Package edu.ucsb.cs156.example.controllers

Class TodosController

java.lang.Object
edu.ucsb.cs156.example.controllers.ApiController
edu.ucsb.cs156.example.controllers.TodosController
@RequestMapping("/api/todos") @RestController public class TodosController extends ApiController
This is a REST controller for Todos

  • Constructor Details

    • TodosController

      public TodosController()

  • Method Details

    • allUsersTodos

      @PreAuthorize("hasRole(\'ROLE_ADMIN\')") @GetMapping("/admin/all") public Iterable<Todo> allUsersTodos()
      This method returns a list of all todos. Accessible only to users with the role "ROLE_ADMIN".
      Returns:
      a list of all todos

    • thisUsersTodos

      @PreAuthorize("hasRole(\'ROLE_USER\')") @GetMapping("/all") public Iterable<Todo> thisUsersTodos()
      This method returns a list of all todos owned by the current user.
      Returns:
      a list of all todos owned by the current user

    • getTodoById

      @PreAuthorize("hasRole(\'ROLE_USER\')") @GetMapping("") public Todo getTodoById(@RequestParam Long id)
      This method returns a single todo owned by the current user.
      Parameters:
      id - id of the todo to get
      Returns:
      a single todo owned by the current user

    • getTodoById_admin

      @PreAuthorize("hasRole(\'ROLE_ADMIN\')") @GetMapping("/admin") public Todo getTodoById_admin(@RequestParam Long id)
      This method returns a single todo regardless of ownership. Accessible only to users with the role "ROLE_ADMIN".
      Parameters:
      id - id of the todo to get
      Returns:
      a single todo regardless of ownership

    • postTodo

      @PreAuthorize("hasRole(\'ROLE_USER\')") @PostMapping("/post") public Todo postTodo(@RequestParam String title, @RequestParam String details, @RequestParam Boolean done)
      This method creates a new todo owned by the current user.
      Parameters:
      title - title of the todo
      details - details of the todo
      done - whether the todo has been done or not
      Returns:
      the saved todo (with it's id field set by the database)

    • deleteTodo

      @PreAuthorize("hasRole(\'ROLE_USER\')") @DeleteMapping("") public Object deleteTodo(@RequestParam Long id)
      Delete a Todo owned by this user
      Parameters:
      id - id of the todo to delete
      Returns:
      a message indicating the todo was deleted

    • deleteTodo_Admin

      @PreAuthorize("hasRole(\'ROLE_ADMIN\')") @DeleteMapping("/admin") public Object deleteTodo_Admin(@RequestParam Long id)
      Delete a Todo regardless of ownership, admin only
      Parameters:
      id - id of the todo to delete
      Returns:
      a message indicating the todo was deleted

    • putTodoById

      @PreAuthorize("hasRole(\'ROLE_USER\')") @PutMapping("") public Todo putTodoById(@RequestParam Long id, @RequestBody @Valid @Valid Todo incomingTodo)
      Update a single todo (if it belongs to current user)
      Parameters:
      id - id of the todo to update
      incomingTodo - the new todo contents
      Returns:
      the updated todo object

    • putTodoById_admin

      @PreAuthorize("hasRole(\'ROLE_ADMIN\')") @PutMapping("/admin") public Todo putTodoById_admin(@RequestParam Long id, @RequestBody @Valid @Valid Todo incomingTodo)
      Update a single todo (regardless of ownership, admin only, can't change ownership)
      Parameters:
      id - id of the todo to update
      incomingTodo - the new todo contents
      Returns:
      the updated todo object