Compare commits

..

No commits in common. "767a83d1d69db58a53dabd857b3d5be416127c81" and "c955fbf5f857dabac17f0568b248a185a80e57b5" have entirely different histories.

13 changed files with 64 additions and 109 deletions

View File

@ -1,62 +0,0 @@
package ovh.herisson.Clyde.EndPoints;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RestController;
import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Tables.Applications;
import ovh.herisson.Clyde.Tables.Role;
import java.util.ArrayList;
@RestController
public class ApplicationsController {
AuthenticatorService authServ;
public ApplicationsController(AuthenticatorService authServ){
this.authServ = authServ;
}
/** return a list of authorized applications.
* depends on the token
*/
@GetMapping("/apps")
public ResponseEntity<Iterable<Applications>> getAuthorizedApps(@RequestHeader("Authorization") String token){
return new ResponseEntity<>(getAuthorizedApplications(token), HttpStatus.OK);
}
@GetMapping("/apps/{identifier}")
public ResponseEntity<Boolean> getAppAuthorization(@PathVariable Applications identifier, @RequestHeader("Authorization") String token){
if (getAuthorizedApplications(token).contains(identifier)){
return new ResponseEntity<>(true, HttpStatus.OK);
}
return new ResponseEntity<>(false, HttpStatus.OK);
}
public ArrayList<Applications> getAuthorizedApplications(String token){
Role posterRole = authServ.getUserFromToken(token).getRole();
ArrayList<Applications> authorizedApps = new ArrayList<>();
authorizedApps.add(Applications.Login);
authorizedApps.add(Applications.Profile);
authorizedApps.add(Applications.Msg);
authorizedApps.add(Applications.Forum);
authorizedApps.add(Applications.Rdv);
if (posterRole == Role.Student || posterRole == Role.Admin) return authorizedApps;
if (posterRole == Role.Teacher || posterRole == Role.Secretary || posterRole == Role.Admin) authorizedApps.add(Applications.ManageCourses);
if (posterRole == Role.InscriptionService || posterRole == Role.Admin) authorizedApps.add(Applications.Inscription);
return authorizedApps;
}
}

View File

@ -43,4 +43,28 @@ public class CurriculumController {
public ResponseEntity<Iterable<CurriculumCourse>> findAll(){
return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK);
}
/**@PostMapping("/curriculum")
public ResponseEntity<String> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){
if (!isSecretaryOrAdmin(token)){
return new UnauthorizedResponse<>("you're not allowed to post a Curriculum");
}
CurriculumServ.save(Curriculum);
return new ResponseEntity<>("created !",HttpStatus.CREATED);
}**/
private boolean isSecretaryOrAdmin(String authorization){
if (authorization ==null)
return false;
User poster = authServ.getUserFromToken(authorization);
if (poster == null) return false;
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
}
}

View File

@ -32,7 +32,7 @@ public class InscriptionController {
@GetMapping("/requests/register")
public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){
if (authServ.isNotSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
if (!isSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
@ -64,7 +64,7 @@ public class InscriptionController {
@RequestHeader("Authorize") String token,
@RequestBody RequestState requestState)
{
if (authServ.isNotSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
if (!isSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
inscriptionServ.modifyState(id, requestState);
return null;
}
@ -83,4 +83,15 @@ public class InscriptionController {
toReturn.put("state", inscriptionRequest.getState());
return toReturn;
}
}
private boolean isSecretaryOrAdmin(String authorization){
if (authorization ==null)
return false;
User poster = authServ.getUserFromToken(authorization);
if (poster == null) return false;
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
}
}

View File

@ -49,4 +49,4 @@ public class LoginController {
authServ.register(inscriptionRequest);
return new ResponseEntity<>("Is OK", HttpStatus.OK);
}
}
}

View File

@ -51,7 +51,6 @@ public class MockController {
User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Teacher,passwordEncoder.encode("secretary"));
User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.Teacher,passwordEncoder.encode("inscriptionService"));
mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke));
userRepo.saveAll(mockUsers);

View File

@ -38,7 +38,7 @@ public class UserController {
@PostMapping("/user")
public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
if (authServ.isNotSecretaryOrAdmin(authorization))
if (!isSecretaryOrAdmin(authorization))
return new UnauthorizedResponse<>(null);
userService.save(user);
@ -48,7 +48,7 @@ public class UserController {
@GetMapping("/users")
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
if (authServ.isNotSecretaryOrAdmin(authorization))
if (!isSecretaryOrAdmin(authorization))
return new UnauthorizedResponse<>(null);
Iterable<User> users = userService.getAll();
@ -78,6 +78,7 @@ public class UserController {
*/
private HashMap<String,Object> userWithoutPassword(User user){
HashMap<String,Object> toReturn = new HashMap<>();
toReturn.put("regNo",user.getRegNo());
toReturn.put("firstName",user.getFirstName());
toReturn.put("lastName",user.getLastName());
@ -85,7 +86,18 @@ public class UserController {
toReturn.put("country",user.getCountry());
toReturn.put("address",user.getAddress());
toReturn.put("role",user.getRole());
return toReturn;
}
private boolean isSecretaryOrAdmin(String authorization){
if (authorization ==null)
return false;
User poster = authServ.getUserFromToken(authorization);
if (poster == null) return false;
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
}
}

View File

@ -1,8 +1,9 @@
package ovh.herisson.Clyde.Services;
import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.EndPoints.LoginController;
import ovh.herisson.Clyde.Repositories.InscriptionRepository;
import ovh.herisson.Clyde.Tables.InscriptionRequest;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.Token;
import ovh.herisson.Clyde.Tables.User;
@ -38,17 +39,4 @@ public class AuthenticatorService {
public void register(InscriptionRequest inscriptionRequest) {
inscriptionService.save(inscriptionRequest);
}
public boolean isNotSecretaryOrAdmin(String authorization){
if (authorization ==null)
return true;
User poster = getUserFromToken(authorization);
if (poster == null) return true;
return poster.getRole() != Role.Secretary || poster.getRole() != Role.Admin;
}
}

View File

@ -31,4 +31,4 @@ public class InscriptionService {
inscriptionRequest.setState(requestState);
save(inscriptionRequest);
}
}
}

View File

@ -4,8 +4,10 @@ import org.springframework.stereotype.Service;
import org.springframework.web.multipart.MultipartFile;
import ovh.herisson.Clyde.Repositories.FileRepository;
import ovh.herisson.Clyde.Tables.*;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;

View File

@ -5,15 +5,17 @@ import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.Repositories.TokenRepository;
import ovh.herisson.Clyde.Tables.Token;
import ovh.herisson.Clyde.Tables.User;
import java.io.UnsupportedEncodingException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Calendar;
import java.util.Date;
@Service
public class TokenService {
private final TokenRepository tokenRepo;
TokenRepository tokenRepo;
public TokenService(TokenRepository tokenRepo){
this.tokenRepo = tokenRepo;

View File

@ -1,21 +0,0 @@
package ovh.herisson.Clyde.Tables;
public enum Applications {
// without any token
Login,
// with any token
Profile,
// Students and higher authorization
Msg,
Forum,
Rdv,
// teachers and Secretary authorization
ManageCourses,
// InscriptionService authorization
Inscription
}

View File

@ -3,5 +3,5 @@ package ovh.herisson.Clyde.Tables;
public enum RequestState {
Accepted,
Refused,
Pending
Pending;
}

View File

@ -5,5 +5,5 @@ public enum Role {
Student,
Admin,
InscriptionService,
Secretary
}
Secretary;
}