| 1 | package edu.ucsb.cs156.example.controllers; | |
| 2 | ||
| 3 | import edu.ucsb.cs156.example.entities.Todo; | |
| 4 | import edu.ucsb.cs156.example.entities.User; | |
| 5 | import edu.ucsb.cs156.example.errors.EntityNotFoundException; | |
| 6 | import edu.ucsb.cs156.example.models.CurrentUser; | |
| 7 | import edu.ucsb.cs156.example.repositories.TodoRepository; | |
| 8 | import io.swagger.v3.oas.annotations.tags.Tag; | |
| 9 | import io.swagger.v3.oas.annotations.Operation; | |
| 10 | import io.swagger.v3.oas.annotations.Parameter; | |
| 11 | import lombok.extern.slf4j.Slf4j; | |
| 12 | ||
| 13 | ||
| 14 | import org.springframework.beans.factory.annotation.Autowired; | |
| 15 | import org.springframework.security.access.prepost.PreAuthorize; | |
| 16 | import org.springframework.web.bind.annotation.DeleteMapping; | |
| 17 | import org.springframework.web.bind.annotation.GetMapping; | |
| 18 | import org.springframework.web.bind.annotation.PostMapping; | |
| 19 | import org.springframework.web.bind.annotation.PutMapping; | |
| 20 | import org.springframework.web.bind.annotation.RequestBody; | |
| 21 | import org.springframework.web.bind.annotation.RequestMapping; | |
| 22 | import org.springframework.web.bind.annotation.RequestParam; | |
| 23 | import org.springframework.web.bind.annotation.RestController; | |
| 24 | ||
| 25 | import jakarta.validation.Valid; | |
| 26 | ||
| 27 | /** | |
| 28 | * This is a REST controller for Todos | |
| 29 | */ | |
| 30 | ||
| 31 | @Tag(name = "Todos") | |
| 32 | @RequestMapping("/api/todos") | |
| 33 | @RestController | |
| 34 | @Slf4j | |
| 35 | public class TodosController extends ApiController { | |
| 36 | ||
| 37 | @Autowired | |
| 38 | TodoRepository todoRepository; | |
| 39 | ||
| 40 | /** | |
| 41 | * This method returns a list of all todos. Accessible only to users with the role "ROLE_ADMIN". | |
| 42 | * @return a list of all todos | |
| 43 | */ | |
| 44 | @Operation(summary = "List all todos") | |
| 45 | @PreAuthorize("hasRole('ROLE_ADMIN')") | |
| 46 | @GetMapping("/admin/all") | |
| 47 | public Iterable<Todo> allUsersTodos() { | |
| 48 | Iterable<Todo> todos = todoRepository.findAll(); | |
| 49 |
1
1. allUsersTodos : replaced return value with Collections.emptyList for edu/ucsb/cs156/example/controllers/TodosController::allUsersTodos → KILLED |
return todos; |
| 50 | } | |
| 51 | ||
| 52 | /** | |
| 53 | * This method returns a list of all todos owned by the current user. | |
| 54 | * @return a list of all todos owned by the current user | |
| 55 | */ | |
| 56 | @Operation(summary = "List this user's todos") | |
| 57 | @PreAuthorize("hasRole('ROLE_USER')") | |
| 58 | @GetMapping("/all") | |
| 59 | public Iterable<Todo> thisUsersTodos() { | |
| 60 | CurrentUser currentUser = getCurrentUser(); | |
| 61 | Iterable<Todo> todos = todoRepository.findAllByUserId(currentUser.getUser().getId()); | |
| 62 |
1
1. thisUsersTodos : replaced return value with Collections.emptyList for edu/ucsb/cs156/example/controllers/TodosController::thisUsersTodos → KILLED |
return todos; |
| 63 | } | |
| 64 | ||
| 65 | /** | |
| 66 | * This method returns a single todo owned by the current user. | |
| 67 | * @param id id of the todo to get | |
| 68 | * @return a single todo owned by the current user | |
| 69 | */ | |
| 70 | @Operation(summary = "Get a single todo (if it belongs to current user)") | |
| 71 | @PreAuthorize("hasRole('ROLE_USER')") | |
| 72 | @GetMapping("") | |
| 73 | public Todo getTodoById( | |
| 74 | @Parameter(name="id") @RequestParam Long id) { | |
| 75 | User currentUser = getCurrentUser().getUser(); | |
| 76 | Todo todo = todoRepository.findByIdAndUser(id, currentUser) | |
| 77 |
1
1. lambda$getTodoById$0 : replaced return value with null for edu/ucsb/cs156/example/controllers/TodosController::lambda$getTodoById$0 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(Todo.class, id)); |
| 78 | ||
| 79 |
1
1. getTodoById : replaced return value with null for edu/ucsb/cs156/example/controllers/TodosController::getTodoById → KILLED |
return todo; |
| 80 | } | |
| 81 | ||
| 82 | /** | |
| 83 | * This method returns a single todo regardless of ownership. Accessible only to users with the role "ROLE_ADMIN". | |
| 84 | * @param id id of the todo to get | |
| 85 | * @return a single todo regardless of ownership | |
| 86 | */ | |
| 87 | @Operation(summary = "Get a single todo (no matter who it belongs to, admin only)") | |
| 88 | @PreAuthorize("hasRole('ROLE_ADMIN')") | |
| 89 | @GetMapping("/admin") | |
| 90 | public Todo getTodoById_admin( | |
| 91 | @Parameter(name="id") @RequestParam Long id) { | |
| 92 | Todo todo = todoRepository.findById(id) | |
| 93 |
1
1. lambda$getTodoById_admin$1 : replaced return value with null for edu/ucsb/cs156/example/controllers/TodosController::lambda$getTodoById_admin$1 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(Todo.class, id)); |
| 94 | ||
| 95 |
1
1. getTodoById_admin : replaced return value with null for edu/ucsb/cs156/example/controllers/TodosController::getTodoById_admin → KILLED |
return todo; |
| 96 | } | |
| 97 | ||
| 98 | /** | |
| 99 | * This method creates a new todo owned by the current user. | |
| 100 | * @param title title of the todo | |
| 101 | * @param details details of the todo | |
| 102 | * @param done whether the todo has been done or not | |
| 103 | * @return the saved todo (with it's id field set by the database) | |
| 104 | */ | |
| 105 | @Operation(summary = "Create a new Todo") | |
| 106 | @PreAuthorize("hasRole('ROLE_USER')") | |
| 107 | @PostMapping("/post") | |
| 108 | public Todo postTodo( | |
| 109 | @Parameter(name="title") @RequestParam String title, | |
| 110 | @Parameter(name="details") @RequestParam String details, | |
| 111 | @Parameter(name="done") @RequestParam Boolean done) { | |
| 112 | CurrentUser currentUser = getCurrentUser(); | |
| 113 | log.info("currentUser={}", currentUser); | |
| 114 | ||
| 115 | Todo todo = new Todo(); | |
| 116 |
1
1. postTodo : removed call to edu/ucsb/cs156/example/entities/Todo::setUser → KILLED |
todo.setUser(currentUser.getUser()); |
| 117 |
1
1. postTodo : removed call to edu/ucsb/cs156/example/entities/Todo::setTitle → KILLED |
todo.setTitle(title); |
| 118 |
1
1. postTodo : removed call to edu/ucsb/cs156/example/entities/Todo::setDetails → KILLED |
todo.setDetails(details); |
| 119 |
1
1. postTodo : removed call to edu/ucsb/cs156/example/entities/Todo::setDone → KILLED |
todo.setDone(done); |
| 120 | Todo savedTodo = todoRepository.save(todo); | |
| 121 |
1
1. postTodo : replaced return value with null for edu/ucsb/cs156/example/controllers/TodosController::postTodo → KILLED |
return savedTodo; |
| 122 | } | |
| 123 | ||
| 124 | /** | |
| 125 | * Delete a Todo owned by this user | |
| 126 | * @param id id of the todo to delete | |
| 127 | * @return a message indicating the todo was deleted | |
| 128 | */ | |
| 129 | @Operation(summary = "Delete a Todo owned by this user") | |
| 130 | @PreAuthorize("hasRole('ROLE_USER')") | |
| 131 | @DeleteMapping("") | |
| 132 | public Object deleteTodo( | |
| 133 | @Parameter(name="id") @RequestParam Long id) { | |
| 134 | User currentUser = getCurrentUser().getUser(); | |
| 135 | Todo todo = todoRepository.findByIdAndUser(id, currentUser) | |
| 136 |
1
1. lambda$deleteTodo$2 : replaced return value with null for edu/ucsb/cs156/example/controllers/TodosController::lambda$deleteTodo$2 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(Todo.class, id)); |
| 137 | ||
| 138 |
1
1. deleteTodo : removed call to edu/ucsb/cs156/example/repositories/TodoRepository::delete → KILLED |
todoRepository.delete(todo); |
| 139 | ||
| 140 |
1
1. deleteTodo : replaced return value with null for edu/ucsb/cs156/example/controllers/TodosController::deleteTodo → KILLED |
return genericMessage("Todo with id %s deleted".formatted(id)); |
| 141 | ||
| 142 | } | |
| 143 | ||
| 144 | /** | |
| 145 | * Delete a Todo regardless of ownership, admin only | |
| 146 | * @param id id of the todo to delete | |
| 147 | * @return a message indicating the todo was deleted | |
| 148 | */ | |
| 149 | @Operation(summary = "Delete another user's todo") | |
| 150 | @PreAuthorize("hasRole('ROLE_ADMIN')") | |
| 151 | @DeleteMapping("/admin") | |
| 152 | public Object deleteTodo_Admin( | |
| 153 | @Parameter(name="id") @RequestParam Long id) { | |
| 154 | Todo todo = todoRepository.findById(id) | |
| 155 |
1
1. lambda$deleteTodo_Admin$3 : replaced return value with null for edu/ucsb/cs156/example/controllers/TodosController::lambda$deleteTodo_Admin$3 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(Todo.class, id)); |
| 156 | ||
| 157 |
1
1. deleteTodo_Admin : removed call to edu/ucsb/cs156/example/repositories/TodoRepository::delete → KILLED |
todoRepository.delete(todo); |
| 158 | ||
| 159 |
1
1. deleteTodo_Admin : replaced return value with null for edu/ucsb/cs156/example/controllers/TodosController::deleteTodo_Admin → KILLED |
return genericMessage("Todo with id %s deleted".formatted(id)); |
| 160 | } | |
| 161 | ||
| 162 | /** | |
| 163 | * Update a single todo (if it belongs to current user) | |
| 164 | * @param id id of the todo to update | |
| 165 | * @param incomingTodo the new todo contents | |
| 166 | * @return the updated todo object | |
| 167 | */ | |
| 168 | @Operation(summary = "Update a single todo (if it belongs to current user)") | |
| 169 | @PreAuthorize("hasRole('ROLE_USER')") | |
| 170 | @PutMapping("") | |
| 171 | public Todo putTodoById( | |
| 172 | @Parameter(name="id") @RequestParam Long id, | |
| 173 | @RequestBody @Valid Todo incomingTodo) { | |
| 174 | User currentUser = getCurrentUser().getUser(); | |
| 175 | Todo todo = todoRepository.findByIdAndUser(id, currentUser) | |
| 176 |
1
1. lambda$putTodoById$4 : replaced return value with null for edu/ucsb/cs156/example/controllers/TodosController::lambda$putTodoById$4 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(Todo.class, id)); |
| 177 | ||
| 178 |
1
1. putTodoById : removed call to edu/ucsb/cs156/example/entities/Todo::setTitle → KILLED |
todo.setTitle(incomingTodo.getTitle()); |
| 179 |
1
1. putTodoById : removed call to edu/ucsb/cs156/example/entities/Todo::setDetails → KILLED |
todo.setDetails(incomingTodo.getDetails()); |
| 180 |
1
1. putTodoById : removed call to edu/ucsb/cs156/example/entities/Todo::setDone → KILLED |
todo.setDone(incomingTodo.isDone()); |
| 181 | ||
| 182 | todoRepository.save(todo); | |
| 183 | ||
| 184 |
1
1. putTodoById : replaced return value with null for edu/ucsb/cs156/example/controllers/TodosController::putTodoById → KILLED |
return todo; |
| 185 | } | |
| 186 | ||
| 187 | /** | |
| 188 | * Update a single todo (regardless of ownership, admin only, can't change ownership) | |
| 189 | * @param id id of the todo to update | |
| 190 | * @param incomingTodo the new todo contents | |
| 191 | * @return the updated todo object | |
| 192 | */ | |
| 193 | @Operation(summary = "Update a single todo (regardless of ownership, admin only, can't change ownership)") | |
| 194 | @PreAuthorize("hasRole('ROLE_ADMIN')") | |
| 195 | @PutMapping("/admin") | |
| 196 | public Todo putTodoById_admin( | |
| 197 | @Parameter(name="id") @RequestParam Long id, | |
| 198 | @RequestBody @Valid Todo incomingTodo) { | |
| 199 | Todo todo = todoRepository.findById(id) | |
| 200 |
1
1. lambda$putTodoById_admin$5 : replaced return value with null for edu/ucsb/cs156/example/controllers/TodosController::lambda$putTodoById_admin$5 → KILLED |
.orElseThrow(() -> new EntityNotFoundException(Todo.class, id)); |
| 201 | ||
| 202 |
1
1. putTodoById_admin : removed call to edu/ucsb/cs156/example/entities/Todo::setTitle → KILLED |
todo.setTitle(incomingTodo.getTitle()); |
| 203 |
1
1. putTodoById_admin : removed call to edu/ucsb/cs156/example/entities/Todo::setDetails → KILLED |
todo.setDetails(incomingTodo.getDetails()); |
| 204 |
1
1. putTodoById_admin : removed call to edu/ucsb/cs156/example/entities/Todo::setDone → KILLED |
todo.setDone(incomingTodo.isDone()); |
| 205 | ||
| 206 | todoRepository.save(todo); | |
| 207 | ||
| 208 |
1
1. putTodoById_admin : replaced return value with null for edu/ucsb/cs156/example/controllers/TodosController::putTodoById_admin → KILLED |
return todo; |
| 209 | } | |
| 210 | } | |
Mutations | ||
| 49 |
1.1 |
|
| 62 |
1.1 |
|
| 77 |
1.1 |
|
| 79 |
1.1 |
|
| 93 |
1.1 |
|
| 95 |
1.1 |
|
| 116 |
1.1 |
|
| 117 |
1.1 |
|
| 118 |
1.1 |
|
| 119 |
1.1 |
|
| 121 |
1.1 |
|
| 136 |
1.1 |
|
| 138 |
1.1 |
|
| 140 |
1.1 |
|
| 155 |
1.1 |
|
| 157 |
1.1 |
|
| 159 |
1.1 |
|
| 176 |
1.1 |
|
| 178 |
1.1 |
|
| 179 |
1.1 |
|
| 180 |
1.1 |
|
| 184 |
1.1 |
|
| 200 |
1.1 |
|
| 202 |
1.1 |
|
| 203 |
1.1 |
|
| 204 |
1.1 |
|
| 208 |
1.1 |