backend/src/main/java/ovh/herisson/Clyde/EndPoints/ApplicationsController.java

@@ -0,0 +1,62 @@
+package ovh.herisson.Clyde.EndPoints;
+
+import org.springframework.http.HttpStatus;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+import org.springframework.web.bind.annotation.RequestHeader;
+import org.springframework.web.bind.annotation.RestController;
+import ovh.herisson.Clyde.Services.AuthenticatorService;
+import ovh.herisson.Clyde.Tables.Applications;
+import ovh.herisson.Clyde.Tables.Role;
+
+import java.util.ArrayList;
+
+@RestController
+public class ApplicationsController {
+
+    AuthenticatorService authServ;
+
+    public ApplicationsController(AuthenticatorService authServ){
+    this.authServ = authServ;
+    }
+
+
+    /** return a list of authorized applications.
+     *  depends on the token
+     */
+    @GetMapping("/apps")
+    public ResponseEntity<Iterable<Applications>> getAuthorizedApps(@RequestHeader("Authorization") String token){
+
+        return new ResponseEntity<>(getAuthorizedApplications(token), HttpStatus.OK);
+    }
+
+    @GetMapping("/apps/{identifier}")
+    public ResponseEntity<Boolean> getAppAuthorization(@PathVariable Applications identifier, @RequestHeader("Authorization") String token){
+
+        if (getAuthorizedApplications(token).contains(identifier)){
+            return new ResponseEntity<>(true, HttpStatus.OK);
+        }
+        return new ResponseEntity<>(false, HttpStatus.OK);
+    }
+
+    public ArrayList<Applications> getAuthorizedApplications(String token){
+        Role posterRole = authServ.getUserFromToken(token).getRole();
+        ArrayList<Applications> authorizedApps = new ArrayList<>();
+
+        authorizedApps.add(Applications.Login);
+        authorizedApps.add(Applications.Profile);
+
+        if (posterRole == Role.Teacher || posterRole == Role.Student || posterRole == Role.Admin){
+            authorizedApps.add(Applications.Msg);
+            authorizedApps.add(Applications.Forum);
+            authorizedApps.add(Applications.Rdv);
+        }
+
+        if (posterRole == Role.Teacher || posterRole == Role.Secretary || posterRole == Role.Admin) authorizedApps.add(Applications.ManageCourses);
+
+        if (posterRole == Role.InscriptionService || posterRole == Role.Admin) authorizedApps.add(Applications.Inscription);
+
+        return authorizedApps;
+    }
+}

backend/src/main/java/ovh/herisson/Clyde/EndPoints/CurriculumController.java

@@ -43,28 +43,4 @@ public class CurriculumController {
     public ResponseEntity<Iterable<CurriculumCourse>> findAll(){
         return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK);
     }
-
-    /**@PostMapping("/curriculum")
-    public ResponseEntity<String> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){
-
-        if (!isSecretaryOrAdmin(token)){
-            return new UnauthorizedResponse<>("you're not allowed to post a Curriculum");
-        }
-
-        CurriculumServ.save(Curriculum);
-
-        return new ResponseEntity<>("created !",HttpStatus.CREATED);
-    }**/
-
-
-
-    private boolean isSecretaryOrAdmin(String authorization){
-        if (authorization ==null)
-            return false;
-
-        User poster = authServ.getUserFromToken(authorization);
-        if (poster == null) return false;
-
-        return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
-    }
 }

backend/src/main/java/ovh/herisson/Clyde/EndPoints/InscriptionController.java

@@ -32,7 +32,7 @@ public class InscriptionController {
     @GetMapping("/requests/register")
     public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){
 
-        if (!isSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
+        if (authServ.isNotSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
 
         Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
         ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
@@ -64,7 +64,7 @@ public class InscriptionController {
                                                                  @RequestHeader("Authorize") String token,
                                                                  @RequestBody RequestState requestState)
     {
-        if (!isSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
+        if (authServ.isNotSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
         inscriptionServ.modifyState(id, requestState);
         return null;
     }
@@ -83,15 +83,4 @@ public class InscriptionController {
         toReturn.put("state", inscriptionRequest.getState());
         return toReturn;
     }
-
-
-    private boolean isSecretaryOrAdmin(String authorization){
-        if (authorization ==null)
-            return false;
-
-        User poster = authServ.getUserFromToken(authorization);
-        if (poster == null) return false;
-
-        return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
-    }
 }

backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java

@@ -51,6 +51,7 @@ public class MockController {
         User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
         User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Secretary,passwordEncoder.encode("secretary"));
         User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
+        User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.InscriptionService,passwordEncoder.encode("inscriptionService"));
         mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke));
 
         userRepo.saveAll(mockUsers);

backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java

@@ -38,7 +38,7 @@ public class UserController {
     @PostMapping("/user")
     public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
 
-        if (!isSecretaryOrAdmin(authorization))
+        if (authServ.isNotSecretaryOrAdmin(authorization))
             return new UnauthorizedResponse<>(null);
 
         userService.save(user);
@@ -48,7 +48,7 @@ public class UserController {
     @GetMapping("/users")
     public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
 
-        if (!isSecretaryOrAdmin(authorization))
+        if (authServ.isNotSecretaryOrAdmin(authorization))
             return new UnauthorizedResponse<>(null);
 
         Iterable<User> users = userService.getAll();
@@ -78,7 +78,6 @@ public class UserController {
          */
     private HashMap<String,Object> userWithoutPassword(User user){
         HashMap<String,Object> toReturn = new HashMap<>();
-
         toReturn.put("regNo",user.getRegNo());
         toReturn.put("firstName",user.getFirstName());
         toReturn.put("lastName",user.getLastName());
@@ -90,15 +89,5 @@ public class UserController {
 
         return toReturn;
     }
-
-    private boolean isSecretaryOrAdmin(String authorization){
-        if (authorization ==null)
-            return false;
-
-        User poster = authServ.getUserFromToken(authorization);
-        if (poster == null) return false;
-
-        return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
-    }
 }
 

backend/src/main/java/ovh/herisson/Clyde/Services/AuthenticatorService.java

@@ -1,9 +1,8 @@
 package ovh.herisson.Clyde.Services;
 
 import org.springframework.stereotype.Service;
-import ovh.herisson.Clyde.EndPoints.LoginController;
-import ovh.herisson.Clyde.Repositories.InscriptionRepository;
 import ovh.herisson.Clyde.Tables.InscriptionRequest;
+import ovh.herisson.Clyde.Tables.Role;
 import ovh.herisson.Clyde.Tables.Token;
 import ovh.herisson.Clyde.Tables.User;
 
@@ -39,4 +38,17 @@ public class AuthenticatorService {
     public void register(InscriptionRequest inscriptionRequest) {
         inscriptionService.save(inscriptionRequest);
     }
+
+
+    public boolean isNotSecretaryOrAdmin(String authorization){
+        if (authorization ==null)
+            return true;
+
+        User poster = getUserFromToken(authorization);
+        if (poster == null) return true;
+
+        return poster.getRole() != Role.Secretary || poster.getRole() != Role.Admin;
+    }
+
 }
+

backend/src/main/java/ovh/herisson/Clyde/Services/StorageService.java

@@ -4,10 +4,8 @@ import org.springframework.stereotype.Service;
 import org.springframework.web.multipart.MultipartFile;
 import ovh.herisson.Clyde.Repositories.FileRepository;
 import ovh.herisson.Clyde.Tables.*;
-
 import java.io.File;
 import java.io.IOException;
-
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;

backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java

@@ -5,16 +5,15 @@ import org.springframework.stereotype.Service;
 import ovh.herisson.Clyde.Repositories.TokenRepository;
 import ovh.herisson.Clyde.Tables.Token;
 import ovh.herisson.Clyde.Tables.User;
-
 import java.io.UnsupportedEncodingException;
 import java.security.SecureRandom;
 import java.util.ArrayList;
+import java.util.Base64;
 import java.util.Calendar;
-import java.util.Date;
 
 @Service
 public class TokenService {
-    TokenRepository tokenRepo;
+    private final TokenRepository tokenRepo;
 
     public TokenService(TokenRepository tokenRepo){
         this.tokenRepo = tokenRepo;
@@ -30,13 +29,10 @@ public class TokenService {
         new SecureRandom().nextBytes(bytes);
         for (int i = 0; i < bytes.length; i++) {
             bytes[i] = (byte) (((bytes[i]+256)%256  %95+ 32));
-            while ((char)bytes[i] == ';'){
-                bytes[i] = new SecureRandom().generateSeed(1)[0];
-            }
         }
         // will never end up in the catch because of the way that SecureRandom.nextBytes is implemented
         try {
-            return new String(bytes,"ISO_8859_1");
+            return new String(Base64.getEncoder().encode(bytes),"ISO_8859_1");
         } catch (UnsupportedEncodingException e) {
             throw new RuntimeException(e);
         }

backend/src/main/java/ovh/herisson/Clyde/Tables/Applications.java

@@ -0,0 +1,21 @@
+package ovh.herisson.Clyde.Tables;
+
+public enum Applications {
+    // without any token
+    Login,
+
+    // with any token
+    Profile,
+
+
+    // Students and higher authorization
+    Msg,
+    Forum,
+    Rdv,
+
+    // teachers and Secretary authorization
+    ManageCourses,
+
+    // InscriptionService authorization
+    Inscription
+}

backend/src/main/java/ovh/herisson/Clyde/Tables/RequestState.java

@@ -3,5 +3,5 @@ package ovh.herisson.Clyde.Tables;
 public enum RequestState {
     Accepted,
     Refused,
-    Pending;
+    Pending
 }

backend/src/main/java/ovh/herisson/Clyde/Tables/Role.java

@@ -5,5 +5,5 @@ public enum Role {
     Student,
     Admin,
     InscriptionService,
-    Secretary;
+    Secretary
 }

frontend/src/App.vue

@@ -2,6 +2,7 @@
   import { toast } from 'vue3-toastify';
   import { ref, computed } from 'vue'
   import i18n, { setLang } from './i18n.js'
+  import { isLogged } from '@/rest/Users.js'
 
 
   // Liste des apps
@@ -23,6 +24,7 @@
   const currentPath = ref(window.location.hash)
 
   window.addEventListener('hashchange', () => {
+	Logged.value = isLogged();
     currentPath.value = window.location.hash
   })
 
@@ -36,6 +38,8 @@
   const login=ref(i18n("app.login"))
   const active=ref(false)
 
+  const Logged = ref(isLogged());
+
 </script>
 
 <template>
@@ -49,11 +53,11 @@
             </a></li>
         <li title=home>
             <a class="icon" href="#home">
-                <div class=" fa-solid fa-house" style="margin-top: 7px; margin-bottom: 3px;"></div>
+				<div class=" fa-solid fa-house" style="margin-top: 7px; margin-bottom: 3px;"></div>
             </a></li>
         <li style="float: right;" title=login>
             <a class="icon" href="#/login">
-                <div class="fa-solid fa-user"  style="margin-top: 7px; margin-bottom: 3px;"></div>
+                <div class="fa-solid fa-user" :style="Logged ? 'color: orange' : 'haha'" style="margin-top: 7px; margin-bottom: 3px; "></div>
             </a></li>
         <li style="float: right;" title=notifications>
             <a class="icon" href="#Notifications">

frontend/src/Apps/Login.vue

@@ -1,7 +1,7 @@
 <script setup>
   import { ref } from 'vue'
   import i18n from '@/i18n.js'
-  import { login , register } from '@/rest/Users.js'
+  import { login , register , disconnect} from '@/rest/Users.js'
   import { getAllCurriculums } from '@/rest/curriculum.js'
   import { uploadProfilePicture } from '@/rest/uploads.js'
   import {toast} from 'vue3-toastify'
@@ -42,6 +42,8 @@
     return toast('Password and Confirm Password are different',{type: "error",});
     }
   }
+  disconnect()
+
 </script>
 
 

frontend/src/Apps/Profil.vue

@@ -125,7 +125,7 @@ function getPP(){
         <div>
         </div>
     
-      <div v-if="(user.role=='teacher')">
+      <div v-if="(user.role==='Teacher')">
           <div class="listTitle">
             {{i18n("profile.course.list")}}
           </div>

frontend/src/rest/Users.js

@@ -1,9 +1,18 @@
 import { restGet, restPost } from './restConsumer.js'
+import { getCookie, setCookie } from '@/utils.js'
 
 export async function login(user, pass, exp){
 	return restPost("/login", {identifier: user, password: pass, expirationDate: exp});
 }
 
+export function isLogged(){
+	return getCookie("session_token") != "" 
+}
+
+export function disconnect(){ 
+	setCookie("session_token", ";expires= Thu, 01 Jan 1970 00:00:01 GMT")
+}
+
 /**
  * Register a user (tokenless)
  * 

frontend/src/rest/apps.js

@@ -0,0 +1,9 @@
+import { restGet } from './restConsumer.js' 
+
+export async function appList(){
+	return restGet("/apps")
+}
+
+export async function checkPage(page){
+	return restGet("/apps/" + page)
+}