filter out skill requests if the user is not superuser

skill-tree/src/main/java/com/RDS/skilltree/apis/SkillsApi.java

@@ -14,14 +14,13 @@
 import com.RDS.skilltree.viewmodels.EndorsementViewModel;
 import com.RDS.skilltree.viewmodels.SkillViewModel;
 import jakarta.validation.Valid;
+import java.util.List;
 import lombok.RequiredArgsConstructor;
 import lombok.extern.slf4j.Slf4j;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 
-import java.util.List;
-
 @Slf4j
 @RestController
 @RequiredArgsConstructor

skill-tree/src/main/java/com/RDS/skilltree/repositories/UserSkillRepository.java

@@ -4,9 +4,17 @@
 import com.RDS.skilltree.models.UserSkills;
 import java.util.List;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.query.Param;
 
 public interface UserSkillRepository extends JpaRepository<UserSkills, Integer> {
     List<UserSkills> findByStatus(UserSkillStatusEnum status);
 
     List<UserSkills> findByUserIdAndSkillId(String userId, Integer skillId);
+
+    @Query(
+            "SELECT us FROM UserSkills us "
+                    + "JOIN Endorsement e ON us.userId = e.endorseId "
+                    + "WHERE e.endorserId = :endorserId")
+    List<UserSkills> findUserSkillsByEndorserId(@Param("endorserId") String endorserId);
 }

skill-tree/src/main/java/com/RDS/skilltree/services/SkillServiceImplementation.java

@@ -3,6 +3,7 @@
 import com.RDS.skilltree.dtos.RdsGetUserDetailsResDto;
 import com.RDS.skilltree.dtos.SkillRequestsDto;
 import com.RDS.skilltree.enums.UserSkillStatusEnum;
+import com.RDS.skilltree.exceptions.InternalServerErrorException;
 import com.RDS.skilltree.exceptions.NoEntityException;
 import com.RDS.skilltree.exceptions.SkillAlreadyExistsException;
 import com.RDS.skilltree.models.Endorsement;
@@ -54,7 +55,25 @@ public List<SkillViewModel> getAll() {
 
     @Override
     public SkillRequestsDto getAllRequests() {
-        List<UserSkills> skillRequests = userSkillRepository.findAll();
+        JwtUser jwtDetails =
+                (JwtUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
+
+        RdsGetUserDetailsResDto userDetails = rdsService.getUserDetails(jwtDetails.getRdsUserId());
+        RdsUserViewModel.Roles userRole = userDetails.getUser().getRoles();
+        String userId = userDetails.getUser().getId();
+
+        List<UserSkills> skillRequests = null;
+
+        if (userRole.isSuper_user()) {
+            skillRequests = userSkillRepository.findAll();
+        } else {
+            skillRequests = userSkillRepository.findUserSkillsByEndorserId(userId);
+        }
+
+        if (skillRequests == null) {
+            throw new InternalServerErrorException("Unable to fetch skill requests");
+        }
+
         SkillRequestsWithUserDetailsViewModel skillRequestsWithUserDetails =
                 toSkillRequestsWithUserDetailsViewModel(skillRequests);
 

skill-tree/src/main/java/com/RDS/skilltree/viewmodels/RdsUserViewModel.java

@@ -37,6 +37,7 @@ public static class Roles {
         private boolean archived;
         private boolean in_discord;
         private boolean member;
+        private boolean super_user;
     }
 
     @Getter