diff --git a/src/main/java/jewellery/inventory/service/ProductInOrganizationService.java b/src/main/java/jewellery/inventory/service/ProductInOrganizationService.java index e0a82833..2ce33111 100644 --- a/src/main/java/jewellery/inventory/service/ProductInOrganizationService.java +++ b/src/main/java/jewellery/inventory/service/ProductInOrganizationService.java @@ -14,6 +14,7 @@ import jewellery.inventory.exception.invalid_resource_quantity.InsufficientResourceQuantityException; import jewellery.inventory.exception.organization.OrganizationNotOwnerException; import jewellery.inventory.exception.organization.ProductIsNotPartOfOrganizationException; +import jewellery.inventory.exception.organization.UserIsNotPartOfOrganizationException; import jewellery.inventory.exception.product.ProductOwnerEqualsRecipientException; import jewellery.inventory.mapper.ProductInOrganizationMapper; import jewellery.inventory.model.*; @@ -77,6 +78,7 @@ public ProductsInOrganizationResponseDto updateProduct( organizationService.validateCurrentUserPermission( organization, OrganizationPermission.EDIT_PRODUCT); + validateUsersAreMembersOfOrganization(organization, productService.getAuthors(productRequestDto)); Product product = productService.getProduct(productId); throwExceptionIfOrganizationNotOwner(organization.getId(), product); @@ -98,6 +100,7 @@ public ProductsInOrganizationResponseDto createProductInOrganization( organizationService.validateCurrentUserPermission( organization, OrganizationPermission.CREATE_PRODUCT); + validateUsersAreMembersOfOrganization(organization, productService.getAuthors(productRequestDto)); Product product = persistProductWithoutResourcesAndProducts(productRequestDto, organization); @@ -168,6 +171,21 @@ private void setProductFields( logger.debug("Product fields have been set successfully for product: {}", product); } + private void validateUsersAreMembersOfOrganization(Organization organization, List authors) { + for (User author : authors) { + boolean isUserInOrganization = false; + for (UserInOrganization userInOrganization : organization.getUsersInOrganization()) { + if (userInOrganization.getUser().getId().equals(author.getId())) { + isUserInOrganization = true; + break; + } + } + if (!isUserInOrganization) { + throw new UserIsNotPartOfOrganizationException(author.getId(), organization.getId()); + } + } + } + private void addProductsContentToProduct(ProductRequestDto productRequestDto, Product product) { if (productRequestDto.getProductsContent() != null) { product.setProductsContent( @@ -335,7 +353,8 @@ private void updateProductOrganizationRecursively(Product product, Organization } } - private static void throwExceptionIfProductOrganizationEqualsRecipient(UUID recipientId, Product product) { + private static void throwExceptionIfProductOrganizationEqualsRecipient( + UUID recipientId, Product product) { if (product.getOrganization().getId().equals(recipientId)) { throw new ProductOwnerEqualsRecipientException(product.getOrganization().getId()); } diff --git a/src/test/java/jewellery/inventory/integration/ProductInOrganizationCrudIntegrationTest.java b/src/test/java/jewellery/inventory/integration/ProductInOrganizationCrudIntegrationTest.java index 62bf9bc9..b02a76f6 100644 --- a/src/test/java/jewellery/inventory/integration/ProductInOrganizationCrudIntegrationTest.java +++ b/src/test/java/jewellery/inventory/integration/ProductInOrganizationCrudIntegrationTest.java @@ -1,12 +1,12 @@ package jewellery.inventory.integration; +import static jewellery.inventory.helper.OrganizationTestHelper.getTestUserInOrganizationRequest; import static jewellery.inventory.helper.ResourceTestHelper.getPearlRequestDto; import static jewellery.inventory.helper.SystemEventTestHelper.getCreateOrDeleteEventPayload; import static jewellery.inventory.helper.SystemEventTestHelper.getUpdateEventPayload; import static jewellery.inventory.model.EventType.*; import static jewellery.inventory.utils.BigDecimalUtil.getBigDecimal; -import static org.junit.jupiter.api.Assertions.assertEquals; -import static org.junit.jupiter.api.Assertions.assertNotNull; +import static org.junit.jupiter.api.Assertions.*; import com.fasterxml.jackson.core.JsonProcessingException; import java.math.BigDecimal; @@ -20,7 +20,6 @@ import jewellery.inventory.dto.response.*; import jewellery.inventory.dto.response.resource.ResourceResponseDto; import jewellery.inventory.helper.*; -import jewellery.inventory.model.Organization; import jewellery.inventory.model.User; import jewellery.inventory.model.resource.PreciousStone; import org.jetbrains.annotations.Nullable; @@ -59,14 +58,20 @@ private String getOrganizationProductsUrl(String organizationId) { return buildUrl("organizations", organizationId, "products"); } + private String getOrganizationUsersUrl(UUID organizationId) { + return "/organizations/" + organizationId + "/users"; + } + private PreciousStone preciousStone; private ProductRequestDto productRequestDto; private OrganizationResponseDto organization; + private UserInOrganizationRequestDto userInOrganizationRequestDto; @BeforeEach void setUp() { User user = createUserInDatabase(UserTestHelper.createTestUserRequest()); organization = createOrganization(); + userInOrganizationRequestDto = getTestUserInOrganizationRequest(user.getId()); preciousStone = createPreciousStoneInDatabase(); productRequestDto = ProductTestHelper.getProductRequestDtoForOrganization( @@ -90,6 +95,7 @@ void getAllProductsFromOrganizationSuccessfully() { @Test void createProductInOrganizationSuccessfully() throws JsonProcessingException { OrganizationResponseDto organizationResponseDto = createOrganization(); + addUserInOrganization(organizationResponseDto.getId(), userInOrganizationRequestDto); ResourceResponseDto resourceResponse = sendCreateResourceRequest(); ResourceInOrganizationRequestDto resourceInOrganizationRequest = ResourceInOrganizationTestHelper.createResourceInOrganizationRequestDto( @@ -118,9 +124,35 @@ void createProductInOrganizationSuccessfully() throws JsonProcessingException { assertProductsInOrganizationSize(organizationResponseDto.getId().toString(), 1); } + @Test + void createProductInOrganizationThrowUserNotPartOfOrganization() { + OrganizationResponseDto organizationResponseDto = createOrganization(); + ResourceResponseDto resourceResponse = sendCreateResourceRequest(); + ResourceInOrganizationRequestDto resourceInOrganizationRequest = + ResourceInOrganizationTestHelper.createResourceInOrganizationRequestDto( + organizationResponseDto.getId(), + resourceResponse.getId(), + RESOURCE_QUANTITY, + RESOURCE_PRICE); + ResponseEntity resource = + sendResourceToOrganization(resourceInOrganizationRequest); + assertProductsInOrganizationSize(organizationResponseDto.getId().toString(), 0); + + ResponseEntity productInOrganizationResponse = + createProduct( + setOwnerAndResourceToProductRequest( + productRequestDto, + organizationResponseDto.getId(), + resourceResponse.getId(), + RESOURCE_QUANTITY)); + + assertEquals(HttpStatus.CONFLICT, productInOrganizationResponse.getStatusCode()); + } + @Test void updateProductInOrganizationSuccessfully() throws JsonProcessingException { OrganizationResponseDto organizationResponseDto = createOrganization(); + addUserInOrganization(organizationResponseDto.getId(), userInOrganizationRequestDto); ResourceResponseDto resourceResponse = sendCreateResourceRequest(); ResourceInOrganizationRequestDto resourceInOrganizationRequest = ResourceInOrganizationTestHelper.createResourceInOrganizationRequestDto( @@ -155,8 +187,43 @@ void updateProductInOrganizationSuccessfully() throws JsonProcessingException { assertProductsInOrganizationSize(organizationResponseDto.getId().toString(), 1); } + @Test + void updateProductInOrganizationThrowUserIsNotPartOfOrganization() { + OrganizationResponseDto organizationResponseDto = createOrganization(); + addUserInOrganization(organizationResponseDto.getId(), userInOrganizationRequestDto); + ResourceResponseDto resourceResponse = sendCreateResourceRequest(); + ResourceInOrganizationRequestDto resourceInOrganizationRequest = + ResourceInOrganizationTestHelper.createResourceInOrganizationRequestDto( + organizationResponseDto.getId(), + resourceResponse.getId(), + RESOURCE_QUANTITY, + RESOURCE_PRICE); + ResponseEntity resource = + sendResourceToOrganization(resourceInOrganizationRequest); + ResponseEntity resource2 = + sendResourceToOrganization(resourceInOrganizationRequest); + ResponseEntity productInOrganizationResponse = + createProduct( + setOwnerAndResourceToProductRequest( + productRequestDto, + organizationResponseDto.getId(), + resourceResponse.getId(), + RESOURCE_QUANTITY)); + productRequestDto.setAuthors(List.of()); + User newUser = createUserInDatabase(UserTestHelper.createDifferentUserRequest()); + productRequestDto.setAuthors(List.of(newUser.getId())); + + ResponseEntity updatedProductInOrganizationResponse = + updateProduct( + productRequestDto, + productInOrganizationResponse.getBody().getProducts().get(0).getId().toString()); + + assertEquals(HttpStatus.CONFLICT, updatedProductInOrganizationResponse.getStatusCode()); + } + @Test void deleteProductInOrganizationSuccessfully() throws JsonProcessingException { + addUserInOrganization(organization.getId(), userInOrganizationRequestDto); sendResourceToOrganization( ResourceInOrganizationTestHelper.createResourceInOrganizationRequestDto( organization.getId(), preciousStone.getId(), RESOURCE_QUANTITY, RESOURCE_PRICE)); @@ -184,6 +251,7 @@ void deleteProductInOrganizationSuccessfully() throws JsonProcessingException { @Test void transferProductSuccessfully() throws JsonProcessingException { + addUserInOrganization(organization.getId(), userInOrganizationRequestDto); sendResourceToOrganization( ResourceInOrganizationTestHelper.createResourceInOrganizationRequestDto( organization.getId(), preciousStone.getId(), RESOURCE_QUANTITY, RESOURCE_PRICE)); @@ -301,6 +369,16 @@ private User createUserInDatabase(UserRequestDto userRequestDto) { return createUser.getBody(); } + @Nullable + private void addUserInOrganization(UUID organizationID, UserInOrganizationRequestDto requestDto) { + ResponseEntity addUserInOrganization = + this.testRestTemplate.postForEntity( + getOrganizationUsersUrl(organizationID), + requestDto, + OrganizationSingleMemberResponseDto.class); + assertEquals(HttpStatus.CREATED, addUserInOrganization.getStatusCode()); + } + private ProductRequestDto setOwnerAndResourceToProductRequest( ProductRequestDto productRequestDto, UUID organizationId,