Skip to content

Commit

Permalink
Merge pull request #92 from UdL-EPS-SoftArch/Feature-Edit-Medical-Record
Browse files Browse the repository at this point in the history 
Feature edit medical record
  • Loading branch information
@jorgechp
jorgechp authored Apr 6, 2024
2 parents 8eaf2cd + 5467fff commit bc78bb9
Show file tree
Hide file tree
Showing 3 changed files with 155 additions and 18 deletions.
42 changes: 24 additions & 18 deletions src/main/java/cat/udl/eps/softarch/demo/handler/MedicalRecordEventHandler.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@
import org.slf4j.LoggerFactory;
import org.springframework.data.rest.core.annotation.HandleAfterSave;
import org.springframework.data.rest.core.annotation.HandleBeforeCreate;
import org.springframework.data.rest.core.annotation.HandleBeforeSave;
import org.springframework.data.rest.core.annotation.RepositoryEventHandler;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
Expand All @@ -15,12 +16,11 @@
import java.util.List;

@Component
@RepositoryEventHandler
@RepositoryEventHandler() // Ensure this handler is for MedicalRecord entity
public class MedicalRecordEventHandler {

private static final Logger logger = LoggerFactory.getLogger(MedicalRecordEventHandler.class);

// Authorities
private static final String ROLE_SHELTER_VOLUNTEER = "ROLE_SHELTER_VOLUNTEER";
private static final String ROLE_ADMIN = "ROLE_ADMIN";

Expand All @@ -31,16 +31,17 @@ public class MedicalRecordEventHandler {
*/
@HandleBeforeCreate
public void handleMedicalRecordBeforeCreate(MedicalRecord medicalRecord) throws UnauthorizedAccessException {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();

if (!isAuthorized(authentication)) {
String userName = authentication != null ? authentication.getName() : "anonymous";
String errorMessage = String.format("Unauthorized attempt to create a medical record by user: %s", userName);
logger.error(errorMessage);
throw new UnauthorizedAccessException();
}
checkAuthorization();
logger.info("Authorized creation of a new medical record by user: {}", getCurrentUsername());
}

logger.info("Authorized creation of a new medical record by user: {}", authentication.getName());
/**
* Handles actions before saving (updating) a medical record.
*/
@HandleBeforeSave
public void handleMedicalRecordBeforeSave(MedicalRecord medicalRecord) throws UnauthorizedAccessException {
checkAuthorization();
logger.info("Authorized save of medical record by user: {}", getCurrentUsername());
}

/**
Expand All @@ -52,19 +53,24 @@ public void handleMedicalRecordPostSave(MedicalRecord medicalRecord) {
logger.info("Medical record for pet {} saved successfully", medicalRecord.getPet().getName());
}

/**
* Checks if the authenticated user is authorized to perform the action.
* @param authentication the authentication context
* @return true if the user is authorized, false otherwise
*/
private void checkAuthorization() throws UnauthorizedAccessException {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
if (!isAuthorized(authentication)) {
throw new UnauthorizedAccessException();
}
}

private boolean isAuthorized(Authentication authentication) {
if (authentication == null || !authentication.isAuthenticated()) {
return false;
}

List<String> requiredAuthorities = Arrays.asList(ROLE_SHELTER_VOLUNTEER, ROLE_ADMIN);

return authentication.getAuthorities().stream()
.anyMatch(grantedAuthority -> requiredAuthorities.contains(grantedAuthority.getAuthority()));
}

private String getCurrentUsername() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
return authentication != null ? authentication.getName() : "anonymous";
}
}
88 changes: 88 additions & 0 deletions src/test/java/cat/udl/eps/softarch/demo/steps/EditMedicalRecordStepDefs.java
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,88 @@
package cat.udl.eps.softarch.demo.steps;

import cat.udl.eps.softarch.demo.domain.MedicalRecord;
import cat.udl.eps.softarch.demo.domain.Pet;
import cat.udl.eps.softarch.demo.repository.MedicalRecordRepository;
import cat.udl.eps.softarch.demo.repository.PetRepository;
import io.cucumber.java.en.And;
import io.cucumber.java.en.When;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;

import java.nio.charset.StandardCharsets;
import java.time.ZonedDateTime;

import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.put;
import static org.springframework.test.web.servlet.result.MockMvcResultHandlers.print;

public class EditMedicalRecordStepDefs {

@Autowired
private StepDefs stepDefs;

@Autowired
MedicalRecordRepository medicalRecordRepository;

@Autowired
PetRepository petRepository;

@And("a medical record exists for the pet")
public void aMedicalRecordExistsForThePet() {
Pet pet = petRepository.findAll().iterator().next();

MedicalRecord existingMedicalRecord;
existingMedicalRecord = new MedicalRecord();
existingMedicalRecord.setPet(pet);
existingMedicalRecord.setIssue("Initial Issue");
existingMedicalRecord.setDescription("Initial Description");
existingMedicalRecord.setDate(ZonedDateTime.now());
medicalRecordRepository.save(existingMedicalRecord);

}

@When("I edit the medical record for a pet with new issue {string}, new description {string}, and new date {string}")
public void iEditTheMedicalRecordForAPetWithNewIssueNewDescriptionAndNewDate(String issue, String description, String date) throws Throwable {
MedicalRecord existingMedicalRecord = medicalRecordRepository.findAll().iterator().next();
existingMedicalRecord.setIssue(issue);
existingMedicalRecord.setDescription(description);
existingMedicalRecord.setDate(ZonedDateTime.parse(date));

stepDefs.result = stepDefs.mockMvc.perform(
put("/medicalRecords/" + existingMedicalRecord.getId())
.contentType(MediaType.APPLICATION_JSON)
.content(stepDefs.mapper.writeValueAsString(existingMedicalRecord))
.characterEncoding(StandardCharsets.UTF_8)
.with(AuthenticationStepDefs.authenticate()))
.andDo(print());
}

@When("I edit the medical record for a pet with new issue {string}, new description {string}")
public void iEditTheMedicalRecordForAPetWithNewIssueNewDescription(String issue, String description) throws Throwable {
MedicalRecord existingMedicalRecord = medicalRecordRepository.findAll().iterator().next();

existingMedicalRecord.setIssue(issue);
existingMedicalRecord.setDescription(description);
// Keeping the original date

stepDefs.result = stepDefs.mockMvc.perform(
put("/medicalRecords/" + existingMedicalRecord.getId())
.contentType(MediaType.APPLICATION_JSON)
.content(stepDefs.mapper.writeValueAsString(existingMedicalRecord))
.characterEncoding(StandardCharsets.UTF_8)
.with(AuthenticationStepDefs.authenticate()))
.andDo(print());
}

@When("I try to edit a medical record for a pet")
public void iTryToEditAMedicalRecordForAPet() throws Exception {
MedicalRecord existingMedicalRecord = medicalRecordRepository.findAll().iterator().next();

stepDefs.result = stepDefs.mockMvc.perform(
put("/medicalRecords/" + existingMedicalRecord.getId())
.contentType(MediaType.APPLICATION_JSON)
.content(stepDefs.mapper.writeValueAsString(existingMedicalRecord))
.characterEncoding(StandardCharsets.UTF_8)
.with(AuthenticationStepDefs.authenticate()))
.andDo(print());
}
}
43 changes: 43 additions & 0 deletions src/test/resources/features/EditMedicalRecord.feature
View file
Original file line number Diff line number Diff line change
@@ -0,0 +1,43 @@
Feature: Edit Medical Record
In order to keep pet health history up to date
As a shelter volunteer
I want to edit existing medical records in pets' profiles

Background:
Given a pet exists in the system
And a medical record exists for the pet
Given There is a registered user with username "user" and password "password" and email "[email protected]"
Given There is a registered admin with name "admin" and password "password" and email "[email protected]"
Given There is a registered volunteer with name "volunteer" and password "password" and email "[email protected]"


Scenario: Edit an existing medical record as Volunteer
Given I login as "volunteer" with password "password"
When I edit the medical record for a pet with new issue "Allergy Update", new description "Updated seasonal allergy treatment", and new date "2024-03-08T14:00:00Z"
Then The response code is 204

Scenario: Edit a medical record with empty issue as Volunteer
Given I login as "volunteer" with password "password"
When I edit the medical record for a pet with new issue "", new description "Revaccination", and new date "2024-03-08T14:00:00Z"
Then The response code is 400

Scenario: Edit a medical record with empty description as Volunteer
Given I login as "volunteer" with password "password"
When I edit the medical record for a pet with new issue "Vaccination Update", new description "", and new date "2024-03-08T14:00:00Z"
Then The response code is 400

Scenario: Edit a medical record without changing the date as Volunteer
Given I login as "volunteer" with password "password"
When I edit the medical record for a pet with new issue "Injury Update", new description "Healed cut on paw"
Then The response code is 204

Scenario: Attempt to edit a medical record as a normal user
Given I login as "user" with password "password"
When I try to edit a medical record for a pet
Then The response code is 403
And The error message is "Unauthorized access"

Scenario: Attempt to edit a medical record as an admin
Given I login as "admin" with password "password"
When I try to edit a medical record for a pet
Then The response code is 204

0 comments on commit bc78bb9

Please sign in to comment.