Content restriction: customer only retrieves their orders

fadul97 · Sep 10, 2021 · 51f1867 · 51f1867
1 parent 75cf06c
commit 51f1867
Show file tree

Hide file tree

Showing 3 changed files with 35 additions and 3 deletions.
diff --git a/.../leonardofadul/springboot/ionic/learning/project/repositories/OrderRequestRepository.java b/.../leonardofadul/springboot/ionic/learning/project/repositories/OrderRequestRepository.java
@@ -1,9 +1,16 @@
 package com.leonardofadul.springboot.ionic.learning.project.repositories;
 
+import com.leonardofadul.springboot.ionic.learning.project.domain.Client;
 import com.leonardofadul.springboot.ionic.learning.project.domain.Pedido;
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.Pageable;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.stereotype.Repository;
+import org.springframework.transaction.annotation.Transactional;
 
 @Repository
 public interface OrderRequestRepository extends JpaRepository<Pedido, Integer> {
+
+    @Transactional(readOnly = true)
+    Page<Pedido> findByClient(Client client, Pageable pageRequest);
 }
diff --git a/...in/java/com/leonardofadul/springboot/ionic/learning/project/resources/PedidoResource.java b/...in/java/com/leonardofadul/springboot/ionic/learning/project/resources/PedidoResource.java
@@ -5,6 +5,7 @@
 import com.leonardofadul.springboot.ionic.learning.project.dto.CategoryDTO;
 import com.leonardofadul.springboot.ionic.learning.project.services.PedidoService;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.domain.Page;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.servlet.support.ServletUriComponentsBuilder;
@@ -32,4 +33,13 @@ public ResponseEntity<Void> insert(@Valid @RequestBody Pedido obj){
                 .path("/{id}").buildAndExpand(obj.getId()).toUri();
         return ResponseEntity.created(uri).build();
     }
+
+    @RequestMapping(method = RequestMethod.GET)
+    public ResponseEntity<Page<Pedido>> findPage(@RequestParam(value = "page", defaultValue = "0") Integer page,
+                                                      @RequestParam(value = "linesPerPage", defaultValue = "24") Integer linesPerPage,
+                                                      @RequestParam(value = "orderBy", defaultValue = "instant") String orderBy,
+                                                      @RequestParam(value = "direction", defaultValue = "DESC") String direction){
+        Page<Pedido> categoryPage = pedidoService.findPage(page, linesPerPage, orderBy, direction);
+        return ResponseEntity.ok().body(categoryPage);
+    }
 }
diff --git a/...main/java/com/leonardofadul/springboot/ionic/learning/project/services/PedidoService.java b/...main/java/com/leonardofadul/springboot/ionic/learning/project/services/PedidoService.java
@@ -1,14 +1,17 @@
 package com.leonardofadul.springboot.ionic.learning.project.services;
 
-import com.leonardofadul.springboot.ionic.learning.project.domain.BankBilletPayment;
-import com.leonardofadul.springboot.ionic.learning.project.domain.Item;
-import com.leonardofadul.springboot.ionic.learning.project.domain.Pedido;
+import com.leonardofadul.springboot.ionic.learning.project.domain.*;
 import com.leonardofadul.springboot.ionic.learning.project.domain.enums.PaymentState;
+import com.leonardofadul.springboot.ionic.learning.project.exceptions.AuthorizationException;
 import com.leonardofadul.springboot.ionic.learning.project.exceptions.ObjectNotFoundException;
 import com.leonardofadul.springboot.ionic.learning.project.repositories.ItemRepository;
 import com.leonardofadul.springboot.ionic.learning.project.repositories.OrderRequestRepository;
 import com.leonardofadul.springboot.ionic.learning.project.repositories.PaymentRepository;
+import com.leonardofadul.springboot.ionic.learning.project.security.UserSS;
 import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.data.domain.Page;
+import org.springframework.data.domain.PageRequest;
+import org.springframework.data.domain.Sort;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
 
@@ -71,4 +74,16 @@ public Pedido insert(Pedido obj){
         emailService.sendOrderConfirmationHtmlEmail(obj);
         return obj;
     }
+
+    public Page<Pedido> findPage(Integer page, Integer linesPerPage, String orderBy, String direction){
+        UserSS user = UserService.authenticated();
+        if(user == null){
+            throw new AuthorizationException("Access denied");
+        }
+
+        PageRequest pageRequest = PageRequest.of(page, linesPerPage, Sort.Direction.valueOf(direction), orderBy);
+        Client client = clientService.find(user.getId());
+
+        return orderRequestRepository.findByClient(client, pageRequest);
+    }
 }