Seucrity on enchere
This commit is contained in:
Parpaillax
@@ -1,7 +1,9 @@
|
||||
package fr.eni.enchere.controllers;
|
||||
|
||||
import fr.eni.enchere.bll.ArticleService;
|
||||
import fr.eni.enchere.bll.EnchereService;
|
||||
import fr.eni.enchere.bll.UserService;
|
||||
import fr.eni.enchere.bo.Article;
|
||||
import fr.eni.enchere.bo.Enchere;
|
||||
import jakarta.servlet.http.HttpServletRequest;
|
||||
import org.springframework.beans.factory.annotation.Autowired;
|
||||
@@ -9,9 +11,12 @@ import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.context.SecurityContextHolder;
|
||||
import org.springframework.stereotype.Controller;
|
||||
import org.springframework.ui.Model;
|
||||
import org.springframework.validation.BindingResult;
|
||||
import org.springframework.web.bind.annotation.*;
|
||||
|
||||
import java.util.Date;
|
||||
import java.util.List;
|
||||
import java.util.Optional;
|
||||
|
||||
@Controller()
|
||||
@RequestMapping("/enchere")
|
||||
@@ -20,19 +25,38 @@ public class EnchereController {
|
||||
@Autowired
|
||||
private EnchereService enchereService;
|
||||
private UserService userService;
|
||||
private ArticleService articleService;
|
||||
|
||||
public EnchereController(EnchereService enchereService, UserService userService) {
|
||||
public EnchereController(EnchereService enchereService, UserService userService, ArticleService articleService) {
|
||||
this.enchereService = enchereService;
|
||||
this.userService = userService;
|
||||
this.articleService = articleService;
|
||||
}
|
||||
|
||||
@PostMapping("/incEnchere")
|
||||
public String incEnchere(@ModelAttribute("enchere") Enchere enchere, @RequestParam("articleId") int articleId) {
|
||||
public String incEnchere(@ModelAttribute("enchere") Enchere enchere, @RequestParam("articleId") int articleId, BindingResult result) {
|
||||
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
|
||||
enchere.setNoArticle(articleId);
|
||||
enchere.setNoUtilisateur(this.userService.utilisateurByName(authentication.getName()).getId());
|
||||
enchere.setDateEnchere(new Date());
|
||||
enchere.setMontantEnchere(enchere.getMontantEnchere());
|
||||
|
||||
//Empeche une enchere inférieur au prix de base de l'article
|
||||
Article article = this.articleService.findArticleById(articleId);
|
||||
if (enchere.getMontantEnchere() < article.getPrixInitial()) {
|
||||
result.rejectValue("montantEnchere", "error.enchere", "Vous ne pouvez pas enchérir un montant inférieur au prix initial");
|
||||
}
|
||||
|
||||
//Empeche une enchere inférieur au prix de la dernière enchère sur l'article
|
||||
List<Enchere> lastEnchere = this.enchereService.enchereByArticle(articleId);
|
||||
Optional<Float> maxMontantEnchere = lastEnchere.stream()
|
||||
.map(Enchere::getMontantEnchere) // Récupère seulement les montants d'enchère
|
||||
.max(Float::compareTo);
|
||||
System.out.println(maxMontantEnchere);
|
||||
if (enchere.getMontantEnchere() < maxMontantEnchere.get()) {
|
||||
result.rejectValue("montantEnchere", "error.enchere", "Vous ne pouvez pas enchérir un montant inférieur à la dernière enchère");
|
||||
}
|
||||
|
||||
this.enchereService.setEnchere(enchere);
|
||||
return "redirect:/article/show?id=" + articleId;
|
||||
}
|
||||
|
||||
Reference in New Issue
Block a user