeniedException("Must be logged in to delete a recipe star.");
}
this.recipeStarService.delete(username, slug, principal); this.recipeStarService.delete(username, slug, principal);
return ResponseEntity.noContent().build(); return ResponseEntity.noContent().build();
} }