ReviewController.java

package edu.ucsb.cs156.dining.controllers;

import edu.ucsb.cs156.dining.entities.MenuItem;
import edu.ucsb.cs156.dining.entities.Review;
import edu.ucsb.cs156.dining.entities.User;
import edu.ucsb.cs156.dining.errors.EntityNotFoundException;
import edu.ucsb.cs156.dining.models.CurrentUser;
import edu.ucsb.cs156.dining.models.EditedReview;
import edu.ucsb.cs156.dining.models.Entree;
import edu.ucsb.cs156.dining.repositories.MenuItemRepository;
import edu.ucsb.cs156.dining.repositories.ReviewRepository;
import edu.ucsb.cs156.dining.statuses.ModerationStatus;
import io.swagger.v3.oas.annotations.Operation;
import io.swagger.v3.oas.annotations.Parameter;
import io.swagger.v3.oas.annotations.tags.Tag;
import lombok.extern.slf4j.Slf4j;
import com.fasterxml.jackson.core.JsonProcessingException;

import java.time.LocalDateTime;
import java.util.HashMap;
import java.util.Map;
import java.util.List;
import java.util.ArrayList;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.format.annotation.DateTimeFormat;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.ExceptionHandler;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.server.ResponseStatusException;

import com.nimbusds.openid.connect.sdk.claims.UserInfo;

import jakarta.validation.Valid;

import edu.ucsb.cs156.dining.models.MenuItemReviewAverageRating;
/**
 * This is a REST controller for Reviews
 */

@Tag(name = "Review")
@RequestMapping("/api/reviews")
@RestController
@Slf4j
public class ReviewController extends ApiController {

    @ExceptionHandler(IllegalArgumentException.class)
    public ResponseEntity<Map<String, String>> handleValidationExceptions(IllegalArgumentException ex) {
        Map<String, String> errors = new HashMap<>();
        errors.put("error", ex.getMessage());
        return ResponseEntity.badRequest().body(errors);
    }

    @Autowired
    ReviewRepository reviewRepository;

    @Autowired
    MenuItemRepository menuItemRepository;

    /**
     * This method returns a list of all Reviews.
     * 
     * @return a list of all Reviews
     */
    @Operation(summary = "List all Reviews")
    @PreAuthorize("hasRole('ROLE_ADMIN')")
    @GetMapping("/all")
    public Iterable<Review> allReviews() {
        log.info("Attempting to log all reviews");
        Iterable<Review> reviews = reviewRepository.findAll();
        log.info("all reviews found, ", reviews);
        return reviews;
    }

    /**
     * This method allows a user to submit a review
     * 
     * @return message that says an review was added to the database
     * @param itemId         id of the item
     * @param dateItemServed localDataTime
     *                       All others params must not be parameters and instead
     *                       derived from data sources that are dynamic (Date), or
     *                       set to be null or some other signifier
     */
    @Operation(summary = "Create a new review")
    @PreAuthorize("hasRole('ROLE_USER')")
    @PostMapping("/post")
    public Review postReview(
            @Parameter(name = "itemId") @RequestParam long itemId,
            @Parameter(description = "Comments by the reviewer, can be blank") @RequestParam(required = false) String reviewerComments,
            @Parameter(name = "itemsStars") @RequestParam Long itemsStars,
            @Parameter(name = "dateItemServed", description = "date (in iso format, e.g. YYYY-mm-ddTHH:MM:SS; see https://en.wikipedia.org/wiki/ISO_8601)") @RequestParam("dateItemServed") @DateTimeFormat(iso = DateTimeFormat.ISO.DATE_TIME) LocalDateTime dateItemServed) // For
            throws JsonProcessingException {
        LocalDateTime now = LocalDateTime.now();
        Review review = new Review();
        review.setDateItemServed(dateItemServed);

        boolean isEmpty = false;
        String commentsToSet;
        ModerationStatus statusToSet;
        if ((reviewerComments == null || reviewerComments.trim().isEmpty())) {
            isEmpty = true;
        }
        if (isEmpty) {
            commentsToSet = null;
        } else {
            commentsToSet = reviewerComments;
        }
        if (isEmpty) {
            statusToSet = ModerationStatus.APPROVED;
        } else {
            statusToSet = ModerationStatus.AWAITING_REVIEW;
        }
        review.setReviewerComments(commentsToSet);
        review.setStatus(statusToSet);
        // Ensure user inputs rating 1-5
        if (itemsStars < 1 || itemsStars > 5) {
            throw new IllegalArgumentException("Items stars must be between 1 and 5.");
        }

        review.setItemsStars(itemsStars);
        
        MenuItem reviewedItem = menuItemRepository.findById(itemId).orElseThrow(
                () -> new EntityNotFoundException(MenuItem.class, itemId)
        );
        review.setItem(reviewedItem);
        CurrentUser user = getCurrentUser();
        review.setReviewer(user.getUser());
        log.info("reviews={}", review);
        review = reviewRepository.save(review);
        return review;
    }

    /**
     * This method allows a user to get a list of reviews that they have previously made.
     * Only user can only get a list of their own reviews, and you cant request another persons reviews
     * @return a list of reviews sent by a given user
     */
    @Operation(summary = "Get all reviews a user has sent: only callable by the user")
    @PreAuthorize("hasRole('ROLE_USER')")
    @GetMapping("/userReviews")
    public Iterable<Review> get_all_review_by_user_id(){
        CurrentUser user = getCurrentUser();
        Iterable<Review> reviews = reviewRepository.findByReviewer(user.getUser());
        return reviews;
    }

    @Operation(summary = "Edit a review")
    @PreAuthorize("hasRole('ROLE_USER')")
    @PutMapping("/reviewer")
    public Review editReview(@Parameter Long id, @RequestBody @Valid EditedReview incoming) {

        Review oldReview = reviewRepository.findById(id).orElseThrow(
                () -> new EntityNotFoundException(Review.class, id)
        );
        User current = getCurrentUser().getUser();
        if(current.getId() != oldReview.getReviewer().getId()) {
            throw new AccessDeniedException("No permission to edit review");
        }

        if(incoming.getItemStars() < 1 || incoming.getItemStars() > 5) {
            throw new IllegalArgumentException("Items stars must be between 1 and 5.");
        }else{
            oldReview.setItemsStars(incoming.getItemStars());
        }

        if (incoming.getReviewerComments() != null &&!incoming.getReviewerComments().trim().isEmpty()) {
            oldReview.setReviewerComments(incoming.getReviewerComments());
            oldReview.setStatus(ModerationStatus.AWAITING_REVIEW);
        }else{
            oldReview.setReviewerComments(null);
            oldReview.setStatus(ModerationStatus.APPROVED);
        }

        oldReview.setDateItemServed(incoming.getDateItemServed());

        oldReview.setModeratorComments(null);

        Review review = reviewRepository.save(oldReview);

        return review;
    }

    @Operation(summary = "Delete a review")
    @PreAuthorize("hasRole('ROLE_USER')")
    @DeleteMapping("/reviewer")
    public Object deleteReview(@Parameter Long id) {
        Review review = reviewRepository.findById(id).orElseThrow(
                () -> new EntityNotFoundException(Review.class, id)
        );

        User current = getCurrentUser().getUser();
        if(current.getId() != review.getReviewer().getId() && !current.getAdmin()) {
            throw new AccessDeniedException("No permission to delete review");
        }

        reviewRepository.delete(review);
        return genericMessage("Review with id %s deleted".formatted(id));
    }

    @Operation(summary = "Moderate a review")
    @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_MODERATOR')")
    @PutMapping("/moderate")
    public Review moderateReview(@Parameter Long id, @Parameter ModerationStatus status, @Parameter String moderatorComments) {
        Review review = reviewRepository.findById(id).orElseThrow(
                () -> new EntityNotFoundException(Review.class, id)
        );

        review.setModeratorComments(moderatorComments);
        review.setStatus(status);

        review = reviewRepository.save(review);
        return review;
    }

    @Operation(summary = "See reviews that need moderation")
    @PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_MODERATOR')")
    @GetMapping("/needsmoderation")
    public Iterable<Review> needsmoderation() {
        Iterable<Review> reviewsList = reviewRepository.findByStatus(ModerationStatus.AWAITING_REVIEW);
        return reviewsList;
    }

    @Operation(summary = "Get a specific single review ID")
    @PreAuthorize("hasRole('ROLE_USER')")
    @GetMapping("/get")
    public Review getReviewByID(@Parameter Long id) {
        Review review = reviewRepository.findById(id).orElseThrow(
                () -> new EntityNotFoundException(Review.class, id)
        );

        User current = getCurrentUser().getUser();
        if(current.getId() != review.getReviewer().getId() && !current.getAdmin()) {
            throw new AccessDeniedException("Only user who made this review or admin can get id");
        }
        return review;
    }
    
    @Operation(summary = "Get average rating for each menu item")
    @PreAuthorize("hasRole('ROLE_USER')")
    @GetMapping("/averageRatingPerMenuItem")
    public Iterable<MenuItemReviewAverageRating> getAverageRatingPerMenuItem() {
    Iterable<MenuItem> items = menuItemRepository.findAll();
    List<MenuItemReviewAverageRating> result = new ArrayList<>();

    for (MenuItem item : items) {
        Iterable<Review> reviews = reviewRepository.findByItemId(item.getId());

        int count = 0;
        long sum = 0;

        for (Review review : reviews) {
            if (review.getItemsStars() != null) {
                sum += review.getItemsStars();
                count++;
            }
        }

        Double avg;

        if (count == 0){
            avg = null; 
        }
        else {
            avg = (sum / (double) count); 

        }
        
        MenuItemReviewAverageRating entry = new MenuItemReviewAverageRating();
        entry.setId(item.getId());
        entry.setName(item.getName());
        entry.setStation(item.getStation());
        entry.setDiningCommonsCode(item.getDiningCommonsCode());
        entry.setAverageRating(avg);

        result.add(entry);
    }

        return result;
    }
}






















































Active mutators

CONDITIONALS_BOUNDARY
EMPTY_RETURNS
FALSE_RETURNS
INCREMENTS
INVERT_NEGS
MATH
NEGATE_CONDITIONALS
NULL_RETURNS
PRIMITIVE_RETURNS
TRUE_RETURNS
VOID_METHOD_CALLS

Tests examined

edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:get_average_rating_with_null_review()] (7 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:get_average_rating_per_menu_item()] (9 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:get_average_rating_when_no_reviews()] (7 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:admin_can_get_id()] (10 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:wrong_user_cannot_get_id()] (17 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:user_can_get_id()] (6 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:test_rating_below_1_throws_exception()] (7 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:test_rating_above_5_throws_exception()] (10 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:testItemIdIsInvalid_NotFound()] (13 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:postReview_ShouldAcceptRatingAtBoundaries()] (11 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:test_string_on_creating_new_review()] (5 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:test_no_string_on_creating_new_review()] (6 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:test_null_on_creating_new_review()] (8 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:test_emptyString_on_creating_new_review()] (15 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:a_user_can_post_a_new_review()] (19 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:logged_in_admin_can_get_all()] (9 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:a_logged_in_admin_can_get_all()] (11 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:can_set_stars_at_high_boundary()] (6 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:can_set_stars_at_low_boundary()] (10 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:edit_works_correctly()] (12 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:trim_works_correctly()] (16 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:null_works_correctly()] (27 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:cannot_set_stars_over_boundaries()] (13 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:user_can_delete()] (7 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:admin_can_delete()] (15 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:wrong_user_cannot_delete()] (7 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:get_needs_moderation_returns_moderation_needed()] (10 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:wrong_user_cannot_edit()] (7 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:not_found_throws_exception()] (6 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:admin_can_moderate_a_review()] (12 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:cannot_delete_id_that_does_not_exist()] (10 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:nonexistent_cannot_approve()] (6 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:nonexistent_cannot_delete()] (6 ms)
edu.ucsb.cs156.dining.controllers.ReviewControllerTests.[engine:junit-jupiter]/[class:edu.ucsb.cs156.dining.controllers.ReviewControllerTests]/[method:a_logged_in_user_can_get_own_reviews_list()] (74 ms)

Report generated by PIT 1.17.0

1		package edu.ucsb.cs156.dining.controllers;
2
3		import edu.ucsb.cs156.dining.entities.MenuItem;
4		import edu.ucsb.cs156.dining.entities.Review;
5		import edu.ucsb.cs156.dining.entities.User;
6		import edu.ucsb.cs156.dining.errors.EntityNotFoundException;
7		import edu.ucsb.cs156.dining.models.CurrentUser;
8		import edu.ucsb.cs156.dining.models.EditedReview;
9		import edu.ucsb.cs156.dining.models.Entree;
10		import edu.ucsb.cs156.dining.repositories.MenuItemRepository;
11		import edu.ucsb.cs156.dining.repositories.ReviewRepository;
12		import edu.ucsb.cs156.dining.statuses.ModerationStatus;
13		import io.swagger.v3.oas.annotations.Operation;
14		import io.swagger.v3.oas.annotations.Parameter;
15		import io.swagger.v3.oas.annotations.tags.Tag;
16		import lombok.extern.slf4j.Slf4j;
17		import com.fasterxml.jackson.core.JsonProcessingException;
18
19		import java.time.LocalDateTime;
20		import java.util.HashMap;
21		import java.util.Map;
22		import java.util.List;
23		import java.util.ArrayList;
24
25		import org.springframework.beans.factory.annotation.Autowired;
26		import org.springframework.format.annotation.DateTimeFormat;
27		import org.springframework.http.HttpStatus;
28		import org.springframework.http.ResponseEntity;
29		import org.springframework.security.access.AccessDeniedException;
30		import org.springframework.security.access.prepost.PreAuthorize;
31		import org.springframework.web.bind.annotation.DeleteMapping;
32		import org.springframework.web.bind.annotation.ExceptionHandler;
33		import org.springframework.web.bind.annotation.GetMapping;
34		import org.springframework.web.bind.annotation.PostMapping;
35		import org.springframework.web.bind.annotation.PutMapping;
36		import org.springframework.web.bind.annotation.RequestBody;
37		import org.springframework.web.bind.annotation.RequestMapping;
38		import org.springframework.web.bind.annotation.RequestParam;
39		import org.springframework.web.bind.annotation.RestController;
40		import org.springframework.web.server.ResponseStatusException;

ReviewController.java

Mutations

Active mutators

Tests examined