Merge branch 'master' of gitlab.fel.cvut.cz:zecmarce/nss_part-time_job_portal_implementacia

 Conflicts:
	Part-time_job_portal/src/main/java/cz/cvut/fel/nss/parttimejobportal/service/EnrollmentService.java

Part-time_job_portal/pom.xml

@@ -107,14 +107,14 @@
 		<version>6.0.2.Final</version>
 	</dependency>
 	<!-- Email -->
-<!--	<dependency>-->
-<!--		<groupId>org.springframework.boot</groupId>-->
-<!--		<artifactId>spring-boot-starter-mail</artifactId>-->
-<!--		<version>2.0.1.RELEASE</version>-->
-<!--	</dependency>-->
+	<dependency>
+		<groupId>org.springframework.boot</groupId>
+		<artifactId>spring-boot-starter-mail</artifactId>
+		<version>2.0.1.RELEASE</version>
+	</dependency>
 
 	<!-- Spring Framework Caching Support -->
-	<dependency>
+	<!--<dependency>
 		<groupId>org.springframework.boot</groupId>
 		<artifactId>spring-boot-starter-cache</artifactId>
 	</dependency>
@@ -125,7 +125,7 @@
 	<dependency>
 		<groupId>com.hazelcast</groupId>
 		<artifactId>hazelcast-spring</artifactId>
-	</dependency>
+	</dependency>-->
 </dependencies>
 <build>
 	<plugins>

Part-time_job_portal/src/main/java/cz/cvut/fel/nss/parttimejobportal/service/EnrollmentService.java

@@ -60,7 +60,7 @@ public class EnrollmentService {
 
     @Transactional
     public RequestWrapperEnrollmentGet findActiveEndedWithUser(Long enrollId) throws NotAllowedException {
-        if (find(enrollId).getTrip().getAuthor().getId()!= SecurityUtils.getCurrentUser().getId()) throw new NotAllowedException("Not for you");
+        if (!find(enrollId).getTrip().getAuthor().getId().equals(SecurityUtils.getCurrentUser().getId())) throw new NotAllowedException("Not for you");
         RequestWrapperEnrollmentGet wrapperEnrollmentGet = new RequestWrapperEnrollmentGet();
 
         if (findDto(enrollId).getState() != EnrollmentState.ACTIVE || findDto(enrollId).getTripSession().getTo_date().isAfter(ChronoLocalDate.from(LocalDateTime.now()))) throw new NotAllowedException();
@@ -177,8 +177,10 @@ public class EnrollmentService {
     }
 
     @Transactional
-    public void close(EnrollmentDto enrollmentDto){
+    public void close(EnrollmentDto enrollmentDto) throws NotAllowedException {
         Enrollment enrollment = find(enrollmentDto.getId());
+        if (!enrollment.getTrip().getAuthor().getId().equals(SecurityUtils.getCurrentUser().getId())) throw new NotAllowedException("Not for you");
+
         enrollment.setState(EnrollmentState.FINISHED);
         enrollment.setDeposit_was_paid(true);
         enrollment.setActual_xp_reward(enrollmentDto.getActual_xp_reward());
@@ -199,8 +201,9 @@ public class EnrollmentService {
     }
 
     @Transactional
-    public void closeOk(Long id){
+    public void closeOk(Long id) throws NotAllowedException {
         Enrollment enrollment = find(id);
+        if (!enrollment.getTrip().getAuthor().getId().equals(SecurityUtils.getCurrentUser().getId())) throw new NotAllowedException("Not for you");
 
         List<AchievementSpecial> achievementSpecials = enrollment.getTrip().getGain_achievements_special();
         enrollment.setState(EnrollmentState.FINISHED);

Part-time_job_portal/src/main/java/cz/cvut/fel/nss/parttimejobportal/service/UserReviewService.java

@@ -3,6 +3,7 @@ package cz.cvut.fel.nss.parttimejobportal.service;
 
 import cz.cvut.fel.nss.parttimejobportal.dao.*;
 import cz.cvut.fel.nss.parttimejobportal.dto.UserReviewDto;
+import cz.cvut.fel.nss.parttimejobportal.exception.NotAllowedException;
 import cz.cvut.fel.nss.parttimejobportal.model.*;
 import cz.cvut.fel.nss.parttimejobportal.exception.NotFoundException;
 import cz.cvut.fel.nss.parttimejobportal.exception.UnauthorizedException;
@@ -87,6 +88,9 @@ public class UserReviewService {
     public void create(long enrollmentId, AbstractUser currentUser, Long tripSessionId, UserReview userReview) throws Exception {
 
         Enrollment enrollment = enrollmentDao.find(enrollmentId);
+        if (enrollment == null) throw new NotFoundException();
+        if (!enrollment.getTrip().getAuthor().getId().equals(SecurityUtils.getCurrentUser().getId())) throw new NotAllowedException("Not for you");
+
         User user = enrollment.getJobJournal().getUser();
         Manager current_user = managerDao.find(currentUser.getId());
         JobSession tripSession = jobSessionDao.find(tripSessionId);
@@ -104,6 +108,8 @@ public class UserReviewService {
 
         Enrollment enrollment = enrollmentDao.find(enrollmentId);
         if (enrollment == null) throw new NotFoundException();
+        if (!enrollment.getTrip().getAuthor().getId().equals(SecurityUtils.getCurrentUser().getId())) throw new NotAllowedException("Not for you");
+
 
         User user = enrollment.getJobJournal().getUser();
         Manager current_user = managerDao.find(currentUser.getId());