From 17ce229775b7608c4c0ef51b2b97f5e3a6bbbe9b Mon Sep 17 00:00:00 2001 From: Nancy Huang <205217630+naanci@users.noreply.github.com> Date: Wed, 18 Mar 2026 21:31:45 -0400 Subject: [PATCH] 854: protector to protected 854: spotless --- .../codebloom/api/admin/AdminController.java | 34 +++---- .../announcement/AnnouncementController.java | 5 +- .../codebloom/api/auth/AuthController.java | 3 +- .../leaderboard/LeaderboardController.java | 8 +- .../api/submission/SubmissionController.java | 20 ++-- .../api/admin/AdminControllerTest.java | 98 +++++-------------- .../api/auth/AuthControllerTest.java | 22 +---- 7 files changed, 55 insertions(+), 135 deletions(-) diff --git a/src/main/java/org/patinanetwork/codebloom/api/admin/AdminController.java b/src/main/java/org/patinanetwork/codebloom/api/admin/AdminController.java index 908019ec3..419315585 100644 --- a/src/main/java/org/patinanetwork/codebloom/api/admin/AdminController.java +++ b/src/main/java/org/patinanetwork/codebloom/api/admin/AdminController.java @@ -6,7 +6,6 @@ import io.swagger.v3.oas.annotations.media.Schema; import io.swagger.v3.oas.annotations.responses.ApiResponse; import io.swagger.v3.oas.annotations.tags.Tag; -import jakarta.servlet.http.HttpServletRequest; import jakarta.validation.Valid; import java.time.OffsetDateTime; import java.util.ArrayList; @@ -34,7 +33,8 @@ import org.patinanetwork.codebloom.common.dto.autogen.UnsafeGenericFailureResponse; import org.patinanetwork.codebloom.common.dto.question.QuestionWithUserDto; import org.patinanetwork.codebloom.common.dto.user.UserDto; -import org.patinanetwork.codebloom.common.security.Protector; +import org.patinanetwork.codebloom.common.security.AuthenticationObject; +import org.patinanetwork.codebloom.common.security.annotation.Protected; import org.patinanetwork.codebloom.common.time.StandardizedOffsetDateTime; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; @@ -56,14 +56,12 @@ public class AdminController { private final LeaderboardRepository leaderboardRepository; private final AnnouncementRepository announcementRepository; private final QuestionRepository questionRepository; - private final Protector protector; private final DiscordClubManager discordClubManager; private final LeaderboardManager leaderboardManager; private final DiscordClubRepository discordClubRepository; public AdminController( final LeaderboardRepository leaderboardRepository, - final Protector protector, final UserRepository userRepository, final AnnouncementRepository announcementRepository, final QuestionRepository questionRepository, @@ -71,7 +69,6 @@ public AdminController( final LeaderboardManager leaderboardManager, final DiscordClubRepository discordClubRepository) { this.leaderboardRepository = leaderboardRepository; - this.protector = protector; this.userRepository = userRepository; this.announcementRepository = announcementRepository; this.questionRepository = questionRepository; @@ -85,8 +82,8 @@ public AdminController( """) @PostMapping("/leaderboard/create") public ResponseEntity> createLeaderboard( - final HttpServletRequest request, @Valid @RequestBody final NewLeaderboardBody newLeaderboardBody) { - protector.validateAdminSession(request); + @Protected(admin = true) final AuthenticationObject authenticationObject, + @Valid @RequestBody final NewLeaderboardBody newLeaderboardBody) { final String name = newLeaderboardBody.getName().trim(); @@ -132,8 +129,8 @@ public ResponseEntity> createLeaderboard( """) @PostMapping("/user/admin/toggle") public ResponseEntity> updateAdmin( - final HttpServletRequest request, @Valid @RequestBody final UpdateAdminBody newAdminBody) { - protector.validateAdminSession(request); + @Protected(admin = true) final AuthenticationObject authenticationObject, + @Valid @RequestBody final UpdateAdminBody newAdminBody) { final String userId = newAdminBody.getId(); final boolean toggleTo = newAdminBody.getToggleTo(); @@ -174,8 +171,8 @@ public ResponseEntity> updateAdmin( }) @PostMapping("/announcement/create") public ResponseEntity> createNewAnnouncement( - @Valid @RequestBody final CreateAnnouncementBody createAnnouncementBody, final HttpServletRequest request) { - protector.validateAdminSession(request); + @Valid @RequestBody final CreateAnnouncementBody createAnnouncementBody, + @Protected(admin = true) final AuthenticationObject authenticationObject) { OffsetDateTime nowWithOffset = StandardizedOffsetDateTime.now(); OffsetDateTime expiresAtWithOffset = @@ -218,8 +215,8 @@ public ResponseEntity> createNewAnnouncement( }) @PostMapping("/announcement/disable") public ResponseEntity> deleteAnnouncement( - @Valid @RequestBody final DeleteAnnouncementBody deleteAnnouncementBody, final HttpServletRequest request) { - protector.validateAdminSession(request); + @Valid @RequestBody final DeleteAnnouncementBody deleteAnnouncementBody, + @Protected(admin = true) final AuthenticationObject authenticationObject) { Announcement announcement = announcementRepository.getAnnouncementById(deleteAnnouncementBody.getId()); if (announcement == null) { throw new ResponseStatusException(HttpStatus.BAD_REQUEST, "Announcement does not exist"); @@ -250,8 +247,7 @@ public ResponseEntity> deleteAnnouncement( }) @GetMapping("/questions/incomplete") public ResponseEntity>> getIncompleteQuestions( - final HttpServletRequest request) { - protector.validateAdminSession(request); + @Protected(admin = true) final AuthenticationObject authenticationObject) { ArrayList incompleteQuestions = questionRepository.getAllIncompleteQuestionsWithUser(); @@ -281,8 +277,8 @@ public ResponseEntity>> getIncompleteQues }) @PostMapping("/discord/message/test") public ResponseEntity> sendDiscordMessage( - @RequestBody final String clubId, final HttpServletRequest request) { - protector.validateAdminSession(request); + @RequestBody final String clubId, + @Protected(admin = true) final AuthenticationObject authenticationObject) { Optional clubOpt = discordClubRepository.getDiscordClubById(clubId); if (clubOpt.isEmpty()) { @@ -301,8 +297,8 @@ public ResponseEntity> sendDiscordMessage( @DeleteMapping("/discord/message") public ResponseEntity> deleteDiscordMessage( - @Valid @RequestBody final DeleteMessageBody deleteMessageBody, final HttpServletRequest request) { - protector.validateAdminSession(request); + @Valid @RequestBody final DeleteMessageBody deleteMessageBody, + @Protected(admin = true) final AuthenticationObject authenticationObject) { boolean isDeleted = discordClubManager.deleteMessageById( deleteMessageBody.getChannelId(), deleteMessageBody.getMessageId()); diff --git a/src/main/java/org/patinanetwork/codebloom/api/announcement/AnnouncementController.java b/src/main/java/org/patinanetwork/codebloom/api/announcement/AnnouncementController.java index 01df546b9..3bcd71ab2 100644 --- a/src/main/java/org/patinanetwork/codebloom/api/announcement/AnnouncementController.java +++ b/src/main/java/org/patinanetwork/codebloom/api/announcement/AnnouncementController.java @@ -10,7 +10,6 @@ import org.patinanetwork.codebloom.common.db.repos.announcement.AnnouncementRepository; import org.patinanetwork.codebloom.common.dto.ApiResponder; import org.patinanetwork.codebloom.common.dto.announcement.AnnouncementDto; -import org.patinanetwork.codebloom.common.security.Protector; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; @@ -26,11 +25,9 @@ @Timed(value = "controller.execution") public class AnnouncementController { - private final Protector protector; private final AnnouncementRepository announcementRepository; - public AnnouncementController(final Protector protector, final AnnouncementRepository announcementRepository) { - this.protector = protector; + public AnnouncementController(final AnnouncementRepository announcementRepository) { this.announcementRepository = announcementRepository; } diff --git a/src/main/java/org/patinanetwork/codebloom/api/auth/AuthController.java b/src/main/java/org/patinanetwork/codebloom/api/auth/AuthController.java index f3073b942..1e4f0789c 100644 --- a/src/main/java/org/patinanetwork/codebloom/api/auth/AuthController.java +++ b/src/main/java/org/patinanetwork/codebloom/api/auth/AuthController.java @@ -198,8 +198,7 @@ public RedirectView logoutAll(final HttpServletRequest request, final HttpServle }) @PostMapping("/school/enroll") public ResponseEntity> enrollSchool( - @Valid @RequestBody final EmailBody emailBody, final HttpServletRequest request) { - AuthenticationObject authenticationObject = protector.validateSession(request); + @Valid @RequestBody final EmailBody emailBody, @Protected final AuthenticationObject authenticationObject) { User user = authenticationObject.getUser(); String userId = user.getId(); diff --git a/src/main/java/org/patinanetwork/codebloom/api/leaderboard/LeaderboardController.java b/src/main/java/org/patinanetwork/codebloom/api/leaderboard/LeaderboardController.java index 55725cb6f..3ec2f87d3 100644 --- a/src/main/java/org/patinanetwork/codebloom/api/leaderboard/LeaderboardController.java +++ b/src/main/java/org/patinanetwork/codebloom/api/leaderboard/LeaderboardController.java @@ -25,7 +25,7 @@ import org.patinanetwork.codebloom.common.page.Indexed; import org.patinanetwork.codebloom.common.page.Page; import org.patinanetwork.codebloom.common.security.AuthenticationObject; -import org.patinanetwork.codebloom.common.security.Protector; +import org.patinanetwork.codebloom.common.security.annotation.Protected; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; @@ -45,17 +45,14 @@ public class LeaderboardController { private final LeaderboardRepository leaderboardRepository; private final UserRepository userRepository; - private final Protector protector; private final LeaderboardManager leaderboardManager; public LeaderboardController( final LeaderboardRepository leaderboardRepository, final UserRepository userRepository, - final Protector protector, final LeaderboardManager leaderboardManager) { this.leaderboardRepository = leaderboardRepository; this.userRepository = userRepository; - this.protector = protector; this.leaderboardManager = leaderboardManager; } @@ -322,7 +319,7 @@ public ResponseEntity> getUserCurrentLeaderboardF @ApiResponse(responseCode = "404", description = "User not found on leaderboard"), }) public ResponseEntity>> getUserCurrentLeaderboardRank( - final HttpServletRequest request, + @Protected final AuthenticationObject authenticationObject, @Parameter(description = "Filter for Patina users") @RequestParam(required = false, defaultValue = "false") final boolean patina, @Parameter(description = "Filter for Hunter College users") @@ -350,7 +347,6 @@ public ResponseEntity>> getUserCurrentLea final boolean bmcc) { FakeLag.sleep(650); - AuthenticationObject authenticationObject = protector.validateSession(request); String userId = authenticationObject.getUser().getId(); Optional leaderboardData = leaderboardRepository.getRecentLeaderboardMetadata(); diff --git a/src/main/java/org/patinanetwork/codebloom/api/submission/SubmissionController.java b/src/main/java/org/patinanetwork/codebloom/api/submission/SubmissionController.java index f1d028e51..e5d5d7bc9 100644 --- a/src/main/java/org/patinanetwork/codebloom/api/submission/SubmissionController.java +++ b/src/main/java/org/patinanetwork/codebloom/api/submission/SubmissionController.java @@ -30,7 +30,7 @@ import org.patinanetwork.codebloom.common.leetcode.models.UserProfile; import org.patinanetwork.codebloom.common.leetcode.throttled.ThrottledLeetcodeClient; import org.patinanetwork.codebloom.common.security.AuthenticationObject; -import org.patinanetwork.codebloom.common.security.Protector; +import org.patinanetwork.codebloom.common.security.annotation.Protected; import org.patinanetwork.codebloom.common.simpleredis.SimpleRedis; import org.patinanetwork.codebloom.common.simpleredis.SimpleRedisProvider; import org.patinanetwork.codebloom.common.simpleredis.SimpleRedisSlot; @@ -61,7 +61,6 @@ public class SubmissionController { private static final double SECONDS_TO_WAIT = 5 * 60; private final UserRepository userRepository; - private final Protector protector; private final SimpleRedis simpleRedis; private final ThrottledLeetcodeClient leetcodeClient; private final SubmissionsHandler submissionsHandler; @@ -80,14 +79,12 @@ private boolean isSameDay(final LocalDateTime createdAt) { public SubmissionController( final UserRepository userRepository, - final Protector protector, final SimpleRedisProvider simpleRedisProvider, final ThrottledLeetcodeClient throttledLeetcodeClient, final SubmissionsHandler submissionsHandler, final QuestionRepository questionRepository, final POTDRepository potdRepository) { this.userRepository = userRepository; - this.protector = protector; this.simpleRedis = simpleRedisProvider.select(SimpleRedisSlot.SUBMISSION_REFRESH); this.leetcodeClient = throttledLeetcodeClient; this.submissionsHandler = submissionsHandler; @@ -109,10 +106,10 @@ public SubmissionController( @ApiResponse(responseCode = "200", description = "Successfully retrieved key"), }) @GetMapping("/key") - public ResponseEntity> getVerificationKey(final HttpServletRequest request) { + public ResponseEntity> getVerificationKey( + @Protected final AuthenticationObject authenticationObject) { FakeLag.sleep(350); - AuthenticationObject authenticationObject = protector.validateSession(request); User user = authenticationObject.getUser(); return ResponseEntity.ok() @@ -145,10 +142,10 @@ public ResponseEntity> getVerificationKey(final HttpServlet }) @PostMapping("/set") public ResponseEntity> setLeetcodeUsername( - final HttpServletRequest request, @Valid @RequestBody final LeetcodeUsernameObject leetcodeUsernameObject) { + @Protected final AuthenticationObject authenticationObject, + @Valid @RequestBody final LeetcodeUsernameObject leetcodeUsernameObject) { FakeLag.sleep(350); - AuthenticationObject authenticationObject = protector.validateSession(request); User user = authenticationObject.getUser(); if (user.getLeetcodeUsername() != null) { @@ -209,8 +206,7 @@ There is a rate limit on the route to prevent abuse (currently: 5 minutes). @PostMapping("/check") @LogExecutionTime public ResponseEntity>> checkLatestSubmissions( - final HttpServletRequest request) { - AuthenticationObject authenticationObject = protector.validateSession(request); + @Protected final AuthenticationObject authenticationObject) { User user = authenticationObject.getUser(); if (user.getLeetcodeUsername() == null) { @@ -258,10 +254,10 @@ public ResponseEntity>> checkLatestSu content = @Content(schema = @Schema(implementation = UnsafeGenericFailureResponse.class))), }) @GetMapping("/potd") - public ResponseEntity> getCurrentPotd(final HttpServletRequest request) { + public ResponseEntity> getCurrentPotd( + @Protected final AuthenticationObject authenticationObject) { FakeLag.sleep(750); - AuthenticationObject authenticationObject = protector.validateSession(request); User user = authenticationObject.getUser(); POTD potd = potdRepository diff --git a/src/test/java/org/patinanetwork/codebloom/api/admin/AdminControllerTest.java b/src/test/java/org/patinanetwork/codebloom/api/admin/AdminControllerTest.java index 172558992..1a1e34caa 100644 --- a/src/test/java/org/patinanetwork/codebloom/api/admin/AdminControllerTest.java +++ b/src/test/java/org/patinanetwork/codebloom/api/admin/AdminControllerTest.java @@ -4,7 +4,6 @@ import static org.mockito.ArgumentMatchers.*; import static org.mockito.Mockito.*; -import jakarta.servlet.http.HttpServletRequest; import java.time.OffsetDateTime; import java.util.ArrayList; import java.util.List; @@ -28,7 +27,6 @@ import org.patinanetwork.codebloom.common.dto.ApiResponder; import org.patinanetwork.codebloom.common.dto.Empty; import org.patinanetwork.codebloom.common.dto.question.QuestionWithUserDto; -import org.patinanetwork.codebloom.common.security.Protector; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.server.ResponseStatusException; @@ -39,18 +37,15 @@ public class AdminControllerTest { private final LeaderboardRepository leaderboardRepository = mock(LeaderboardRepository.class); private final AnnouncementRepository announcementRepository = mock(AnnouncementRepository.class); private final QuestionRepository questionRepository = mock(QuestionRepository.class); - private final Protector protector = mock(Protector.class); private final DiscordClubManager discordClubManager = mock(DiscordClubManager.class); private final LeaderboardManager leaderboardManager = mock(LeaderboardManager.class); private final DiscordClubRepository discordClubRepository = mock(DiscordClubRepository.class); - private final HttpServletRequest request = mock(HttpServletRequest.class); private final AdminController adminController; public AdminControllerTest() { adminController = spy(new AdminController( leaderboardRepository, - protector, userRepository, announcementRepository, questionRepository, @@ -66,10 +61,8 @@ void setUp() { leaderboardRepository, announcementRepository, questionRepository, - protector, discordClubManager, - leaderboardManager, - request); + leaderboardManager); } @Test @@ -79,15 +72,13 @@ void testCreateLeaderboardSuccessNoExistingLeaderboard() { when(leaderboardRepository.getRecentLeaderboardMetadata()).thenReturn(Optional.empty()); - ResponseEntity> response = adminController.createLeaderboard(request, body); + ResponseEntity> response = adminController.createLeaderboard(null, body); assertEquals(HttpStatus.OK, response.getStatusCode()); assertNotNull(response.getBody()); assertTrue(response.getBody().isSuccess()); assertEquals("Leaderboard was created successfully.", response.getBody().getMessage()); assertEquals(Empty.of(), response.getBody().getPayload()); - - verify(protector).validateAdminSession(request); verify(leaderboardRepository).getRecentLeaderboardMetadata(); verify(leaderboardRepository).addNewLeaderboard(any(Leaderboard.class)); verify(leaderboardRepository).addAllUsersToLeaderboard(any()); @@ -106,15 +97,13 @@ void testCreateLeaderboardSuccessWithExistingLeaderboard() { when(leaderboardRepository.getRecentLeaderboardMetadata()).thenReturn(Optional.of(existingLeaderboard)); - ResponseEntity> response = adminController.createLeaderboard(request, body); + ResponseEntity> response = adminController.createLeaderboard(null, body); assertEquals(HttpStatus.OK, response.getStatusCode()); assertNotNull(response.getBody()); assertTrue(response.getBody().isSuccess()); assertEquals("Leaderboard was created successfully.", response.getBody().getMessage()); assertEquals(Empty.of(), response.getBody().getPayload()); - - verify(protector).validateAdminSession(request); verify(leaderboardRepository).getRecentLeaderboardMetadata(); verify(discordClubManager).sendLeaderboardCompletedDiscordMessageToAllClubs(); verify(leaderboardManager).generateAchievementsForAllWinners(); @@ -127,7 +116,7 @@ void testCreateLeaderboardSuccessWithExistingLeaderboard() { void testCreateLeaderboardEmptyName() { NewLeaderboardBody body = NewLeaderboardBody.builder().name("").build(); - ResponseEntity> response = adminController.createLeaderboard(request, body); + ResponseEntity> response = adminController.createLeaderboard(null, body); assertEquals(HttpStatus.BAD_REQUEST, response.getStatusCode()); assertNotNull(response.getBody()); @@ -135,8 +124,6 @@ void testCreateLeaderboardEmptyName() { assertEquals( "Leaderboard name must be between 1 and 512 characters.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); verify(leaderboardRepository, never()).getRecentLeaderboardMetadata(); verify(leaderboardRepository, never()).addNewLeaderboard(any(Leaderboard.class)); } @@ -145,7 +132,7 @@ void testCreateLeaderboardEmptyName() { void testCreateLeaderboardWhitespaceOnlyName() { NewLeaderboardBody body = NewLeaderboardBody.builder().name(" ").build(); - ResponseEntity> response = adminController.createLeaderboard(request, body); + ResponseEntity> response = adminController.createLeaderboard(null, body); assertEquals(HttpStatus.BAD_REQUEST, response.getStatusCode()); assertNotNull(response.getBody()); @@ -153,8 +140,6 @@ void testCreateLeaderboardWhitespaceOnlyName() { assertEquals( "Leaderboard name must be between 1 and 512 characters.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); verify(leaderboardRepository, never()).getRecentLeaderboardMetadata(); verify(leaderboardRepository, never()).addNewLeaderboard(any(Leaderboard.class)); } @@ -164,7 +149,7 @@ void testCreateLeaderboardNameTooLong() { String longName = "a".repeat(513); NewLeaderboardBody body = NewLeaderboardBody.builder().name(longName).build(); - ResponseEntity> response = adminController.createLeaderboard(request, body); + ResponseEntity> response = adminController.createLeaderboard(null, body); assertEquals(HttpStatus.BAD_REQUEST, response.getStatusCode()); assertNotNull(response.getBody()); @@ -172,8 +157,6 @@ void testCreateLeaderboardNameTooLong() { assertEquals( "Leaderboard name must be between 1 and 512 characters.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); verify(leaderboardRepository, never()).getRecentLeaderboardMetadata(); verify(leaderboardRepository, never()).addNewLeaderboard(any(Leaderboard.class)); } @@ -185,14 +168,12 @@ void testCreateLeaderboardMaxValidName() { when(leaderboardRepository.getRecentLeaderboardMetadata()).thenReturn(Optional.empty()); - ResponseEntity> response = adminController.createLeaderboard(request, body); + ResponseEntity> response = adminController.createLeaderboard(null, body); assertEquals(HttpStatus.OK, response.getStatusCode()); assertNotNull(response.getBody()); assertTrue(response.getBody().isSuccess()); assertEquals("Leaderboard was created successfully.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); verify(leaderboardRepository).getRecentLeaderboardMetadata(); verify(leaderboardRepository).addNewLeaderboard(any(Leaderboard.class)); verify(leaderboardRepository).addAllUsersToLeaderboard(any()); @@ -205,14 +186,12 @@ void testCreateLeaderboardNameWithLeadingAndTrailingSpaces() { when(leaderboardRepository.getRecentLeaderboardMetadata()).thenReturn(Optional.empty()); - ResponseEntity> response = adminController.createLeaderboard(request, body); + ResponseEntity> response = adminController.createLeaderboard(null, body); assertEquals(HttpStatus.OK, response.getStatusCode()); assertNotNull(response.getBody()); assertTrue(response.getBody().isSuccess()); assertEquals("Leaderboard was created successfully.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); verify(leaderboardRepository).getRecentLeaderboardMetadata(); verify(leaderboardRepository) .addNewLeaderboard(argThat(leaderboard -> "Challenge 2024".equals(leaderboard.getName()))); @@ -230,14 +209,12 @@ void testCreateLeaderboardWithShouldExpireBy() { when(leaderboardRepository.getRecentLeaderboardMetadata()).thenReturn(Optional.empty()); - ResponseEntity> response = adminController.createLeaderboard(request, body); + ResponseEntity> response = adminController.createLeaderboard(null, body); assertEquals(HttpStatus.OK, response.getStatusCode()); assertNotNull(response.getBody()); assertTrue(response.getBody().isSuccess()); assertEquals("Leaderboard was created successfully.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); verify(leaderboardRepository) .addNewLeaderboard( argThat(leaderboard -> leaderboard.getShouldExpireBy().isPresent())); @@ -253,15 +230,13 @@ void testCreateLeaderboardWithPastShouldExpireBy() { .shouldExpireBy(pastDate) .build(); - ResponseEntity> response = adminController.createLeaderboard(request, body); + ResponseEntity> response = adminController.createLeaderboard(null, body); assertEquals(HttpStatus.BAD_REQUEST, response.getStatusCode()); assertNotNull(response.getBody()); assertFalse(response.getBody().isSuccess()); assertEquals( "The expiration date must be in the future.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); verify(leaderboardRepository, never()).addNewLeaderboard(any(Leaderboard.class)); } @@ -274,15 +249,13 @@ void testCreateLeaderboardWithCurrentTimeShouldExpireBy() { .shouldExpireBy(current) .build(); - ResponseEntity> response = adminController.createLeaderboard(request, body); + ResponseEntity> response = adminController.createLeaderboard(null, body); assertEquals(HttpStatus.BAD_REQUEST, response.getStatusCode()); assertNotNull(response.getBody()); assertFalse(response.getBody().isSuccess()); assertEquals( "The expiration date must be in the future.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); verify(leaderboardRepository, never()).addNewLeaderboard(any(Leaderboard.class)); } @@ -295,14 +268,12 @@ void testCreateLeaderboardWithSyntaxHighlightingLanguage() { when(leaderboardRepository.getRecentLeaderboardMetadata()).thenReturn(Optional.empty()); - ResponseEntity> response = adminController.createLeaderboard(request, body); + ResponseEntity> response = adminController.createLeaderboard(null, body); assertEquals(HttpStatus.OK, response.getStatusCode()); assertNotNull(response.getBody()); assertTrue(response.getBody().isSuccess()); assertEquals("Leaderboard was created successfully.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); verify(leaderboardRepository).addNewLeaderboard(argThat(leaderboard -> leaderboard .getSyntaxHighlightingLanguage() .filter("python"::equals) @@ -322,14 +293,12 @@ void testCreateLeaderboardWithAllOptionalFields() { when(leaderboardRepository.getRecentLeaderboardMetadata()).thenReturn(Optional.empty()); - ResponseEntity> response = adminController.createLeaderboard(request, body); + ResponseEntity> response = adminController.createLeaderboard(null, body); assertEquals(HttpStatus.OK, response.getStatusCode()); assertNotNull(response.getBody()); assertTrue(response.getBody().isSuccess()); assertEquals("Leaderboard was created successfully.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); verify(leaderboardRepository) .addNewLeaderboard( argThat(leaderboard -> leaderboard.getShouldExpireBy().isPresent() @@ -350,14 +319,12 @@ void testCreateLeaderboardWithNullOptionalFields() { when(leaderboardRepository.getRecentLeaderboardMetadata()).thenReturn(Optional.empty()); - ResponseEntity> response = adminController.createLeaderboard(request, body); + ResponseEntity> response = adminController.createLeaderboard(null, body); assertEquals(HttpStatus.OK, response.getStatusCode()); assertNotNull(response.getBody()); assertTrue(response.getBody().isSuccess()); assertEquals("Leaderboard was created successfully.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); verify(leaderboardRepository) .addNewLeaderboard( argThat(leaderboard -> leaderboard.getShouldExpireBy().isEmpty() @@ -373,7 +340,7 @@ void testDeleteAnnouncementNull() { when(announcementRepository.getAnnouncementById(anyString())).thenReturn(null); ResponseStatusException exception = - assertThrows(ResponseStatusException.class, () -> adminController.deleteAnnouncement(body, request)); + assertThrows(ResponseStatusException.class, () -> adminController.deleteAnnouncement(body, null)); assertEquals(HttpStatus.BAD_REQUEST, exception.getStatusCode()); assertEquals("Announcement does not exist", exception.getReason()); } @@ -387,14 +354,12 @@ void testDeleteAnnouncementFailure() { when(announcementRepository.getAnnouncementById(anyString())).thenReturn(mockAnnouncement); when(announcementRepository.updateAnnouncement(mockAnnouncement)).thenReturn(false); - ResponseEntity> response = adminController.deleteAnnouncement(body, request); + ResponseEntity> response = adminController.deleteAnnouncement(body, null); assertEquals(HttpStatus.INTERNAL_SERVER_ERROR, response.getStatusCode()); assertNotNull(response.getBody()); assertFalse(response.getBody().isSuccess()); assertEquals("Hmm, something went wrong.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); } @Test @@ -406,14 +371,12 @@ void testDeleteAnnouncementSuccess() { when(announcementRepository.getAnnouncementById(anyString())).thenReturn(mockAnnouncement); when(announcementRepository.updateAnnouncement(mockAnnouncement)).thenReturn(true); - ResponseEntity> response = adminController.deleteAnnouncement(body, request); + ResponseEntity> response = adminController.deleteAnnouncement(body, null); assertEquals(HttpStatus.OK, response.getStatusCode()); assertNotNull(response.getBody()); assertTrue(response.getBody().isSuccess()); assertEquals("Announcement successfully disabled!", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); } @Test @@ -421,7 +384,7 @@ void testGetIncompleteQuestionNoQuestions() { when(questionRepository.getAllIncompleteQuestionsWithUser()).thenReturn(new ArrayList()); ResponseStatusException exception = - assertThrows(ResponseStatusException.class, () -> adminController.getIncompleteQuestions(request)); + assertThrows(ResponseStatusException.class, () -> adminController.getIncompleteQuestions(null)); assertEquals(HttpStatus.NOT_FOUND, exception.getStatusCode()); assertEquals("No Incomplete Questions", exception.getReason()); } @@ -432,16 +395,13 @@ void testGetIncompleteQuestionSuccess() { when(questionRepository.getAllIncompleteQuestionsWithUser()).thenReturn(new ArrayList<>(List.of(qwu))); - ResponseEntity>> response = - adminController.getIncompleteQuestions(request); + ResponseEntity>> response = adminController.getIncompleteQuestions(null); assertEquals(HttpStatus.OK, response.getStatusCode()); assertNotNull(response.getBody()); assertTrue(response.getBody().isSuccess()); assertEquals(1, response.getBody().getPayload().size()); assertEquals("Retrieved 1 incomplete questions.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); } @Test @@ -450,13 +410,11 @@ void testSendDiscordMessageInvalidClub() { when(discordClubManager.sendTestEmbedMessageToClub(club)).thenReturn(false); String clubId = "bbf4734a-06b6-11f1-869c-07599d6a11f7"; - ResponseEntity> response = adminController.sendDiscordMessage(clubId, request); + ResponseEntity> response = adminController.sendDiscordMessage(clubId, null); assertEquals(HttpStatus.NOT_FOUND, response.getStatusCode()); assertNotNull(response.getBody()); assertEquals("Club not found.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); } @Test @@ -468,13 +426,11 @@ void testSendDiscordMessageFailure() { when(discordClubManager.sendTestEmbedMessageToClub(club)).thenReturn(false); - ResponseEntity> response = adminController.sendDiscordMessage(clubId, request); + ResponseEntity> response = adminController.sendDiscordMessage(clubId, null); assertEquals(HttpStatus.INTERNAL_SERVER_ERROR, response.getStatusCode()); assertNotNull(response.getBody()); assertEquals("Hmm, something went wrong.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); } @Test @@ -486,13 +442,11 @@ void testSendDiscordMessageSuccess() { when(discordClubManager.sendTestEmbedMessageToClub(club)).thenReturn(true); - ResponseEntity> response = adminController.sendDiscordMessage(clubId, request); + ResponseEntity> response = adminController.sendDiscordMessage(clubId, null); assertEquals(HttpStatus.OK, response.getStatusCode()); assertNotNull(response.getBody()); assertEquals("Message successfully sent!", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); } @Test @@ -501,13 +455,11 @@ void testDeleteDiscordMessageFailure() { DeleteMessageBody body = DeleteMessageBody.builder().channelId(999L).messageId(123L).build(); - ResponseEntity> response = adminController.deleteDiscordMessage(body, request); + ResponseEntity> response = adminController.deleteDiscordMessage(body, null); assertEquals(HttpStatus.INTERNAL_SERVER_ERROR, response.getStatusCode()); assertNotNull(response.getBody()); assertFalse(response.getBody().isSuccess()); assertEquals("Hmm, something went wrong.", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); } @Test @@ -516,12 +468,10 @@ void testDeleteDiscordMessageSuccess() { DeleteMessageBody body = DeleteMessageBody.builder().channelId(999L).messageId(123L).build(); - ResponseEntity> response = adminController.deleteDiscordMessage(body, request); + ResponseEntity> response = adminController.deleteDiscordMessage(body, null); assertEquals(HttpStatus.OK, response.getStatusCode()); assertNotNull(response.getBody()); assertTrue(response.getBody().isSuccess()); assertEquals("Discord Message successfully deleted", response.getBody().getMessage()); - - verify(protector).validateAdminSession(request); } } diff --git a/src/test/java/org/patinanetwork/codebloom/api/auth/AuthControllerTest.java b/src/test/java/org/patinanetwork/codebloom/api/auth/AuthControllerTest.java index 34efcb7e2..6de7791b0 100644 --- a/src/test/java/org/patinanetwork/codebloom/api/auth/AuthControllerTest.java +++ b/src/test/java/org/patinanetwork/codebloom/api/auth/AuthControllerTest.java @@ -231,19 +231,14 @@ void enrollSchoolUnsupportedDomain() { Session session = createRandomSession(user.getId()); AuthenticationObject authObj = createAuthenticationObject(user, session); - HttpServletRequest request = mock(HttpServletRequest.class); EmailBody emailBody = new EmailBody("test@unsupported.com"); - when(protector.validateSession(request)).thenReturn(authObj); - ResponseStatusException exception = - assertThrows(ResponseStatusException.class, () -> authController.enrollSchool(emailBody, request)); + assertThrows(ResponseStatusException.class, () -> authController.enrollSchool(emailBody, authObj)); assertEquals(HttpStatus.BAD_REQUEST, exception.getStatusCode()); assertNotNull(exception.getReason()); assertTrue(exception.getReason().contains("not part of our supported schools domains")); - - verify(protector, times(1)).validateSession(request); } @Test @@ -253,21 +248,18 @@ void enrollSchoolRateLimited() { Session session = createRandomSession(user.getId()); AuthenticationObject authObj = createAuthenticationObject(user, session); - HttpServletRequest request = mock(HttpServletRequest.class); EmailBody emailBody = new EmailBody("test@myhunter.cuny.edu"); - when(protector.validateSession(request)).thenReturn(authObj); when(simpleRedis.containsKey(user.getId())).thenReturn(true); when(simpleRedis.get(user.getId())).thenReturn(System.currentTimeMillis()); ResponseStatusException exception = - assertThrows(ResponseStatusException.class, () -> authController.enrollSchool(emailBody, request)); + assertThrows(ResponseStatusException.class, () -> authController.enrollSchool(emailBody, authObj)); assertEquals(HttpStatus.TOO_MANY_REQUESTS, exception.getStatusCode()); assertNotNull(exception.getReason()); assertTrue(exception.getReason().contains("Please try again in")); - verify(protector, times(1)).validateSession(request); verify(simpleRedis, times(1)).containsKey(user.getId()); } @@ -278,22 +270,19 @@ void enrollSchoolEmailSendFailure() throws Exception { Session session = createRandomSession(user.getId()); AuthenticationObject authObj = createAuthenticationObject(user, session); - HttpServletRequest request = mock(HttpServletRequest.class); EmailBody emailBody = new EmailBody("test@myhunter.cuny.edu"); - when(protector.validateSession(request)).thenReturn(authObj); when(jwtClient.encode(any(MagicLink.class), any(Duration.class))).thenReturn("mock-token"); when(serverUrlUtils.getUrl()).thenReturn("http://localhost:8080"); when(reactEmailTemplater.schoolEmailTemplate(any())).thenReturn("Template"); doThrow(new EmailException("Failed to send email")).when(emailClient).sendMessage(any(SendEmailOptions.class)); ResponseStatusException exception = - assertThrows(ResponseStatusException.class, () -> authController.enrollSchool(emailBody, request)); + assertThrows(ResponseStatusException.class, () -> authController.enrollSchool(emailBody, authObj)); assertEquals(HttpStatus.INTERNAL_SERVER_ERROR, exception.getStatusCode()); assertEquals("Failed to send email.", exception.getReason()); - verify(protector, times(1)).validateSession(request); verify(emailClient, times(1)).sendMessage(any(SendEmailOptions.class)); } @@ -304,16 +293,14 @@ void enrollSchoolHappyPath() throws Exception { Session session = createRandomSession(user.getId()); AuthenticationObject authObj = createAuthenticationObject(user, session); - HttpServletRequest request = mock(HttpServletRequest.class); EmailBody emailBody = new EmailBody("test@myhunter.cuny.edu"); - when(protector.validateSession(request)).thenReturn(authObj); when(simpleRedis.containsKey(user.getId())).thenReturn(false); when(jwtClient.encode(any(MagicLink.class), any(Duration.class))).thenReturn("mock-token"); when(serverUrlUtils.getUrl()).thenReturn("http://localhost:8080"); when(reactEmailTemplater.schoolEmailTemplate(any())).thenReturn("Template"); - var response = authController.enrollSchool(emailBody, request); + var response = authController.enrollSchool(emailBody, authObj); assertEquals(HttpStatus.OK, response.getStatusCode()); @@ -322,7 +309,6 @@ void enrollSchoolHappyPath() throws Exception { assertTrue(apiResponder.isSuccess()); assertEquals("Magic link sent! Check your school inbox to continue.", apiResponder.getMessage()); - verify(protector, times(1)).validateSession(request); verify(emailClient, times(1)).sendMessage(any(SendEmailOptions.class)); verify(simpleRedis, times(1)).put(eq(user.getId()), any(Long.class)); }