/**
* Method to create a role
*
* @param roleData : data of role in String(JSON String)
* @param request : object of HttpServletRequest
* @return ResponseEntity<Void> with http status code if user is not logged in then return
* HttpStatus.FORBIDDEN else if user is not Admin the return HttpStatus.UNAUTHORIZED else if
* role already exists then return HttpStatus.CONFLICT else return HttpStatus.OK
* @throws JSONException
*/
@RequestMapping(value = "/createRole", method = RequestMethod.POST)
public ResponseEntity<Void> saveRole(@RequestBody String roleData, HttpServletRequest request)
throws JSONException {
HttpSession session = request.getSession(false);
if (session == null || session.getAttribute("user") == null) {
return new ResponseEntity<Void>(HttpStatus.FORBIDDEN);
}
if (roleData == null) {
return new ResponseEntity<Void>(HttpStatus.UNAUTHORIZED);
}
JSONObject jsonObj = new JSONObject(roleData);
User user = (User) session.getAttribute("user");
if (user.isAdmin()) {
String roleName = jsonObj.getString("name");
Role role = roleService.getRoleByName(roleName);
if (role == null) {
role = new Role();
role.setName(roleName);
roleService.createRole(role);
return new ResponseEntity<Void>(HttpStatus.OK);
} else {
return new ResponseEntity<Void>(HttpStatus.CONFLICT);
}
} else {
return new ResponseEntity<Void>(HttpStatus.UNAUTHORIZED);
}
}
/**
* Method to get all roles
*
* @param request : object of HttpServletRequest
* @return ResponseEntity<List<Role>> with status code if user is not logged in then return
* HttpStatus.FORBIDDEN else if roleList is empty then return HttpStatus.No_CONTENT else
* return roleList with HttpStatus.OK
*/
@RequestMapping(value = "/roles", method = RequestMethod.GET)
public ResponseEntity<List<Role>> getRoles(HttpServletRequest request) {
HttpSession session = request.getSession(false);
if (session == null) {
return new ResponseEntity<List<Role>>(HttpStatus.FORBIDDEN);
}
List<Role> roleList = roleService.getRoles();
if (roleList.isEmpty()) {
return new ResponseEntity<List<Role>>(roleList, HttpStatus.NO_CONTENT);
}
return new ResponseEntity<List<Role>>(roleList, HttpStatus.OK);
}
/**
* Method to get role by roleId
*
* @param id : id of role
* @return ResponseEntity<Void> with status code if user is not logged in then return
* HttpStatus.FORBIDDEN else if user is not Admin then return HttpStatus.UNAUTHORIZED else
* return Role with HttpStatus.OK
*/
@RequestMapping(value = "/role/{id}", method = RequestMethod.GET)
public ResponseEntity<Role> getRoleById(@PathVariable("id") int id, HttpServletRequest request) {
HttpSession session = request.getSession(false);
if (session == null || session.getAttribute("user") == null) {
return new ResponseEntity<Role>(HttpStatus.FORBIDDEN);
}
User user = (User) session.getAttribute("user");
if (!user.isAdmin()) {
return new ResponseEntity<Role>(HttpStatus.UNAUTHORIZED);
}
return new ResponseEntity<Role>(roleService.getRoleById(id), HttpStatus.OK);
}
