From c24d49fa5bb28c79105d495c1ab2bb3aab90f688 Mon Sep 17 00:00:00 2001 From: Harkamal Randhawa Date: Wed, 15 Apr 2026 15:54:46 -0600 Subject: [PATCH] fix auth and logic bugs --- .../com/petshop/backend/controller/ContactController.java | 3 ++- .../java/com/petshop/backend/controller/StoreController.java | 4 ++++ .../src/main/java/com/petshop/backend/dto/pet/PetRequest.java | 2 +- .../java/com/petshop/backend/service/AppointmentService.java | 2 +- 4 files changed, 8 insertions(+), 3 deletions(-) diff --git a/backend/src/main/java/com/petshop/backend/controller/ContactController.java b/backend/src/main/java/com/petshop/backend/controller/ContactController.java index c6b4cf1d..cfd4326f 100644 --- a/backend/src/main/java/com/petshop/backend/controller/ContactController.java +++ b/backend/src/main/java/com/petshop/backend/controller/ContactController.java @@ -1,6 +1,7 @@ package com.petshop.backend.controller; import com.petshop.backend.entity.User; +import com.petshop.backend.exception.ResourceNotFoundException; import com.petshop.backend.repository.UserRepository; import com.petshop.backend.service.EmailService; import com.petshop.backend.util.AuthenticationHelper; @@ -33,7 +34,7 @@ public class ContactController { @PostMapping public ResponseEntity sendContactEmail(@Valid @RequestBody ContactRequest req) { Long userId = AuthenticationHelper.getAuthenticatedUserId(); - User user = userRepository.findById(userId).orElseThrow(); + User user = userRepository.findById(userId).orElseThrow(() -> new ResourceNotFoundException("User not found with id: " + userId)); emailService.sendContactMessage(user, req.subject(), req.body()); return ResponseEntity.ok().build(); } diff --git a/backend/src/main/java/com/petshop/backend/controller/StoreController.java b/backend/src/main/java/com/petshop/backend/controller/StoreController.java index 7dfb2b01..dc7bf8f5 100644 --- a/backend/src/main/java/com/petshop/backend/controller/StoreController.java +++ b/backend/src/main/java/com/petshop/backend/controller/StoreController.java @@ -35,11 +35,13 @@ public class StoreController { } @PostMapping + @PreAuthorize("hasRole('ADMIN')") public ResponseEntity createStore(@Valid @RequestBody StoreRequest request) { return ResponseEntity.status(HttpStatus.CREATED).body(storeService.createStore(request)); } @PutMapping("/{id}") + @PreAuthorize("hasRole('ADMIN')") public ResponseEntity updateStore( @PathVariable Long id, @Valid @RequestBody StoreRequest request) { @@ -47,12 +49,14 @@ public class StoreController { } @DeleteMapping("/{id}") + @PreAuthorize("hasRole('ADMIN')") public ResponseEntity deleteStore(@PathVariable Long id) { storeService.deleteStore(id); return ResponseEntity.noContent().build(); } @DeleteMapping + @PreAuthorize("hasRole('ADMIN')") public ResponseEntity bulkDeleteStores(@Valid @RequestBody BulkDeleteRequest request) { storeService.bulkDeleteStores(request); return ResponseEntity.noContent().build(); diff --git a/backend/src/main/java/com/petshop/backend/dto/pet/PetRequest.java b/backend/src/main/java/com/petshop/backend/dto/pet/PetRequest.java index 9a92581a..ff4f9ad2 100644 --- a/backend/src/main/java/com/petshop/backend/dto/pet/PetRequest.java +++ b/backend/src/main/java/com/petshop/backend/dto/pet/PetRequest.java @@ -100,7 +100,7 @@ public class PetRequest { Objects.equals(petSpecies, that.petSpecies) && Objects.equals(petBreed, that.petBreed) && Objects.equals(petAge, that.petAge) && - petStatus == that.petStatus && + Objects.equals(petStatus, that.petStatus) && Objects.equals(petPrice, that.petPrice); } diff --git a/backend/src/main/java/com/petshop/backend/service/AppointmentService.java b/backend/src/main/java/com/petshop/backend/service/AppointmentService.java index bea0c682..ed34bb91 100644 --- a/backend/src/main/java/com/petshop/backend/service/AppointmentService.java +++ b/backend/src/main/java/com/petshop/backend/service/AppointmentService.java @@ -264,7 +264,7 @@ public class AppointmentService { List pastBookedAppointments = appointmentRepository.findPastBookedAppointments(currentDate, currentTime); for (Appointment appointment : pastBookedAppointments) { - appointment.setAppointmentStatus("COMPLETED"); + appointment.setAppointmentStatus("Completed"); appointmentRepository.save(appointment); }