diff --git a/src/main/java/com/guams/review/configuration/Advice.java b/src/main/java/com/guams/review/configuration/Advice.java index 6e12a5d..4f1c845 100644 --- a/src/main/java/com/guams/review/configuration/Advice.java +++ b/src/main/java/com/guams/review/configuration/Advice.java @@ -9,26 +9,32 @@ import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.ControllerAdvice; import org.springframework.web.bind.annotation.ExceptionHandler; +import java.util.Map; + @ControllerAdvice public class Advice { @ExceptionHandler(value = NotFoundException.class) - public ResponseEntity handleNotFound(NotFoundException exception) { - return new ResponseEntity<>(exception.getMessage(), HttpStatus.NOT_FOUND); + public ResponseEntity> handleNotFound(NotFoundException exception) { + return ResponseEntity.status(HttpStatus.NOT_FOUND) + .body(Map.of("message", exception.getMessage())); } @ExceptionHandler(value = AlreadyExistsException.class) - public ResponseEntity handleAlreadyExists(AlreadyExistsException exception) { - return new ResponseEntity<>(exception.getMessage(), HttpStatus.BAD_REQUEST); + public ResponseEntity> handleAlreadyExists(AlreadyExistsException exception) { + return ResponseEntity.status(HttpStatus.BAD_REQUEST) + .body(Map.of("message", exception.getMessage())); } @ExceptionHandler(value = InvalidNameOrPasswordException.class) - public ResponseEntity handleInvalidNameOrPassword(InvalidNameOrPasswordException exception) { - return new ResponseEntity<>(exception.getMessage(), HttpStatus.UNAUTHORIZED); + public ResponseEntity> handleInvalidNameOrPassword(InvalidNameOrPasswordException exception) { + return ResponseEntity.status(HttpStatus.UNAUTHORIZED) + .body(Map.of("message", exception.getMessage())); } @ExceptionHandler(value = UnauthorizedExecption.class) - public ResponseEntity handleUnauthorizedExecption(UnauthorizedExecption exception) { - return new ResponseEntity<>(exception.getMessage(), HttpStatus.UNAUTHORIZED); + public ResponseEntity> handleUnauthorizedExecption(UnauthorizedExecption exception) { + return ResponseEntity.status(HttpStatus.UNAUTHORIZED) + .body(Map.of("message", exception.getMessage())); } -} +} \ No newline at end of file diff --git a/src/main/java/com/guams/review/configuration/JwtAuthenticationFilter.java b/src/main/java/com/guams/review/configuration/JwtAuthenticationFilter.java index 4850def..c154ffe 100644 --- a/src/main/java/com/guams/review/configuration/JwtAuthenticationFilter.java +++ b/src/main/java/com/guams/review/configuration/JwtAuthenticationFilter.java @@ -53,7 +53,8 @@ public class JwtAuthenticationFilter extends OncePerRequestFilter { // Applique le rate limiting if (isRateLimited(authorUuid, request)) { response.setStatus(429); // TOO MANY REQUESTS - response.getWriter().write("Rate limit exceeded. Please try again later."); + response.setCharacterEncoding("UTF-8"); + response.getWriter().write("{\"message\":\"Vous avez envoyé trop de requête d'un coups, patientez un peu...\"}"); return; } diff --git a/src/main/java/com/guams/review/controller/AuthorController.java b/src/main/java/com/guams/review/controller/AuthorController.java index b848e6f..b69f99c 100644 --- a/src/main/java/com/guams/review/controller/AuthorController.java +++ b/src/main/java/com/guams/review/controller/AuthorController.java @@ -6,6 +6,7 @@ import com.guams.review.exception.UnauthorizedExecption; import com.guams.review.exception.InvalidNameOrPasswordException; import com.guams.review.exception.NotFoundException; import com.guams.review.model.AuthorRepository; +import com.guams.review.model.Role; import com.guams.review.model.dao.Author; import com.guams.review.model.dao.AuthorToken; import com.guams.review.model.dao.Post; @@ -112,13 +113,13 @@ public class AuthorController { @PostMapping("/register/admin") public ResponseEntity authorRegisterAdmin(@RequestBody Author authorToCreate, Authentication authentication) { - Author sender = authorService.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Author not found")); + Author sender = authorService.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Cet auteur n'existe pas")); Assert.isNull(authorToCreate.getId(), "Author id must be null"); if (authorService.findByName(authorToCreate.getName()).isPresent()) { - throw new AlreadyExistsException("Author already exists"); + throw new AlreadyExistsException("Ce nom est déjà prit par un autre auteur"); } - if (!sender.getRole().equals("ADMIN")) { - throw new UnauthorizedExecption("Specified Author is not authorized to do that"); + if (!sender.getRole().equals(Role.ADMIN.toString())) { + throw new UnauthorizedExecption("Vous n'êtes pas autorisé à faire ceci"); } authorToCreate.setPassword(passwordEncoder.encode(authorToCreate.getPassword())); return new ResponseEntity<>(authorRepository.save(authorToCreate).setPassword(""), HttpStatus.CREATED); @@ -128,19 +129,19 @@ public class AuthorController { public ResponseEntity authorRegister(@RequestBody Author author) { Assert.isNull(author.getId(), "Author id must be null"); if (authorService.findByName(author.getName()).isPresent()) { - throw new AlreadyExistsException("Author already exists"); + throw new AlreadyExistsException("Ce nom est déjà prit par un autre auteur"); } author.setPassword(passwordEncoder.encode(author.getPassword())); - return new ResponseEntity<>(authorRepository.save(author.setRole("READER")).setPassword(""), HttpStatus.CREATED); + return new ResponseEntity<>(authorRepository.save(author.setRole(Role.READER.toString())).setPassword(""), HttpStatus.CREATED); } @GetMapping(value = "/me", produces = "application/json") public Author getAuthenticatedUser(Authentication authentication) { if (authentication == null || !authentication.isAuthenticated()) { - throw new UnauthorizedExecption("You are not authorized to access this resource"); + throw new UnauthorizedExecption("Vous n'êtes pas autorisé à faire ceci"); } - Author author = authorService.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Author not found")); + Author author = authorService.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Cet auteur n'existe pas")); return author.setPassword("").setProfilePicture(null); } diff --git a/src/main/java/com/guams/review/controller/CommentController.java b/src/main/java/com/guams/review/controller/CommentController.java index f03e5f6..1c523c4 100644 --- a/src/main/java/com/guams/review/controller/CommentController.java +++ b/src/main/java/com/guams/review/controller/CommentController.java @@ -42,14 +42,14 @@ public class CommentController { @PostMapping("/posts/{post-id}") public ResponseEntity addComment(@RequestBody Comment comment, Authentication authentication, @PathVariable("post-id") Long postId) { if (authentication == null || !authentication.isAuthenticated()) { - throw new UnauthorizedExecption("You are not authorized to access this resource"); + throw new UnauthorizedExecption("Vous n'êtes pas autorisé à faire ça"); } - Author author = authorRepository.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Author not found")); + Author author = authorRepository.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Cet auteur n'existe pas")); Comment insertedComment = commentService.insert(comment .setCommentDate(Timestamp.from(Instant.now())) .setIsUpdated(false)); - postService.findById(postId).orElseThrow(() -> new NotFoundException("Post not found")); + postService.findById(postId).orElseThrow(() -> new NotFoundException("Ce post n'existe pas")); commentService.associateCommentToPostAndAuthor(author.getId(), postId, insertedComment.getId()); return new ResponseEntity<>(insertedComment, HttpStatus.CREATED); @@ -57,21 +57,21 @@ public class CommentController { @GetMapping("/posts/{post-id}") public List listCommentsByPostId(@PathVariable("post-id") Long postId) { - postService.findById(postId).orElseThrow(() -> new NotFoundException("Post not found")); + postService.findById(postId).orElseThrow(() -> new NotFoundException("Ce post n'existe pas")); return commentService.getCommentsByPostId(postId); } @PutMapping("/{id}") public void updateComment(@PathVariable Long id, @RequestBody CommentIds commentIds, Authentication authentication) { if (authentication == null || !authentication.isAuthenticated()) { - throw new UnauthorizedExecption("You are not authorized to access this resource"); + throw new UnauthorizedExecption("Vous n'êtes pas autorisé à faire ceci"); } - Author author = authorService.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Author not found")); - Comment commentToUpdate = commentService.findById(id).orElseThrow(() -> new NotFoundException("Comment not found")); - CommentIds concernedCommentIds = commentService.getCommentIdsByCommentId(id).orElseThrow(() -> new NotFoundException("Comment not found")); + Author author = authorService.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Cet auteur n'existe pas")); + Comment commentToUpdate = commentService.findById(id).orElseThrow(() -> new NotFoundException("Ce commentaire n'existe pas")); + CommentIds concernedCommentIds = commentService.getCommentIdsByCommentId(id).orElseThrow(() -> new NotFoundException("Ce commentaire n'existe pas")); if (!author.getId().equals(concernedCommentIds.getAuthorId())) { - throw new UnauthorizedExecption("You are not authorized to access this resource"); + throw new UnauthorizedExecption("Vous n'êtes pas autorisé à faire ceci"); } commentService.insert(commentToUpdate @@ -82,9 +82,9 @@ public class CommentController { @DeleteMapping("/{id}") public void deleteComment(@PathVariable Long id, Authentication authentication) { if (authentication == null || !authentication.isAuthenticated()) { - throw new UnauthorizedExecption("You are not authorized to access this resource"); + throw new UnauthorizedExecption("Vous n'êtes pas autorisé à faire ceci"); } - Comment commentToDelete = commentService.findById(id).orElseThrow(() -> new NotFoundException("Comment not found")); + Comment commentToDelete = commentService.findById(id).orElseThrow(() -> new NotFoundException("Ce commentaire n'existe pas")); commentService.deleteAssociationByCommentId(commentToDelete.getId()); commentService.delete(commentToDelete); } diff --git a/src/main/java/com/guams/review/controller/PostController.java b/src/main/java/com/guams/review/controller/PostController.java index cb12e72..b075bdd 100644 --- a/src/main/java/com/guams/review/controller/PostController.java +++ b/src/main/java/com/guams/review/controller/PostController.java @@ -53,33 +53,33 @@ public class PostController { @PutMapping("/{id}") public void updatePost(@PathVariable Long id, @RequestBody Post updatedPost, Authentication authentication) { if (authentication == null) { - throw new UnauthorizedExecption("You have to login to do that"); + throw new UnauthorizedExecption("Vous devez vous authentifier avant de faire ça"); } - Author authenticatedAuthor = authorService.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Author not found")); + Author authenticatedAuthor = authorService.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Cet auteur n'existe pas")); //Si l'user authent possède ce post if (authorService.listPublicationOfAuthor(authenticatedAuthor.getId()).stream().map(Post::getId).toList().contains(id)) { - Post postToUpdate = postService.findById(id).orElseThrow(() -> new NotFoundException("Post not found")); + Post postToUpdate = postService.findById(id).orElseThrow(() -> new NotFoundException("Ce post n'existe pas")); postService.insert(updatedPost .setId(postToUpdate.getId()) .setIllustration(postToUpdate.getIllustration()) .setPublicationDate(postToUpdate.getPublicationDate()) .setIsUpdated(true)); } else { - throw new UnauthorizedExecption("You do not have permission to update this post"); + throw new UnauthorizedExecption("Vous n'êtes pas autorisé à faire ceci"); } } @PutMapping(value = "{id}/illustration", consumes = {MediaType.MULTIPART_FORM_DATA_VALUE}) public void updateIllustration(@PathVariable Long id, @RequestPart("illustration") MultipartFile illustration, Authentication authentication) throws IOException { if (authentication == null) { - throw new UnauthorizedExecption("You have to login to do that"); + throw new UnauthorizedExecption("Vous devez vous authentifier avant de faire ça"); } - Author authenticatedAuthor = authorService.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Author not found")); + Author authenticatedAuthor = authorService.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Cet auteur n'existe pas")); if (authorService.listPublicationOfAuthor(authenticatedAuthor.getId()).stream().map(Post::getId).toList().contains(id)) { - Post postToUpdate = postService.findById(id).orElseThrow(() -> new NotFoundException("Post not found")); + Post postToUpdate = postService.findById(id).orElseThrow(() -> new NotFoundException("Ce post n'existe pas")); postService.insert(postToUpdate.setIllustration(illustration.getBytes())); } else { - throw new UnauthorizedExecption("You do not have permission to update this post"); + throw new UnauthorizedExecption("Vous n'êtes pas autorisé à faire ceci"); } } @@ -87,7 +87,7 @@ public class PostController { public ResponseEntity addPost(@RequestBody Post postToCreate, Authentication authentication) { Assert.isNull(postToCreate.getId(), "Post id must be null"); if (authentication == null) { - throw new UnauthorizedExecption("You have to login to do that"); + throw new UnauthorizedExecption("Vous devez vous authentifier avant de faire ça"); } return new ResponseEntity<>(postService.insert(postToCreate .setPublicationDate(Timestamp.from(Instant.now())) @@ -102,11 +102,11 @@ public class PostController { @DeleteMapping("{id}") public void deletePost(@PathVariable Long id, Authentication authentication) { if (authentication == null) { - throw new UnauthorizedExecption("You have to login to do that"); + throw new UnauthorizedExecption("Vous devez vous authentifier avant de faire ça"); } - Author authenticatedAuthor = authorService.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Author not found")); + Author authenticatedAuthor = authorService.findByName(authentication.getName()).orElseThrow(() -> new NotFoundException("Cet auteur n'existe pas")); if (authorService.listPublicationOfAuthor(authenticatedAuthor.getId()).stream().map(Post::getId).toList().contains(id)) { - Post postToDelete = postService.findById(id).orElseThrow(() -> new NotFoundException("Post not found")); + Post postToDelete = postService.findById(id).orElseThrow(() -> new NotFoundException("Ce post n'existe pas")); commentService.getCommentsByPostId(id) .stream() .map(mapper::mapCommentWithAuthor) @@ -117,7 +117,7 @@ public class PostController { .forEach(commentService::delete); postService.delete(authenticatedAuthor.getId(), postToDelete.getId()); } else { - throw new UnauthorizedExecption("You do not have permission to delete this post"); + throw new UnauthorizedExecption("Vous n'avez pas la permission de faire ceci"); } } } diff --git a/src/main/java/com/guams/review/model/Role.java b/src/main/java/com/guams/review/model/Role.java new file mode 100644 index 0000000..ad9fd3c --- /dev/null +++ b/src/main/java/com/guams/review/model/Role.java @@ -0,0 +1,20 @@ +package com.guams.review.model; + +public enum Role { + READER { + public String toString() { + return "READER"; + } + }, + WRITER { + public String toString() { + return "WRITER"; + } + }, + ADMIN { + public String toString() { + return "ADMIN"; + } + }, + +} diff --git a/src/main/java/com/guams/review/service/AuthorService.java b/src/main/java/com/guams/review/service/AuthorService.java index f0618b1..6b92853 100644 --- a/src/main/java/com/guams/review/service/AuthorService.java +++ b/src/main/java/com/guams/review/service/AuthorService.java @@ -4,6 +4,7 @@ import com.guams.review.exception.NotFoundException; import com.guams.review.exception.UnauthorizedExecption; import com.guams.review.model.AuthorRepository; import com.guams.review.model.PostRepository; +import com.guams.review.model.Role; import com.guams.review.model.dao.Author; import com.guams.review.model.dao.Post; import com.guams.review.service.mapper.Mapper; @@ -60,7 +61,7 @@ public class AuthorService implements UserDetailsService Author author = findById(id).orElseThrow(() -> new NotFoundException("Author not found")); String username = authentication.getName(); Author authorAuthenticated = authorRepository.findByName(username).orElseThrow(() -> new NotFoundException("Author not found")); - if (authorAuthenticated.getId().compareTo(author.getId()) != 0 && !authorAuthenticated.getRole().equals("ADMIN")) { + if (authorAuthenticated.getId().compareTo(author.getId()) != 0 && !authorAuthenticated.getRole().equals(Role.ADMIN.toString())) { throw new UnauthorizedExecption("Specified Author is not authorized to do that"); } return author;