Merge branch 'main' into bug/courseInfoNotShowing

# Conflicts:
#	backend/src/main/java/com/youdemy/controller/CourseController.java
#	backend/src/main/java/com/youdemy/controller/HomeController.java
#	backend/src/main/java/com/youdemy/controller/OrderPController.java
#	backend/src/main/java/com/youdemy/controller/UserController.java
#	backend/src/main/java/com/youdemy/repository/OrderPRepository.java
#	backend/src/main/resources/templates/header.html

Author: OscarArranz

README.md

@@ -1,5 +1,7 @@
 # Youdemy
 
+Youdemy is a teching platform that empowers teachers to upload unlimited content divided by courses and lessos so that students across the world can access these resources.
+
 ## Programmers
 
 | Name                           |  Email  |    Github  |
@@ -9,93 +11,84 @@
 | Fiorella Hernandez             | [email protected] | fiorellaV |
 | Jose Manuel De Pablo Cobo      | [email protected] | pablocjm |
 
-## Description
-
-Our web application will be a teaching  platform where students will be able to acquire courses from teachers around the world.
+## PHASE 0: APLICATION FUNCTIONALITIES
 
-## Users
+### ENTITIES
 
-- Guest
-- Student
-- Teacher
-- Administrator
+Our application has 4 different entities
+* **USER** - The applications users. There are different types of users in our application:
+  * Student
+  * Teacher
+  * Aministrator 
+* **COURSE** - This entity represents a course that only a teacher has permission to create.
+* **LESSONS** - This entity represents the lessons that are within a course each with their own information and are created at the time of creating and editing a course. 
+* **ORDER** - This entity represents the purchasing process of a user and it stores the information of what courses are owned by what users. 
 
+## Users
+Within the user entity there are different types of users;
 
-### Guests
+* **GUEST** - is the type of user that doesnt sign up for an account and has only access to view the course catalog and the main description of courses.
+* **STUDENT** - is the type of user that signs up for a student account and has the additional option of purchasing courses and accessing the lessons within the course.
+* **TEACHER** - Teachers are the creators within the application. They can create courses and lessons and upload or enter the information. They can also delete and edit the courses they own.
+* **ADMINISTRATOR** - Administrators are able to edit or delete any course or lessons and they also have access to their dashboard where they can see all of the web application information.
 
-- Search Content
 
-### Students
+### USER PERMISSION
 
+Students
 - Search Content
 - Buy courses
-- Review courses based on stars
-- Leave comments
-
-### Teachers
 
+Teachers
 - Create courses
-- Create different topics inside the course
-- Upload videos
-- Request video removal 
-
-### Administrators
+- Create different lessons inside the course
+- Upload video url
+- delete owned courses and lessons
+- edit owned courses and lessons
 
+Administrators
 - Search Content
-- Approve course
-- Eliminate Course
-- Ban users
+- Delete any course
+- Edit any course
 - Visualize stastistics
-
-## Tables
-
-- User
-- Order
-- Course
-- Video
-
-## User
-  - userID or mail
-  - name
-  - lastname
-  - age
-  - role (student, teacher)
-  
-## Order
-  - orderID
-  - userID (FK)
-  - courseID (FK)
-  - paymentMethod
-  - price
-  - orderDate
-  
-## Course
-  - CourseID
-  - courseName
-  - Category (tech, finance, law)
-  - price
-  - enrolledStudents
-  
-## Video
-  - videoId
-  - videoName
-  - videoDataa
-  - courseID (FK)
 
 
 ## Additional Technology
-- PDF generator
-- Play Video
 
-## Algorithm 
-Search algorithm for courses (ajax)
+Generate a pdf with the order information so that user can download this information
+
+![](/diagrams_and_images/additional_technology.png)
+
+## Advanced Algorithm 
+
+Search algorithm for courses (ajax).
+
+![](/diagrams_and_images/algorithm.png)
 
 ## Graphics
 Administrators will be able to check visual information about courses
 
-# What every developer did
+## Screens
+
+The application consists of the following screens:
+
+## DIAGRAMS
+
+### Navigation Diagram
+The following diagram shows how users can navigate through the different pages of the application according to their role.
+![Navigation Diagram](/diagrams_and_images/Navigation_Diagram.png)
 
-## Emiliano Sloth 
+### Class Diagram
+The following diagram shows the different classes in our web application.
+![Class Diagram](diagrams_and_images/Class_Diagram.png)
+
+### Class Diagram
+The following diagram shows our database infrastructure/schema.
+![Database Diagram](/diagrams_and_images/database_schema.jpeg)
+
+## CONTRIBUTIONS
+
+### Emiliano Sloth 
   - Restful Error Handling
   - User Authentication
   - CRF Handling
@@ -105,31 +98,28 @@ Administrators will be able to check visual information about courses
   - Delete Course and Lessons within Course
   - Teacher allowed to Modify their own content
 
-## Fiorella Hernández
+### Fiorella Hernández
   - Video View
   - Video Player
 
-## José Manuel de Pablo 
+### José Manuel de Pablo 
   - Order Handling (Create, Delete).
   - Checkout step from course page to finish order.
   - Order info to PDF file.
   - Listing Orders to PDF file.
-  - Users only can see his/her orders.
+  - Users only can see their own orders.
   - Admin dashboard listing entities.
   - Update database schema.
+  - My account page
 
-## Oscar Arranz Pato
+### Oscar Arranz Pato
   - Course creation
   - Lesson creation
   - AJAX course loading
   - Course search
 
-# Diagrams
-![Class Diagram](./Class%20Diagram.png)
-![Database Diagram](./database%20schema%20updated.jpeg)
-
 
-# Start coding
+## Start coding
 Follow these steps to get working:
 
 1. Clone the repo `git clone https://github.com/CodeURJC-DAW-2021-22/webapp10`.

backend/src/main/java/com/youdemy/controller/CourseController.java

@@ -11,7 +11,6 @@
 import com.youdemy.service.OrderPService;
 import com.youdemy.service.UserService;
 
-import org.json.JSONObject;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.PageRequest;
@@ -126,21 +125,21 @@ public Page<Course> getCurrentCourse(@RequestParam Optional<Integer> page,
 		return courseService.findByTitle(search.orElse(""),
 				PageRequest.of(page.orElse(0), 6));
 	}
-
-
+	
+	
 	@GetMapping("/{id}")
 	public String showCourse(Model model, @PathVariable long id, HttpServletRequest request) {
 		Optional<Course> course = courseService.findById(id);
 		if (course.isPresent()) {
+			model.addAttribute("course", course.get());
 			Principal principal = request.getUserPrincipal();
 			if(principal != null) {
 				String userName = principal.getName();
 				Optional<User> user = userRepository.findByFirstName(userName);
 				long userId = user.get().getId();
 				model.addAttribute("userId", userId);
 
-				if(course.get().getAuthor().getId() == userId
-						|| model.getAttribute("admin") == Boolean.valueOf(true)) {
+				if(course.get().getAuthor().getId() == userId) {
 					model.addAttribute("owner", true);
 					model.addAttribute("hasAccess", true);
 				}

backend/src/main/java/com/youdemy/controller/OrderPController.java

@@ -59,8 +59,16 @@ public void addAttributes(Model model, HttpServletRequest request) {
 			"/",
 			""
 	})
-	public String showOrders(Model model) {
-		model.addAttribute("orders", orderService.findAll());
+	public String showOrders(Model model, HttpServletRequest request) {
+
+		Principal principal = request.getUserPrincipal();
+
+		if (principal != null) {      //checkin if user registered can is trying to access to other users orders
+			String userName = principal.getName();
+			Optional<User> pUser = userRepository.findByFirstName(userName);
+			long userId = pUser.get().getId();
+			model.addAttribute("orders", orderRepository.findByUser(userId));
+		}
 
 		return "orders";	
 	}
@@ -101,11 +109,13 @@ public String showOrder(Model model, @PathVariable long id, HttpServletRequest r
 
 	@PostMapping("/new")
 	public String createOrder(Model model, @RequestParam long userId , 
-			@RequestParam int price, @RequestParam long courseId, 
+			@RequestParam int price, @RequestParam long courseId,
+			@RequestParam String uname,
+			@RequestParam String ctitle,
 			@RequestParam String billingAddress, 
 			@RequestParam String paymentMethod, 
 			@RequestParam String country, @RequestParam String region, 
-			@RequestParam String expiration, 
+			@RequestParam String expiration,
 			@RequestParam String cvv, @RequestParam String ccnumber) throws IOException {
 
 		Optional<OrderP> order = Optional.ofNullable(new OrderP());
@@ -124,6 +134,8 @@ public String createOrder(Model model, @RequestParam long userId ,
 		dbOrder.setPaymentMethod(paymentMethod);
 		dbOrder.setRegion(region);
 		dbOrder.setDate();
+		dbOrder.setUserName(uname);
+		dbOrder.setCourseTitle(ctitle);
 		dbOrder.setDataCard(ccnumber);
 		orderRepository.save(dbOrder);
 

backend/src/main/java/com/youdemy/controller/UserController.java

@@ -1,28 +1,32 @@
 package com.youdemy.controller;
 
+import com.youdemy.service.OrderPService;
 import com.youdemy.service.UserService;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Controller;
 import org.springframework.ui.Model;
 import org.springframework.web.bind.annotation.ModelAttribute;
+import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.PostMapping;
 import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 
 import com.youdemy.model.User;
-import com.youdemy.repository.UserRepository;
 
 import javax.servlet.http.HttpServletRequest;
 import java.security.Principal;
+import java.util.ArrayList;
 import java.util.Objects;
 
-
 @Controller
 public class UserController {
 
 	@Autowired
 	private UserService userService;
+
+	@Autowired
+	private OrderPService orderPService;
 
 	@Autowired
 	private PasswordEncoder passwordEncoder;
@@ -81,4 +85,21 @@ public String registerUser(@RequestParam String userFirstName, @RequestParam Str
 		return "signin";
 	}
 
+	@RequestMapping("/myaccount/{id}")
+	public String showUserInfo(Model model, @PathVariable long id, HttpServletRequest request) {
+		Principal principal = request.getUserPrincipal();
+
+		if(principal != null) {
+			String userName = principal.getName();
+			User user = userService.findByFirstName(userName);
+			long userId;
+			userId = user.getId();
+			if (userId != id) {
+				return "accessDenied";
+			}
+			model.addAttribute("orders", (ArrayList) orderPService.findByUser(userId));
+			model.addAttribute("user", user);
+		}
+		return "myAccount";
+	}
 }

backend/src/main/java/com/youdemy/model/OrderP.java

@@ -20,8 +20,11 @@ public class OrderP {
 	@GeneratedValue(strategy = GenerationType.IDENTITY) 
 	private long id;
 	private int price;
-	private long user; 
+	
+	private long user;
  	private long course;
+ 	private String courseTitle;
+ 	private String userName;
  	private String paymentMethod;
  	private String billingAddress;
  	private String country;
@@ -31,13 +34,15 @@ public class OrderP {
 
 	public OrderP() {}
 
-	public OrderP( long user, int price, long course, String paymentMethod,
+	public OrderP( long user, int price, long course, String userName, String courseTitle, String paymentMethod,
 					String billingAddress, String country, String region,
 					String dataCard) {
 		super();
 		this.user = user;
 		this.price = price;
 		this.course = course;
+		this.userName = userName;
+		this.courseTitle = courseTitle;
 		this.paymentMethod = paymentMethod;
 		this.billingAddress = billingAddress;
 		this.country = country;
@@ -118,6 +123,22 @@ public void setDataCard(String dataCard) {
 		this.dataCard = dataCard;
 	}
 
+	public String getUserName() {
+		return userName;
+	}
+
+	public void setUserName(String userName) {
+		this.userName = userName;
+	}
+	
+	public String getCourseTitle() {
+		return courseTitle;
+	}
+
+	public void setCourseTitle(String courseTitle) {
+		this.courseTitle = courseTitle;
+	}
+	
 	public void setDate() {
 		DateFormat dateFormatter = new SimpleDateFormat("dd-MM-yyyy");
 		String date = dateFormatter.format(new Date(System.currentTimeMillis()));

backend/src/main/java/com/youdemy/security/WebSecurityConfig.java

@@ -44,6 +44,7 @@ protected void configure(HttpSecurity http) throws Exception {
         http.authorizeRequests().antMatchers("/image/**").hasAnyRole("TEACHER", "ADMIN");
         http.authorizeRequests().antMatchers("/orders/**").hasAnyRole("USER");
         http.authorizeRequests().antMatchers("/admin").hasAnyRole("ADMIN");
+        http.authorizeRequests().antMatchers("/myaccount/**").hasAnyRole("USER","ADMIN");
 
         // H2 Console access without csrf
         http.csrf().ignoringAntMatchers("/h2-console/**");