Check for inactive accounts

Check for employee by access on /intern
2020-05-24 21:51:40 +02:00 · 2020-05-24 21:51:40 +02:00 · ac79e1cf22
parent da78ab4990
commit ac79e1cf22
4 changed files with 29 additions and 14 deletions
--- a/prototype/src/main/java/org/hso/ecommerce/app/RequestController.java
+++ b/prototype/src/main/java/org/hso/ecommerce/app/RequestController.java
@ -46,11 +46,17 @@ public class RequestController {
            return "login";
        }

-        if (!user.get().validatePassword(password)) { 
+        if (!user.get().validatePassword(password)) {
            request.setAttribute("error", "Passwort falsch.");
            response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);
            return "login";
        }
+
+        if (!user.get().isActive) {
+            request.setAttribute("error", "User ist deaktiviert.");
+            response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);
+            return "login";
+        }
        
        session.setAttribute("userId", user.get().getId());

--- a/prototype/src/main/java/org/hso/ecommerce/components/LoginIntercepter.java
+++ b/prototype/src/main/java/org/hso/ecommerce/components/LoginIntercepter.java
@ -24,6 +24,7 @@ public class LoginIntercepter implements HandlerInterceptor {

        HttpSession session = request.getSession();
        Object userId = session.getAttribute("userId");
+        Optional<User> user = null;

        if (request.getRequestURI().startsWith("/user/")) {
            System.out.println("USER");
@ -43,10 +44,24 @@ public class LoginIntercepter implements HandlerInterceptor {
                response.sendRedirect("/login");
                return false;
            }
+
+            user = userRepository.findById((Long) userId);
+
+            if(user.isPresent() && !user.get().isEmployee)
+            {
+                session.setAttribute("afterLogin", request.getRequestURI());
+                response.sendRedirect("/");
+                return false;
+            }
+        }
+
+        if (!request.getRequestURI().startsWith("/login")) {
+            session.removeAttribute("afterLogin");
        }

        if (userId != null) {
-            Optional<User> user = userRepository.findById((Long) userId);
+            if (user == null)
+                user = userRepository.findById((Long) userId);
            user.ifPresent(value -> request.setAttribute("user", value));
        }

--- a/prototype/src/main/java/org/hso/ecommerce/controller/RegisterController.java
+++ b/prototype/src/main/java/org/hso/ecommerce/controller/RegisterController.java
@ -1,6 +1,5 @@
 package org.hso.ecommerce.controller;

-import org.hso.ecommerce.entities.booking.PaymentMethod;
 import org.hso.ecommerce.entities.shop.Address;
 import org.hso.ecommerce.entities.user.User;
 import org.hso.ecommerce.repos.user.UserRepository;
@ -21,7 +20,7 @@ public class RegisterController  {
    private final UserRepository userRepository = null;

    @PostMapping("/register")
-    public String register(
+    public String registerPost(
            HttpServletRequest request,
            HttpServletResponse response,
            @RequestParam("username") String username,
@ -37,7 +36,7 @@ public class RegisterController  {
        Optional<User> user = userRepository.findByEmail(username);
        if (user.isPresent()) {
            request.setAttribute("error", "Email Adresse existiert bereits!");
-            response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
+            response.setStatus(HttpServletResponse.SC_EXPECTATION_FAILED);
            return "register";
        }

@ -52,10 +51,9 @@ public class RegisterController  {
        newUser.email = username;
        newUser.setPassword(password);
        newUser.email = username;
-        if (type.equals("bus"))
-            newUser.isEmployee = true;
-        else
-            newUser.isEmployee = false;
+        newUser.isEmployee = false;
+        //TODO for salutation, type, ad are no attributes/fields in the class/database. Add when they are there.
+
        newUser.isActive = true;
        newUser.created = new java.sql.Timestamp(System.currentTimeMillis());

@ -64,9 +62,6 @@ public class RegisterController  {
        newAddress.addressString = address;
        newUser.defaultDeliveryAddress = newAddress;

-        PaymentMethod defaultPaymentMethod =  PaymentMethod.fromCreditCarNumber("123456");
-        newUser.defaultPayment = defaultPaymentMethod;
-
        userRepository.save(newUser); // save newUser

        return "login";
--- a/prototype/src/main/java/org/hso/ecommerce/entities/booking/PaymentMethod.java
+++ b/prototype/src/main/java/org/hso/ecommerce/entities/booking/PaymentMethod.java
@ -1,11 +1,10 @@
 package org.hso.ecommerce.entities.booking;

 import javax.persistence.Embeddable;
-import javax.validation.constraints.NotNull;

@Embeddable
 public class PaymentMethod {
-    @NotNull
+
    public String creditCardNumber;

    public static PaymentMethod fromCreditCarNumber(String cardnumber) {