diff --git a/src/main/java/org/example/projektarendehantering/application/service/AuditService.java b/src/main/java/org/example/projektarendehantering/application/service/AuditService.java index 240c17f..38d474a 100644 --- a/src/main/java/org/example/projektarendehantering/application/service/AuditService.java +++ b/src/main/java/org/example/projektarendehantering/application/service/AuditService.java @@ -262,15 +262,15 @@ private void requireActor(Actor actor) { } private boolean isManager(Actor actor) { - return actor.role() == Role.MANAGER || actor.role() == Role.ADMIN; + return actor.role() == Role.MANAGER; } private boolean isDoctor(Actor actor) { - return actor.role() == Role.DOCTOR || actor.role() == Role.CASE_OWNER; + return actor.role() == Role.DOCTOR; } private boolean isNurse(Actor actor) { - return actor.role() == Role.NURSE || actor.role() == Role.HANDLER; + return actor.role() == Role.NURSE; } } diff --git a/src/main/java/org/example/projektarendehantering/application/service/CaseService.java b/src/main/java/org/example/projektarendehantering/application/service/CaseService.java index 6b5c11c..9482c7c 100644 --- a/src/main/java/org/example/projektarendehantering/application/service/CaseService.java +++ b/src/main/java/org/example/projektarendehantering/application/service/CaseService.java @@ -19,7 +19,9 @@ import org.springframework.web.server.ResponseStatusException; import java.time.Instant; +import java.util.LinkedHashMap; import java.util.List; +import java.util.Map; import java.util.Optional; import java.util.Set; import java.util.UUID; @@ -108,12 +110,10 @@ public List getAllCases(Actor actor) { .collect(Collectors.toList()); } if (isPatient(actor)) { - return caseRepository.findAllByPatient_Id(actor.userId()).stream() - .map(caseMapper::toDTO) - .collect(Collectors.toList()); - } - if (isOther(actor)) { - return caseRepository.findAllByOtherId(actor.userId()).stream() + Map byId = new LinkedHashMap<>(); + caseRepository.findAllByPatient_Id(actor.userId()).forEach(c -> byId.putIfAbsent(c.getId(), c)); + caseRepository.findAllByOtherId(actor.userId()).forEach(c -> byId.putIfAbsent(c.getId(), c)); + return byId.values().stream() .map(caseMapper::toDTO) .collect(Collectors.toList()); } @@ -145,15 +145,15 @@ public CaseDTO assignUsers(Actor actor, UUID caseId, CaseAssignmentDTO dto) { } if (isManager(actor) && dto.getOwnerId() != null) { - UUID ownerId = requireEmployeeWithRole(dto.getOwnerId(), Set.of(Role.DOCTOR, Role.CASE_OWNER), "ownerId"); + UUID ownerId = requireEmployeeWithRole(dto.getOwnerId(), Set.of(Role.DOCTOR), "ownerId"); entity.setOwnerId(ownerId); } if (dto.getHandlerId() != null) { - UUID handlerId = requireEmployeeWithRole(dto.getHandlerId(), Set.of(Role.NURSE, Role.HANDLER), "handlerId"); + UUID handlerId = requireEmployeeWithRole(dto.getHandlerId(), Set.of(Role.NURSE), "handlerId"); entity.setHandlerId(handlerId); } if (dto.getOtherId() != null) { - UUID otherId = requireEmployeeWithRole(dto.getOtherId(), Set.of(Role.OTHER), "otherId"); + UUID otherId = requireEmployeeWithRole(dto.getOtherId(), Set.of(Role.PATIENT), "otherId"); entity.setOtherId(otherId); } return caseMapper.toDTO(caseRepository.save(entity)); @@ -181,7 +181,7 @@ private void requireCanRead(Actor actor, CaseEntity entity) { if (isPatient(actor) && entity.getPatient() != null && actor.userId().equals(entity.getPatient().getId())) return; - if (isOther(actor) && actor.userId().equals(entity.getOtherId())) return; + if (isPatient(actor) && actor.userId().equals(entity.getOtherId())) return; throw new NotAuthorizedException("Not allowed to read this case"); } @@ -190,22 +190,18 @@ private boolean canCreate(Actor actor) { } private boolean isManager(Actor actor) { - return actor.role() == Role.MANAGER || actor.role() == Role.ADMIN; + return actor.role() == Role.MANAGER; } private boolean isDoctor(Actor actor) { - return actor.role() == Role.DOCTOR || actor.role() == Role.CASE_OWNER; + return actor.role() == Role.DOCTOR; } private boolean isNurse(Actor actor) { - return actor.role() == Role.NURSE || actor.role() == Role.HANDLER; + return actor.role() == Role.NURSE; } private boolean isPatient(Actor actor) { return actor.role() == Role.PATIENT; } - - private boolean isOther(Actor actor) { - return actor.role() == Role.OTHER; - } } diff --git a/src/main/java/org/example/projektarendehantering/application/service/EmployeeService.java b/src/main/java/org/example/projektarendehantering/application/service/EmployeeService.java index c47e1ab..8304dde 100644 --- a/src/main/java/org/example/projektarendehantering/application/service/EmployeeService.java +++ b/src/main/java/org/example/projektarendehantering/application/service/EmployeeService.java @@ -54,7 +54,7 @@ private void requireCanManageEmployees(Actor actor) { if (actor == null) { throw new NotAuthorizedException("Missing actor"); } - if (actor.role() == Role.MANAGER || actor.role() == Role.ADMIN) { + if (actor.role() == Role.MANAGER) { return; } throw new NotAuthorizedException("Not allowed to access employees"); diff --git a/src/main/java/org/example/projektarendehantering/common/Role.java b/src/main/java/org/example/projektarendehantering/common/Role.java index 16fa202..5183c8c 100644 --- a/src/main/java/org/example/projektarendehantering/common/Role.java +++ b/src/main/java/org/example/projektarendehantering/common/Role.java @@ -6,19 +6,8 @@ * Note: enum constant names are intended to be stable because infrastructure may parse them from headers. */ public enum Role { - /** - * New naming (preferred). - */ MANAGER, DOCTOR, NURSE, - PATIENT, - - /** - * Legacy naming (kept for backward compatibility with header parsing). - */ - CASE_OWNER, - HANDLER, - ADMIN, - OTHER + PATIENT } diff --git a/src/main/java/org/example/projektarendehantering/infrastructure/config/SecurityConfig.java b/src/main/java/org/example/projektarendehantering/infrastructure/config/SecurityConfig.java index bb2f1dc..ca77fca 100644 --- a/src/main/java/org/example/projektarendehantering/infrastructure/config/SecurityConfig.java +++ b/src/main/java/org/example/projektarendehantering/infrastructure/config/SecurityConfig.java @@ -38,7 +38,7 @@ public UserDetailsService userDetailsService() { UserDetails admin = User.builder() .username("admin") .password("{noop}password") // {noop} means no password encoding (fine for dev) - .roles("ADMIN") + .roles("MANAGER") .build(); return new InMemoryUserDetailsManager(admin); } diff --git a/src/main/java/org/example/projektarendehantering/infrastructure/security/HeaderCurrentUserAdapter.java b/src/main/java/org/example/projektarendehantering/infrastructure/security/HeaderCurrentUserAdapter.java index 731d246..1c83cb3 100644 --- a/src/main/java/org/example/projektarendehantering/infrastructure/security/HeaderCurrentUserAdapter.java +++ b/src/main/java/org/example/projektarendehantering/infrastructure/security/HeaderCurrentUserAdapter.java @@ -26,13 +26,15 @@ public Actor currentUser() { // Create a deterministic UUID based on the username/name UUID userId = UUID.nameUUIDFromBytes(authentication.getName().getBytes(StandardCharsets.UTF_8)); - Role role = Role.OTHER; - if (authentication.getAuthorities().stream().anyMatch(a -> a.getAuthority().equals("ROLE_ADMIN"))) { - role = Role.ADMIN; - } else if (authentication.getAuthorities().stream().anyMatch(a -> a.getAuthority().equals("ROLE_HANDLER"))) { - role = Role.HANDLER; - } else if (authentication.getAuthorities().stream().anyMatch(a -> a.getAuthority().equals("ROLE_CASE_OWNER"))) { - role = Role.CASE_OWNER; + Role role = Role.PATIENT; + if (authentication.getAuthorities().stream().anyMatch(a -> a.getAuthority().equals("ROLE_MANAGER"))) { + role = Role.MANAGER; + } else if (authentication.getAuthorities().stream().anyMatch(a -> a.getAuthority().equals("ROLE_DOCTOR"))) { + role = Role.DOCTOR; + } else if (authentication.getAuthorities().stream().anyMatch(a -> a.getAuthority().equals("ROLE_NURSE"))) { + role = Role.NURSE; + } else if (authentication.getAuthorities().stream().anyMatch(a -> a.getAuthority().equals("ROLE_PATIENT"))) { + role = Role.PATIENT; } return new Actor(userId, role); diff --git a/src/main/resources/data.sql b/src/main/resources/data.sql index f763aba..d58ccad 100644 --- a/src/main/resources/data.sql +++ b/src/main/resources/data.sql @@ -13,15 +13,15 @@ ON CONFLICT (id) DO NOTHING; -- Seed Employees INSERT INTO employees (id, display_name, role, created_at) -VALUES ('770e8400-e29b-41d4-a716-446655440000', 'Admin User', 'ADMIN', CURRENT_TIMESTAMP) +VALUES ('770e8400-e29b-41d4-a716-446655440000', 'Admin User', 'MANAGER', CURRENT_TIMESTAMP) ON CONFLICT (id) DO NOTHING; INSERT INTO employees (id, display_name, role, created_at) -VALUES ('770e8400-e29b-41d4-a716-446655440001', 'Dr. Alice Roberts', 'CASE_OWNER', CURRENT_TIMESTAMP) +VALUES ('770e8400-e29b-41d4-a716-446655440001', 'Dr. Alice Roberts', 'DOCTOR', CURRENT_TIMESTAMP) ON CONFLICT (id) DO NOTHING; INSERT INTO employees (id, display_name, role, created_at) -VALUES ('770e8400-e29b-41d4-a716-446655440002', 'Nurse Bob Jones', 'HANDLER', CURRENT_TIMESTAMP) +VALUES ('770e8400-e29b-41d4-a716-446655440002', 'Nurse Bob Jones', 'NURSE', CURRENT_TIMESTAMP) ON CONFLICT (id) DO NOTHING; -- Seed Cases diff --git a/src/test/java/org/example/projektarendehantering/ProjektArendehanteringApplicationTests.java b/src/test/java/org/example/projektarendehantering/ProjektArendehanteringApplicationTests.java index 5a5633f..1d49fc2 100644 --- a/src/test/java/org/example/projektarendehantering/ProjektArendehanteringApplicationTests.java +++ b/src/test/java/org/example/projektarendehantering/ProjektArendehanteringApplicationTests.java @@ -28,7 +28,7 @@ void contextLoads() { } @Test - @WithMockUser(username = "handler1", roles = {"HANDLER"}) + @WithMockUser(username = "handler1", roles = {"NURSE"}) void uiRequest_createsAuditEvent() throws Exception { MockMvc mockMvc = webAppContextSetup(webApplicationContext) .apply(springSecurity()) diff --git a/src/test/resources/data-test.sql b/src/test/resources/data-test.sql index c5fe66e..4a192c8 100644 --- a/src/test/resources/data-test.sql +++ b/src/test/resources/data-test.sql @@ -10,13 +10,13 @@ VALUES ('550e8400-e29b-41d4-a716-446655440002', 'Anders', 'Andersson', '19780315 -- Seed Employees INSERT INTO employees (id, display_name, role, created_at) -VALUES ('770e8400-e29b-41d4-a716-446655440000', 'Admin User', 'ADMIN', CURRENT_TIMESTAMP); +VALUES ('770e8400-e29b-41d4-a716-446655440000', 'Admin User', 'MANAGER', CURRENT_TIMESTAMP); INSERT INTO employees (id, display_name, role, created_at) -VALUES ('770e8400-e29b-41d4-a716-446655440001', 'Dr. Alice Roberts', 'CASE_OWNER', CURRENT_TIMESTAMP); +VALUES ('770e8400-e29b-41d4-a716-446655440001', 'Dr. Alice Roberts', 'DOCTOR', CURRENT_TIMESTAMP); INSERT INTO employees (id, display_name, role, created_at) -VALUES ('770e8400-e29b-41d4-a716-446655440002', 'Nurse Bob Jones', 'HANDLER', CURRENT_TIMESTAMP); +VALUES ('770e8400-e29b-41d4-a716-446655440002', 'Nurse Bob Jones', 'NURSE', CURRENT_TIMESTAMP); -- Seed Cases INSERT INTO cases (id, title, description, status, patient_id, owner_id, handler_id, created_at)