diff --git a/src/main/java/org/hbp/mip/controllers/ArticlesApi.java b/src/main/java/org/hbp/mip/controllers/ArticlesApi.java
index bbbad3dfd3f9e9e192f69d05638014e3d69d3f14..2ac7d351b2549ce7107a965041b1b47a82e4fde4 100644
--- a/src/main/java/org/hbp/mip/controllers/ArticlesApi.java
+++ b/src/main/java/org/hbp/mip/controllers/ArticlesApi.java
@@ -45,7 +45,7 @@ public class ArticlesApi {
User user = mipApplication.getUser();
- String queryString = "SELECT a FROM Article a, User u WHERE a.createdBy=u.id";
+ String queryString = "SELECT a FROM Article a, User u WHERE a.createdBy=u.username";
if(status != null)
{
queryString += " AND status= :status";
@@ -56,9 +56,11 @@ public class ArticlesApi {
}
else
{
+ queryString += " AND (status='published' or u.username= :username)";
if(team != null && team)
{
- queryString += " AND u.team= :team";
+ // TODO: decide if this is needed
+ //queryString += " AND u.team= :team";
}
}
@@ -70,13 +72,7 @@ public class ArticlesApi {
if (status != null) {
query.setString("status", status);
}
- if (own != null && own) {
- query.setString("username", user.getUsername());
- } else {
- if (team != null && team) {
- query.setString("team", user.getTeam());
- }
- }
+ query.setString("username", user.getUsername());
articles = query.list();
session.getTransaction().commit();
} catch (Exception e)
@@ -102,54 +98,61 @@ public class ArticlesApi {
User user = mipApplication.getUser();
- String originalTitle = article.getTitle();
-
article.setCreatedAt(new Date());
if (article.getStatus().equals("published")) {
article.setPublishedAt(new Date());
}
article.setCreatedBy(user);
+ Long count;
Session session = HibernateUtil.getSessionFactory().getCurrentSession();
try{
session.beginTransaction();
- Long count;
int i = 0;
- do {
- Slugify slg = null;
- try {
- slg = new Slugify();
- } catch (IOException e) {
- e.printStackTrace();
- }
- String slug = slg.slugify(article.getTitle());
- article.setSlug(slug);
-
+ do{
+ i++;
count = (Long) session
- .createQuery("select count(*) from Article where slug= :slug")
- .setString("slug", slug)
+ .createQuery("select count(*) from Article where title= :title")
+ .setString("title", article.getTitle())
.uniqueResult();
+
if(count > 0)
{
String title = article.getTitle();
- if(i > 0)
+ if(i > 1)
{
title = title.substring(0, title.length()-4);
}
- i++;
article.setTitle(title + " (" + i + ")");
}
} while(count > 0);
- count = (Long) session
- .createQuery("select count(*) from Article where title= :title")
- .setString("title", originalTitle)
- .uniqueResult();
- if(count < 1)
- {
- article.setTitle(originalTitle);
+ Slugify slg = null;
+ try {
+ slg = new Slugify();
+ } catch (IOException e) {
+ e.printStackTrace();
}
+ String slug = slg.slugify(article.getTitle());
+
+ i = 0;
+ do {
+ i++;
+ count = (Long) session
+ .createQuery("select count(*) from Article where slug= :slug")
+ .setString("slug", slug)
+ .uniqueResult();
+ if(count > 0)
+ {
+ if(i > 1)
+ {
+ slug = slug.substring(0, slug.length()-2);
+ }
+ slug += "-"+i;
+ }
+ article.setSlug(slug);
+ } while(count > 0);
session.save(article);
session.getTransaction().commit();
@@ -173,15 +176,24 @@ public class ArticlesApi {
@ApiParam(value = "slug", required = true) @PathVariable("slug") String slug
) {
+ User user = mipApplication.getUser();
+
Session session = HibernateUtil.getSessionFactory().getCurrentSession();
Article article = null;
try{
session.beginTransaction();
+
article = (Article) session
.createQuery("FROM Article WHERE slug= :slug")
.setString("slug", slug)
.uniqueResult();
+
session.getTransaction().commit();
+
+ if (!article.getStatus().equals("published") && !article.getCreatedBy().getUsername().equals(user.getUsername()))
+ {
+ return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null);
+ }
} catch (Exception e)
{
if(session.getTransaction() != null)
@@ -203,32 +215,47 @@ public class ArticlesApi {
@RequestBody @ApiParam(value = "Article to update", required = true) @Valid Article article
) {
+ User user = mipApplication.getUser();
+
Session session = HibernateUtil.getSessionFactory().getCurrentSession();
try{
session.beginTransaction();
+ String author = (String) session
+ .createQuery("select U.username from User U, Article A where A.createdBy = U.username and A.slug = :slug")
+ .setString("slug", slug)
+ .uniqueResult();
+
+ if(!user.getUsername().equals(author))
+ {
+ session.getTransaction().commit();
+ return new ResponseEntity<>(HttpStatus.FORBIDDEN);
+ }
+
String oldTitle = (String) session
.createQuery("select title from Article where slug= :slug")
.setString("slug", slug)
.uniqueResult();
- if(!oldTitle.equals(article.getTitle())) {
+ String newTitle = article.getTitle();
+
+ if(!newTitle.equals(oldTitle)) {
Long count;
int i = 0;
do {
- String title = article.getTitle();
+ i++;
+ newTitle = article.getTitle();
count = (Long) session
.createQuery("select count(*) from Article where title= :title")
- .setString("title", title)
+ .setString("title", newTitle)
.uniqueResult();
- if (count > 0 && !oldTitle.equals(title)) {
- if (i > 0) {
- title = title.substring(0, title.length() - 4);
+ if (count > 0 && !newTitle.equals(oldTitle)) {
+ if (i > 1) {
+ newTitle = newTitle.substring(0, newTitle.length() - 4);
}
- i++;
- article.setTitle(title + " (" + i + ")");
+ article.setTitle(newTitle + " (" + i + ")");
}
- } while (count > 0 && !oldTitle.equals(article.getTitle()));
+ } while (count > 0 && !newTitle.equals(oldTitle));
}
session.update(article);
diff --git a/src/main/java/org/hbp/mip/controllers/ModelsApi.java b/src/main/java/org/hbp/mip/controllers/ModelsApi.java
index 4899032e5e03f0b35a3e13240293e1e8db29e775..b7f3338edba6bebf546bfdd015993563dbc4ad03 100644
--- a/src/main/java/org/hbp/mip/controllers/ModelsApi.java
+++ b/src/main/java/org/hbp/mip/controllers/ModelsApi.java
@@ -18,10 +18,7 @@ import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import java.io.IOException;
-import java.util.Date;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Random;
+import java.util.*;
import static org.springframework.http.MediaType.APPLICATION_JSON_VALUE;
@@ -42,21 +39,28 @@ public class ModelsApi {
public ResponseEntity<List<Model>> getModels(
@ApiParam(value = "Max number of results") @RequestParam(value = "limit", required = false) Integer limit,
@ApiParam(value = "Only ask own models") @RequestParam(value = "own", required = false) Boolean own,
- @ApiParam(value = "Only ask models from own team") @RequestParam(value = "team", required = false) Boolean team
+ @ApiParam(value = "Only ask models from own team") @RequestParam(value = "team", required = false) Boolean team,
+ @ApiParam(value = "Only ask published models") @RequestParam(value = "valid", required = false) Boolean valid
) {
User user = mipApplication.getUser();
- String queryString = "SELECT m FROM Model m, User u WHERE m.createdBy=u.id";
+ String queryString = "SELECT m FROM Model m, User u WHERE m.createdBy=u.username";
+ if(valid != null && valid)
+ {
+ queryString += " AND m.valid= :valid";
+ }
if(own != null && own)
{
queryString += " AND u.username= :username";
}
else
{
+ queryString += " AND (m.valid=true or u.username= :username)";
if(team != null && team)
{
- queryString += " AND u.team= :team";
+ // TODO: decide if this is needed
+ //queryString += " AND u.team= :team";
}
}
@@ -65,17 +69,11 @@ public class ModelsApi {
try{
session.beginTransaction();
Query query = session.createQuery(queryString);
- if(own != null && own)
+ if(valid != null)
{
- query.setString("username", user.getUsername());
- }
- else
- {
- if(team != null && team)
- {
- query.setString("team", user.getTeam());
- }
+ query.setBoolean("valid", valid);
}
+ query.setString("username", user.getUsername());
if(limit != null)
{
query.setMaxResults(limit); // Pagination : Use query.setFirstResult(...) to set begining index
@@ -104,55 +102,67 @@ public class ModelsApi {
User user = mipApplication.getUser();
- String originalTitle = model.getTitle();
-
model.setTitle(model.getConfig().getTitle().get("text"));
- model.setValid(true);
model.setCreatedBy(user);
model.setCreatedAt(new Date());
+ if(model.getValid() == null)
+ {
+ model.setValid(false);
+ }
+ Long count;
Session session = HibernateUtil.getSessionFactory().getCurrentSession();
-
- try {
+ try{
session.beginTransaction();
- Long count;
+
int i = 0;
+ do{
+ i++;
+ count = (Long) session
+ .createQuery("select count(*) from Model where title= :title")
+ .setString("title", model.getTitle())
+ .uniqueResult();
- do {
- Slugify slg = null;
- try {
- slg = new Slugify();
- } catch (IOException e) {
- e.printStackTrace();
+ if(count > 0)
+ {
+ String title = model.getTitle();
+ if(i > 1)
+ {
+ title = title.substring(0, title.length()-4);
+ }
+ model.setTitle(title + " (" + i + ")");
}
- String slug = slg.slugify(model.getTitle());
- model.setSlug(slug);
+ } while(count > 0);
+ Slugify slg = null;
+ try {
+ slg = new Slugify();
+ } catch (IOException e) {
+ e.printStackTrace();
+ }
+ String slug = slg.slugify(model.getTitle());
+
+ i = 0;
+ do {
+ i++;
count = (Long) session
.createQuery("select count(*) from Model where slug= :slug")
.setString("slug", slug)
.uniqueResult();
if(count > 0)
{
- String title = model.getTitle();
- if(i > 0)
+ if(i > 1)
{
- title = title.substring(0, title.length()-4);
+ slug = slug.substring(0, slug.length()-2);
}
- i++;
- model.setTitle(title + " (" + i + ")");
+ slug += "-"+i;
}
+ model.setSlug(slug);
+ } while(count > 0);
- } while (count > 0);
-
- count = (Long) session
- .createQuery("select count(*) from Article where title= :title")
- .setString("title", originalTitle)
- .uniqueResult();
- if(count < 1)
- {
- model.setTitle(originalTitle);
- }
+ Map<String, String> map = new HashMap<>(model.getConfig().getTitle());
+ map.put("text", model.getTitle());
+ model.getConfig().setTitle(map);
session.save(model);
session.getTransaction().commit();
@@ -165,7 +175,6 @@ public class ModelsApi {
}
}
-
return new ResponseEntity<Model>(HttpStatus.CREATED).ok(model);
}
@@ -176,6 +185,8 @@ public class ModelsApi {
@ApiParam(value = "slug", required = true) @PathVariable("slug") String slug
) {
+ User user = mipApplication.getUser();
+
Session session = HibernateUtil.getSessionFactory().getCurrentSession();
Model model = null;
Query query;
@@ -188,6 +199,11 @@ public class ModelsApi {
.uniqueResult();
session.getTransaction().commit();
+ if (!model.getValid() && !model.getCreatedBy().getUsername().equals(user.getUsername()))
+ {
+ return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null);
+ }
+
} catch (Exception e)
{
if(session.getTransaction() != null)
@@ -277,34 +293,53 @@ public class ModelsApi {
User user = mipApplication.getUser();
+ model.setTitle(model.getConfig().getTitle().get("text"));
+
Session session = HibernateUtil.getSessionFactory().getCurrentSession();
try{
session.beginTransaction();
+ String author = (String) session
+ .createQuery("select U.username from User U, Model M where M.createdBy = U.username and M.slug = :slug")
+ .setString("slug", slug)
+ .uniqueResult();
+
+ if(!user.getUsername().equals(author))
+ {
+ session.getTransaction().commit();
+ return new ResponseEntity<>(HttpStatus.FORBIDDEN);
+ }
+
String oldTitle = (String) session
- .createQuery("select title from Article where slug= :slug")
+ .createQuery("select title from Model where slug= :slug")
.setString("slug", slug)
.uniqueResult();
- if(!oldTitle.equals(model.getTitle())) {
+ String newTitle = model.getTitle();
+
+ if(!newTitle.equals(oldTitle)) {
Long count;
int i = 0;
do {
- String title = model.getTitle();
+ i++;
+ newTitle = model.getTitle();
count = (Long) session
- .createQuery("select count(*) from Article where title= :title")
- .setString("title", title)
+ .createQuery("select count(*) from Model where title= :title")
+ .setString("title", newTitle)
.uniqueResult();
- if (count > 0 && !oldTitle.equals(title)) {
- if (i > 0) {
- title = title.substring(0, title.length() - 4);
+ if (count > 0 && !newTitle.equals(oldTitle)) {
+ if (i > 1) {
+ newTitle = newTitle.substring(0, newTitle.length() - 4);
}
- i++;
- model.setTitle(title + " (" + i + ")");
+ model.setTitle(newTitle + " (" + i + ")");
}
- } while (count > 0 && !oldTitle.equals(model.getTitle()));
+ } while (count > 0 && !newTitle.equals(oldTitle));
}
+ Map<String, String> map = new HashMap<>(model.getConfig().getTitle());
+ map.put("text", model.getTitle());
+ model.getConfig().setTitle(map);
+
session.update(model);
session.getTransaction().commit();
} catch (Exception e)