Merge branch 'dev' into feat/255-workplace-endpoints

Author: enverern

.github/workflows/frontend-tests.yml

@@ -0,0 +1,42 @@
+name: Jobboard Frontend Tests
+
+on:
+  push:
+    paths:
+      - "apps/jobboard-frontend/**"
+      - ".github/workflows/frontend-tests.yml"
+  pull_request:
+    types: [opened, synchronize, reopened]
+    paths:
+      - "apps/jobboard-frontend/**"
+      - ".github/workflows/frontend-tests.yml"
+
+jobs:
+  test:
+    name: Run Vitest Suite
+    runs-on: ubuntu-latest
+    defaults:
+      run:
+        working-directory: apps/jobboard-frontend
+
+    steps:
+      - name: Checkout repository
+        uses: actions/checkout@v5
+
+      - name: Install pnpm
+        uses: pnpm/action-setup@v4
+        with:
+          version: 10
+
+      - name: Setup Node.js
+        uses: actions/setup-node@v5
+        with:
+          node-version: 22
+          cache: pnpm
+          cache-dependency-path: apps/jobboard-frontend/pnpm-lock.yaml
+
+      - name: Install dependencies
+        run: pnpm install --frozen-lockfile
+
+      - name: Run unit tests
+        run: pnpm test

apps/jobboard-backend/src/main/java/org/bounswe/jobboardbackend/exception/ErrorCode.java

@@ -32,6 +32,7 @@ public enum ErrorCode {
     WORKPLACE_NOT_FOUND(HttpStatus.NOT_FOUND),
     WORKPLACE_ALREADY_EXISTS(HttpStatus.CONFLICT),
     REVIEW_ALREADY_EXISTS(HttpStatus.CONFLICT),
+    WORKPLACE_UNAUTHORIZED(HttpStatus.FORBIDDEN),
 
     VALIDATION_ERROR(HttpStatus.BAD_REQUEST),
 
@@ -50,6 +51,7 @@ public enum ErrorCode {
     BAD_REQUEST(HttpStatus.BAD_REQUEST),
 
     JOB_APPLICATION_NOT_FOUND(HttpStatus.NOT_FOUND),
+    APPLICATION_ALREADY_EXISTS(HttpStatus.CONFLICT),
     MISSING_FILTER_PARAMETER(HttpStatus.BAD_REQUEST),
 
     JOB_POST_NOT_FOUND(HttpStatus.NOT_FOUND),

apps/jobboard-backend/src/main/java/org/bounswe/jobboardbackend/jobapplication/controller/JobApplicationController.java

@@ -26,6 +26,8 @@ public JobApplicationController(JobApplicationService service) {
         this.service = service;
     }
 
+    // Legacy endpoint with query parameters (kept for backward compatibility)
+    // This endpoint is split into two separate endpoints.
     @PreAuthorize("isAuthenticated()")
     @GetMapping
     public ResponseEntity<List<JobApplicationResponse>> getFiltered(
@@ -41,6 +43,25 @@ public ResponseEntity<List<JobApplicationResponse>> getFiltered(
         }
     }
 
+    
+    @PreAuthorize("isAuthenticated()")
+    @GetMapping("/job-seeker/{jobSeekerId}")
+    public ResponseEntity<List<JobApplicationResponse>> getByJobSeeker(@PathVariable Long jobSeekerId) {
+        return ResponseEntity.ok(service.getByJobSeekerId(jobSeekerId));
+    }
+
+    @PreAuthorize("isAuthenticated()")
+    @GetMapping("/job-post/{jobPostId}")
+    public ResponseEntity<List<JobApplicationResponse>> getByJobPost(@PathVariable Long jobPostId) {
+        return ResponseEntity.ok(service.getByJobPostId(jobPostId));
+    }
+
+    @PreAuthorize("isAuthenticated()")
+    @GetMapping("/workplace/{workplaceId}")
+    public ResponseEntity<List<JobApplicationResponse>> getByWorkplace(@PathVariable Long workplaceId) {
+        return ResponseEntity.ok(service.getByWorkplaceId(workplaceId));
+    }
+
     @PreAuthorize("isAuthenticated()")
     @GetMapping("/{id}")
     public ResponseEntity<JobApplicationResponse> getById(@PathVariable Long id) {

apps/jobboard-backend/src/main/java/org/bounswe/jobboardbackend/jobapplication/dto/JobApplicationResponse.java

@@ -2,6 +2,7 @@
 
 import lombok.*;
 import org.bounswe.jobboardbackend.jobapplication.model.JobApplicationStatus;
+import org.bounswe.jobboardbackend.workplace.dto.WorkplaceBriefResponse;
 
 import java.time.LocalDateTime;
 
@@ -13,7 +14,7 @@ public class JobApplicationResponse {
 
     private Long id;
     private String title;
-    private String company;
+    private WorkplaceBriefResponse workplace;
     private String applicantName;
     private Long jobSeekerId;
     private Long jobPostId;

apps/jobboard-backend/src/main/java/org/bounswe/jobboardbackend/jobapplication/repository/JobApplicationRepository.java

@@ -12,4 +12,8 @@ public interface JobApplicationRepository extends JpaRepository<JobApplication,
     List<JobApplication> findByJobSeekerId(Long jobSeekerId);
 
     List<JobApplication> findByJobPostId(Long jobPostId);
+    
+    List<JobApplication> findByJobPost_Workplace_Id(Long workplaceId);
+    
+    boolean existsByJobSeekerIdAndJobPostId(Long jobSeekerId, Long jobPostId);
 }

apps/jobboard-backend/src/main/java/org/bounswe/jobboardbackend/jobapplication/service/JobApplicationService.java

@@ -12,7 +12,11 @@
 import org.bounswe.jobboardbackend.jobapplication.repository.JobApplicationRepository;
 import org.bounswe.jobboardbackend.jobpost.model.JobPost;
 import org.bounswe.jobboardbackend.jobpost.repository.JobPostRepository;
+import org.bounswe.jobboardbackend.workplace.service.WorkplaceService;
+import org.bounswe.jobboardbackend.workplace.repository.EmployerWorkplaceRepository;
+import org.bounswe.jobboardbackend.workplace.repository.WorkplaceRepository;
 import org.springframework.beans.factory.annotation.Value;
+import org.springframework.security.access.AccessDeniedException;
 import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.context.SecurityContextHolder;
@@ -36,6 +40,9 @@ public class JobApplicationService {
     private final JobApplicationRepository applicationRepository;
     private final UserRepository userRepository;
     private final JobPostRepository jobPostRepository;
+    private final WorkplaceService workplaceService;
+    private final EmployerWorkplaceRepository employerWorkplaceRepository;
+    private final WorkplaceRepository workplaceRepository;
 
     // === GCS config ===
     @Value("${app.gcs.bucket:bounswe-jobboard}")
@@ -55,26 +62,51 @@ public class JobApplicationService {
 
     public JobApplicationService(JobApplicationRepository applicationRepository,
                                  UserRepository userRepository,
-                                 JobPostRepository jobPostRepository) {
+                                 JobPostRepository jobPostRepository,
+                                 WorkplaceService workplaceService,
+                                 EmployerWorkplaceRepository employerWorkplaceRepository,
+                                 WorkplaceRepository workplaceRepository) {
         this.applicationRepository = applicationRepository;
         this.userRepository = userRepository;
         this.jobPostRepository = jobPostRepository;
+        this.workplaceService = workplaceService;
+        this.employerWorkplaceRepository = employerWorkplaceRepository;
+        this.workplaceRepository = workplaceRepository;
     }
 
     @Transactional(readOnly = true)
     public List<JobApplicationResponse> getByJobSeekerId(Long jobSeekerId) {
+        // Verify job seeker exists
+        userRepository.findById(jobSeekerId)
+                .orElseThrow(() -> new HandleException(ErrorCode.USER_NOT_FOUND, "Job seeker with ID " + jobSeekerId + " not found"));
+        
         return applicationRepository.findByJobSeekerId(jobSeekerId).stream()
                 .map(this::toResponseDto)
                 .collect(Collectors.toList());
     }
 
     @Transactional(readOnly = true)
     public List<JobApplicationResponse> getByJobPostId(Long jobPostId) {
+        // Verify job post exists
+        jobPostRepository.findById(jobPostId)
+                .orElseThrow(() -> new HandleException(ErrorCode.JOB_POST_NOT_FOUND, "Job post with ID " + jobPostId + " not found"));
+        
         return applicationRepository.findByJobPostId(jobPostId).stream()
                 .map(this::toResponseDto)
                 .collect(Collectors.toList());
     }
 
+    @Transactional(readOnly = true)
+    public List<JobApplicationResponse> getByWorkplaceId(Long workplaceId) {
+        // Verify workplace exists
+        workplaceRepository.findById(workplaceId)
+                .orElseThrow(() -> new HandleException(ErrorCode.WORKPLACE_NOT_FOUND, "Workplace with ID " + workplaceId + " not found"));
+        
+        return applicationRepository.findByJobPost_Workplace_Id(workplaceId).stream()
+                .map(this::toResponseDto)
+                .collect(Collectors.toList());
+    }
+
     @Transactional(readOnly = true)
     public JobApplicationResponse getById(Long id) {
         return applicationRepository.findById(id)
@@ -87,12 +119,15 @@ public JobApplicationResponse getById(Long id) {
     public JobApplicationResponse create(CreateJobApplicationRequest dto) {
         User jobSeeker = getCurrentUser();
 
-
-
         // Get job post
         JobPost jobPost = jobPostRepository.findById(dto.getJobPostId())
                 .orElseThrow(() -> new HandleException(ErrorCode.JOB_POST_NOT_FOUND, "Job post with ID " + dto.getJobPostId() + " not found"));
 
+        // Check if jobseeker already applied to this job post
+        if (applicationRepository.existsByJobSeekerIdAndJobPostId(jobSeeker.getId(), dto.getJobPostId())) {
+            throw new HandleException(ErrorCode.APPLICATION_ALREADY_EXISTS, "You have already applied to this job post");
+        }
+
         // Create application
         JobApplication application = JobApplication.builder()
                 .jobSeeker(jobSeeker)
@@ -107,16 +142,15 @@ public JobApplicationResponse create(CreateJobApplicationRequest dto) {
     }
 
     @Transactional
+    @PreAuthorize("hasRole('ROLE_EMPLOYER')")
     public JobApplicationResponse approve(Long id, String feedback) {
         JobApplication application = applicationRepository.findById(id)
                 .orElseThrow(() -> new HandleException(ErrorCode.JOB_APPLICATION_NOT_FOUND, "Application with ID " + id + " not found"));
 
-        // Check authorization: only the employer who posted the job can approve
+        // Check authorization: any employer of the workplace can approve
         User employer = getCurrentUser();
-
-        if (!application.getJobPost().getEmployer().getId().equals(employer.getId())) {
-            throw new HandleException(ErrorCode.USER_UNAUTHORIZED, "Only the employer who posted the job can approve applications");
-        }
+        Long workplaceId = application.getJobPost().getWorkplace().getId();
+        assertEmployerOfWorkplace(workplaceId, employer.getId());
 
         // Update status
         application.setStatus(JobApplicationStatus.APPROVED);
@@ -128,16 +162,15 @@ public JobApplicationResponse approve(Long id, String feedback) {
     }
 
     @Transactional
+    @PreAuthorize("hasRole('ROLE_EMPLOYER')")
     public JobApplicationResponse reject(Long id, String feedback) {
         JobApplication application = applicationRepository.findById(id)
                 .orElseThrow(() -> new HandleException(ErrorCode.JOB_APPLICATION_NOT_FOUND, "Application with ID " + id + " not found"));
 
-        // Check authorization: only the employer who posted the job can reject
+        // Check authorization: any employer of the workplace can reject
         User employer = getCurrentUser();
-
-        if (!application.getJobPost().getEmployer().getId().equals(employer.getId())) {
-            throw new HandleException(ErrorCode.USER_UNAUTHORIZED, "Only the employer who posted the job can reject applications");
-        }
+        Long workplaceId = application.getJobPost().getWorkplace().getId();
+        assertEmployerOfWorkplace(workplaceId, employer.getId());
 
         // Update status
         application.setStatus(JobApplicationStatus.REJECTED);
@@ -173,7 +206,7 @@ private JobApplicationResponse toResponseDto(JobApplication application) {
                 .applicantName(jobSeeker.getUsername())
                 .jobPostId(jobPost.getId())
                 .title(jobPost.getTitle())
-                .company(jobPost.getCompany())
+                .workplace(workplaceService.toBriefResponse(jobPost.getWorkplace()))
                 .status(application.getStatus())
                 .specialNeeds(application.getSpecialNeeds())
                 .feedback(application.getFeedback())
@@ -354,4 +387,11 @@ public void deleteCv(Long applicationId) {
             applicationRepository.save(application);
         }
     }
+
+    private void assertEmployerOfWorkplace(Long workplaceId, Long userId) {
+        boolean isEmployer = employerWorkplaceRepository.existsByWorkplace_IdAndUser_Id(workplaceId, userId);
+        if (!isEmployer) {
+            throw new HandleException(ErrorCode.WORKPLACE_UNAUTHORIZED, "You are not an employer of this workplace");
+        }
+    }
 }

apps/jobboard-backend/src/main/java/org/bounswe/jobboardbackend/jobpost/controller/JobPostController.java

@@ -27,13 +27,16 @@ public JobPostController(JobPostService service) {
     public ResponseEntity<List<JobPostResponse>> getFiltered(
             @RequestParam(required = false) String title,
             @RequestParam(required = false) String companyName,
+            @RequestParam(required = false) String location,
+            @RequestParam(required = false) String sector,
             @RequestParam(required = false) List<String> ethicalTags,
             @RequestParam(required = false) Integer minSalary,
             @RequestParam(required = false) Integer maxSalary,
             @RequestParam(required = false) Boolean isRemote,
-            @RequestParam(required = false) Boolean inclusiveOpportunity
+            @RequestParam(required = false) Boolean inclusiveOpportunity,
+            @RequestParam(required = false) Boolean nonProfit
     ) {
-        return ResponseEntity.ok(service.getFiltered(title, companyName, ethicalTags, minSalary, maxSalary, isRemote, inclusiveOpportunity));
+        return ResponseEntity.ok(service.getFiltered(title, companyName, location, sector, ethicalTags, minSalary, maxSalary, isRemote, inclusiveOpportunity, nonProfit));
     }
 
     @PreAuthorize("isAuthenticated()")
@@ -42,6 +45,12 @@ public ResponseEntity<List<JobPostResponse>> getByEmployerId(@PathVariable Long
         return ResponseEntity.ok(service.getByEmployerId(employerId));
     }
 
+    @PreAuthorize("isAuthenticated()")
+    @GetMapping("/workplace/{workplaceId}")
+    public ResponseEntity<List<JobPostResponse>> getByWorkplaceId(@PathVariable Long workplaceId) {
+        return ResponseEntity.ok(service.getByWorkplaceId(workplaceId));
+    }
+
     @PreAuthorize("isAuthenticated()")
     @GetMapping("/{id}")
     public ResponseEntity<JobPostResponse> getById(@PathVariable Long id) {

apps/jobboard-backend/src/main/java/org/bounswe/jobboardbackend/jobpost/dto/CreateJobPostRequest.java

@@ -1,6 +1,7 @@
 package org.bounswe.jobboardbackend.jobpost.dto;
 
 import jakarta.validation.constraints.NotBlank;
+import jakarta.validation.constraints.NotNull;
 import jakarta.validation.constraints.Size;
 import lombok.*;
 
@@ -15,21 +16,18 @@ public class CreateJobPostRequest {
     private String title;
 
     @NotBlank(message = "Description cannot be empty")
-    @Size(max = 1000)
+    @Size(max = 5000)
     private String description;
 
-    @NotBlank(message = "Company name is required")
-    private String company;
-
-    @NotBlank(message = "Location is required")
-    private String location;
+    @NotNull(message = "Workplace ID is required")
+    private Long workplaceId;
 
     private boolean remote;
 
-    private String ethicalTags; // comma-separated, optional
-
     private boolean inclusiveOpportunity; // targeted toward candidates with disabilities
 
+    private boolean nonProfit; // indicates if this is a non-profit/volunteer position
+
     private Integer minSalary;
     private Integer maxSalary;
 

apps/jobboard-backend/src/main/java/org/bounswe/jobboardbackend/jobpost/dto/JobPostResponse.java

@@ -2,6 +2,7 @@
 
 import com.fasterxml.jackson.annotation.JsonProperty;
 import lombok.*;
+import org.bounswe.jobboardbackend.workplace.dto.WorkplaceBriefResponse;
 import java.time.LocalDateTime;
 
 @Data
@@ -14,11 +15,13 @@ public class JobPostResponse {
     private Long employerId;
     private String title;
     private String description;
-    private String company;
-    private String location;
+    
+    // Workplace information
+    private WorkplaceBriefResponse workplace;
+    
     private boolean remote;
-    private String ethicalTags;
     private boolean inclusiveOpportunity;
+    private boolean nonProfit;
     private Integer minSalary;
     private Integer maxSalary;
     private String contact;

apps/jobboard-backend/src/main/java/org/bounswe/jobboardbackend/jobpost/dto/UpdateJobPostRequest.java

@@ -12,19 +12,17 @@ public class UpdateJobPostRequest {
     @Size(max = 100)
     private String title;
 
-    @Size(max = 1000)
+    @Size(max = 5000)
     private String description;
 
-    private String company;
-
-    private String location;
+    private Long workplaceId;
 
     private Boolean remote;
 
-    private String ethicalTags;
-
     private Boolean inclusiveOpportunity;
 
+    private Boolean nonProfit;
+
     private Integer minSalary;
     private Integer maxSalary;