better validation, comments on notes, and much more

Author: jvorhauer

Diff for: build.gradle.kts

@@ -43,7 +43,7 @@ dependencies {
   implementation("org.scala-lang:scala-library:2.13.12")
   implementation("io.hypersistence:hypersistence-tsid:2.1.1")
 
-  implementation("io.netty:netty-all:4.1.105.Final")
+  implementation("io.netty:netty-all:4.1.106.Final")
   implementation("org.hibernate:hibernate-validator:8.0.1.Final")
   implementation("org.glassfish.expressly:expressly:5.0.0")
   implementation("org.owasp.encoder:encoder:1.2.3")

Diff for: src/main/java/blog/validator/CheckTSID.java

@@ -0,0 +1,30 @@
+package blog.validator;
+
+import jakarta.validation.Constraint;
+import jakarta.validation.Payload;
+
+import java.lang.annotation.Documented;
+import java.lang.annotation.Repeatable;
+import java.lang.annotation.Retention;
+import java.lang.annotation.Target;
+
+import static java.lang.annotation.ElementType.*;
+import static java.lang.annotation.RetentionPolicy.RUNTIME;
+
+@Target({ FIELD, METHOD, PARAMETER, ANNOTATION_TYPE, TYPE_USE })
+@Retention(RUNTIME)
+@Constraint(validatedBy = CheckTSIDValidator.class)
+@Documented
+@Repeatable(CheckTSID.List.class)
+public @interface CheckTSID {
+  String message() default "{jakarta.validation.constraints.NotBlank.message}";
+  Class<?>[] groups() default { };
+  Class<? extends Payload>[] payload() default { };
+
+  @Target({ FIELD, METHOD, PARAMETER, ANNOTATION_TYPE })
+  @Retention(RUNTIME)
+  @Documented
+  @interface List {
+    CheckTSID[] value();
+  }
+}

Diff for: src/main/java/blog/validator/CheckTSIDValidator.java

@@ -0,0 +1,22 @@
+package blog.validator;
+
+import io.hypersistence.tsid.TSID;
+import jakarta.validation.ConstraintValidator;
+import jakarta.validation.ConstraintValidatorContext;
+
+import java.time.Instant;
+import java.util.Objects;
+
+public final class CheckTSIDValidator implements ConstraintValidator<CheckTSID, String> {
+
+  @Override
+  public void initialize(final CheckTSID constraintAnnotation) {
+    ConstraintValidator.super.initialize(constraintAnnotation);
+  }
+
+  @Override
+  public boolean isValid(final String value, final ConstraintValidatorContext context) {
+    Objects.requireNonNull(context);
+    return TSID.isValid(value) && TSID.from(value).getInstant().isBefore(Instant.now());
+  }
+}

Diff for: src/main/java/blog/validator/CheckTsidDef.java

@@ -0,0 +1,9 @@
+package blog.validator;
+
+import org.hibernate.validator.cfg.ConstraintDef;
+
+public class CheckTsidDef extends ConstraintDef<CheckTsidDef, CheckTSID> {
+  public CheckTsidDef() {
+    super(CheckTSID.class);
+  }
+}

Diff for: src/main/kotlin/blog/Application.kt

@@ -7,9 +7,11 @@ import akka.actor.typed.Scheduler
 import akka.actor.typed.javadsl.AskPattern.ask
 import akka.actor.typed.javadsl.Behaviors
 import blog.model.Command
+import blog.model.CreateCommentRequest
 import blog.model.CreateNoteRequest
 import blog.model.CreateTaskRequest
 import blog.model.DeleteNote
+import blog.model.DeleteTask
 import blog.model.LoginRequest
 import blog.model.RegisterUserRequest
 import blog.model.UpdateNoteRequest
@@ -34,11 +36,13 @@ import reactor.core.publisher.Mono.justOrEmpty
 import reactor.kotlin.core.publisher.toFlux
 import java.net.URI
 import java.time.Duration
+import java.util.Locale
 
 @SpringBootApplication
 class Application
 
 fun main() {
+  locale()
   ActorSystem.create(Server.create(), "system")
 }
 
@@ -59,7 +63,7 @@ fun beans(processor: ActorRef<Command>, system: ActorSystem<Void>, reader: Reade
 }
 
 fun ServerRequest.monoPathVar(s: String): Mono<String> = justOrEmpty(s).mapNotNull { runCatching { this.pathVariable(it) }.getOrNull() }
-fun ServerRequest.pathAsTSID(s: String): Mono<TSID> = this.monoPathVar(s).map { it.toLong() }.map { it.toTSID() }
+fun ServerRequest.pathAsTSID(s: String): Mono<TSID> = this.monoPathVar(s).map { it.toTSID() }
 
 fun routes(handler: ApiHandler): RouterFunction<ServerResponse> =
   router {
@@ -73,13 +77,15 @@ fun routes(handler: ApiHandler): RouterFunction<ServerResponse> =
       GET("/note/{id}", handler::findNote)
       PUT("/note", handler::updateNote)
       DELETE("/note/{id}", handler::deleteNote)
+      POST("/note/{id}/comment", handler::comment)
 
       GET("/users") { _ -> handler.findAll() }
       GET("/user/id/{id}", handler::findById)
       GET("/user/email/{email}", handler::findByEmail)
 
       POST("/tasks", handler::createTask)
       PUT("/tasks", handler::updateTask)
+      DELETE("/tasks/{id}", handler::deleteTask)
     }
   }
 
@@ -108,7 +114,7 @@ class ApiHandler(private val scheduler: Scheduler, private val processor: ActorR
       .switchIfEmpty(forbidden)
 
   fun findById(req: ServerRequest): Mono<ServerResponse> = req.pathAsTSID("id")
-      .flatMap { justOrEmpty(reader.findUserById(it)) }
+      .flatMap { justOrEmpty(reader.findUser(it)) }
       .map { it.toResponse(reader) }
       .flatMap { ServerResponse.ok().bodyValue(it) }
       .switchIfEmpty(notFound)
@@ -122,7 +128,7 @@ class ApiHandler(private val scheduler: Scheduler, private val processor: ActorR
   fun findAll(): Mono<ServerResponse> = ok.contentType(MediaType.APPLICATION_JSON).body(reader.allUsers().toFlux(), UserResponse::class.java)
 
   fun createNote(req: ServerRequest): Mono<ServerResponse> = loggedin(req)
-      .flatMap { principal -> req.bodyToMono(CreateNoteRequest::class.java).map { it.copy(user = principal.id.toLong()) } }
+      .flatMap { principal -> req.bodyToMono(CreateNoteRequest::class.java).map { it.copy(user = principal.id.toString()) } }
       .flatMap { fromCompletionStage(ask(processor, { rt -> it.toCommand(rt) }, timeout, scheduler)) }
       .flatMap {
         if (it.isSuccess) {
@@ -133,7 +139,7 @@ class ApiHandler(private val scheduler: Scheduler, private val processor: ActorR
       }.switchIfEmpty(unauthorized)
 
   fun updateNote(req: ServerRequest): Mono<ServerResponse> = loggedin(req)
-      .flatMap { principal -> req.bodyToMono(UpdateNoteRequest::class.java).map { it.copy(user = principal.id) } }
+      .flatMap { principal -> req.bodyToMono(UpdateNoteRequest::class.java).map { it.copy(user = principal.id.toString()) } }
       .flatMap { fromCompletionStage(ask(processor, { rt -> it.toCommand(rt) }, timeout, scheduler)) }
       .flatMap { if (it.isSuccess) ok.bodyValue(it.value) else badreq(it.error.message) }
       .switchIfEmpty(unauthorized)
@@ -148,17 +154,34 @@ class ApiHandler(private val scheduler: Scheduler, private val processor: ActorR
   fun findNote(req: ServerRequest): Mono<ServerResponse> =
     req.pathAsTSID("id")
       .flatMap { justOrEmpty(reader.findNote(it)) }
-      .flatMap { ok.bodyValue(it) }
+      .flatMap { ok.bodyValue(it.toResponse()) }
       .switchIfEmpty(notFound)
 
   fun createTask(req: ServerRequest): Mono<ServerResponse> = loggedin(req)
-    .flatMap { principal -> req.bodyToMono(CreateTaskRequest::class.java).map { it.copy(user = principal.id) } }
+    .flatMap { principal -> req.bodyToMono(CreateTaskRequest::class.java).map { it.copy(user = principal.id.toString()) } }
     .flatMap { ServerResponse.unprocessableEntity().build() }
 
   fun updateTask(req: ServerRequest): Mono<ServerResponse> = loggedin(req)
-    .flatMap { principal -> req.bodyToMono(UpdateTaskRequest::class.java).map { it.copy(user = principal.id) } }
-    .flatMap { ServerResponse.unprocessableEntity().build() }
+    .flatMap { principal -> req.bodyToMono(UpdateTaskRequest::class.java).map { it.copy(user = principal.id.toString()) } }
+    .flatMap { fromCompletionStage(ask(processor, { rt -> it.toCommand(rt) }, timeout, scheduler)) }
+    .flatMap { if(it.isSuccess) ok.build() else badRequest }
+    .switchIfEmpty(unauthorized)
+
+  fun deleteTask(req: ServerRequest): Mono<ServerResponse> = loggedin(req)
+    .zipWith(req.pathAsTSID("id").mapNotNull { reader.findTask(it) })
+    .filter { tup -> tup?.t2?.user != null && tup.t2.user == tup.t1.id }
+    .flatMap { tup -> fromCompletionStage(ask(processor, { DeleteTask(tup.t1.id, it) }, timeout, scheduler)) }
+    .flatMap { if(it.isSuccess) ok.build() else badRequest }
+    .switchIfEmpty(unauthorized)
 
   private fun loggedin(req: ServerRequest): Mono<User> =
     justOrEmpty(req.headers().firstHeader("Authorization")).mapNotNull { reader.loggedin(it) }
+
+  fun comment(req: ServerRequest): Mono<ServerResponse> = loggedin(req)
+    .flatMap { principal -> req.bodyToMono(CreateCommentRequest::class.java).map { it.copy(user = principal.id.toString()) } }
+    .flatMap { fromCompletionStage(ask(processor, { rt -> it.toCommand(rt) }, timeout, scheduler)) }
+    .flatMap { if(it.isSuccess) ok.build() else badRequest }
+    .switchIfEmpty(unauthorized)
 }
+
+fun locale(): Unit = Locale.setDefault(Locale.of("nl", "NL"))

Diff for: src/main/kotlin/blog/model/Comment.kt

@@ -12,17 +12,18 @@ data class Comment(
   val text: String,
   val score: Int
 ) {
-  fun toResponse() = CommentResponse(id.toLong(), user.toLong(), owner.toLong(), parent?.toLong(), text, score)
+  fun toResponse() = CommentResponse(id.toString(), user.toString(), owner.toString(), parent?.toString(), text, score)
 }
 
 data class CreateCommentRequest(
-  val user: Long,
-  val owner: Long,
-  val parent: Long?,
+  val user: String,
+  val owner: String,
+  val parent: String?,
   val text: String,
   val score: Int = 0
 ) {
-  fun toCommand(replyTo: ActorRef<StatusReply<CommentResponse>>) = CreateComment(user.toTSID(), owner.toTSID(), parent.toTSID(), text, score, replyTo)
+  fun validate() = Validator.validate(this)
+  fun toCommand(replyTo: ActorRef<StatusReply<CommentResponse>>) = CreateComment(user.toTSID(), owner.toTSID(), parent?.toTSID(), text, score, replyTo)
 }
 
 data class CreateComment(
@@ -49,10 +50,10 @@ data class CommentCreated(
 }
 
 data class CommentResponse(
-  override val id: Long,
-  val user: Long,
-  val owner: Long, // Note or Task
-  val parent: Long?,
+  override val id: String,
+  val user: String,
+  val owner: String, // Note or Task
+  val parent: String?,
   val text: String,
   val score: Int
 ): Response

Diff for: src/main/kotlin/blog/model/Note.kt

@@ -1,5 +1,6 @@
 package blog.model
 
+import akka.Done
 import akka.actor.typed.ActorRef
 import akka.pattern.StatusReply
 import io.hypersistence.tsid.TSID
@@ -8,14 +9,14 @@ import org.owasp.encoder.Encode
 import java.time.LocalDateTime
 import java.time.ZoneId
 
-data class CreateNoteRequest(val user: Long, val title: String, val body: String) {
+data class CreateNoteRequest(val user: String, val title: String, val body: String) {
   fun validate(): Set<ConstraintViolation<CreateNoteRequest>> = Validator.validate(this)
   fun toCommand(replyTo: ActorRef<StatusReply<NoteResponse>>) = CreateNote(user.toTSID(), title, body, replyTo)
 }
 
-data class UpdateNoteRequest(val user: TSID, val id: TSID, val title: String?, val body: String?) {
+data class UpdateNoteRequest(val user: String, val id: String, val title: String?, val body: String?) {
   fun validate(): Set<ConstraintViolation<UpdateNoteRequest>> = Validator.validate(this)
-  fun toCommand(rt: ActorRef<StatusReply<NoteResponse>>) = UpdateNote(user, id, title, body, rt)
+  fun toCommand(rt: ActorRef<StatusReply<NoteResponse>>) = UpdateNote(user.toTSID(), id.toTSID(), title, body, rt)
 }
 
 data class CreateNote(
@@ -25,42 +26,40 @@ data class CreateNote(
   val replyTo: ActorRef<StatusReply<NoteResponse>>,
   val id: TSID = nextId()
 ) : Command {
-  fun toEvent() = NoteEvent(id, user, Encode.forHtml(title), Encode.forHtml(body))
+  fun toEvent() = NoteCreated(id, user, Encode.forHtml(title), Encode.forHtml(body))
 }
 
 data class UpdateNote(val user: TSID, val id: TSID, val title: String?, val body: String?, val replyTo: ActorRef<StatusReply<NoteResponse>>): Command {
   fun toEvent() = NoteUpdated(id, user, title, body)
 }
 
-data class DeleteNote(val user: TSID, val id: TSID, val rt: ActorRef<StatusReply<NoteDeletedResponse>>): Command {
+data class DeleteNote(val user: TSID, val id: TSID, val rt: ActorRef<StatusReply<Done>>): Command {
   fun toEvent() = NoteDeleted(id, user)
 }
 
-data class NoteEvent(val id: TSID, val user: TSID, val title: String, val body: String) : Event {
-  fun toEntity() = Note(id, user, title, body)
+data class NoteCreated(val id: TSID, val user: TSID, val title: String, val body: String) : Event {
+  fun toEntity() = Note(id, user, title, slugify(title), body)
 }
 
 data class NoteUpdated(val id: TSID, val user: TSID, val title: String?, val body: String?): Event
 
-data class NoteDeleted(val id: TSID, val user: TSID): Event {
-  fun toResponse() = NoteDeletedResponse(id.toLong())
-}
+data class NoteDeleted(val id: TSID, val user: TSID): Event
 
 data class Note(
   override val id: TSID,
   val user: TSID,
   val title: String,
+  val slug: String,
   val body: String
 ): Entity {
+  constructor(id: TSID, user: TSID, title: String, body: String): this(id, user, title, slugify(title), body)
   fun update(nu: NoteUpdated): Note = this.copy(title = nu.title ?: this.title, body = nu.body ?: this.body)
-  fun toResponse() = NoteResponse(id.toLong(), LocalDateTime.ofInstant(id.instant, ZoneId.of("CET")), title, body)
+  fun toResponse() = NoteResponse(id.toString(), LocalDateTime.ofInstant(id.instant, ZoneId.of("CET")), title, body)
 }
 
 data class NoteResponse(
-  override val id: Long,
+  override val id: String,
   val created: LocalDateTime,
   val title: String,
   val body: String
 ) : Response
-
-data class NoteDeletedResponse(override val id: Long): Response

Diff for: src/main/kotlin/blog/model/State.kt

@@ -3,18 +3,18 @@ package blog.model
 import io.hypersistence.tsid.TSID
 
 data class State(
-  private val users: Map<TSID, User> = mapOf(),
-  private val notes: Map<TSID, Note> = mapOf(),
-  private val tasks: Map<TSID, Task> = mapOf(),
+  private val users: Map<TSID, User>      = mapOf(),
+  private val notes: Map<TSID, Note>      = mapOf(),
+  private val tasks: Map<TSID, Task>      = mapOf(),
   private val sesss: Map<String, Session> = mapOf(),
-  private val recovered: Boolean = false
+  private val comms: Map<TSID, Comment>   = mapOf(),
+  private val recovered: Boolean          = false
 ) {
   fun save(u: User)                 : State      = this.copy(users = this.users.minus(u.id).plus(u.id to u))
   fun findUserById(id: TSID)        : User?      = users[id]
   fun findUserByEmail(email: String): User?      = users.values.find { it.email == email }
   fun allUsers()                    : List<User> = users.values.toList()
   fun userCount()                   : Int        = users.size
-  fun delete(u: User)               : State      = this.copy(users = this.users.minus(u.id))
 
   fun save(n: Note)             : State          = this.copy(notes = this.notes.minus(n.id).plus(n.id to n))
   fun findNoteById(id: TSID)    : Note?          = notes[id]
@@ -37,5 +37,11 @@ data class State(
   }
   fun loggedin(session: String): User? = sesss[session]?.user
 
+  fun save(c: Comment): State = this.copy(comms = this.comms.plus(c.id to c))
+  fun findCommentsForUser(id: TSID): List<Comment> = comms.values.filter { it.user == id }
+  fun findCommentsForNote(id: TSID): List<Comment> = comms.values.filter { it.owner == id }
+  fun findComment(id: TSID): Comment? = comms[id]
+  fun commentCount() = comms.size
+
   fun hasRecovered(): State = this.copy(recovered = true)
 }