Merge pull request 'Max/Backend/ReturnUserPasswordIssue' (#137 ) from Max/Backend/ReturnUserPasswordIssue into master

Reviewed-on: #137 Reviewed-by: Wal <karpinskiwal@gmail.com> Reviewed-by: LeoMoulin <leomoulin125@gmail.com> Reviewed-by: Debucquoy Anthony <d.tonitch@gmail.com>
creation of the user when request accepted
2024-03-17 21:36:53 +01:00 · 2024-03-17 17:15:33 +01:00 · 2024-03-17 16:26:30 +01:00 · 2024-03-17 16:25:00 +01:00 · 2024-03-17 16:02:30 +01:00 · 2024-03-17 13:07:20 +01:00
29 changed files with 492 additions and 264 deletions
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/ApplicationsController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/ApplicationsController.java
@ -30,7 +30,6 @@ public class ApplicationsController {
     */
    @GetMapping("/apps")
    public ResponseEntity<Iterable<Applications>> getAuthorizedApps(@RequestHeader("Authorization") String token){
-
        return new ResponseEntity<>(getAuthorizedApplications(token), HttpStatus.OK);
    }

@ -46,24 +45,27 @@ public class ApplicationsController {
    public ArrayList<Applications> getAuthorizedApplications(String token){
        ArrayList<Applications> authorizedApps = new ArrayList<>();

+        //if unAuthed
        authorizedApps.add(Applications.Login);
-        authorizedApps.add(Applications.Profile);

 		User user = authServ.getUserFromToken(token);
 		if(user == null)
-			return authorizedApps;
+            return authorizedApps;
+        // if authed
+        authorizedApps.add(Applications.Profile);

-		Role posterRole = user.getRole();
-
-        if (posterRole == Role.Teacher || posterRole == Role.Student || posterRole == Role.Admin){
+        if (!authServ.isNotIn(new Role[]{Role.Teacher,Role.Student,Role.Admin},token)) {
            authorizedApps.add(Applications.Msg);
            authorizedApps.add(Applications.Forum);
            authorizedApps.add(Applications.Rdv);
        }

-        if (posterRole == Role.Teacher || posterRole == Role.Secretary || posterRole == Role.Admin) authorizedApps.add(Applications.ManageCourses);
+        //if Teacher or Secretary or Admin add ManageCourses App
+        if (!authServ.isNotIn(new Role[]{Role.Teacher,Role.Secretary,Role.Admin},token))
+            authorizedApps.add(Applications.ManageCourses);

-        if (posterRole == Role.InscriptionService || posterRole == Role.Admin) authorizedApps.add(Applications.Inscription);
+        if (!authServ.isNotIn(new Role[]{Role.InscriptionService,Role.Admin},token))
+            authorizedApps.add(Applications.Inscription);

        return authorizedApps;
    }
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CourseController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CourseController.java
@ -6,13 +6,13 @@ import org.springframework.web.bind.annotation.*;
 import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
 import ovh.herisson.Clyde.Services.AuthenticatorService;
 import ovh.herisson.Clyde.Services.CourseService;
+import ovh.herisson.Clyde.Services.ProtectionService;
 import ovh.herisson.Clyde.Services.TeacherCourseService;
 import ovh.herisson.Clyde.Tables.Course;
 import ovh.herisson.Clyde.Tables.Role;
-import ovh.herisson.Clyde.Tables.TeacherCourse;
 import ovh.herisson.Clyde.Tables.User;

-import java.util.ArrayList;
+import java.util.HashMap;
 import java.util.Map;

@RestController
@ -32,20 +32,58 @@ public class CourseController {
    }

    @GetMapping("/course/{id}")
-    public ResponseEntity<Course> getCourse(@RequestHeader("Authorization") String token, @PathVariable long id){
+    public ResponseEntity<HashMap<String,Object>> getCourse(@RequestHeader("Authorization") String token, @PathVariable long id){
        if (authServ.getUserFromToken(token) == null)
            return new UnauthorizedResponse<>(null);

-        return new ResponseEntity<>(courseServ.findById(id), HttpStatus.OK);
+        Course foundCourse = courseServ.findById(id);
+
+        if (foundCourse == null)
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+
+        return new ResponseEntity<>(ProtectionService.courseWithoutPassword(foundCourse), HttpStatus.OK);
+    }
+
+    @GetMapping("/courses")
+    public ResponseEntity<Iterable<HashMap<String,Object>>> getAllCourses(@RequestHeader("Authorization") String token){
+        if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
+            return new UnauthorizedResponse<>(null);
+
+        return new ResponseEntity<>(ProtectionService.coursesWithoutPasswords(courseServ.findAll()),HttpStatus.OK);
+    }
+
+    @GetMapping("/courses/owned")
+    public ResponseEntity<Iterable<HashMap<String ,Object>>> getOwnedCourses(@RequestHeader("Authorization") String token){
+        if (authServ.isNotIn(new Role[]{Role.Admin,Role.Teacher},token))
+            return new UnauthorizedResponse<>(null);
+
+        return new ResponseEntity<>(ProtectionService.coursesWithoutPasswords(courseServ.findOwnedCourses(authServ.getUserFromToken(token))),HttpStatus.OK);
+    }
+
+    @GetMapping("/course/{id}/assistants")
+    public ResponseEntity<Iterable<HashMap<String,Object>>> getCourseAssistants(@RequestHeader("Authorization")String token, @PathVariable long id){
+        if (authServ.getUserFromToken(token) == null)
+            return new UnauthorizedResponse<>(null);
+
+        Iterable<User> assistants = teacherCourseServ.findCourseAssistants(courseServ.findById(id));
+
+        return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(assistants),HttpStatus.OK);
    }


    @PostMapping("/course")
-    public ResponseEntity<Course> postCourse(@RequestHeader("Authorization") String token, @RequestBody Course course){
-        if (authServ.isNotSecretaryOrAdmin(token))
+    public ResponseEntity<Map<String ,Object>> postCourse(@RequestHeader("Authorization") String token,
+                                             @RequestBody Course course)
+    {
+
+        if (authServ.isNotIn(new Role[]{Role.Secretary,Role.Admin},token))
            return new UnauthorizedResponse<>(null);

-        return new ResponseEntity<>(courseServ.save(course), HttpStatus.CREATED);
+        Course createdCourse = courseServ.save(course);
+        if (createdCourse == null)
+            return new ResponseEntity<>(null,HttpStatus.BAD_REQUEST);
+
+        return new ResponseEntity<>(ProtectionService.courseWithoutPassword(createdCourse), HttpStatus.CREATED);
    }


@ -55,11 +93,15 @@ public class CourseController {
                                              @PathVariable long id)
    {

-        if (authServ.IsNotIn(new Role[]{Role.Admin,Role.Teacher,Role.Secretary}, token)){
+        if (authServ.isNotIn(new Role[]{Role.Admin,Role.Teacher,Role.Secretary}, token))
            return new UnauthorizedResponse<>(null);
-        }

-        return new ResponseEntity<>(courseServ.modifyData(id, updates, authServ.getUserFromToken(token).getRole()), HttpStatus.OK);
+
+
+        if (!courseServ.modifyData(id, updates, authServ.getUserFromToken(token).getRole()))
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+
+        return new ResponseEntity<>(HttpStatus.OK);
    }

    @PostMapping("/course/{id}")
@ -67,14 +109,14 @@ public class CourseController {
                                               @RequestBody Iterable<Long> teacherIds,
                                               @PathVariable Long id)
    {
-        if (authServ.IsNotIn(new Role[]{Role.Admin,Role.Secretary}, token))
+
+        if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary}, token))
            return new UnauthorizedResponse<>(null);


+        if (!teacherCourseServ.saveAll(teacherIds,courseServ.findById(id)))
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);

-        teacherCourseServ.saveAll(teacherIds,courseServ.findById(id));
        return new ResponseEntity<>(HttpStatus.OK);
-
    }
-
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CurriculumController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CurriculumController.java
@ -4,13 +4,12 @@ package ovh.herisson.Clyde.EndPoints;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
+import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
 import ovh.herisson.Clyde.Services.AuthenticatorService;
 import ovh.herisson.Clyde.Services.CurriculumCourseService;
 import ovh.herisson.Clyde.Services.CurriculumService;
 import ovh.herisson.Clyde.Tables.Curriculum;
-import ovh.herisson.Clyde.Tables.CurriculumCourse;
 import ovh.herisson.Clyde.Tables.Role;
-import ovh.herisson.Clyde.Tables.User;

 import java.util.Map;

@ -31,30 +30,41 @@ public class CurriculumController {
    }

    @GetMapping("/curriculum/{id}")
-    public ResponseEntity<Curriculum> findById(@PathVariable long id){
-        return new ResponseEntity<>(curriculumServ.findById(id), HttpStatus.OK);
+    public ResponseEntity<Map<String,Object>> findById(@PathVariable long id){
+        Curriculum foundCurriculum = curriculumServ.findById(id);
+
+        if (foundCurriculum == null)
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+
+        return new ResponseEntity<>(curriculumCourseServ.getDepthCurriculum(foundCurriculum), HttpStatus.OK);
    }

    @GetMapping("/curriculums")
-    public ResponseEntity<Iterable<Map<String, Object>>> findAllindDepth(){
+    public ResponseEntity<Iterable<Map<String, Object>>> findAllIndDepth(){
        return new ResponseEntity<>(curriculumCourseServ.getAllDepthCurriculum(),HttpStatus.OK);
    }

-    @GetMapping("/curriculum")
-    public ResponseEntity<Iterable<CurriculumCourse>> findAll(){
-        return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK);
+    @PostMapping("/curriculum")
+    public ResponseEntity<Curriculum> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){
+
+        if (authServ.isNotIn(new Role[]{Role.Secretary,Role.Admin},token))
+            return new UnauthorizedResponse<>(null);
+
+        return new ResponseEntity<>(curriculumServ.save(curriculum),HttpStatus.CREATED);
    }

-    /**@PostMapping("/curriculum") //todo now
-    public ResponseEntity<String> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){
+    @PostMapping("/curriculum/{id}")
+    public ResponseEntity<String> postCoursesToCurriculum(@RequestHeader("Authorization") String token,
+                                                          @RequestBody Iterable<Long> coursesIds,
+                                                          @PathVariable long id)
+    {

-        if (!isSecretaryOrAdmin(token)){
-            return new UnauthorizedResponse<>("you're not allowed to post a Curriculum");
-        }
+        if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
+            return new UnauthorizedResponse<>(null);

-        CurriculumServ.save(Curriculum);
-
-        return new ResponseEntity<>("created !",HttpStatus.CREATED);
-    }**/
+        if (!curriculumCourseServ.saveAll(coursesIds, curriculumServ.findById(id)))
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);

+        return new ResponseEntity<>(HttpStatus.OK);
+    }
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/InscriptionController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/InscriptionController.java
@ -9,14 +9,12 @@ import ovh.herisson.Clyde.Services.InscriptionService;
 import ovh.herisson.Clyde.Tables.InscriptionRequest;
 import ovh.herisson.Clyde.Tables.RequestState;
 import ovh.herisson.Clyde.Tables.Role;
-import ovh.herisson.Clyde.Tables.User;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.Map;

@RestController
@CrossOrigin(originPatterns = "*", allowCredentials = "true")
-
 public class InscriptionController {


@ -32,7 +30,8 @@ public class InscriptionController {
    @GetMapping("/requests/register")
    public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){

-        if (authServ.isNotSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
+        if (authServ.isNotIn(new Role[]{Role.Admin,Role.InscriptionService},token))
+            return new UnauthorizedResponse<>(null);

        Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
        ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
@ -46,41 +45,48 @@ public class InscriptionController {


    @GetMapping("/request/register/{id}")
-    public ResponseEntity<Map<String,Object>> getById(@PathVariable long id){
-        InscriptionRequest inscriptionRequest = inscriptionServ.getById(id);
-        if (inscriptionRequest == null) {return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);}
+    public ResponseEntity<Map<String,Object>> getById(@RequestHeader("Authorization") String token, @PathVariable long id){

-        return new ResponseEntity<>(requestWithoutPassword(inscriptionRequest), HttpStatus.OK);
-    }
+        if (authServ.isNotIn(new Role[]{Role.Admin,Role.InscriptionService},token))
+            return new UnauthorizedResponse<>(null);

-    @GetMapping("request/user/{id}")
-    public ResponseEntity<InscriptionRequest> getUserInscriptionRequest(@PathVariable long id, @RequestHeader("Authorize") String token){
-        //todo return l'inscriptionRequest ACTUELLE du user (check si le poster est bien le même que id target ou secretariat)
-        return null;
+        InscriptionRequest foundInscriptionRequest = inscriptionServ.getById(id);
+
+        if (foundInscriptionRequest == null)
+            return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);
+
+        return new ResponseEntity<>(requestWithoutPassword(foundInscriptionRequest), HttpStatus.OK);
    }

    @PatchMapping("/request/register/{id}")
    public ResponseEntity<InscriptionRequest> changeRequestState(@PathVariable long id,
-                                                                 @RequestHeader("Authorize") String token,
+                                                                 @RequestHeader("Authorization") String token,
                                                                 @RequestBody RequestState requestState)
    {
-        if (authServ.isNotSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
-        inscriptionServ.modifyState(id, requestState);
-        return null;
+
+        if (authServ.isNotIn(new Role[]{Role.InscriptionService,Role.Admin},token))
+            return new UnauthorizedResponse<>(null);
+
+        if (!inscriptionServ.modifyState(id, requestState))
+            return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
+
+        return new ResponseEntity<>(HttpStatus.OK);
    }

    private Map<String, Object> requestWithoutPassword(InscriptionRequest inscriptionRequest) {
        Map<String, Object> toReturn = new HashMap<>();

        toReturn.put("id", inscriptionRequest.getId());
-        toReturn.put("firstName", inscriptionRequest.getFirstName());
        toReturn.put("lastName", inscriptionRequest.getLastName());
+        toReturn.put("firstName", inscriptionRequest.getFirstName());
        toReturn.put("address", inscriptionRequest.getAddress());
+        toReturn.put("email",inscriptionRequest.getEmail());
        toReturn.put("birthDate", inscriptionRequest.getBirthDate());
        toReturn.put("country", inscriptionRequest.getCountry());
-        toReturn.put("curriculum", inscriptionRequest.getCurriculum());
-        toReturn.put("profilePictureUrl", inscriptionRequest.getProfilePicture());
+        toReturn.put("curriculum", inscriptionRequest.getCurriculumId());
        toReturn.put("state", inscriptionRequest.getState());
+        toReturn.put("profilePictureUrl", inscriptionRequest.getProfilePicture());
+
        return toReturn;
    }
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/LoginController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/LoginController.java
@ -1,4 +1,5 @@
 package ovh.herisson.Clyde.EndPoints;
+
 import com.fasterxml.jackson.annotation.JsonFormat;
 import org.springframework.http.HttpHeaders;
 import org.springframework.http.HttpStatus;
@ -7,7 +8,6 @@ import org.springframework.web.bind.annotation.*;
 import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
 import ovh.herisson.Clyde.Services.AuthenticatorService;
 import ovh.herisson.Clyde.Tables.InscriptionRequest;
-
 import java.util.Date;

@RestController
@ -44,9 +44,8 @@ public class LoginController {
        return ResponseEntity.ok().headers(responseHeaders).build();
    }

-    @PostMapping("/request/register")
-    public ResponseEntity<String> register(@RequestBody InscriptionRequest inscriptionRequest){
-        authServ.register(inscriptionRequest);
-        return new ResponseEntity<>("Is OK", HttpStatus.CREATED);
+    @PostMapping("/register")
+    public ResponseEntity<InscriptionRequest> register(@RequestBody InscriptionRequest inscriptionRequest){
+        return new ResponseEntity<>(authServ.register(inscriptionRequest), HttpStatus.CREATED);
    }
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java
@ -6,7 +6,6 @@ import ovh.herisson.Clyde.Repositories.TokenRepository;
 import ovh.herisson.Clyde.Repositories.UserRepository;
 import ovh.herisson.Clyde.Services.*;
 import ovh.herisson.Clyde.Tables.*;
-
 import java.util.ArrayList;
 import java.util.Arrays;
 import java.util.Date;
@ -51,12 +50,11 @@ public class MockController {
        User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
        User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Secretary,passwordEncoder.encode("secretary"));
        User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
-        User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.Teacher,passwordEncoder.encode("inscriptionService"));
-        mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke));
+        User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.InscriptionService,passwordEncoder.encode("inscriptionService"));
+        mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke,lena));

        userRepo.saveAll(mockUsers);

-
        // Course / Curriculum part

        Curriculum infoBab1 = new Curriculum(1,"info");
@ -68,7 +66,7 @@ public class MockController {
        curriculumService.save(psychologyBab1);


-        Course progra1 = new Course(5,"Programmation et algorithimque 1",joke);
+        Course progra1 = new Course(5,"Programmation et algorithmique 1",joke);
        Course chemistry1 = new Course(12, "Thermochimie",joke);
        Course psycho1 = new Course(21, "rien faire t'as cru c'est psycho",joke);
        Course commun = new Course(2, "cours commun",joke);
@ -89,16 +87,6 @@ public class MockController {
        CurriculumCourseService.save(new CurriculumCourse(chemistryBab1,commun));
        CurriculumCourseService.save(new CurriculumCourse(chemistryBab1,chemistry1));

-
-
-    }
-
-    @DeleteMapping("/mock")
-    public void deleteMock(){
-        for (User user:mockUsers){
-            tokenRepo.deleteAll(tokenRepo.getByUser(user));
-        }
-        userRepo.deleteAll(mockUsers);
    }
 }

--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/StorageController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/StorageController.java
@ -22,12 +22,13 @@ public class StorageController {
    @PostMapping("/upload/{fileType}")
    public ResponseEntity<StorageFile> handleFileUpload(@RequestParam("file") MultipartFile file, @PathVariable FileType fileType) {

-		StorageFile fileEntry = null;
+		StorageFile fileEntry;
 		try {
 			fileEntry = storageServ.store(file,fileType);
 			
 		} catch(Exception e){
-			e.printStackTrace();
+            e.printStackTrace();
+            return new ResponseEntity<>(null,HttpStatus.BAD_REQUEST);
 		}


--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java
@ -1,11 +1,15 @@
 package ovh.herisson.Clyde.EndPoints;

-
-
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.CrossOrigin;
 import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RestController;
+import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
+import ovh.herisson.Clyde.Services.AuthenticatorService;
 import ovh.herisson.Clyde.Services.TokenService;
+import ovh.herisson.Clyde.Tables.Role;
 import ovh.herisson.Clyde.Tables.Token;

@RestController
@ -14,13 +18,20 @@ public class TokenController {

    private final TokenService tokenServ;

-    public TokenController(TokenService tokenServ){
+    private final AuthenticatorService authServ;
+
+    public TokenController(TokenService tokenServ, AuthenticatorService authServ){
        this.tokenServ = tokenServ;
+        this.authServ = authServ;
    }


    @GetMapping("/tokens")
-    public Iterable<Token> getTokens(){
-        return tokenServ.getAllTokens();
+    public ResponseEntity<Iterable<Token>> getTokens(@RequestHeader("Authorization")String token){
+
+        if (authServ.isNotIn(new Role[]{Role.Admin},token))
+            return new UnauthorizedResponse<>(null);
+
+        return new ResponseEntity<>(tokenServ.getAllTokens(), HttpStatus.OK);
    }
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java
@ -1,16 +1,15 @@
 package ovh.herisson.Clyde.EndPoints;

-
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
 import ovh.herisson.Clyde.Services.AuthenticatorService;
+import ovh.herisson.Clyde.Services.ProtectionService;
 import ovh.herisson.Clyde.Services.UserService;
 import ovh.herisson.Clyde.Tables.Role;
 import ovh.herisson.Clyde.Tables.User;

-import java.security.Key;
 import java.util.ArrayList;
 import java.util.HashMap;
 import java.util.Map;
@ -27,66 +26,79 @@ public class UserController {
        this.authServ = authServ;
    }

+    /** returns information about the connected user
+     *
+     * @param token the session token of the user
+     * @return the user information except his password
+     */
    @GetMapping("/user")
-    public ResponseEntity<HashMap<String,Object>> getUser(@RequestHeader("Authorization") String authorization){
+    public ResponseEntity<HashMap<String,Object>> getUser(@RequestHeader("Authorization") String token){

-        if (authorization == null) return new UnauthorizedResponse<>(null);
-        User user = authServ.getUserFromToken(authorization);
-        if (user == null) return new UnauthorizedResponse<>(null);
+        User user = authServ.getUserFromToken(token);
+            if (user == null) return new UnauthorizedResponse<>(null);

-        return new ResponseEntity<>(userWithoutPassword(user), HttpStatus.OK);
+        return new ResponseEntity<>(ProtectionService.userWithoutPassword(user), HttpStatus.OK);
    }

    @PostMapping("/user")
-    public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
+    public ResponseEntity<Map<String ,Object>> postUser(@RequestBody User user,@RequestHeader("Authorization") String token){

-        if (authServ.isNotSecretaryOrAdmin(authorization))
+        if (authServ.isNotIn(new Role[]{Role.Admin,Role.InscriptionService,Role.Secretary},token))
            return new UnauthorizedResponse<>(null);

-        userService.save(user);
-        return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
+        return new ResponseEntity<>(ProtectionService.userWithoutPassword(userService.save(user)),HttpStatus.CREATED);
    }

    @GetMapping("/users")
-    public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
+    public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String token){

-        if (authServ.isNotSecretaryOrAdmin(authorization))
+        if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
            return new UnauthorizedResponse<>(null);

-        Iterable<User> users = userService.getAll();
-        ArrayList<HashMap<String, Object>> withoutPassword = new ArrayList<>();
+        Role posterRole = authServ.getUserFromToken(token).getRole();

-        for (User u :users){
-            withoutPassword.add(userWithoutPassword(u));
-        }
-        return new ResponseEntity<>(withoutPassword, HttpStatus.OK);
+        Iterable<User> users = new ArrayList<>();
+
+        if (posterRole == Role.Admin)
+            users = userService.getAll();
+
+        else if (posterRole == Role.Secretary)
+            users = userService.getAllExceptAdmins();
+
+        return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(users), HttpStatus.OK);
    }
-    @PatchMapping("/user")
-    public ResponseEntity<String> patchUser(@RequestBody Map<String,Object> updates, @RequestHeader("Authorization") String authorization) {

-        if (authorization == null) return new UnauthorizedResponse<>(null);
+    /** changes the specified user's information
+     *
+     * @param updates the changes to be made
+     * @param token the session token of the user posting the change
+     * @param id the id of the user to change
+     * @return a string clarifying the issue (if there is any)
+     */
+    @PatchMapping("/user/{id}")
+    public ResponseEntity<String> patchUser(@RequestHeader("Authorization") String token,
+                                            @RequestBody Map<String,Object> updates,
+                                            @PathVariable Long id) {

-        User poster = authServ.getUserFromToken(authorization);
-        if (poster == null) {return new UnauthorizedResponse<>("bad authorization");}
+        if (token == null) return new UnauthorizedResponse<>(null);

-        if (!userService.modifyData(poster, updates, poster))
+        User poster = authServ.getUserFromToken(token);
+        if (poster == null) {return new UnauthorizedResponse<>("bad token");}
+
+        if (!userService.modifyData(id, updates, poster))
            return new UnauthorizedResponse<>("there was an issue with the updates requested");

-        return new ResponseEntity<>("data modified", HttpStatus.OK);
+        return new ResponseEntity<>(null, HttpStatus.OK);
    }

    @GetMapping("/teachers")
    public ResponseEntity<Iterable<HashMap<String,Object>>> getAllTeachers(@RequestHeader("Authorization") String token){
        if (authServ.getUserFromToken(token) == null)
            return new UnauthorizedResponse<>(null);
+
        Iterable<User> teachers = userService.getAllTeachers();
-        ArrayList<HashMap<String, Object>> withoutPassword = new ArrayList<>();

-        for (User t: teachers){
-            withoutPassword.add(userWithoutPassword(t));
-        }
-
-        return new ResponseEntity<>(withoutPassword, HttpStatus.OK);
+        return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(teachers), HttpStatus.OK);
    }


@ -95,34 +107,8 @@ public class UserController {
        if (authServ.getUserFromToken(token) == null)
            return new UnauthorizedResponse<>(null);

-        Iterable<User> teachers = userService.getAllStudents();
-        ArrayList<HashMap<String, Object>> withoutPassword = new ArrayList<>();
+        Iterable<User> students = userService.getAllStudents();

-        for (User t: teachers){
-            withoutPassword.add(userWithoutPassword(t));
-        }
-
-        return new ResponseEntity<>(withoutPassword, HttpStatus.OK);
+        return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(students), HttpStatus.OK);
    }
-
-
-
-
-
-        /** return user's data except password
-         * @param user the user to return
-         * @return all the user data without the password
-         */
-    private HashMap<String,Object> userWithoutPassword(User user){
-        HashMap<String,Object> toReturn = new HashMap<>();
-        toReturn.put("regNo",user.getRegNo());
-        toReturn.put("firstName",user.getFirstName());
-        toReturn.put("lastName",user.getLastName());
-        toReturn.put("birthDate",user.getBirthDate());
-        toReturn.put("country",user.getCountry());
-        toReturn.put("address",user.getAddress());
-        toReturn.put("role",user.getRole());
-        return toReturn;
-    }
-}
-
+}
--- a/backend/src/main/java/ovh/herisson/Clyde/Repositories/CourseRepository.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Repositories/CourseRepository.java
@ -1,8 +1,15 @@
 package ovh.herisson.Clyde.Repositories;

+import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.CrudRepository;
 import ovh.herisson.Clyde.Tables.Course;
+import ovh.herisson.Clyde.Tables.User;

 public interface CourseRepository extends CrudRepository<Course,Long> {
    Course findById(long id);
+
+
+    @Query("select c from Course c where c.owner = ?1")
+    Iterable<Course> findAllOwnedCoures(User teacher);
+
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Repositories/TeacherCourseRepository.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Repositories/TeacherCourseRepository.java
@ -1,8 +1,14 @@
 package ovh.herisson.Clyde.Repositories;


+import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.CrudRepository;
+import ovh.herisson.Clyde.Tables.Course;
 import ovh.herisson.Clyde.Tables.TeacherCourse;
+import ovh.herisson.Clyde.Tables.User;

 public interface TeacherCourseRepository extends CrudRepository<TeacherCourse, Long> {
+
+    @Query("select tc.user from TeacherCourse tc where tc.course = ?1")
+    Iterable<User> findAllAssistantOfCourse(Course course);
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java
@ -10,7 +10,5 @@ public interface TokenRepository extends CrudRepository<Token,Long> {

    Token getByToken(String token);

-    Iterable<Token> getByUser(User user);
-
    ArrayList <Token> getByUserOrderByExpirationDate(User user);
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Repositories/UserCurriculumRepository.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Repositories/UserCurriculumRepository.java
@ -0,0 +1,7 @@
+package ovh.herisson.Clyde.Repositories;
+
+import org.springframework.data.repository.CrudRepository;
+import ovh.herisson.Clyde.Tables.UserCurriculum;
+
+public interface UserCurriculumRepository extends CrudRepository<UserCurriculum, Long> {
+}
--- a/backend/src/main/java/ovh/herisson/Clyde/Repositories/UserRepository.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Repositories/UserRepository.java
@ -4,22 +4,20 @@ import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.CrudRepository;
 import ovh.herisson.Clyde.Tables.User;

-import java.util.List;
-
 public interface UserRepository extends CrudRepository<User, Long> {

    User findById(long id);

    User findByEmail(String email);

-    /**
-    @Query(value = "select a.* from Users a ",nativeQuery = true)
-    Iterable<User> findAllUsers();**/
+

    @Query("select u from User u where u.role = ovh.herisson.Clyde.Tables.Role.Teacher")
    Iterable<User> findAllTeachers();

-
    @Query("select u from User u where u.role = ovh.herisson.Clyde.Tables.Role.Student")
    Iterable<User> findAllStudents();
+
+    @Query("select u from User u where u.role <> ovh.herisson.Clyde.Tables.Role.Admin")
+    Iterable<User> findAllExceptAdmins();
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/AuthenticatorService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/AuthenticatorService.java
@ -1,11 +1,7 @@
 package ovh.herisson.Clyde.Services;

 import org.springframework.stereotype.Service;
-import ovh.herisson.Clyde.Tables.InscriptionRequest;
-import ovh.herisson.Clyde.Tables.Role;
-import ovh.herisson.Clyde.Tables.Token;
-import ovh.herisson.Clyde.Tables.User;
-
+import ovh.herisson.Clyde.Tables.*;
 import java.util.Date;

@Service
@ -35,22 +31,11 @@ public class AuthenticatorService {
        return token;
    }

-    public void register(InscriptionRequest inscriptionRequest) {
-        inscriptionService.save(inscriptionRequest);
+    public InscriptionRequest register(InscriptionRequest inscriptionRequest) {
+        return inscriptionService.save(inscriptionRequest);
    }

-
-    public boolean isNotSecretaryOrAdmin(String authorization){
-        if (authorization ==null)
-            return true;
-
-        User poster = getUserFromToken(authorization);
-        if (poster == null) return true;
-
-        return poster.getRole() != Role.Secretary || poster.getRole() != Role.Admin;
-    }
-
-    public boolean IsNotIn(Role[] roles, String token){
+    public boolean isNotIn(Role[] roles, String token){
        if (token == null)
            return true;

--- a/backend/src/main/java/ovh/herisson/Clyde/Services/CourseService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/CourseService.java
@ -5,7 +5,6 @@ import ovh.herisson.Clyde.Repositories.CourseRepository;
 import ovh.herisson.Clyde.Tables.Course;
 import ovh.herisson.Clyde.Tables.Role;
 import ovh.herisson.Clyde.Tables.User;
-
 import java.util.Map;

@Service
@ -18,6 +17,8 @@ public class CourseService {
    }

    public Course save(Course course){
+        if (course.getOwner().getRole() != Role.Teacher)
+            return null;
        return courseRepo.save(course);
    }

@ -25,18 +26,37 @@ public class CourseService {
        return courseRepo.findById(id);
    }

-    public Course modifyData(long id, Map<String, Object> updates, Role role) {
+
+    public Iterable<Course> findAll() {
+        return courseRepo.findAll();
+    }
+
+
+    public Iterable<Course> findOwnedCourses(User userFromToken) {
+        return courseRepo.findAllOwnedCoures(userFromToken);
+    }
+
+
+
+    public boolean modifyData(long id, Map<String, Object> updates, Role role) {
        Course target = courseRepo.findById(id);

+        if (target == null)
+            return false;
+
        if (role == Role.Teacher){
            for (Map.Entry<String, Object> entry : updates.entrySet()){
                if (entry.getKey().equals("title")){
                    target.setTitle((String) entry.getValue());
-                    return courseRepo.save(target);
+                    courseRepo.save(target);
+                    return true;
                }
            }
        }

+        if (role != Role.Secretary)
+            return false;
+
        for (Map.Entry<String ,Object> entry: updates.entrySet()){
            switch (entry.getKey()){
                case "title":
@ -46,10 +66,15 @@ public class CourseService {
                    target.setCredits((Integer) entry.getValue());
                    break;
                case "owner":
-                    target.setOwner((User) entry.getValue()); //todo check if is a teacher !
+                    if (((User) entry.getValue() ).getRole() != Role.Teacher)
+                        break;
+
+                    target.setOwner((User) entry.getValue());
                    break;
            }
        }
-        return courseRepo.save(target);
+        courseRepo.save(target);
+        return true;
    }
+
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/CurriculumCourseService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/CurriculumCourseService.java
@ -4,9 +4,7 @@ import org.springframework.stereotype.Service;
 import ovh.herisson.Clyde.Repositories.CourseRepository;
 import ovh.herisson.Clyde.Repositories.CurriculumCourseRepository;
 import ovh.herisson.Clyde.Repositories.CurriculumRepository;
-import ovh.herisson.Clyde.Tables.Course;
-import ovh.herisson.Clyde.Tables.Curriculum;
-import ovh.herisson.Clyde.Tables.CurriculumCourse;
+import ovh.herisson.Clyde.Tables.*;

 import java.util.ArrayList;
 import java.util.HashMap;
@ -31,17 +29,18 @@ public class CurriculumCourseService {
        curriculumCourseRepo.save(curriculumCourse);
    }

-    public Iterable<CurriculumCourse> findAll(){
-        return curriculumCourseRepo.findAll();
-    }
-

    public Map<String, Object> getDepthCurriculum(Curriculum curriculum){

+        if (curriculum == null)
+            return null;
+
        HashMap<String ,Object> toReturn = new HashMap<>();
-        ArrayList<Course> courses = new ArrayList<>();
-        for (Course c: curriculumCourseRepo.findCoursesByCurriculum(curriculum)){
-            courses.add(c);
+        ArrayList<Map<String ,Object>> courses = new ArrayList<>();
+        Iterable<Course> foundCourses = curriculumCourseRepo.findCoursesByCurriculum(curriculum);
+
+        for (Course c: foundCourses){
+            courses.add(ProtectionService.courseWithoutPassword(c));
        }
        toReturn.put("courses",courses);
        toReturn.put("curriculumId", curriculum.getCurriculumId());
@ -56,13 +55,39 @@ public class CurriculumCourseService {

        ArrayList<Map<String,Object>> toReturn = new ArrayList<>();

-        for (Curriculum curriculum : curriculumCourseRepo.findDistinctCurriculums()){
+        for (Curriculum curriculum : curriculumRepo.findAll()){
            toReturn.add(getDepthCurriculum(curriculum));
        }
+
+
        return toReturn;
    }

+    /** tries to add all courses to the curriculum
+     *
+     * @param coursesIds the ids of the courses to be added
+     * @param curriculum the curriculum to add the courses to
+     * @return if the changes were made
+     */
+    public boolean saveAll(Iterable<Long> coursesIds, Curriculum curriculum) {

+        if (curriculum == null || coursesIds == null)
+            return false;

+        ArrayList<Course> toAdd = new ArrayList<>();
+        for (Long courseId : coursesIds){

+            Course course = courseRepo.findById((long) courseId);
+            if (course == null)
+                return false;
+
+            if (!toAdd.contains(course))
+                toAdd.add(course);
+        }
+
+        for (Course course : toAdd){
+            curriculumCourseRepo.save(new CurriculumCourse(curriculum,course));
+        }
+        return true;
+    }
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/CurriculumService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/CurriculumService.java
@ -1,7 +1,6 @@
 package ovh.herisson.Clyde.Services;

 import org.springframework.stereotype.Service;
-import ovh.herisson.Clyde.Repositories.CourseRepository;
 import ovh.herisson.Clyde.Repositories.CurriculumRepository;
 import ovh.herisson.Clyde.Tables.Curriculum;

@ -10,23 +9,14 @@ public class CurriculumService {

    private final CurriculumRepository curriculumRepo;

-    private final CourseRepository courseRepo;
-
-    public CurriculumService(CurriculumRepository curriculumRepo, CourseRepository courseRepo){
+    public CurriculumService(CurriculumRepository curriculumRepo){
        this.curriculumRepo = curriculumRepo;
-        this.courseRepo = courseRepo;
    }
-
-
-    public void save(Curriculum curriculum){
-        curriculumRepo.save(curriculum);
+    public Curriculum save(Curriculum curriculum){
+        return curriculumRepo.save(curriculum);
    }
-
    public Curriculum findById(long id){
        return curriculumRepo.findById(id);
    }

-    public Iterable<Curriculum> findAll(){
-        return curriculumRepo.findAll();
-    }
-}
+}
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/InscriptionService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/InscriptionService.java
@ -1,21 +1,40 @@
 package ovh.herisson.Clyde.Services;

+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.stereotype.Service;
+import ovh.herisson.Clyde.Repositories.CurriculumRepository;
 import ovh.herisson.Clyde.Repositories.InscriptionRepository;
+import ovh.herisson.Clyde.Repositories.UserCurriculumRepository;
+import ovh.herisson.Clyde.Repositories.UserRepository;
 import ovh.herisson.Clyde.Tables.InscriptionRequest;
 import ovh.herisson.Clyde.Tables.RequestState;
+import ovh.herisson.Clyde.Tables.User;
+import ovh.herisson.Clyde.Tables.UserCurriculum;

@Service
 public class InscriptionService {

-    InscriptionRepository inscriptionRepo;
+    private final InscriptionRepository inscriptionRepo;

-    public InscriptionService(InscriptionRepository inscriptionRepo){
+    private final UserRepository userRepo;
+
+    private final UserCurriculumRepository userCurriculumRepo;
+
+    private final CurriculumRepository curriculumRepo;
+
+    private final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
+
+
+    public InscriptionService(InscriptionRepository inscriptionRepo, UserRepository userRepo, UserCurriculumRepository userCurriculumRepo, CurriculumRepository curriculumRepo){
        this.inscriptionRepo = inscriptionRepo;
+        this.userRepo = userRepo;
+        this.userCurriculumRepo = userCurriculumRepo;
+        this.curriculumRepo = curriculumRepo;
    }

-    public void save(InscriptionRequest inscriptionRequest){
-        inscriptionRepo.save(inscriptionRequest);
+    public InscriptionRequest save(InscriptionRequest inscriptionRequest){
+        inscriptionRequest.setPassword(passwordEncoder.encode(inscriptionRequest.getPassword()));
+        return inscriptionRepo.save(inscriptionRequest);
    }

    public InscriptionRequest getById(long id){
@ -26,9 +45,46 @@ public class InscriptionService {
        return inscriptionRepo.findAll();
    }

-    public void modifyState(long id, RequestState requestState) {
-        InscriptionRequest inscriptionRequest = getById(id);
-        inscriptionRequest.setState(requestState);
-        save(inscriptionRequest);
+    public boolean modifyState(long id, RequestState requestState) {
+        InscriptionRequest inscrRequest = getById(id);
+
+        if (inscrRequest == null)
+            return false;
+
+        // if th state is the same we don't send an email
+        if (requestState == inscrRequest.getState())
+            return false;
+
+        /** todo send an email to tell the poster of the inscrRequest (inscrRequest.getEmail())
+         *  to notify them that the state of their request changed
+         *  FooEmailFormat toSend = (String.format("Your request state changed from %s to %s"),
+         *                                              inscrRequest.getState(), requestState)
+         * FooEmailSender.send(toSend, inscrRequest.getEmail())
+         */
+
+
+        //saves the user from the request if accepted
+        if (requestState == RequestState.Accepted)
+        {
+            if (curriculumRepo.findById(inscrRequest.getCurriculumId()) == null)
+                return false;
+
+            User userFromRequest = new User(
+                    inscrRequest.getLastName(),
+                    inscrRequest.getFirstName(),
+                    inscrRequest.getEmail(),
+                    inscrRequest.getAddress(),
+                    inscrRequest.getCountry(),
+                    inscrRequest.getBirthDate(),
+                    inscrRequest.getProfilePicture(),
+                    inscrRequest.getPassword()
+            );
+
+            userRepo.save(userFromRequest);
+            userCurriculumRepo.save(new UserCurriculum(userFromRequest, curriculumRepo.findById(inscrRequest.getCurriculumId())));
+        }
+        inscrRequest.setState(requestState);
+        save(inscrRequest);
+        return true;
    }
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/ProtectionService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/ProtectionService.java
@ -0,0 +1,65 @@
+package ovh.herisson.Clyde.Services;
+
+import ovh.herisson.Clyde.Tables.Course;
+import ovh.herisson.Clyde.Tables.User;
+
+import java.util.ArrayList;
+import java.util.HashMap;
+
+public class ProtectionService {
+
+    /** return user's data except password
+     * @param user the user to return
+     * @return all the user data without the password
+     */
+    public static HashMap<String,Object> userWithoutPassword(User user){
+        HashMap<String,Object> toReturn = new HashMap<>();
+
+        toReturn.put("regNo",user.getRegNo());
+        toReturn.put("lastName",user.getLastName());
+        toReturn.put("firstName",user.getFirstName());
+        toReturn.put("email", user.getEmail());
+        toReturn.put("address",user.getAddress());
+        toReturn.put("birthDate",user.getBirthDate());
+        toReturn.put("country",user.getCountry());
+        toReturn.put("profilePictureUrl",user.getProfilePictureUrl());
+        toReturn.put("role",user.getRole());
+        return toReturn;
+    }
+
+    public static Iterable<HashMap<String ,Object>>usersWithoutPasswords(Iterable<User> users){
+        ArrayList<HashMap<String,Object>> toReturn = new ArrayList<>();
+
+        for (User u : users){
+            toReturn.add(userWithoutPassword(u));
+        }
+
+        return toReturn;
+    }
+
+
+
+    public static HashMap<String,Object> courseWithoutPassword(Course course){
+        HashMap<String ,Object> toReturn = new HashMap<>();
+
+        toReturn.put("courseId",course.getCourseID());
+        toReturn.put("credits",course.getCredits());
+        toReturn.put("title", course.getTitle());
+        toReturn.put("owner", userWithoutPassword(course.getOwner()));
+        return toReturn;
+    }
+
+    public static Iterable<HashMap<String ,Object>> coursesWithoutPasswords(Iterable<Course> courses){
+        ArrayList<HashMap<String,Object>> toReturn = new ArrayList<>();
+
+        for (Course course: courses){
+            toReturn.add(ProtectionService.courseWithoutPassword(course));
+        }
+
+        return toReturn;
+
+    }
+
+
+}
+
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/StorageService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/StorageService.java
@ -35,6 +35,9 @@ public class StorageService {

    public StorageFile store(MultipartFile file, FileType fileType) {

+        if (file == null || file.getOriginalFilename() == null)
+            return null;
+
        if (file.getOriginalFilename().isEmpty()){return null;}

        UUID uuid = UUID.randomUUID();
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/TeacherCourseService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/TeacherCourseService.java
@ -4,6 +4,7 @@ import org.springframework.stereotype.Controller;
 import ovh.herisson.Clyde.Repositories.TeacherCourseRepository;
 import ovh.herisson.Clyde.Repositories.UserRepository;
 import ovh.herisson.Clyde.Tables.Course;
+import ovh.herisson.Clyde.Tables.Role;
 import ovh.herisson.Clyde.Tables.TeacherCourse;
 import ovh.herisson.Clyde.Tables.User;

@ -20,20 +21,33 @@ public class TeacherCourseService {
        this.userRepo = userRepo;
    }

+    public Iterable<User> findCourseAssistants(Course course) {
+        if (course == null)
+            return null;
+        return teacherCourseRepo.findAllAssistantOfCourse(course);
+    }
+
+
    public boolean saveAll(Iterable<Long> teacherIds, Course course){

-        ArrayList<Long> addedIds = new ArrayList<>();
+        if (course == null  || teacherIds == null)
+            return false;
+
+        ArrayList<User> toAdd = new ArrayList<>();
        for (Long teacherId : teacherIds){
            User teacher = userRepo.findById((long) teacherId);
            if ( teacher== null){
                return false;
            }
-            if (!addedIds.contains(teacherId))
+            if (!toAdd.contains(teacher) && teacher.getRole() == Role.Teacher)
            {
-                teacherCourseRepo.save(new TeacherCourse(teacher,course));
-                addedIds.add(teacherId);
+                toAdd.add(teacher);
            }
        }
+        for (User teacher: toAdd){
+            teacherCourseRepo.save(new TeacherCourse(teacher,course));
+        }
        return true;
    }
+
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java
@ -40,16 +40,19 @@ public class TokenService {

    public User getUserFromToken(String token) {
        Token tokenRep = tokenRepo.getByToken(token);
-        if (tokenRep == null) return null;
+        if (tokenRep == null)
+            return null;
+
        return tokenRep.getUser();
    }

    public void saveToken(Token token){
        //Si l'utilisateur a déja 5 token delete celui qui devait expirer le plus vite
        ArrayList<Token> tokenList = tokenRepo.getByUserOrderByExpirationDate(token.getUser());
+
        while(tokenList.size() >= 5){
-            tokenRepo.delete(tokenList.get(0));
-            tokenList.remove(tokenList.get(0));
+            tokenRepo.delete(tokenList.getFirst());
+            tokenList.remove(tokenList.getFirst());
        }
        tokenRepo.save(token);
    }
@ -67,5 +70,5 @@ public class TokenService {
                tokenRepo.delete(t);
            }
        }
-    };
+    }
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/UserService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/UserService.java
@ -17,8 +17,15 @@ public class UserService {
    }


+    /** return the user identified by th identifier
+     *
+     * @param identifier can be an email or the RegNo
+     * @return the identified user
+     */
    public User getUser(String identifier){
-        if (identifier == null) return null;
+        if (identifier == null)
+            return null;
+
        try {
            int id = Integer.parseInt(identifier);
            return userRepo.findById(id);
@ -33,16 +40,18 @@ public class UserService {
     *
     * @param poster the user wanting to modify target's data
     * @param updates the changes to be made
-     * @param target the user to update
+     * @param targetId the id of the user to update
     * @return if the changes were done or not
     */
-    public boolean modifyData(User poster, Map<String ,Object> updates, User target){
+    public boolean modifyData(long targetId, Map<String ,Object> updates, User poster){
+
+        User target = userRepo.findById(targetId);
+        if (target == null)
+            return false;

        if (poster.getRegNo().equals(target.getRegNo())){
            for (Map.Entry<String, Object> entry : updates.entrySet()){

-                if ( entry.getKey().equals("regNo") || entry.getKey().equals("role")) {return false;}
-
                switch (entry.getKey()){
                    case "firstName":
                        target.setFirstName((String) entry.getValue());
@ -78,13 +87,14 @@ public class UserService {
        {
            for (Map.Entry<String, Object> entry : updates.entrySet()){

-                if ( !entry.getKey().equals("role")) {return false;}
+                if ( entry.getKey().equals("role")) {

-                if (entry.getValue() == Role.Admin){return false;}
+                    if (entry.getValue() == Role.Admin) {return false;}

-                target.setRole((Role) entry.getValue());
-                userRepo.save(target);
-                return true;
+                    target.setRole((Role) entry.getValue());
+                    userRepo.save(target);
+                    return true;
+                }
            }
        }
        return false;
@ -95,15 +105,18 @@ public class UserService {
        return passwordEncoder.matches(tryingPassword,  user.getPassword());
    }

-    public void save(User  user){
+    public User save(User  user){
        user.setPassword(passwordEncoder.encode(user.getPassword()));
-        userRepo.save(user);
+        return userRepo.save(user);
    }

    public Iterable<User> getAll(){
        return userRepo.findAll();
    }

+    public Iterable<User> getAllExceptAdmins(){
+        return userRepo.findAllExceptAdmins();
+    }


    public Iterable<User> getAllTeachers (){return userRepo.findAllTeachers();}
--- a/backend/src/main/java/ovh/herisson/Clyde/Tables/InscriptionRequest.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/InscriptionRequest.java
@ -1,7 +1,6 @@
 package ovh.herisson.Clyde.Tables;

 import jakarta.persistence.*;
-
 import java.util.Date;


@ -17,21 +16,20 @@ public class InscriptionRequest {
    private String country;
    private Date birthDate;

-    @ManyToOne
-    @JoinColumn(name="Curriculum")
-    private Curriculum curriculum;
+    private Long curriculumId;
    private RequestState state;
    private String profilePicture;

    private String password;
    public InscriptionRequest(){}
-    public InscriptionRequest(String lastName, String firstName, String address, String email, String country, Date birthDate, RequestState state, String profilePicture, String password){
+    public InscriptionRequest(String lastName, String firstName, String address, String email, String country, Date birthDate,Long curriculumId, RequestState state, String profilePicture, String password){
        this.lastName = lastName;
        this.firstName = firstName;
        this.address = address;
        this.email = email;
        this.country = country;
        this.birthDate = birthDate;
+        this.curriculumId = curriculumId;
        this.state = state;
        this.profilePicture = profilePicture;
        this.password = password;
@ -89,12 +87,12 @@ public class InscriptionRequest {
        this.birthDate = birthDate;
    }

-    public Curriculum getCurriculum() {
-        return curriculum;
+    public long getCurriculumId() {
+        return curriculumId;
    }

-    public void setCurriculum(Curriculum curriculum) {
-        this.curriculum = curriculum;
+    public void setCurriculumId(long curriculum) {
+        this.curriculumId = curriculum;
    }

    public RequestState getState() {
@ -112,4 +110,12 @@ public class InscriptionRequest {
    public void setProfilePicture(String profilePicture) {
        this.profilePicture = profilePicture;
    }
+
+    public String getPassword() {
+        return password;
+    }
+
+    public void setPassword(String password) {
+        this.password = password;
+    }
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Tables/ReInscriptionRequest.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/ReInscriptionRequest.java
@ -3,7 +3,7 @@ package ovh.herisson.Clyde.Tables;
 import jakarta.persistence.*;

@Entity
-public class ReinscriptionRequest {
+public class ReInscriptionRequest {
    @Id
    @GeneratedValue(strategy = GenerationType.AUTO)
    private int id;
@ -21,16 +21,16 @@ public class ReinscriptionRequest {
    //Pour la réinscription on va le mettre a 0
    private boolean type = false;

-    public ReinscriptionRequest(){}
+    public ReInscriptionRequest(){}

-    public ReinscriptionRequest(User user, Curriculum newCurriculum, RequestState state, boolean type){
+    public ReInscriptionRequest(User user, Curriculum newCurriculum, RequestState state, boolean type){
        this.user = user;
        this.newCurriculum = newCurriculum;
        this.state = state;
        this.type = type;
    }

-    public ReinscriptionRequest(User user, Curriculum newCurriculum, RequestState state){
+    public ReInscriptionRequest(User user, Curriculum newCurriculum, RequestState state){
        this.user = user;
        this.newCurriculum = newCurriculum;
        this.state = state;
--- a/backend/src/main/java/ovh/herisson/Clyde/Tables/StorageFile.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/StorageFile.java
@ -24,7 +24,6 @@ public class StorageFile {

    public StorageFile(){}

-
    public void setId(Long id) {
        this.id = id;
    }
--- a/backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java
@ -1,8 +1,6 @@
 package ovh.herisson.Clyde.Tables;

 import jakarta.persistence.*;
-import org.springframework.scheduling.annotation.Scheduled;
-import ovh.herisson.Clyde.Repositories.TokenRepository;

 import java.util.Date;

--- a/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java
@ -1,11 +1,8 @@
 package ovh.herisson.Clyde.Tables;

 import jakarta.persistence.*;
-
 import java.util.Date;

-//Classe représentant un utilisateur l'attribut password demande surement un peu de rafinement niveau sécurité
-//et l'attribut tokenApi doit encore être ajouté vu qu'il faut en discuter

@Entity
@Table(name = "Users")
@ -37,18 +34,6 @@ public class User {
        this.password = password;
    }

-
-    /** Constructor for the first registration request from a student (can't specify a Role)
-     *
-     * @param lastName
-     * @param firstName
-     * @param email
-     * @param address
-     * @param country
-     * @param birthDate
-     * @param profilePictureUrl
-     * @param password
-     */
    public User(String lastName, String firstName, String email, String address,
                String country, Date birthDate, String profilePictureUrl, String password)
    {
@ -95,8 +80,8 @@ public class User {
        return address;
    }

-    public void setAddress(String adress) {
-        this.address = adress;
+    public void setAddress(String address) {
+        this.address = address;
    }

    public String getCountry() {
Author	SHA1	Message	Date
Maxime	7a23dcc96a	Merge pull request 'Max/Backend/ReturnUserPasswordIssue' (#137 ) from Max/Backend/ReturnUserPasswordIssue into master All checks were successful Build and test backend / Test-backend (push) Successful in 1m20s Details deploy to production / deploy-frontend (push) Successful in 23s Details Build and test backend / Build-backend (push) Successful in 2m12s Details deploy to production / deploy-backend (push) Successful in 2m18s Details Build and test FrontEnd / Build-frontend (push) Successful in 23s Details Reviewed-on: #137 Reviewed-by: Wal <karpinskiwal@gmail.com> Reviewed-by: LeoMoulin <leomoulin125@gmail.com> Reviewed-by: Debucquoy Anthony <d.tonitch@gmail.com>	2024-03-17 21:36:53 +01:00
Bartha Maxime	ea4a0745e0	creation of the user when request accepted All checks were successful Build and test backend / Build-backend (pull_request) Successful in 2m42s Details Build and test backend / Test-backend (pull_request) Successful in 2m30s Details Build and test FrontEnd / Build-frontend (pull_request) Successful in 33s Details	2024-03-17 17:15:33 +01:00
Bartha Maxime	76f5a39a8f	GET /users doesn't return Admins if the poster isn't an admin All checks were successful Build and test backend / Build-backend (pull_request) Successful in 2m1s Details Build and test backend / Test-backend (pull_request) Successful in 2m0s Details Build and test FrontEnd / Build-frontend (pull_request) Successful in 24s Details	2024-03-17 16:26:30 +01:00
Bartha Maxime	37f8a3ac4e	removed an unused variable	2024-03-17 16:25:00 +01:00
Bartha Maxime	ea46dd664c	added a todo to send an email for every state changement of request All checks were successful Build and test backend / Build-backend (pull_request) Successful in 1m58s Details Build and test backend / Test-backend (pull_request) Successful in 1m59s Details Build and test FrontEnd / Build-frontend (pull_request) Successful in 25s Details	2024-03-17 16:02:30 +01:00
Bartha Maxime	385290d1a2	Merge branch 'master' into Max/Backend/ReturnUserPasswordIssue All checks were successful Build and test backend / Build-backend (pull_request) Successful in 2m4s Details Build and test backend / Test-backend (pull_request) Successful in 1m58s Details Build and test FrontEnd / Build-frontend (pull_request) Successful in 24s Details	2024-03-17 13:07:20 +01:00
Bartha Maxime	cf2deb983d	added security to assistant posting and Get courses/owned for owners All checks were successful Build and test backend / Build-backend (pull_request) Successful in 2m0s Details Build and test backend / Test-backend (pull_request) Successful in 1m57s Details Build and test FrontEnd / Build-frontend (pull_request) Successful in 23s Details	2024-03-17 12:13:03 +01:00
Bartha Maxime	f7df234312	moved portective method to Static ProtectiveService All checks were successful Build and test backend / Build-backend (pull_request) Successful in 2m2s Details Build and test backend / Test-backend (pull_request) Successful in 1m57s Details Build and test FrontEnd / Build-frontend (pull_request) Successful in 24s Details	2024-03-17 03:06:19 +01:00
Bartha Maxime	d855bbe911	Merge branch 'Max/Backend/CourseInCurriculum' into Max/Backend/ReturnUserPasswordIssue	2024-03-17 02:50:12 +01:00
Bartha Maxime	f2507ddcdd	forgot the return statement	2024-03-17 02:46:33 +01:00
Bartha Maxime	a70b05a0ef	protected course'owner password	2024-03-17 02:45:49 +01:00
Bartha Maxime	1d793cef4e	moved UserWithouPaswword to authenticatorService	2024-03-17 02:40:05 +01:00
Bartha Maxime	4cf2ac1aa8	fixed an issue with the getting of curriculums All checks were successful Build and test backend / Build-backend (pull_request) Successful in 2m1s Details Build and test backend / Test-backend (pull_request) Successful in 1m58s Details Build and test FrontEnd / Build-frontend (pull_request) Successful in 25s Details	2024-03-17 02:34:00 +01:00
Bartha Maxime	6e6bd285af	added security to the post of course and GET /courses	2024-03-17 02:15:08 +01:00
Bartha Maxime	474a8d3f31	added POST /curriculum/{id} endopoint to post courses	2024-03-17 02:00:42 +01:00
Bartha Maxime	c5d7ce4178	cleaned the Entities All checks were successful Build and test backend / Build-backend (pull_request) Successful in 2m4s Details Build and test backend / Test-backend (pull_request) Successful in 2m1s Details Build and test FrontEnd / Build-frontend (pull_request) Successful in 24s Details	2024-03-16 20:31:03 +01:00
Bartha Maxime	382d3c203a	cleaned the services	2024-03-16 20:25:35 +01:00
Bartha Maxime	97b57b361d	cleaned all controllers	2024-03-16 19:13:57 +01:00