diff --git a/src/main/java/com/example/clientproject/service/Utils/CheckUserOwner.java b/src/main/java/com/example/clientproject/service/Utils/CheckUserOwner.java new file mode 100644 index 0000000000000000000000000000000000000000..82b55bc53e6db5bdd69901a53ee918a959a471b1 --- /dev/null +++ b/src/main/java/com/example/clientproject/service/Utils/CheckUserOwner.java @@ -0,0 +1,28 @@ +package com.example.clientproject.service.Utils; + +import com.example.clientproject.data.shops.Shops; +import com.example.clientproject.data.userPermissions.UserPermissions; +import com.example.clientproject.data.userPermissions.UserPermissionsRepo; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; + +import java.util.List; + +@Component +public class CheckUserOwner { + + @Autowired + UserPermissionsRepo permissionsRepo; + + public boolean checkOwner(int userId, int shopId){ + List<UserPermissions> permissions = permissionsRepo.findByShopID(shopId); + + for(UserPermissions u:permissions){ + if(u.getUser().getUserId() == userId){ + if(u.getAdminType().getAdminTypeId() == 2){ + return true; + } + } + }return false; + } +} diff --git a/src/main/java/com/example/clientproject/services/UserLinked.java b/src/main/java/com/example/clientproject/services/UserLinked.java index ce19265921e8a724490618555b9801343c109b43..173162d5e8e083c6aea22b5f48c0da8b7a1709ac 100644 --- a/src/main/java/com/example/clientproject/services/UserLinked.java +++ b/src/main/java/com/example/clientproject/services/UserLinked.java @@ -30,4 +30,22 @@ public class UserLinked { } } return false; } + + public boolean isAnyAdmin(int userId){ + List<UserPermissions> allLinks = userPermRepo.findByUserId(userId); + for(UserPermissions u:allLinks){ + if(u.getAdminType().getAdminTypeId() == 2){ + return true; + } + }return false; + } + + public int userAdminShopId(int userId){ + List<UserPermissions> allLinks = userPermRepo.findByUserId(userId); + for(UserPermissions u:allLinks){ + if(u.getAdminType().getAdminTypeId() == 2){ + return (int) u.getShop().getShopId(); + } + }return 0; + } } diff --git a/src/main/java/com/example/clientproject/web/controllers/signUpAndIn/SignInController.java b/src/main/java/com/example/clientproject/web/controllers/signUpAndIn/SignInController.java index c6bda81ea1ee9aca20a09379b7db7f0d48593db8..fa58652817475e596f294d23e5cb7f2066d0854c 100644 --- a/src/main/java/com/example/clientproject/web/controllers/signUpAndIn/SignInController.java +++ b/src/main/java/com/example/clientproject/web/controllers/signUpAndIn/SignInController.java @@ -11,6 +11,7 @@ import com.example.clientproject.service.dtos.UsersDTO; import com.example.clientproject.service.searches.UsersSearch; import com.example.clientproject.services.BusinessRegisterDTO; import com.example.clientproject.services.BusinessRegisterSaver; +import com.example.clientproject.services.UserLinked; import com.example.clientproject.services.UserShopLinked; import com.example.clientproject.web.forms.BusinessRegisterForm; import com.example.clientproject.web.forms.signUpAndIn.LoginForm; @@ -35,20 +36,20 @@ public class SignInController { private JWTUtils jwtUtils; - private UserShopLinked userShopLinked; + private UserLinked userLinked; private UserPermissionsRepo userPermissionsRepo; private CategoriesRepo catRepo; public SignInController(UsersSearch aUsersSearch, BusinessRegisterSaver sBusiness, JWTUtils ajwtUtils, - UserShopLinked aUserShopLinked, + UserLinked aUserShopLinked, UserPermissionsRepo aUserPermissionsRepo, CategoriesRepo aCatRepo) { usersSearch = aUsersSearch; saveBusiness = sBusiness; jwtUtils = ajwtUtils; - userShopLinked = aUserShopLinked; + userLinked = aUserShopLinked; userPermissionsRepo = aUserPermissionsRepo; catRepo = aCatRepo; } @@ -72,12 +73,10 @@ public class SignInController { } //System.out.println(userShopLinked.hasShop(jwtUtils.getLoggedInUserId(session).get())); - if(userShopLinked.hasShop(jwtUtils.getLoggedInUserId(session).get())){ - long userId = jwtUtils.getLoggedInUserId(session).get(); - long shopId = userPermissionsRepo.findByUserId(userId).get(0).getShop().getShopId(); - if(shopId == 1){ - shopId = userPermissionsRepo.findByUserId(userId).get(1).getShop().getShopId(); - } + if(userLinked.isAnyAdmin(jwtUtils.getLoggedInUserId(session).get())){ + + int shopId = userLinked.userAdminShopId(jwtUtils.getLoggedInUserId(session).get()); + return "redirect:/redirect?url=businessDetails?shopId="+shopId; } List<Categories> categories = catRepo.findAll(); diff --git a/src/main/resources/static/js/manageStaff.js b/src/main/resources/static/js/manageStaff.js index 2d519431c8065e90839b73a233cb5ed10c01cfe3..7006bf1f45d647c9882186a015f294fbc0a45ff8 100644 --- a/src/main/resources/static/js/manageStaff.js +++ b/src/main/resources/static/js/manageStaff.js @@ -10,6 +10,8 @@ function submit(shopId, email={"value":""}){ document.getElementsByName("staffEmail").forEach(x => emailArray.push(x.innerHTML)) + console.log(emailArray) + if(emailArray.includes(emailValue)){ document.getElementById("emailErrorField").innerHTML = "User already added" return @@ -42,7 +44,7 @@ function submit(shopId, email={"value":""}){ document.getElementById("staffManagement").innerHTML+= `<div id="staffManagement"> <div class="staffManagementContainer"> - <p class="subtitle is-6" style="width:50%; margin-bottom: 0">${emailValue}</p> + <p class="subtitle is-6" name="staffEmail" style="width:50%; margin-bottom: 0">${emailValue}</p> <button class="button is-danger is-outlined" style="border-bottom: 1px solid" onclick="submit(${document.getElementById("shopId").value},this);"> <span class="icon is-small"> diff --git a/src/main/resources/templates/admin.html b/src/main/resources/templates/admin.html index 1afe4197372437b817ed8fafe1fd0eea3f4881c2..6aaaf60a8010fc1fe5378e0396e77ec33ad5c48a 100644 --- a/src/main/resources/templates/admin.html +++ b/src/main/resources/templates/admin.html @@ -73,7 +73,7 @@ <div th:replace="fragments/businessInformation :: keyInformation"></div> <div th:replace="fragments/userSocials.html :: userSocial"/> <br> - <th:block th:if="${highestShopLevel>=2}"> + <th:block th:if="${@checkUserOwner.checkOwner(loggedInUser.userId, shop.shopId)}"> <div th:replace="fragments/manageStaff.html :: manageStaffMembers"/> <div th:replace="fragments/deleteShop.html :: deleteShop"/> <div th:replace="fragments/toggleShop.html :: toggleShop"/> diff --git a/src/main/resources/templates/fragments/businessInformation.html b/src/main/resources/templates/fragments/businessInformation.html index 45b6b7e73aec8433748d584df8e14cd405c8b080..87c4ca47988356ee3d8122b502d4e40bd798ed83 100644 --- a/src/main/resources/templates/fragments/businessInformation.html +++ b/src/main/resources/templates/fragments/businessInformation.html @@ -11,7 +11,7 @@ <input type="text" th:value="${shop.shopName}" id="nameInput" class="input"> <p class="subtitle is-6" style="margin-bottom:3px;margin-top: 10px">Description</p> - <textarea class="textarea" id="descriptionInput" th:text="${shop.shopDescription}" cols="30" rows="10"></textarea> + <textarea class="textarea" id="descriptionInput" maxlength="250" th:text="${shop.shopDescription}" cols="30" rows="10"></textarea> <p class="subtitle is-6" style="margin-bottom:3px;margin-top: 10px">Banner</p> <img class="mb-3" id="bannerPreview" th:src="${shop.shopBanner}" style="margin-top: 5px; max-height: 100px">