Backend route `/api/member/tutorNotes` can give duplicate entries when a user is both an admin / instructor AND a tutor.

[pconrad]

In the backend route /api/member/tutorNotes, the pseudocode is like this:

if you are an admin {
   list = find all tutor notes
} else if you are an instructor {
  list = find all the tutor notes for this instructors courses
}

now, add to that list, all tutor notes where the current user is a tutor.

What we should do is replace this with: add all tutor notes that do not duplicate ones already in the list. There are a variety of ways to do this, include

• making the list as a "set" and then converting to a list
• using a loop to add them in one by one, only if not already in the list
• ways of doing it with streams

The problem line of code is this one:

• https://github.com/ucsb-cs156-s21/proj-ucsb-cs-las/blob/023433505e714f9c429e5064b1294e987a58528e/src/main/java/edu/ucsb/ucsbcslas/controllers/TutorNotesController.java#L134

What we want instead, is instead of allAll we want allAllThatAreNotAlreadyInTheList but that's not a method as far as I know....

Here's one possible approach (not tested):

       Set<TutorNotes> tutorNotesSet = new Set<>;
        if (!authControllerAdvice.getIsMember(authorization)) {
            return new ResponseEntity<>("Unauthorized Request", HttpStatus.UNAUTHORIZED);
        }
        String thisUsersEmail = authControllerAdvice.getUser(authorization).getEmail();
        if (authControllerAdvice.getIsAdmin(authorization)) {
            tutorNotesSet.addAll( tutorNotesRepository.findAll());
        }

        tutorNotesSet.addAll(tutorNotesRepository
                    .findAllByOnlineOfficeHoursTutorAssignmentCourseInstructorEmail(thisUsersEmail));

         tutorNotesSet.addAll( tutorNotesRepository
                .findAllByOnlineOfficeHoursTutorAssignmentTutorEmail(thisUsersEmail));

        ObjectMapper mapper = new ObjectMapper();
        String body = mapper.writeValueAsString(tutorNotesSet);
        return ResponseEntity.ok().body(body);