[#11878] Add status and comments to AccountRequest (#12898)

* Add AccountRequestStatus * Add AccountRequest status attribute * Add status to AccountRequest constructor * Add AccountRequest comments attribute * Add comments to AccountRequest constructor * Wrap lines * Remove mysterious unnecessary imports that appeared out of nowhere * Use non-null placeholder * Use literal placeholder
TEAMMATES · Mar 18, 2024 · fc1342f · fc1342f
1 parent 395bdd7
commit fc1342f
Show file tree

Hide file tree

Showing 12 changed files with 125 additions and 33 deletions.
diff --git a/src/client/java/teammates/client/scripts/sql/DataMigrationForAccountRequestSql.java b/src/client/java/teammates/client/scripts/sql/DataMigrationForAccountRequestSql.java
@@ -2,6 +2,7 @@
 
 import com.googlecode.objectify.cmd.Query;
 
+import teammates.common.datatransfer.AccountRequestStatus;
 import teammates.storage.sqlentity.AccountRequest;
 
 /**
@@ -50,7 +51,9 @@ protected void migrateEntity(teammates.storage.entity.AccountRequest oldEntity)
         AccountRequest newEntity = new AccountRequest(
                 oldEntity.getEmail(),
                 oldEntity.getName(),
-                oldEntity.getInstitute());
+                oldEntity.getInstitute(),
+                AccountRequestStatus.APPROVED,
+                null);
 
         // set registration key to the old value if exists
         if (oldEntity.getRegistrationKey() != null) {

diff --git a/src/client/java/teammates/client/scripts/sql/VerifyDataMigrationConnection.java b/src/client/java/teammates/client/scripts/sql/VerifyDataMigrationConnection.java
@@ -7,6 +7,7 @@
 
 import teammates.client.connector.DatastoreClient;
 import teammates.client.util.ClientProperties;
+import teammates.common.datatransfer.AccountRequestStatus;
 import teammates.common.util.HibernateUtil;
 import teammates.storage.entity.UsageStatistics;
 import teammates.storage.sqlentity.Notification;
@@ -43,7 +44,9 @@ protected void verifySqlConnection() {
         teammates.storage.sqlentity.AccountRequest newEntity = new teammates.storage.sqlentity.AccountRequest(
                 "[email protected]",
                 "dummy-teammates-account-request",
-                "dummy-teammates-institute");
+                "dummy-teammates-institute",
+                AccountRequestStatus.PENDING,
+                "dummy-comments");
         HibernateUtil.beginTransaction();
         HibernateUtil.persist(newEntity);
         HibernateUtil.commitTransaction();

diff --git a/src/it/java/teammates/it/sqllogic/core/AccountRequestsLogicIT.java b/src/it/java/teammates/it/sqllogic/core/AccountRequestsLogicIT.java
@@ -4,6 +4,7 @@
 
 import org.testng.annotations.Test;
 
+import teammates.common.datatransfer.AccountRequestStatus;
 import teammates.common.exception.EntityAlreadyExistsException;
 import teammates.common.exception.EntityDoesNotExistException;
 import teammates.common.exception.InvalidParametersException;
@@ -28,8 +29,10 @@ public void testResetAccountRequest()
         String name = "name lee";
         String email = "[email protected]";
         String institute = "institute";
+        AccountRequestStatus status = AccountRequestStatus.PENDING;
+        String comments = "comments";
 
-        AccountRequest toReset = accountRequestsLogic.createAccountRequest(name, email, institute);
+        AccountRequest toReset = accountRequestsLogic.createAccountRequest(name, email, institute, status, comments);
         AccountRequestsDb accountRequestsDb = AccountRequestsDb.inst();
 
         toReset.setRegisteredAt(Instant.now());

diff --git a/src/it/java/teammates/it/sqllogic/core/DataBundleLogicIT.java b/src/it/java/teammates/it/sqllogic/core/DataBundleLogicIT.java
@@ -8,6 +8,7 @@
 import org.testng.annotations.BeforeMethod;
 import org.testng.annotations.Test;
 
+import teammates.common.datatransfer.AccountRequestStatus;
 import teammates.common.datatransfer.FeedbackParticipantType;
 import teammates.common.datatransfer.InstructorPermissionRole;
 import teammates.common.datatransfer.InstructorPrivileges;
@@ -62,7 +63,7 @@ public void testCreateDataBundle_typicalValues_createdCorrectly() throws Excepti
 
         AccountRequest actualAccountRequest = dataBundle.accountRequests.get("instructor1");
         AccountRequest expectedAccountRequest = new AccountRequest("[email protected]", "Instructor 1",
-                "TEAMMATES Test Institute 1");
+                "TEAMMATES Test Institute 1", AccountRequestStatus.REGISTERED, "These are some comments.");
         expectedAccountRequest.setId(actualAccountRequest.getId());
         expectedAccountRequest.setRegisteredAt(Instant.parse("2015-02-14T00:00:00Z"));
         expectedAccountRequest.setRegistrationKey(actualAccountRequest.getRegistrationKey());

diff --git a/src/it/java/teammates/it/storage/sqlapi/AccountRequestsDbIT.java b/src/it/java/teammates/it/storage/sqlapi/AccountRequestsDbIT.java
@@ -4,6 +4,7 @@
 
 import org.testng.annotations.Test;
 
+import teammates.common.datatransfer.AccountRequestStatus;
 import teammates.common.exception.EntityDoesNotExistException;
 import teammates.it.test.BaseTestCaseWithSqlDatabaseAccess;
 import teammates.storage.sqlapi.AccountRequestsDb;
@@ -20,7 +21,8 @@ public class AccountRequestsDbIT extends BaseTestCaseWithSqlDatabaseAccess {
     public void testCreateReadDeleteAccountRequest() throws Exception {
         ______TS("Create account request, does not exists, succeeds");
 
-        AccountRequest accountRequest = new AccountRequest("[email protected]", "name", "institute");
+        AccountRequest accountRequest =
+                new AccountRequest("[email protected]", "name", "institute", AccountRequestStatus.PENDING, "comments");
         accountRequestDb.createAccountRequest(accountRequest);
 
         ______TS("Read account request using the given email and institute");
@@ -53,7 +55,7 @@ public void testCreateReadDeleteAccountRequest() throws Exception {
         ______TS("Create account request, same email address and institute already exist, creates successfully");
 
         AccountRequest identicalAccountRequest =
-                new AccountRequest("[email protected]", "name", "institute");
+                new AccountRequest("[email protected]", "name", "institute", AccountRequestStatus.PENDING, "comments");
         assertNotSame(accountRequest, identicalAccountRequest);
 
         accountRequestDb.createAccountRequest(identicalAccountRequest);
@@ -74,7 +76,8 @@ public void testCreateReadDeleteAccountRequest() throws Exception {
     public void testUpdateAccountRequest() throws Exception {
         ______TS("Update account request, does not exists, exception thrown");
 
-        AccountRequest accountRequest = new AccountRequest("[email protected]", "name", "institute");
+        AccountRequest accountRequest =
+                new AccountRequest("[email protected]", "name", "institute", AccountRequestStatus.PENDING, "comments");
 
         assertThrows(EntityDoesNotExistException.class,
                 () -> accountRequestDb.updateAccountRequest(accountRequest));
@@ -96,7 +99,8 @@ public void testSqlInjectionInCreateAccountRequestEmailField() throws Exception
 
         // Attempt to use SQL commands in email field
         String email = "email'/**/OR/**/1=1/**/@gmail.com";
-        AccountRequest accountRequest = new AccountRequest(email, "name", "institute");
+        AccountRequest accountRequest =
+                new AccountRequest(email, "name", "institute", AccountRequestStatus.PENDING, "comments");
 
         // The system should treat the input as a plain text string
         accountRequestDb.createAccountRequest(accountRequest);
@@ -110,7 +114,8 @@ public void testSqlInjectionInCreateAccountRequestNameField() throws Exception {
 
         // Attempt to use SQL commands in name field
         String name = "name'; SELECT * FROM account_requests; --";
-        AccountRequest accountRequest = new AccountRequest("[email protected]", name, "institute");
+        AccountRequest accountRequest =
+                new AccountRequest("[email protected]", name, "institute", AccountRequestStatus.PENDING, "comments");
 
         // The system should treat the input as a plain text string
         accountRequestDb.createAccountRequest(accountRequest);
@@ -124,7 +129,8 @@ public void testSqlInjectionInCreateAccountRequestInstituteField() throws Except
 
         // Attempt to use SQL commands in institute field
         String institute = "institute'; DROP TABLE account_requests; --";
-        AccountRequest accountRequest = new AccountRequest("[email protected]", "name", institute);
+        AccountRequest accountRequest =
+                new AccountRequest("[email protected]", "name", institute, AccountRequestStatus.PENDING, "comments");
 
         // The system should treat the input as a plain text string
         accountRequestDb.createAccountRequest(accountRequest);
@@ -136,7 +142,8 @@ public void testSqlInjectionInCreateAccountRequestInstituteField() throws Except
     public void testSqlInjectionInGetAccountRequest() throws Exception {
         ______TS("SQL Injection test in getAccountRequest");
 
-        AccountRequest accountRequest = new AccountRequest("[email protected]", "name", "institute");
+        AccountRequest accountRequest =
+                new AccountRequest("[email protected]", "name", "institute", AccountRequestStatus.PENDING, "comments");
         accountRequestDb.createAccountRequest(accountRequest);
 
         String instituteInjection = "institute'; DROP TABLE account_requests; --";
@@ -151,7 +158,8 @@ public void testSqlInjectionInGetAccountRequest() throws Exception {
     public void testSqlInjectionInGetAccountRequestByRegistrationKey() throws Exception {
         ______TS("SQL Injection test in getAccountRequestByRegistrationKey");
 
-        AccountRequest accountRequest = new AccountRequest("[email protected]", "name", "institute");
+        AccountRequest accountRequest =
+                new AccountRequest("[email protected]", "name", "institute", AccountRequestStatus.PENDING, "comments");
         accountRequestDb.createAccountRequest(accountRequest);
 
         String regKeyInjection = "regKey'; DROP TABLE account_requests; --";
@@ -166,7 +174,8 @@ public void testSqlInjectionInGetAccountRequestByRegistrationKey() throws Except
     public void testSqlInjectionInUpdateAccountRequest() throws Exception {
         ______TS("SQL Injection test in updateAccountRequest");
 
-        AccountRequest accountRequest = new AccountRequest("[email protected]", "name", "institute");
+        AccountRequest accountRequest =
+                new AccountRequest("[email protected]", "name", "institute", AccountRequestStatus.PENDING, "comments");
         accountRequestDb.createAccountRequest(accountRequest);
 
         String nameInjection = "newName'; DROP TABLE account_requests; --";
@@ -181,13 +190,15 @@ public void testSqlInjectionInUpdateAccountRequest() throws Exception {
     public void testSqlInjectionInDeleteAccountRequest() throws Exception {
         ______TS("SQL Injection test in deleteAccountRequest");
 
-        AccountRequest accountRequest = new AccountRequest("[email protected]", "name", "institute");
+        AccountRequest accountRequest =
+                new AccountRequest("[email protected]", "name", "institute", AccountRequestStatus.PENDING, "comments");
         accountRequestDb.createAccountRequest(accountRequest);
 
         String emailInjection = "email'/**/OR/**/1=1/**/@gmail.com";
         String nameInjection = "name'; DROP TABLE account_requests; --";
         String instituteInjection = "institute'; DROP TABLE account_requests; --";
-        AccountRequest accountRequestInjection = new AccountRequest(emailInjection, nameInjection, instituteInjection);
+        AccountRequest accountRequestInjection = new AccountRequest(emailInjection, nameInjection, instituteInjection,
+                AccountRequestStatus.PENDING, "comments");
         accountRequestDb.deleteAccountRequest(accountRequestInjection);
 
         AccountRequest actual = accountRequestDb.getAccountRequest(accountRequest.getEmail(), accountRequest.getInstitute());
@@ -198,7 +209,8 @@ public void testSqlInjectionInDeleteAccountRequest() throws Exception {
     public void testSqlInjectionSearchAccountRequestsInWholeSystem() throws Exception {
         ______TS("SQL Injection test in searchAccountRequestsInWholeSystem");
 
-        AccountRequest accountRequest = new AccountRequest("[email protected]", "name", "institute");
+        AccountRequest accountRequest =
+                new AccountRequest("[email protected]", "name", "institute", AccountRequestStatus.PENDING, "comments");
         accountRequestDb.createAccountRequest(accountRequest);
 
         String searchInjection = "institute'; DROP TABLE account_requests; --";

diff --git a/src/it/resources/data/DataBundleLogicIT.json b/src/it/resources/data/DataBundleLogicIT.json
@@ -19,6 +19,8 @@
       "name": "Instructor 1",
       "email": "[email protected]",
       "institute": "TEAMMATES Test Institute 1",
+      "status": "REGISTERED",
+      "comments": "These are some comments.",
       "registeredAt": "2015-02-14T00:00:00Z"
     }
   },

diff --git a/src/main/java/teammates/common/datatransfer/AccountRequestStatus.java b/src/main/java/teammates/common/datatransfer/AccountRequestStatus.java
@@ -0,0 +1,27 @@
+package teammates.common.datatransfer;
+
+/**
+ * The status of an account request.
+ */
+public enum AccountRequestStatus {
+
+    /**
+     * The account request has not yet been processed by the admin.
+     */
+    PENDING,
+
+    /**
+     * The account request has been rejected by the admin.
+     */
+    REJECTED,
+
+    /**
+     * The account request has been approved by the admin but the instructor has not created an account yet.
+     */
+    APPROVED,
+
+    /**
+     * The account request has been approved by the admin and the instructor has created an account.
+     */
+    REGISTERED
+}
diff --git a/src/main/java/teammates/sqllogic/api/Logic.java b/src/main/java/teammates/sqllogic/api/Logic.java
@@ -8,6 +8,7 @@
 
 import javax.annotation.Nullable;
 
+import teammates.common.datatransfer.AccountRequestStatus;
 import teammates.common.datatransfer.FeedbackQuestionRecipient;
 import teammates.common.datatransfer.FeedbackResultFetchType;
 import teammates.common.datatransfer.NotificationStyle;
@@ -88,10 +89,10 @@ public static Logic inst() {
      * @throws InvalidParametersException if the account request details are invalid.
      * @throws EntityAlreadyExistsException if the account request already exists.
      */
-    public AccountRequest createAccountRequest(String name, String email, String institute)
-            throws InvalidParametersException {
+    public AccountRequest createAccountRequest(String name, String email, String institute, AccountRequestStatus status,
+            String comments) throws InvalidParametersException {
 
-        return accountRequestLogic.createAccountRequest(name, email, institute);
+        return accountRequestLogic.createAccountRequest(name, email, institute, status, comments);
     }
 
     /**

diff --git a/src/main/java/teammates/sqllogic/core/AccountRequestsLogic.java b/src/main/java/teammates/sqllogic/core/AccountRequestsLogic.java
@@ -2,6 +2,7 @@
 
 import java.util.List;
 
+import teammates.common.datatransfer.AccountRequestStatus;
 import teammates.common.exception.EntityDoesNotExistException;
 import teammates.common.exception.InvalidParametersException;
 import teammates.common.exception.SearchServiceException;
@@ -57,9 +58,9 @@ public AccountRequest createAccountRequest(AccountRequest accountRequest) throws
     /**
      * Creates an account request.
      */
-    public AccountRequest createAccountRequest(String name, String email, String institute)
-            throws InvalidParametersException {
-        AccountRequest toCreate = new AccountRequest(email, name, institute);
+    public AccountRequest createAccountRequest(String name, String email, String institute, AccountRequestStatus status,
+            String comments) throws InvalidParametersException {
+        AccountRequest toCreate = new AccountRequest(email, name, institute, status, comments);
 
         return accountRequestDb.createAccountRequest(toCreate);
     }

diff --git a/src/main/java/teammates/storage/sqlentity/AccountRequest.java b/src/main/java/teammates/storage/sqlentity/AccountRequest.java
@@ -9,13 +9,17 @@
 
 import org.hibernate.annotations.UpdateTimestamp;
 
+import teammates.common.datatransfer.AccountRequestStatus;
 import teammates.common.util.Config;
 import teammates.common.util.Const;
 import teammates.common.util.FieldValidator;
 import teammates.common.util.SanitizationHelper;
 import teammates.common.util.StringHelper;
 
+import jakarta.persistence.Column;
 import jakarta.persistence.Entity;
+import jakarta.persistence.EnumType;
+import jakarta.persistence.Enumerated;
 import jakarta.persistence.Id;
 import jakarta.persistence.Table;
 import jakarta.persistence.UniqueConstraint;
@@ -40,6 +44,12 @@ public class AccountRequest extends BaseEntity {
 
     private String institute;
 
+    @Enumerated(EnumType.STRING)
+    private AccountRequestStatus status;
+
+    @Column(columnDefinition = "TEXT")
+    private String comments;
+
     private Instant registeredAt;
 
     @UpdateTimestamp
@@ -49,11 +59,13 @@ protected AccountRequest() {
         // required by Hibernate
     }
 
-    public AccountRequest(String email, String name, String institute) {
+    public AccountRequest(String email, String name, String institute, AccountRequestStatus status, String comments) {
         this.setId(UUID.randomUUID());
         this.setEmail(email);
         this.setName(name);
         this.setInstitute(institute);
+        this.setStatus(status);
+        this.setComments(comments);
         this.generateNewRegistrationKey();
         this.setCreatedAt(Instant.now());
         this.setRegisteredAt(null);
@@ -128,6 +140,22 @@ public void setInstitute(String institute) {
         this.institute = SanitizationHelper.sanitizeTitle(institute);
     }
 
+    public AccountRequestStatus getStatus() {
+        return this.status;
+    }
+
+    public void setStatus(AccountRequestStatus status) {
+        this.status = status;
+    }
+
+    public String getComments() {
+        return this.comments;
+    }
+
+    public void setComments(String comments) {
+        this.comments = comments;
+    }
+
     public Instant getRegisteredAt() {
         return this.registeredAt;
     }
@@ -166,8 +194,8 @@ public int hashCode() {
     @Override
     public String toString() {
         return "AccountRequest [id=" + id + ", registrationKey=" + registrationKey + ", name=" + name + ", email="
-                + email + ", institute=" + institute + ", registeredAt=" + registeredAt + ", createdAt=" + getCreatedAt()
-                + ", updatedAt=" + updatedAt + "]";
+                + email + ", institute=" + institute + ", status=" + status + ", comments=" + comments
+                + ", registeredAt=" + registeredAt + ", createdAt=" + getCreatedAt() + ", updatedAt=" + updatedAt + "]";
     }
 
     public String getRegistrationUrl() {

diff --git a/src/main/java/teammates/ui/webapi/CreateAccountRequestAction.java b/src/main/java/teammates/ui/webapi/CreateAccountRequestAction.java
@@ -1,5 +1,6 @@
 package teammates.ui.webapi;
 
+import teammates.common.datatransfer.AccountRequestStatus;
 import teammates.common.exception.InvalidParametersException;
 import teammates.common.util.EmailWrapper;
 import teammates.storage.sqlentity.AccountRequest;
@@ -20,11 +21,14 @@ public JsonResult execute()
         String instructorName = createRequest.getInstructorName().trim();
         String instructorEmail = createRequest.getInstructorEmail().trim();
         String instructorInstitution = createRequest.getInstructorInstitution().trim();
+        // TODO: This is a placeholder. It should be obtained from AccountCreateRequest, in a separate PR.
+        String comments = "PLACEHOLDER";
 
         AccountRequest accountRequest;
 
         try {
-            accountRequest = sqlLogic.createAccountRequest(instructorName, instructorEmail, instructorInstitution);
+            accountRequest = sqlLogic.createAccountRequest(instructorName, instructorEmail, instructorInstitution,
+                    AccountRequestStatus.PENDING, comments);
             taskQueuer.scheduleAccountRequestForSearchIndexing(instructorEmail, instructorInstitution);
         } catch (InvalidParametersException ipe) {
             throw new InvalidHttpRequestBodyException(ipe);