From c9f318547382f0cd098486e3928f8ba7cbd109b7 Mon Sep 17 00:00:00 2001 From: chaeda Date: Sat, 30 Mar 2024 00:50:48 +0900 Subject: [PATCH 1/2] =?UTF-8?q?cafe-11-start=20=EC=85=8B=ED=8C=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../kotlin/com/example/route/MenuRoute.kt | 23 ++++++++++++++++++- 1 file changed, 22 insertions(+), 1 deletion(-) diff --git a/src/main/kotlin/com/example/route/MenuRoute.kt b/src/main/kotlin/com/example/route/MenuRoute.kt index 348a0e3..5b02fc9 100644 --- a/src/main/kotlin/com/example/route/MenuRoute.kt +++ b/src/main/kotlin/com/example/route/MenuRoute.kt @@ -1,7 +1,10 @@ package com.example.route +import com.example.domain.model.CafeMenu import com.example.service.MenuService +import io.ktor.http.* import io.ktor.server.application.* +import io.ktor.server.request.* import io.ktor.server.response.* import io.ktor.server.routing.* import org.koin.ktor.ext.inject @@ -13,4 +16,22 @@ fun Route.menuRoute() { val menu = menuService.findAll() call.respond(menu) } -} \ No newline at end of file + + post("/menus") { + val menu = call.receive() + val createdMenu = menuService.createMenu(menu) + call.respond(createdMenu) + } + + put("/menus") { + val menu = call.receive() + val updatedMenu = menuService.updateMenu(menu) + call.respond(updatedMenu) + } + + delete("/menus/{id}") { + val id = call.parameters["id"]?.toLong()!! + menuService.deleteMenu(id) + call.respond(HttpStatusCode.OK) + } +} From ff98994372f36eb67448151ead0d943b49338865 Mon Sep 17 00:00:00 2001 From: chaeda Date: Sat, 30 Mar 2024 00:53:47 +0900 Subject: [PATCH 2/2] =?UTF-8?q?cafe-11-end=20=EC=85=8B=ED=8C=85?= MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit --- .../kotlin/com/example/config/Security.kt | 18 ++++++++++ src/main/kotlin/com/example/config/Session.kt | 2 ++ .../domain/repository/CafeOrderRepository.kt | 33 +++++++++++++++++-- .../kotlin/com/example/route/MenuRoute.kt | 32 ++++++++++-------- .../kotlin/com/example/route/OrderRoute.kt | 16 ++++++--- .../com/example/service/OrderService.kt | 8 +++-- 6 files changed, 84 insertions(+), 25 deletions(-) diff --git a/src/main/kotlin/com/example/config/Security.kt b/src/main/kotlin/com/example/config/Security.kt index 45a2485..eb6cc79 100644 --- a/src/main/kotlin/com/example/config/Security.kt +++ b/src/main/kotlin/com/example/config/Security.kt @@ -1,7 +1,9 @@ package com.example.config +import com.example.config.AuthenticatedUser.Companion.ADMINISTER_REQUIRED import com.example.shared.CafeUserRole import com.example.config.AuthenticatedUser.Companion.CUSTOMER_REQUIRED +import com.example.config.AuthenticatedUser.Companion.USER_REQUIRED import io.ktor.http.* import io.ktor.server.application.* import io.ktor.server.auth.* @@ -17,6 +19,22 @@ fun Application.configureSecurity() { call.respond(HttpStatusCode.Forbidden, "only for customer"); } } + session(USER_REQUIRED) { + validate { session: AuthenticatedUser -> + session.takeIf { it.userRoles.isNotEmpty() } + } + challenge { + call.respond(HttpStatusCode.Forbidden, "only for user"); + } + } + session(ADMINISTER_REQUIRED) { + validate { session: AuthenticatedUser -> + session.takeIf { it.userRoles.contains(CafeUserRole.ADMINISTER) } + } + challenge { + call.respond(HttpStatusCode.Forbidden, "only for administer"); + } + } } } diff --git a/src/main/kotlin/com/example/config/Session.kt b/src/main/kotlin/com/example/config/Session.kt index 096a61c..9b0c63a 100644 --- a/src/main/kotlin/com/example/config/Session.kt +++ b/src/main/kotlin/com/example/config/Session.kt @@ -28,6 +28,8 @@ data class AuthenticatedUser( fun none() = AuthenticatedUser(0, listOf()) const val SESSION_NAME = "CU_SESSION_ID" + const val USER_REQUIRED = "user-required" const val CUSTOMER_REQUIRED = "customer-required" + const val ADMINISTER_REQUIRED = "administer-required" } } diff --git a/src/main/kotlin/com/example/domain/repository/CafeOrderRepository.kt b/src/main/kotlin/com/example/domain/repository/CafeOrderRepository.kt index dcba2f7..c48da0c 100644 --- a/src/main/kotlin/com/example/domain/repository/CafeOrderRepository.kt +++ b/src/main/kotlin/com/example/domain/repository/CafeOrderRepository.kt @@ -1,11 +1,14 @@ package com.example.domain.repository +import com.example.domain.CafeMenuTable import com.example.domain.CafeOrderTable +import com.example.domain.CafeUserTable import com.example.domain.ExposedCrudRepository import com.example.domain.model.CafeOrder import com.example.shared.dto.OrderDto import org.jetbrains.exposed.dao.id.EntityID import org.jetbrains.exposed.sql.ResultRow +import org.jetbrains.exposed.sql.SortOrder import org.jetbrains.exposed.sql.selectAll import org.jetbrains.exposed.sql.statements.InsertStatement import org.jetbrains.exposed.sql.statements.UpdateStatement @@ -66,7 +69,31 @@ class CafeOrderRepository( * inner join cafe_menu m on m.id = o.cafe_menu_id * order by o.id desc; */ - fun findByOrders(): List { - TODO() + fun findByOrders(): List = dbQuery { + val query = table + .innerJoin(CafeUserTable) + .innerJoin(CafeMenuTable) + .select( + CafeOrderTable.orderCode, + CafeOrderTable.price, + CafeOrderTable.status, + CafeOrderTable.orderedAt, + CafeOrderTable.id, + CafeMenuTable.name, + CafeUserTable.nickname, + ) + .orderBy(CafeOrderTable.id to SortOrder.DESC) + + query.map { + OrderDto.DisplayResponse( + orderCode = it[table.orderCode], + menuName = it[CafeMenuTable.name], + customerName = it[CafeUserTable.nickname], + price = it[table.price], + status = it[table.status], + orderedAt = it[table.orderedAt], + id = it[table.id].value + ) + } } -} +} \ No newline at end of file diff --git a/src/main/kotlin/com/example/route/MenuRoute.kt b/src/main/kotlin/com/example/route/MenuRoute.kt index 5b02fc9..0eac2b4 100644 --- a/src/main/kotlin/com/example/route/MenuRoute.kt +++ b/src/main/kotlin/com/example/route/MenuRoute.kt @@ -1,9 +1,11 @@ package com.example.route +import com.example.config.AuthenticatedUser import com.example.domain.model.CafeMenu import com.example.service.MenuService import io.ktor.http.* import io.ktor.server.application.* +import io.ktor.server.auth.* import io.ktor.server.request.* import io.ktor.server.response.* import io.ktor.server.routing.* @@ -17,21 +19,23 @@ fun Route.menuRoute() { call.respond(menu) } - post("/menus") { - val menu = call.receive() - val createdMenu = menuService.createMenu(menu) - call.respond(createdMenu) - } + authenticate(AuthenticatedUser.ADMINISTER_REQUIRED) { + post("/menus") { + val menu = call.receive() + val createdMenu = menuService.createMenu(menu) + call.respond(createdMenu) + } - put("/menus") { - val menu = call.receive() - val updatedMenu = menuService.updateMenu(menu) - call.respond(updatedMenu) - } + put("/menus") { + val menu = call.receive() + val updatedMenu = menuService.updateMenu(menu) + call.respond(updatedMenu) + } - delete("/menus/{id}") { - val id = call.parameters["id"]?.toLong()!! - menuService.deleteMenu(id) - call.respond(HttpStatusCode.OK) + delete("/menus/{id}") { + val id = call.parameters["id"]?.toLong()!! + menuService.deleteMenu(id) + call.respond(HttpStatusCode.OK) + } } } diff --git a/src/main/kotlin/com/example/route/OrderRoute.kt b/src/main/kotlin/com/example/route/OrderRoute.kt index 82e2968..df3fa60 100644 --- a/src/main/kotlin/com/example/route/OrderRoute.kt +++ b/src/main/kotlin/com/example/route/OrderRoute.kt @@ -21,17 +21,23 @@ fun Route.orderRoute() { val code = orderService.createOrder(createRequest, call.authenticatedUser()) call.respond(code) } - get("/orders/{orderCode}") { - val orderCode = call.parameters["orderCode"]!! - val order = orderService.getOrder(orderCode, call.authenticatedUser()) - call.respond(order) - } put("/orders/{orderCode}/status") { val orderCode = call.parameters["orderCode"]!! val state = call.receive().status orderService.updateOrderStatus(orderCode, state, call.authenticatedUser()) call.respond(HttpStatusCode.OK) } + } + + authenticate(AuthenticatedUser.USER_REQUIRED) { + get("/orders/{orderCode}") { + val orderCode = call.parameters["orderCode"]!! + val order = orderService.getOrder(orderCode, call.authenticatedUser()) + call.respond(order) + } + } + + authenticate(AuthenticatedUser.ADMINISTER_REQUIRED) { get("/orders") { val orders: List = orderService.getOrders() call.respond(orders) diff --git a/src/main/kotlin/com/example/service/OrderService.kt b/src/main/kotlin/com/example/service/OrderService.kt index 13db89a..6a25d25 100644 --- a/src/main/kotlin/com/example/service/OrderService.kt +++ b/src/main/kotlin/com/example/service/OrderService.kt @@ -68,8 +68,10 @@ class OrderService( authenticatedUser: AuthenticatedUser, order: CafeOrder, ) { - if (authenticatedUser.userId != order.cafeUserId) { - throw CafeException(ErrorCode.FORBIDDEN) + if (authenticatedUser.isOnlyCustomer()) { + if (authenticatedUser.userId != order.cafeUserId) { + throw CafeException(ErrorCode.FORBIDDEN) + } } } @@ -90,6 +92,6 @@ class OrderService( } fun getOrders(): List { - TODO("Not yet implemented") + return cafeOrderRepository.findByOrders() } }