Fix appointment ownership
This commit is contained in:
@@ -1,10 +1,12 @@
|
||||
package com.petshop.backend.controller;
|
||||
|
||||
import com.petshop.backend.dto.common.DropdownOption;
|
||||
import com.petshop.backend.entity.CustomerPet;
|
||||
import com.petshop.backend.repository.*;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestMapping;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
@@ -17,6 +19,7 @@ public class DropdownController {
|
||||
|
||||
private final PetRepository petRepository;
|
||||
private final CustomerRepository customerRepository;
|
||||
private final CustomerPetRepository customerPetRepository;
|
||||
private final ServiceRepository serviceRepository;
|
||||
private final ProductRepository productRepository;
|
||||
private final CategoryRepository categoryRepository;
|
||||
@@ -24,11 +27,13 @@ public class DropdownController {
|
||||
private final SupplierRepository supplierRepository;
|
||||
|
||||
public DropdownController(PetRepository petRepository, CustomerRepository customerRepository,
|
||||
ServiceRepository serviceRepository, ProductRepository productRepository,
|
||||
CategoryRepository categoryRepository, StoreRepository storeRepository,
|
||||
SupplierRepository supplierRepository) {
|
||||
CustomerPetRepository customerPetRepository,
|
||||
ServiceRepository serviceRepository, ProductRepository productRepository,
|
||||
CategoryRepository categoryRepository, StoreRepository storeRepository,
|
||||
SupplierRepository supplierRepository) {
|
||||
this.petRepository = petRepository;
|
||||
this.customerRepository = customerRepository;
|
||||
this.customerPetRepository = customerPetRepository;
|
||||
this.serviceRepository = serviceRepository;
|
||||
this.productRepository = productRepository;
|
||||
this.categoryRepository = categoryRepository;
|
||||
@@ -55,6 +60,16 @@ public class DropdownController {
|
||||
);
|
||||
}
|
||||
|
||||
@GetMapping("/customers/{customerId}/pets")
|
||||
@PreAuthorize("hasAnyRole('STAFF', 'ADMIN')")
|
||||
public ResponseEntity<List<DropdownOption>> getCustomerPets(@PathVariable Long customerId) {
|
||||
return ResponseEntity.ok(
|
||||
customerPetRepository.findByCustomerCustomerIdOrderByPetNameAsc(customerId).stream()
|
||||
.map(this::toCustomerPetOption)
|
||||
.collect(Collectors.toList())
|
||||
);
|
||||
}
|
||||
|
||||
@GetMapping("/services")
|
||||
public ResponseEntity<List<DropdownOption>> getServices() {
|
||||
return ResponseEntity.ok(
|
||||
@@ -123,4 +138,10 @@ public class DropdownController {
|
||||
.collect(Collectors.toList())
|
||||
);
|
||||
}
|
||||
|
||||
private DropdownOption toCustomerPetOption(CustomerPet pet) {
|
||||
String species = pet.getSpecies() == null || pet.getSpecies().isBlank() ? "Pet" : pet.getSpecies();
|
||||
String breed = pet.getBreed() == null || pet.getBreed().isBlank() ? "" : " · " + pet.getBreed();
|
||||
return new DropdownOption(pet.getCustomerPetId(), pet.getPetName() + " (" + species + breed + ")");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -12,5 +12,7 @@ public interface CustomerPetRepository extends JpaRepository<CustomerPet, Long>
|
||||
|
||||
List<CustomerPet> findByCustomerCustomerIdOrderByCreatedAtDesc(Long customerId);
|
||||
|
||||
List<CustomerPet> findByCustomerCustomerIdOrderByPetNameAsc(Long customerId);
|
||||
|
||||
Optional<CustomerPet> findByCustomerPetIdAndCustomerCustomerId(Long customerPetId, Long customerId);
|
||||
}
|
||||
|
||||
@@ -120,7 +120,7 @@ public class AppointmentService {
|
||||
}
|
||||
|
||||
Set<Pet> pets = hasPetIds ? fetchPets(request.getPetIds()) : new HashSet<>();
|
||||
Set<CustomerPet> customerPets = hasCustomerPetIds ? fetchCustomerPets(request.getCustomerPetIds()) : new HashSet<>();
|
||||
Set<CustomerPet> customerPets = hasCustomerPetIds ? fetchCustomerPets(request.getCustomerPetIds(), customer.getCustomerId()) : new HashSet<>();
|
||||
|
||||
Appointment appointment = new Appointment();
|
||||
appointment.setCustomer(customer);
|
||||
@@ -164,7 +164,7 @@ public class AppointmentService {
|
||||
}
|
||||
|
||||
Set<Pet> pets = hasPetIds ? fetchPets(request.getPetIds()) : new HashSet<>();
|
||||
Set<CustomerPet> customerPets = hasCustomerPetIds ? fetchCustomerPets(request.getCustomerPetIds()) : new HashSet<>();
|
||||
Set<CustomerPet> customerPets = hasCustomerPetIds ? fetchCustomerPets(request.getCustomerPetIds(), customer.getCustomerId()) : new HashSet<>();
|
||||
|
||||
appointment.setCustomer(customer);
|
||||
appointment.setStore(store);
|
||||
@@ -247,11 +247,14 @@ public class AppointmentService {
|
||||
return pets;
|
||||
}
|
||||
|
||||
private Set<CustomerPet> fetchCustomerPets(List<Long> customerPetIds) {
|
||||
private Set<CustomerPet> fetchCustomerPets(List<Long> customerPetIds, Long customerId) {
|
||||
Set<CustomerPet> customerPets = new HashSet<>();
|
||||
for (Long customerPetId : customerPetIds) {
|
||||
CustomerPet customerPet = customerPetRepository.findById(customerPetId)
|
||||
.orElseThrow(() -> new ResourceNotFoundException("Customer pet not found with id: " + customerPetId));
|
||||
if (!customerPet.getCustomer().getCustomerId().equals(customerId)) {
|
||||
throw new IllegalArgumentException("Selected pet does not belong to the selected customer");
|
||||
}
|
||||
customerPets.add(customerPet);
|
||||
}
|
||||
|
||||
|
||||
Reference in New Issue
Block a user