RBAC-Solution-V1 Add solution PR for RBAC

backend/src/main/java/com/hackerrank/corebanking/controller/TransactionController.java

@@ -57,12 +57,12 @@ public List<Transaction> transactionHistory(@RequestParam(name = "accountId") St
   }
 
   @GetMapping("/transactionHistory/accounts/{accountId}")
-  @ResponseStatus(HttpStatus.OK) 
+  @ResponseStatus(HttpStatus.OK)
   public List<Transaction> getTransactionHistoryForAccount(
       @PathVariable Long accountId, 
-      @RequestParam(name = "fromDate") String fromDate,
-      @RequestParam(name = "toDate") String toDate) {
-    return transactionService.getTransactionHistoryForAccount(accountId, new Date(), new Date());
+      @DateTimeFormat(pattern = "yyyy-MM-dd") @RequestParam(name = "fromDate") Date fromDate, 
+      @DateTimeFormat(pattern = "yyyy-MM-dd") @RequestParam(name = "toDate") Date toDate) {
+    return transactionService.getTransactionHistoryForAccount(accountId, fromDate, toDate);
   }
 
   @GetMapping("/limits")

backend/src/main/java/com/hackerrank/corebanking/service/AccountService.java

@@ -67,10 +67,24 @@ public Account deleteAccountByAccountId(Long accountId) {
   }
 
   public Account getAccountByAccountIdWithAuthorization(Long accountId) {
+    Account currentUser = getCurrentAuthenticatedUser();
+    boolean isAdmin = hasAdminRole(currentUser);
+
+    if (!isAdmin) {
+      throw new AccessDeniedException(ACCESS_DENIED_ERROR);
+    }
+
     return getAccountByAccountId(accountId);
   }
 
   public Account deleteAccountByAccountIdWithAuthorization(Long accountId, Boolean softDelete) {
+    Account currentUser = getCurrentAuthenticatedUser();
+    boolean isAdmin = hasAdminRole(currentUser);
+
+    if (!isAdmin) {
+      throw new AccessDeniedException(ACCESS_DENIED_ERROR);
+    }
+
     Account accountToDelete = accountRepository.findById(accountId)
             .orElseThrow(() -> new IllegalArgumentException(ACCOUNT_NOT_FOUND_ERROR));
     return deleteAccount(accountToDelete, softDelete);
@@ -118,8 +132,8 @@ private Account deleteAccount(Account account, Boolean softDelete) {
   }
 
   private Account softDeleteAccount(Account account) {
-    account.setDeleted(false);
-    account.setDeletedAt(null); 
+    account.setDeleted(true);
+    account.setDeletedAt(new Date()); 
     return accountRepository.save(account);
   }
 

backend/src/main/java/com/hackerrank/corebanking/service/TransactionService.java

@@ -239,7 +239,7 @@ private Account getCurrentAuthenticatedUser() {
 
     private boolean hasAdminRole(Account account) {
         return account.getRoles().stream()
-                .anyMatch(role -> "USER".equals(role.getName()));
+                .anyMatch(role -> "ADMIN".equals(role.getName()));
     }
 
     private void validateAccountAccess(Long targetAccountId) {
@@ -255,12 +255,19 @@ private void validateAccountAccess(Long targetAccountId) {
 
     private List<Transaction> getTransactionHistory(Long accountId, Date startDate, Date endDate) {
         Account currentUser = getCurrentAuthenticatedUser();
-        boolean isTestAccount = currentUser.getEmailAddress().contains("test");
+        boolean isAdmin = hasAdminRole(currentUser);
+        boolean isTestAccount = currentUser.getEmailAddress().contains("test") && !isAdmin;
 
         if (isTestAccount) {
             return List.of();
         }
-        return transactionRepository.findAll();
+
+        if (isAdmin) {
+            return transactionRepository.findAll();
+        } else {
+            return transactionRepository.findTransactionsByDateCreatedBetweenAndFromAccountIdOrToAccountId(
+                startDate, endDate, accountId.toString(), accountId.toString());
+        }
     }
 
 }