GET /users doesn't return Admins if the poster isn't an admin

backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java

@@ -9,6 +9,8 @@ import ovh.herisson.Clyde.Services.ProtectionService;
 import ovh.herisson.Clyde.Services.UserService;
 import ovh.herisson.Clyde.Tables.Role;
 import ovh.herisson.Clyde.Tables.User;
+
+import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.Map;
 
@@ -53,7 +55,15 @@ public class UserController {
         if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
             return new UnauthorizedResponse<>(null);
 
-        Iterable<User> users = userService.getAll();
+        Role posterRole = authServ.getUserFromToken(token).getRole();
+
+        Iterable<User> users = new ArrayList<>();
+
+        if (posterRole == Role.Admin)
+            users = userService.getAll();
+
+        else if (posterRole == Role.Secretary)
+            users = userService.getAllExceptAdmins();
 
         return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(users), HttpStatus.OK);
     }

backend/src/main/java/ovh/herisson/Clyde/Repositories/UserRepository.java

@@ -10,9 +10,14 @@ public interface UserRepository extends CrudRepository<User, Long> {
 
     User findByEmail(String email);
 
+
+
     @Query("select u from User u where u.role = ovh.herisson.Clyde.Tables.Role.Teacher")
     Iterable<User> findAllTeachers();
 
     @Query("select u from User u where u.role = ovh.herisson.Clyde.Tables.Role.Student")
     Iterable<User> findAllStudents();
+
+    @Query("select u from User u where u.role <> ovh.herisson.Clyde.Tables.Role.Admin")
+    Iterable<User> findAllExceptAdmins();
 }

backend/src/main/java/ovh/herisson/Clyde/Services/UserService.java

@@ -114,6 +114,10 @@ public class UserService {
         return userRepo.findAll();
     }
 
+    public Iterable<User> getAllExceptAdmins(){
+        return userRepo.findAllExceptAdmins();
+    }
+
 
     public Iterable<User> getAllTeachers (){return userRepo.findAllTeachers();}