Merge pull request 'Max/Backend/BackendClean' (#121) from Max/Backend/BackendClean into master
Reviewed-on: PGL/Clyde#121 Reviewed-by: Wal <karpinskiwal@gmail.com> Reviewed-by: Debucquoy Anthony <d.tonitch@gmail.com>
This commit is contained in:
commit
767a83d1d6
@ -0,0 +1,62 @@
|
||||
package ovh.herisson.Clyde.EndPoints;
|
||||
|
||||
import org.springframework.http.HttpStatus;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
import org.springframework.web.bind.annotation.RequestHeader;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
import ovh.herisson.Clyde.Services.AuthenticatorService;
|
||||
import ovh.herisson.Clyde.Tables.Applications;
|
||||
import ovh.herisson.Clyde.Tables.Role;
|
||||
|
||||
import java.util.ArrayList;
|
||||
|
||||
@RestController
|
||||
public class ApplicationsController {
|
||||
|
||||
AuthenticatorService authServ;
|
||||
|
||||
public ApplicationsController(AuthenticatorService authServ){
|
||||
this.authServ = authServ;
|
||||
}
|
||||
|
||||
|
||||
/** return a list of authorized applications.
|
||||
* depends on the token
|
||||
*/
|
||||
@GetMapping("/apps")
|
||||
public ResponseEntity<Iterable<Applications>> getAuthorizedApps(@RequestHeader("Authorization") String token){
|
||||
|
||||
return new ResponseEntity<>(getAuthorizedApplications(token), HttpStatus.OK);
|
||||
}
|
||||
|
||||
@GetMapping("/apps/{identifier}")
|
||||
public ResponseEntity<Boolean> getAppAuthorization(@PathVariable Applications identifier, @RequestHeader("Authorization") String token){
|
||||
|
||||
if (getAuthorizedApplications(token).contains(identifier)){
|
||||
return new ResponseEntity<>(true, HttpStatus.OK);
|
||||
}
|
||||
return new ResponseEntity<>(false, HttpStatus.OK);
|
||||
}
|
||||
|
||||
public ArrayList<Applications> getAuthorizedApplications(String token){
|
||||
Role posterRole = authServ.getUserFromToken(token).getRole();
|
||||
ArrayList<Applications> authorizedApps = new ArrayList<>();
|
||||
|
||||
authorizedApps.add(Applications.Login);
|
||||
authorizedApps.add(Applications.Profile);
|
||||
authorizedApps.add(Applications.Msg);
|
||||
authorizedApps.add(Applications.Forum);
|
||||
authorizedApps.add(Applications.Rdv);
|
||||
|
||||
if (posterRole == Role.Student || posterRole == Role.Admin) return authorizedApps;
|
||||
|
||||
if (posterRole == Role.Teacher || posterRole == Role.Secretary || posterRole == Role.Admin) authorizedApps.add(Applications.ManageCourses);
|
||||
|
||||
if (posterRole == Role.InscriptionService || posterRole == Role.Admin) authorizedApps.add(Applications.Inscription);
|
||||
|
||||
return authorizedApps;
|
||||
}
|
||||
|
||||
}
|
@ -43,28 +43,4 @@ public class CurriculumController {
|
||||
public ResponseEntity<Iterable<CurriculumCourse>> findAll(){
|
||||
return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK);
|
||||
}
|
||||
|
||||
/**@PostMapping("/curriculum")
|
||||
public ResponseEntity<String> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){
|
||||
|
||||
if (!isSecretaryOrAdmin(token)){
|
||||
return new UnauthorizedResponse<>("you're not allowed to post a Curriculum");
|
||||
}
|
||||
|
||||
CurriculumServ.save(Curriculum);
|
||||
|
||||
return new ResponseEntity<>("created !",HttpStatus.CREATED);
|
||||
}**/
|
||||
|
||||
|
||||
|
||||
private boolean isSecretaryOrAdmin(String authorization){
|
||||
if (authorization ==null)
|
||||
return false;
|
||||
|
||||
User poster = authServ.getUserFromToken(authorization);
|
||||
if (poster == null) return false;
|
||||
|
||||
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
|
||||
}
|
||||
}
|
||||
|
@ -32,7 +32,7 @@ public class InscriptionController {
|
||||
@GetMapping("/requests/register")
|
||||
public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){
|
||||
|
||||
if (!isSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
|
||||
if (authServ.isNotSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
|
||||
|
||||
Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
|
||||
ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
|
||||
@ -64,7 +64,7 @@ public class InscriptionController {
|
||||
@RequestHeader("Authorize") String token,
|
||||
@RequestBody RequestState requestState)
|
||||
{
|
||||
if (!isSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
|
||||
if (authServ.isNotSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
|
||||
inscriptionServ.modifyState(id, requestState);
|
||||
return null;
|
||||
}
|
||||
@ -83,15 +83,4 @@ public class InscriptionController {
|
||||
toReturn.put("state", inscriptionRequest.getState());
|
||||
return toReturn;
|
||||
}
|
||||
|
||||
|
||||
private boolean isSecretaryOrAdmin(String authorization){
|
||||
if (authorization ==null)
|
||||
return false;
|
||||
|
||||
User poster = authServ.getUserFromToken(authorization);
|
||||
if (poster == null) return false;
|
||||
|
||||
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -49,4 +49,4 @@ public class LoginController {
|
||||
authServ.register(inscriptionRequest);
|
||||
return new ResponseEntity<>("Is OK", HttpStatus.OK);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -51,6 +51,7 @@ public class MockController {
|
||||
User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
|
||||
User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Teacher,passwordEncoder.encode("secretary"));
|
||||
User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
|
||||
User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.Teacher,passwordEncoder.encode("inscriptionService"));
|
||||
mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke));
|
||||
|
||||
userRepo.saveAll(mockUsers);
|
||||
|
@ -38,7 +38,7 @@ public class UserController {
|
||||
@PostMapping("/user")
|
||||
public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
|
||||
|
||||
if (!isSecretaryOrAdmin(authorization))
|
||||
if (authServ.isNotSecretaryOrAdmin(authorization))
|
||||
return new UnauthorizedResponse<>(null);
|
||||
|
||||
userService.save(user);
|
||||
@ -48,7 +48,7 @@ public class UserController {
|
||||
@GetMapping("/users")
|
||||
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
|
||||
|
||||
if (!isSecretaryOrAdmin(authorization))
|
||||
if (authServ.isNotSecretaryOrAdmin(authorization))
|
||||
return new UnauthorizedResponse<>(null);
|
||||
|
||||
Iterable<User> users = userService.getAll();
|
||||
@ -78,7 +78,6 @@ public class UserController {
|
||||
*/
|
||||
private HashMap<String,Object> userWithoutPassword(User user){
|
||||
HashMap<String,Object> toReturn = new HashMap<>();
|
||||
|
||||
toReturn.put("regNo",user.getRegNo());
|
||||
toReturn.put("firstName",user.getFirstName());
|
||||
toReturn.put("lastName",user.getLastName());
|
||||
@ -86,18 +85,7 @@ public class UserController {
|
||||
toReturn.put("country",user.getCountry());
|
||||
toReturn.put("address",user.getAddress());
|
||||
toReturn.put("role",user.getRole());
|
||||
|
||||
return toReturn;
|
||||
}
|
||||
|
||||
private boolean isSecretaryOrAdmin(String authorization){
|
||||
if (authorization ==null)
|
||||
return false;
|
||||
|
||||
User poster = authServ.getUserFromToken(authorization);
|
||||
if (poster == null) return false;
|
||||
|
||||
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
|
||||
}
|
||||
}
|
||||
|
||||
|
@ -1,9 +1,8 @@
|
||||
package ovh.herisson.Clyde.Services;
|
||||
|
||||
import org.springframework.stereotype.Service;
|
||||
import ovh.herisson.Clyde.EndPoints.LoginController;
|
||||
import ovh.herisson.Clyde.Repositories.InscriptionRepository;
|
||||
import ovh.herisson.Clyde.Tables.InscriptionRequest;
|
||||
import ovh.herisson.Clyde.Tables.Role;
|
||||
import ovh.herisson.Clyde.Tables.Token;
|
||||
import ovh.herisson.Clyde.Tables.User;
|
||||
|
||||
@ -39,4 +38,17 @@ public class AuthenticatorService {
|
||||
public void register(InscriptionRequest inscriptionRequest) {
|
||||
inscriptionService.save(inscriptionRequest);
|
||||
}
|
||||
|
||||
|
||||
public boolean isNotSecretaryOrAdmin(String authorization){
|
||||
if (authorization ==null)
|
||||
return true;
|
||||
|
||||
User poster = getUserFromToken(authorization);
|
||||
if (poster == null) return true;
|
||||
|
||||
return poster.getRole() != Role.Secretary || poster.getRole() != Role.Admin;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
|
@ -31,4 +31,4 @@ public class InscriptionService {
|
||||
inscriptionRequest.setState(requestState);
|
||||
save(inscriptionRequest);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
@ -4,10 +4,8 @@ import org.springframework.stereotype.Service;
|
||||
import org.springframework.web.multipart.MultipartFile;
|
||||
import ovh.herisson.Clyde.Repositories.FileRepository;
|
||||
import ovh.herisson.Clyde.Tables.*;
|
||||
|
||||
import java.io.File;
|
||||
import java.io.IOException;
|
||||
|
||||
import java.nio.file.Files;
|
||||
import java.nio.file.Path;
|
||||
import java.nio.file.Paths;
|
||||
|
@ -5,17 +5,15 @@ import org.springframework.stereotype.Service;
|
||||
import ovh.herisson.Clyde.Repositories.TokenRepository;
|
||||
import ovh.herisson.Clyde.Tables.Token;
|
||||
import ovh.herisson.Clyde.Tables.User;
|
||||
|
||||
import java.io.UnsupportedEncodingException;
|
||||
import java.security.SecureRandom;
|
||||
import java.util.ArrayList;
|
||||
import java.util.Base64;
|
||||
import java.util.Calendar;
|
||||
import java.util.Date;
|
||||
|
||||
@Service
|
||||
public class TokenService {
|
||||
TokenRepository tokenRepo;
|
||||
private final TokenRepository tokenRepo;
|
||||
|
||||
public TokenService(TokenRepository tokenRepo){
|
||||
this.tokenRepo = tokenRepo;
|
||||
|
@ -0,0 +1,21 @@
|
||||
package ovh.herisson.Clyde.Tables;
|
||||
|
||||
public enum Applications {
|
||||
// without any token
|
||||
Login,
|
||||
|
||||
// with any token
|
||||
Profile,
|
||||
|
||||
|
||||
// Students and higher authorization
|
||||
Msg,
|
||||
Forum,
|
||||
Rdv,
|
||||
|
||||
// teachers and Secretary authorization
|
||||
ManageCourses,
|
||||
|
||||
// InscriptionService authorization
|
||||
Inscription
|
||||
}
|
@ -3,5 +3,5 @@ package ovh.herisson.Clyde.Tables;
|
||||
public enum RequestState {
|
||||
Accepted,
|
||||
Refused,
|
||||
Pending;
|
||||
Pending
|
||||
}
|
||||
|
@ -5,5 +5,5 @@ public enum Role {
|
||||
Student,
|
||||
Admin,
|
||||
InscriptionService,
|
||||
Secretary;
|
||||
}
|
||||
Secretary
|
||||
}
|
Loading…
Reference in New Issue
Block a user