Skip to content

10 fix/microservicio clases #11

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Closed
RogerCll06 wants to merge 6 commits into from
Closed

10 fix/microservicio clases #11

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
c59e8f4
END POINT CLASS
RogerCll06 Sep 30, 2025
1db19f1
feat: agregar enumeraciones de tipo de contrato, disponibilidad diari…
Raydberg Oct 2, 2025
9639cdc
Merge pull request #9 from FitDesk/4-feat/classes
RogerCll06 Oct 9, 2025
e0db3e2
END POINT CLASS
RogerCll06 Oct 9, 2025
5b58c8f
finalize endpoints
RogerCll06 Oct 11, 2025
5d7f115
changes in entity class
RogerCll06 Oct 14, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
10 changes: 2 additions & 8 deletions pom.xml
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -13,8 +13,8 @@
<groupId>com.members</groupId>
<artifactId>msvc-members</artifactId>
<version>0.0.1-SNAPSHOT</version>
<name>msvc-members</name>
<description>msvc-members</description>
<name>msvc-classes</name>
<description>msvc-classes</description>
<url/>
<licenses>
<license/>
Expand Down Expand Up @@ -122,11 +122,6 @@
<version>1.5.5.Final</version>
<scope>provided</scope>
</dependency>
<dependency>
<groupId>org.springdoc</groupId>
<artifactId>springdoc-openapi-starter-webmvc-ui</artifactId>
<version>2.8.11</version>
</dependency>
<dependency>
<groupId>com.cloudinary</groupId>
<artifactId>cloudinary-http44</artifactId>
Expand Down Expand Up @@ -176,7 +171,6 @@
</dependencyManagement>



<build>
<plugins>
<plugin>
Expand Down
3 changes: 2 additions & 1 deletion src/main/java/com/classes/config/SecurityConfig.java
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -30,7 +30,8 @@ public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Excepti
"/swagger-ui/**",
"/v3/api-docs/**",
"/saludo",
"/"
"/",
"/test/**"
).permitAll()
.anyRequest().authenticated()
)
Expand Down
53 changes: 53 additions & 0 deletions src/main/java/com/classes/controllers/ClassController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,53 @@
package com.classes.controllers;

import com.classes.dtos.Class.ClassRequest;
import com.classes.dtos.Class.ClassResponse;
import com.classes.services.ClassService;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.PostMapping;
import lombok.RequiredArgsConstructor;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;

import java.util.List;
import java.util.UUID;

@RestController
@RequestMapping("/api/classes")
@RequiredArgsConstructor
public class ClassController {

private final ClassService classService;



@PostMapping
@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id, authentication)")
public ResponseEntity<ClassResponse> createClass(@RequestBody ClassRequest request) {
ClassResponse created = classService.createClass(request);
return ResponseEntity.status(HttpStatus.CREATED).body(created);
}
Comment thread
RogerCll06 marked this conversation as resolved.

@GetMapping
@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id, authentication)")
public ResponseEntity<List<ClassResponse>> findAllClasses() {
List<ClassResponse> list = classService.findAll();
return ResponseEntity.ok(list);
}
Comment thread
RogerCll06 marked this conversation as resolved.


@PutMapping("/{id}")
@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id, authentication)")
public ResponseEntity<ClassResponse> updateClass(@PathVariable UUID id, @RequestBody ClassRequest request) {
ClassResponse updated = classService.updateClass(id, request);
return ResponseEntity.ok(updated);
}

@DeleteMapping("/{id}")
@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id, authentication)")
public ResponseEntity<String> deleteClass(@PathVariable UUID id) {
classService.deleteClass(id);
return ResponseEntity.ok("Clase eliminada correctamente");
}
}
9 changes: 6 additions & 3 deletions src/main/java/com/classes/controllers/HelloController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,12 +1,15 @@
package com.classes.controllers;

import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RestController;

@RestController
@RequestMapping("/saludo")
@RequestMapping("/test")
public class HelloController {
public String saludo() {
return "Microservicio de clases activo";
@GetMapping("saludo")
public ResponseEntity<String> saludo() {
return ResponseEntity.ok("Microservicio de clases activo");
}
}
40 changes: 28 additions & 12 deletions src/main/java/com/classes/controllers/LocationController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,16 +1,16 @@
package com.classes.controllers;

import com.classes.annotations.AdminOrTrainerAccess;
import com.classes.dtos.LocationDTO;
import com.classes.entities.LocationEntity;
import com.classes.dtos.Location.LocationRequest;
import com.classes.dtos.Location.LocationResponse;
import com.classes.services.LocationService;
import lombok.RequiredArgsConstructor;
import org.springframework.data.domain.Page;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;

import java.util.List;
import java.util.UUID;

@RestController
Expand All @@ -21,29 +21,45 @@ public class LocationController {

private final LocationService locationService;

@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id,authentication)")
@PostMapping
public ResponseEntity<LocationDTO> create(@RequestBody LocationDTO dto) {
LocationDTO created = locationService.create(dto);
public ResponseEntity<LocationResponse> create(@RequestBody LocationRequest request) {
LocationResponse created = locationService.create(request);
return new ResponseEntity<>(created, HttpStatus.CREATED);
}

@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id,authentication)")
@GetMapping
public ResponseEntity<Page<LocationDTO>> findAll(
public ResponseEntity<Page<LocationResponse>> findAll(
@RequestParam(defaultValue = "0") int page,
@RequestParam(defaultValue = "10") int size
@RequestParam(defaultValue = "10") int size,
@RequestParam(required = false) String search,
@RequestParam(required = false) Boolean active
) {
Page<LocationDTO> locations = locationService.findAll(page, size);
Page<LocationResponse> locations = locationService.findAll(page, size, search, active);
return ResponseEntity.ok(locations);
}

@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id,authentication)")
Comment on lines +24 to +42
Copy link
Copy Markdown

@coderabbitai coderabbitai Bot Oct 11, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🔴 Critical

Corregir expresión @PreAuthorize inválida

En Line 24 y Line 31 la expresión @authorizationServiceImpl.canAccessResource(#id,authentication) usa #id, pero create(...) y findAll(...) no exponen ese parámetro. Spring evaluará el SpEL y lanzará SpelEvaluationException, bloqueando cualquier petición a estos endpoints. Ajusta la condición para basarte solo en los argumentos realmente presentes o proporciona el parámetro requerido.

🤖 Prompt for AI Agents 
En src/main/java/com/classes/controllers/LocationController.java lines 24-42:
las anotaciones @PreAuthorize referencian #id pero los métodos create(...) y
findAll(...) no tienen ese parámetro, lo que causará SpelEvaluationException;
remueve la referencia a #id y adapta la expresión para usar solo argumentos
presentes (por ejemplo pasar solo authentication:
@PreAuthorize("@authorizationServiceImpl.canAccessResource(authentication)") o
cambiar a una comprobación equivalente que use roles/privilegios disponibles), o
alternativamente expone el parámetro requerido en la firma del método si
realmente debe evaluarse por id.

@GetMapping("/{id}")
public ResponseEntity<LocationEntity> findById(@PathVariable UUID id) {
return ResponseEntity.ok(locationService.findById(id));
public ResponseEntity<LocationResponse> findById(@PathVariable UUID id) {
LocationResponse location = locationService.findById(id);
return ResponseEntity.ok(location);
}

@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id,authentication)")
@PutMapping("/{id}")
public ResponseEntity<LocationResponse> update(
@PathVariable UUID id,
@RequestBody LocationRequest request
) {
LocationResponse updated = locationService.update(id, request);
return ResponseEntity.ok(updated);
}

@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id,authentication)")
@DeleteMapping("/{id}")
public ResponseEntity<Void> delete(@PathVariable UUID id) {
locationService.delete(id);
locationService.delete(id); // Validación interna
return ResponseEntity.noContent().build();
}
}
26 changes: 22 additions & 4 deletions src/main/java/com/classes/controllers/TrainerController.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,15 +1,19 @@
package com.classes.controllers;

import com.classes.dtos.TrainerDTO;
import com.classes.dtos.Trainer.TrainerDTO;
import com.classes.services.AuthorizationService;
import com.classes.services.TrainerService;
import com.fasterxml.jackson.databind.ObjectMapper;
import com.fasterxml.jackson.databind.SerializationFeature;
import com.fasterxml.jackson.datatype.jsr310.JavaTimeModule;
import jakarta.persistence.EntityNotFoundException;
import lombok.RequiredArgsConstructor;
import lombok.extern.slf4j.Slf4j;
import org.springframework.http.HttpStatus;
import org.springframework.http.MediaType;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;

Expand All @@ -22,12 +26,17 @@
@RestController
@RequestMapping("/api/trainers")
@RequiredArgsConstructor
@Slf4j
public class TrainerController {

private final TrainerService trainerService;
private final AuthorizationService authService;

/*probado*/
@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id,authentication)")
@PostMapping(consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
public ResponseEntity<TrainerDTO> createTrainer(
Authentication authentication,
@RequestParam("trainer") String trainerJson,
@RequestParam(value = "profileImage", required = false) MultipartFile profileImage,
@RequestParam(value = "certifications", required = false) List<MultipartFile> certifications
Expand All @@ -39,19 +48,23 @@ public ResponseEntity<TrainerDTO> createTrainer(
TrainerDTO createdTrainer = trainerService.createTrainer(trainerDTO, profileImage, certifications);
return ResponseEntity.status(HttpStatus.CREATED).body(createdTrainer);
}

/*probado*/
@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id,authentication)")
@GetMapping("/{id}")
public ResponseEntity<TrainerDTO> getTrainerById(@PathVariable UUID id) {
TrainerDTO trainer = trainerService.getTrainerById(id);
return ResponseEntity.ok(trainer);
}

//probado
@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id,authentication)")
@GetMapping
public ResponseEntity<List<TrainerDTO>> getAllTrainers() {
List<TrainerDTO> trainers = trainerService.getAllTrainers();
return ResponseEntity.ok(trainers);
}

@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id, authentication)")
@PutMapping(value = "/{id}", consumes = MediaType.MULTIPART_FORM_DATA_VALUE)
public ResponseEntity<TrainerDTO> updateTrainer(
@PathVariable UUID id,
Expand All @@ -67,16 +80,21 @@ public ResponseEntity<TrainerDTO> updateTrainer(
return ResponseEntity.ok(updatedTrainer);
}


@PreAuthorize("@authorizationServiceImpl.canAccessResource(#id,authentication)")
@DeleteMapping("/{id}")
public ResponseEntity<Void> deleteTrainer(@PathVariable UUID id) {
try {
trainerService.deleteTrainer(id);
return ResponseEntity.noContent().build();
} catch (EntityNotFoundException e) {
} catch (
EntityNotFoundException e) {
return ResponseEntity.notFound().build();
} catch (IOException e) {
} catch (
IOException e) {
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).build();
}
}
}


27 changes: 27 additions & 0 deletions src/main/java/com/classes/dtos/Class/ClassRequest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
package com.classes.dtos.Class;

import com.fasterxml.jackson.annotation.JsonFormat;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;

import java.time.LocalDate;
import java.time.LocalTime;
import java.util.UUID;

@Data
@AllArgsConstructor
@NoArgsConstructor
public class ClassRequest {
private String className;
private UUID locationId;
private UUID trainerId;
@JsonFormat(pattern = "dd-MM-yyyy")
private LocalDate classDate;
private int duration;
private int maxCapacity;
private LocalTime startTime;
private LocalTime endTime;
private boolean active;
private String description;
}
28 changes: 28 additions & 0 deletions src/main/java/com/classes/dtos/Class/ClassResponse.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,28 @@
package com.classes.dtos.Class;


import com.fasterxml.jackson.annotation.JsonFormat;
import lombok.AllArgsConstructor;
import lombok.Data;
import lombok.NoArgsConstructor;

import java.time.LocalDate;
import java.time.LocalTime;
import java.util.UUID;

@Data
@AllArgsConstructor
@NoArgsConstructor
public class ClassResponse {
private UUID id;
private String className;
private String locationName;
private String trainerName;
@JsonFormat(pattern = "dd-MM-yyyy")
private LocalDate classDate;
private int duration;
private int maxCapacity;
private String schedule;
private boolean active;
private String description;
}
5 changes: 2 additions & 3 deletions ...in/java/com/classes/dtos/LocationDTO.java → ...lasses/dtos/Location/LocationRequest.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,10 +1,9 @@
package com.classes.dtos;

package com.classes.dtos.Location;

import lombok.Data;

@Data
public class LocationDTO {
public class LocationRequest {
private String name;
private String description;
private int ability;
Expand Down
14 changes: 14 additions & 0 deletions src/main/java/com/classes/dtos/Location/LocationResponse.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,14 @@
package com.classes.dtos.Location;

import lombok.Data;

import java.util.UUID;

@Data
public class LocationResponse {
private UUID id; // si tienes un ID generado
private String name;
private String description;
private int ability;
private boolean active;
}
2 changes: 1 addition & 1 deletion ...ava/com/classes/dtos/FileResponseDTO.java → ...classes/dtos/Trainer/FileResponseDTO.java
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,4 +1,4 @@
package com.classes.dtos;
package com.classes.dtos.Trainer;

import lombok.AllArgsConstructor;
import lombok.Data;
Expand Down
Loading