From cf224e3f85284337b7be76a108081e71e65bb118 Mon Sep 17 00:00:00 2001
From: Naeem Ullah <enaeemullah@gmail.com>
Date: Tue, 6 Jan 2026 12:44:39 +0500
Subject: [PATCH] Refactor user permissions to dedicated service and controller

Moved user permission management logic from UserService and UserController to new PermissionService and PermissionController classes. This improves separation of concerns and code organization. Also removed unused findByEmail method from UserRepository.
---
 .../controller/PermissionController.java      | 41 ++++++++++
 .../controller/UserController.java            | 22 ------
 .../repository/UserRepository.java            |  1 -
 .../service/PermissionService.java            | 75 +++++++++++++++++++
 .../usermanagement/service/UserService.java   | 44 -----------
 5 files changed, 116 insertions(+), 67 deletions(-)
 create mode 100644 aconnect/src/main/java/com/mfsys/aconnect/usermanagement/controller/PermissionController.java
 create mode 100644 aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/PermissionService.java

diff --git a/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/controller/PermissionController.java b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/controller/PermissionController.java
new file mode 100644
index 0000000..d8cf62a
--- /dev/null
+++ b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/controller/PermissionController.java
@@ -0,0 +1,41 @@
+package com.mfsys.aconnect.usermanagement.controller;
+
+import com.mfsys.aconnect.usermanagement.constant.UserManagementURI;
+import com.mfsys.aconnect.usermanagement.dto.PermissionDTO;
+import com.mfsys.aconnect.usermanagement.dto.UserDTOs;
+import com.mfsys.aconnect.usermanagement.service.PermissionService;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+
+@RestController
+@RequestMapping(UserManagementURI.USER)
+public class PermissionController {
+    private final PermissionService permissionService;
+    public PermissionController(PermissionService permissionService) {
+        this.permissionService = permissionService;
+    }
+
+    @PostMapping(UserManagementURI.SAVE_USER_PERMISSIONS)
+    public ResponseEntity<UserDTOs.UserResponse> saveUserPermissions(
+            @RequestBody PermissionDTO permissionDTO) {
+
+        UserDTOs.UserResponse response = permissionService.saveUserPermissions(permissionDTO);
+        return new ResponseEntity<>(response, HttpStatus.OK);
+    }
+
+    @GetMapping(UserManagementURI.GET_USER_PERMISSIONS)
+    public ResponseEntity<PermissionDTO> getUserPermissions(@RequestParam String userId) {
+        PermissionDTO dto = permissionService.getUserPermissions(userId);
+        return new ResponseEntity<>(dto, HttpStatus.OK);
+    }
+
+    @PutMapping(UserManagementURI.UPDATE_USER_PERMISSIONS)
+    public ResponseEntity<UserDTOs.UserResponse> updateUserPermissions(
+            @RequestBody PermissionDTO permissionDTO) {
+
+        UserDTOs.UserResponse response = permissionService.updateUserPermissions(permissionDTO);
+        return new ResponseEntity<>(response, HttpStatus.OK);
+    }
+
+}
diff --git a/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/controller/UserController.java b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/controller/UserController.java
index e04bf72..f138afa 100644
--- a/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/controller/UserController.java
+++ b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/controller/UserController.java
@@ -1,7 +1,6 @@
 package com.mfsys.aconnect.usermanagement.controller;
 
 import com.mfsys.aconnect.usermanagement.constant.UserManagementURI;
-import com.mfsys.aconnect.usermanagement.dto.PermissionDTO;
 import com.mfsys.aconnect.usermanagement.dto.UserDTOs;
 import com.mfsys.aconnect.usermanagement.service.UserService;
 import jakarta.persistence.EntityNotFoundException;
@@ -63,26 +62,5 @@ public class UserController {
     }
   }
 
-  @PostMapping(UserManagementURI.SAVE_USER_PERMISSIONS)
-  public ResponseEntity<UserDTOs.UserResponse> saveUserPermissions(
-          @RequestBody PermissionDTO permissionDTO) {
-
-      UserDTOs.UserResponse response = userService.saveUserPermissions(permissionDTO);
-      return new ResponseEntity<>(response, HttpStatus.OK);
-  }
-
-  @GetMapping(UserManagementURI.GET_USER_PERMISSIONS)
-  public ResponseEntity<PermissionDTO> getUserPermissions(@RequestParam String userId) {
-      PermissionDTO dto = userService.getUserPermissions(userId);
-      return new ResponseEntity<>(dto, HttpStatus.OK);
-  }
-
-  @PutMapping(UserManagementURI.UPDATE_USER_PERMISSIONS)
-  public ResponseEntity<UserDTOs.UserResponse> updateUserPermissions(
-          @RequestBody PermissionDTO permissionDTO) {
-
-     UserDTOs.UserResponse response = userService.updateUserPermissions(permissionDTO);
-     return new ResponseEntity<>(response, HttpStatus.OK);
-  }
 
 }
diff --git a/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/repository/UserRepository.java b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/repository/UserRepository.java
index da37d7c..a379e55 100644
--- a/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/repository/UserRepository.java
+++ b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/repository/UserRepository.java
@@ -9,5 +9,4 @@ import java.util.Optional;
 @Repository
 public interface UserRepository extends JpaRepository<User, String> {
   Optional<User> findByUserIdAndIsActiveTrue(String userId);
-  Optional<User> findByEmail(String email);
 }
diff --git a/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/PermissionService.java b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/PermissionService.java
new file mode 100644
index 0000000..0e3045a
--- /dev/null
+++ b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/PermissionService.java
@@ -0,0 +1,75 @@
+package com.mfsys.aconnect.usermanagement.service;
+
+import com.mfsys.aconnect.usermanagement.dto.PermissionDTO;
+import com.mfsys.aconnect.usermanagement.dto.UserDTOs;
+import com.mfsys.aconnect.usermanagement.model.User;
+import com.mfsys.aconnect.usermanagement.repository.UserRepository;
+import com.mfsys.common.configuration.service.PasswordEncryptionService;
+import jakarta.persistence.EntityNotFoundException;
+import org.springframework.stereotype.Service;
+import org.springframework.transaction.annotation.Transactional;
+
+@Service
+public class PermissionService {
+    private final UserRepository userRepository;
+    private final PasswordEncryptionService passwordEncryptionService;
+
+    public PermissionService(UserRepository userRepository, PasswordEncryptionService passwordEncryptionService) {
+        this.userRepository = userRepository;
+        this.passwordEncryptionService = passwordEncryptionService;
+    }
+
+
+    @Transactional
+    public UserDTOs.UserResponse saveUserPermissions(PermissionDTO permissionDTO) {
+        User user = userRepository.findById(permissionDTO.getUserId())
+                .orElseThrow(() -> new EntityNotFoundException("User not found with ID: " + permissionDTO.getUserId()));
+
+        // Convert list of permissions to comma-separated string
+        String permissions = String.join(",", permissionDTO.getPermissions());
+        user.setPermissions(permissions);
+        User updatedUser = userRepository.save(user);
+
+        return mapToResponseDTO(updatedUser);
+    }
+
+    public PermissionDTO getUserPermissions(String userId) {
+        User user = userRepository.findById(userId)
+                .orElseThrow(() -> new EntityNotFoundException("User not found with ID: " + userId));
+
+        PermissionDTO dto = new PermissionDTO();
+        dto.setUserId(userId);
+        if (user.getPermissions() != null && !user.getPermissions().isEmpty()) {
+            dto.setPermissions((user.getPermissions()));
+        }
+        return dto;
+    }
+
+    @Transactional
+    public UserDTOs.UserResponse updateUserPermissions(PermissionDTO permissionDTO) {
+
+        User user = userRepository.findById(permissionDTO.getUserId())
+                .orElseThrow(() ->
+                        new EntityNotFoundException("User not found with ID: " + permissionDTO.getUserId())
+                );
+
+        String permissions = String.join(",", permissionDTO.getPermissions());
+        user.setPermissions(permissions);
+
+        User updatedUser = userRepository.save(user);
+        return mapToResponseDTO(updatedUser);
+    }
+
+    private UserDTOs.UserResponse mapToResponseDTO(User user) {
+        UserDTOs.UserResponse response = new UserDTOs.UserResponse();
+        response.setUserId(user.getUserId());
+        response.setUserFullname(user.getUserFullname());
+        response.setEmail(user.getEmail());
+        response.setRole(user.getRole());
+        response.setIsFirstLogin(user.getIsFirstLogin());
+        response.setIsActive(user.getIsActive());
+        response.setCreatedAt(user.getCreatedAt());
+        response.setUpdatedAt(user.getUpdatedAt());
+        return response;
+    }
+}
diff --git a/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/UserService.java b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/UserService.java
index 25040f7..f5ad9eb 100644
--- a/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/UserService.java
+++ b/aconnect/src/main/java/com/mfsys/aconnect/usermanagement/service/UserService.java
@@ -13,10 +13,6 @@ import java.util.List;
 import java.util.Optional;
 import java.util.stream.Collectors;
 
-/**
- * Service class for handling User-related business logic.
- * It uses the UserRepository to interact with the database.
- */
 @Service
 public class UserService {
 
@@ -89,44 +85,4 @@ public class UserService {
     return response;
   }
 
-  @Transactional
-  public UserDTOs.UserResponse saveUserPermissions(PermissionDTO permissionDTO) {
-      User user = userRepository.findById(permissionDTO.getUserId())
-              .orElseThrow(() -> new EntityNotFoundException("User not found with ID: " + permissionDTO.getUserId()));
-
-      // Convert list of permissions to comma-separated string
-      String permissions = String.join(",", permissionDTO.getPermissions());
-      user.setPermissions(permissions);
-      User updatedUser = userRepository.save(user);
-
-      return mapToResponseDTO(updatedUser);
-  }
-
-  public PermissionDTO getUserPermissions(String userId) {
-      User user = userRepository.findById(userId)
-              .orElseThrow(() -> new EntityNotFoundException("User not found with ID: " + userId));
-
-      PermissionDTO dto = new PermissionDTO();
-      dto.setUserId(userId);
-      if (user.getPermissions() != null && !user.getPermissions().isEmpty()) {
-          dto.setPermissions((user.getPermissions()));
-      }
-      return dto;
-  }
-
-  @Transactional
-  public UserDTOs.UserResponse updateUserPermissions(PermissionDTO permissionDTO) {
-
-      User user = userRepository.findById(permissionDTO.getUserId())
-              .orElseThrow(() ->
-                      new EntityNotFoundException("User not found with ID: " + permissionDTO.getUserId())
-              );
-
-      String permissions = String.join(",", permissionDTO.getPermissions());
-      user.setPermissions(permissions);
-
-      User updatedUser = userRepository.save(user);
-      return mapToResponseDTO(updatedUser);
-  }
-
 }