Review Create Controller

Watch Code

In this lesson, we'll implement the REST API endpoint that allows users to submit reviews for restaurants, building on our previous work with DTOs, services, and mappers.

The Review Controller

The review controller is responsible for handling incoming HTTP requests related to restaurant reviews.

Let's create the ReviewController class and a createReview method to represent our create review endpoint:

package com.devtiro.restaurant.controllers;

import com.devtiro.restaurant.domain.ReviewCreateUpdateRequest;
import com.devtiro.restaurant.domain.dtos.ReviewCreateUpdateRequestDto;
import com.devtiro.restaurant.domain.dtos.ReviewDto;
import com.devtiro.restaurant.domain.entities.Review;
import com.devtiro.restaurant.domain.entities.User;
import com.devtiro.restaurant.mappers.ReviewMapper;
import com.devtiro.restaurant.services.ReviewService;
import jakarta.validation.Valid;
import lombok.RequiredArgsConstructor;
import org.springframework.http.ResponseEntity;
import org.springframework.security.core.annotation.AuthenticationPrincipal;
import org.springframework.security.oauth2.jwt.Jwt;
import org.springframework.web.bind.annotation.*;

@RequiredArgsConstructor
@RestController
@RequestMapping("/api/restaurants/{restaurantId}/reviews")
public class ReviewController {

    private final ReviewService reviewService;
    private final ReviewMapper reviewMapper;

    @PostMapping
    public ResponseEntity<ReviewDto> createReview(
            @PathVariable String restaurantId,
            @Valid @RequestBody ReviewCreateUpdateRequestDto review,
            @AuthenticationPrincipal Jwt jwt) {

        // Convert the review DTO to a domain object
        ReviewCreateUpdateRequest ReviewCreateUpdateRequest =
                reviewMapper.toReviewCreateUpdateRequest(review);

        // Extract user details from JWT
        User user = jwtToUser(jwt);

        // Create the review
        Review createdReview = reviewService.createReview(
                user, restaurantId, ReviewCreateUpdateRequest);

        // Return the created review as DTO
        return ResponseEntity.ok(reviewMapper.toDto(createdReview));
    }

    private User jwtToUser(Jwt jwt) {
        return new User(
                jwt.getSubject(),                           // User's unique ID
                jwt.getClaimAsString("preferred_username"), // Username
                jwt.getClaimAsString("given_name"),         // First name
                jwt.getClaimAsString("family_name")         // Last name
        );
    }
}

JWT User Extraction

We need to extract user information from the JWT token to identify who is creating the review:

private User jwtToUser(Jwt jwt) {
    return new User(
        jwt.getSubject(),           // User's unique ID
        jwt.getClaimAsString("preferred_username"), // Username
        jwt.getClaimAsString("given_name"),        // First name
        jwt.getClaimAsString("family_name")        // Last name
    );
}

Summary

Created ReviewController with createReview endpoint at /api/restaurants/{restaurantId}/reviews
Implemented JWT token processing to extract user details
Used ReviewMapper to convert between DTOs and domain objects