Link back and front all get #115

Merged
tonitch merged 40 commits from wal/front/listingUsers into master 2024-03-18 20:20:37 +01:00
18 changed files with 140 additions and 72 deletions
Showing only changes of commit 36ce5a553b - Show all commits

View File

@ -0,0 +1,62 @@
package ovh.herisson.Clyde.EndPoints;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RestController;
import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Tables.Applications;
import ovh.herisson.Clyde.Tables.Role;
import java.util.ArrayList;
@RestController
public class ApplicationsController {
AuthenticatorService authServ;
public ApplicationsController(AuthenticatorService authServ){
this.authServ = authServ;
}
/** return a list of authorized applications.
* depends on the token
*/
@GetMapping("/apps")
public ResponseEntity<Iterable<Applications>> getAuthorizedApps(@RequestHeader("Authorization") String token){
return new ResponseEntity<>(getAuthorizedApplications(token), HttpStatus.OK);
}
@GetMapping("/apps/{identifier}")
public ResponseEntity<Boolean> getAppAuthorization(@PathVariable Applications identifier, @RequestHeader("Authorization") String token){
if (getAuthorizedApplications(token).contains(identifier)){
return new ResponseEntity<>(true, HttpStatus.OK);
}
return new ResponseEntity<>(false, HttpStatus.OK);
}
public ArrayList<Applications> getAuthorizedApplications(String token){
Role posterRole = authServ.getUserFromToken(token).getRole();
ArrayList<Applications> authorizedApps = new ArrayList<>();
authorizedApps.add(Applications.Login);
authorizedApps.add(Applications.Profile);
if (posterRole == Role.Teacher || posterRole == Role.Student || posterRole == Role.Admin){
authorizedApps.add(Applications.Msg);
authorizedApps.add(Applications.Forum);
authorizedApps.add(Applications.Rdv);
}
if (posterRole == Role.Teacher || posterRole == Role.Secretary || posterRole == Role.Admin) authorizedApps.add(Applications.ManageCourses);
if (posterRole == Role.InscriptionService || posterRole == Role.Admin) authorizedApps.add(Applications.Inscription);
return authorizedApps;
}
}

View File

@ -43,28 +43,4 @@ public class CurriculumController {
public ResponseEntity<Iterable<CurriculumCourse>> findAll(){ public ResponseEntity<Iterable<CurriculumCourse>> findAll(){
return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK); return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK);
} }
/**@PostMapping("/curriculum")
public ResponseEntity<String> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){
if (!isSecretaryOrAdmin(token)){
return new UnauthorizedResponse<>("you're not allowed to post a Curriculum");
}
CurriculumServ.save(Curriculum);
return new ResponseEntity<>("created !",HttpStatus.CREATED);
}**/
private boolean isSecretaryOrAdmin(String authorization){
if (authorization ==null)
return false;
User poster = authServ.getUserFromToken(authorization);
if (poster == null) return false;
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
}
} }

View File

@ -32,7 +32,7 @@ public class InscriptionController {
@GetMapping("/requests/register") @GetMapping("/requests/register")
public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){ public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){
if (!isSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);} if (authServ.isNotSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll(); Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
ArrayList<Map<String,Object>> toReturn = new ArrayList<>(); ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
@ -64,7 +64,7 @@ public class InscriptionController {
@RequestHeader("Authorize") String token, @RequestHeader("Authorize") String token,
@RequestBody RequestState requestState) @RequestBody RequestState requestState)
{ {
if (!isSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null); if (authServ.isNotSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
inscriptionServ.modifyState(id, requestState); inscriptionServ.modifyState(id, requestState);
return null; return null;
} }
@ -83,15 +83,4 @@ public class InscriptionController {
toReturn.put("state", inscriptionRequest.getState()); toReturn.put("state", inscriptionRequest.getState());
return toReturn; return toReturn;
} }
private boolean isSecretaryOrAdmin(String authorization){
if (authorization ==null)
return false;
User poster = authServ.getUserFromToken(authorization);
if (poster == null) return false;
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
}
} }

View File

@ -51,6 +51,7 @@ public class MockController {
User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student")); User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Secretary,passwordEncoder.encode("secretary")); User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Secretary,passwordEncoder.encode("secretary"));
User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher")); User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.InscriptionService,passwordEncoder.encode("inscriptionService"));
mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke)); mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke));
userRepo.saveAll(mockUsers); userRepo.saveAll(mockUsers);

View File

@ -38,7 +38,7 @@ public class UserController {
@PostMapping("/user") @PostMapping("/user")
public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){ public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
if (!isSecretaryOrAdmin(authorization)) if (authServ.isNotSecretaryOrAdmin(authorization))
return new UnauthorizedResponse<>(null); return new UnauthorizedResponse<>(null);
userService.save(user); userService.save(user);
@ -48,7 +48,7 @@ public class UserController {
@GetMapping("/users") @GetMapping("/users")
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){ public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
if (!isSecretaryOrAdmin(authorization)) if (authServ.isNotSecretaryOrAdmin(authorization))
return new UnauthorizedResponse<>(null); return new UnauthorizedResponse<>(null);
Iterable<User> users = userService.getAll(); Iterable<User> users = userService.getAll();
@ -78,7 +78,6 @@ public class UserController {
*/ */
private HashMap<String,Object> userWithoutPassword(User user){ private HashMap<String,Object> userWithoutPassword(User user){
HashMap<String,Object> toReturn = new HashMap<>(); HashMap<String,Object> toReturn = new HashMap<>();
toReturn.put("regNo",user.getRegNo()); toReturn.put("regNo",user.getRegNo());
toReturn.put("firstName",user.getFirstName()); toReturn.put("firstName",user.getFirstName());
toReturn.put("lastName",user.getLastName()); toReturn.put("lastName",user.getLastName());
@ -90,15 +89,5 @@ public class UserController {
return toReturn; return toReturn;
} }
private boolean isSecretaryOrAdmin(String authorization){
if (authorization ==null)
return false;
User poster = authServ.getUserFromToken(authorization);
if (poster == null) return false;
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
}
} }

View File

@ -1,9 +1,8 @@
package ovh.herisson.Clyde.Services; package ovh.herisson.Clyde.Services;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.EndPoints.LoginController;
import ovh.herisson.Clyde.Repositories.InscriptionRepository;
import ovh.herisson.Clyde.Tables.InscriptionRequest; import ovh.herisson.Clyde.Tables.InscriptionRequest;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.Token; import ovh.herisson.Clyde.Tables.Token;
import ovh.herisson.Clyde.Tables.User; import ovh.herisson.Clyde.Tables.User;
@ -39,4 +38,17 @@ public class AuthenticatorService {
public void register(InscriptionRequest inscriptionRequest) { public void register(InscriptionRequest inscriptionRequest) {
inscriptionService.save(inscriptionRequest); inscriptionService.save(inscriptionRequest);
} }
public boolean isNotSecretaryOrAdmin(String authorization){
if (authorization ==null)
return true;
User poster = getUserFromToken(authorization);
if (poster == null) return true;
return poster.getRole() != Role.Secretary || poster.getRole() != Role.Admin;
}
} }

View File

@ -4,10 +4,8 @@ import org.springframework.stereotype.Service;
import org.springframework.web.multipart.MultipartFile; import org.springframework.web.multipart.MultipartFile;
import ovh.herisson.Clyde.Repositories.FileRepository; import ovh.herisson.Clyde.Repositories.FileRepository;
import ovh.herisson.Clyde.Tables.*; import ovh.herisson.Clyde.Tables.*;
import java.io.File; import java.io.File;
import java.io.IOException; import java.io.IOException;
import java.nio.file.Files; import java.nio.file.Files;
import java.nio.file.Path; import java.nio.file.Path;
import java.nio.file.Paths; import java.nio.file.Paths;

View File

@ -5,16 +5,15 @@ import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.Repositories.TokenRepository; import ovh.herisson.Clyde.Repositories.TokenRepository;
import ovh.herisson.Clyde.Tables.Token; import ovh.herisson.Clyde.Tables.Token;
import ovh.herisson.Clyde.Tables.User; import ovh.herisson.Clyde.Tables.User;
import java.io.UnsupportedEncodingException; import java.io.UnsupportedEncodingException;
import java.security.SecureRandom; import java.security.SecureRandom;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Base64;
import java.util.Calendar; import java.util.Calendar;
import java.util.Date;
@Service @Service
public class TokenService { public class TokenService {
TokenRepository tokenRepo; private final TokenRepository tokenRepo;
public TokenService(TokenRepository tokenRepo){ public TokenService(TokenRepository tokenRepo){
this.tokenRepo = tokenRepo; this.tokenRepo = tokenRepo;
@ -30,13 +29,10 @@ public class TokenService {
new SecureRandom().nextBytes(bytes); new SecureRandom().nextBytes(bytes);
for (int i = 0; i < bytes.length; i++) { for (int i = 0; i < bytes.length; i++) {
bytes[i] = (byte) (((bytes[i]+256)%256 %95+ 32)); bytes[i] = (byte) (((bytes[i]+256)%256 %95+ 32));
while ((char)bytes[i] == ';'){
bytes[i] = new SecureRandom().generateSeed(1)[0];
}
} }
// will never end up in the catch because of the way that SecureRandom.nextBytes is implemented // will never end up in the catch because of the way that SecureRandom.nextBytes is implemented
try { try {
return new String(bytes,"ISO_8859_1"); return new String(Base64.getEncoder().encode(bytes),"ISO_8859_1");
} catch (UnsupportedEncodingException e) { } catch (UnsupportedEncodingException e) {
throw new RuntimeException(e); throw new RuntimeException(e);
} }

View File

@ -0,0 +1,21 @@
package ovh.herisson.Clyde.Tables;
public enum Applications {
// without any token
Login,
// with any token
Profile,
// Students and higher authorization
Msg,
Forum,
Rdv,
// teachers and Secretary authorization
ManageCourses,
// InscriptionService authorization
Inscription
}

View File

@ -3,5 +3,5 @@ package ovh.herisson.Clyde.Tables;
public enum RequestState { public enum RequestState {
Accepted, Accepted,
Refused, Refused,
Pending; Pending
} }

View File

@ -5,5 +5,5 @@ public enum Role {
Student, Student,
Admin, Admin,
InscriptionService, InscriptionService,
Secretary; Secretary
} }

View File

@ -2,6 +2,7 @@
import { toast } from 'vue3-toastify'; import { toast } from 'vue3-toastify';
import { ref, computed } from 'vue' import { ref, computed } from 'vue'
import i18n, { setLang } from './i18n.js' import i18n, { setLang } from './i18n.js'
import { isLogged } from '@/rest/Users.js'
// Liste des apps // Liste des apps
@ -23,6 +24,7 @@
const currentPath = ref(window.location.hash) const currentPath = ref(window.location.hash)
window.addEventListener('hashchange', () => { window.addEventListener('hashchange', () => {
Logged.value = isLogged();
currentPath.value = window.location.hash currentPath.value = window.location.hash
}) })
@ -36,6 +38,8 @@
const login=ref(i18n("app.login")) const login=ref(i18n("app.login"))
const active=ref(false) const active=ref(false)
const Logged = ref(isLogged());
</script> </script>
<template> <template>
@ -49,11 +53,11 @@
</a></li> </a></li>
<li title=home> <li title=home>
<a class="icon" href="#home"> <a class="icon" href="#home">
<div class=" fa-solid fa-house" style="margin-top: 7px; margin-bottom: 3px;"></div> <div class=" fa-solid fa-house" style="margin-top: 7px; margin-bottom: 3px;"></div>
</a></li> </a></li>
<li style="float: right;" title=login> <li style="float: right;" title=login>
<a class="icon" href="#/login"> <a class="icon" href="#/login">
<div class="fa-solid fa-user" style="margin-top: 7px; margin-bottom: 3px;"></div> <div class="fa-solid fa-user" :style="Logged ? 'color: orange' : 'haha'" style="margin-top: 7px; margin-bottom: 3px; "></div>
</a></li> </a></li>
<li style="float: right;" title=notifications> <li style="float: right;" title=notifications>
<a class="icon" href="#Notifications"> <a class="icon" href="#Notifications">

View File

@ -1,7 +1,7 @@
<script setup> <script setup>
import { ref } from 'vue' import { ref } from 'vue'
import i18n from '@/i18n.js' import i18n from '@/i18n.js'
import { login , register } from '@/rest/Users.js' import { login , register , disconnect} from '@/rest/Users.js'
import { getAllCurriculums } from '@/rest/curriculum.js' import { getAllCurriculums } from '@/rest/curriculum.js'
import { uploadProfilePicture } from '@/rest/uploads.js' import { uploadProfilePicture } from '@/rest/uploads.js'
import {toast} from 'vue3-toastify' import {toast} from 'vue3-toastify'
@ -42,6 +42,8 @@
return toast('Password and Confirm Password are different',{type: "error",}); return toast('Password and Confirm Password are different',{type: "error",});
} }
} }
disconnect()
</script> </script>

View File

@ -125,7 +125,7 @@ function getPP(){
<div> <div>
</div> </div>
<div v-if="(user.role=='teacher')"> <div v-if="(user.role==='Teacher')">
<div class="listTitle"> <div class="listTitle">
{{i18n("profile.course.list")}} {{i18n("profile.course.list")}}
</div> </div>

View File

@ -1,9 +1,18 @@
import { restGet, restPost } from './restConsumer.js' import { restGet, restPost } from './restConsumer.js'
import { getCookie, setCookie } from '@/utils.js'
export async function login(user, pass, exp){ export async function login(user, pass, exp){
return restPost("/login", {identifier: user, password: pass, expirationDate: exp}); return restPost("/login", {identifier: user, password: pass, expirationDate: exp});
} }
export function isLogged(){
return getCookie("session_token") != ""
}
export function disconnect(){
setCookie("session_token", ";expires= Thu, 01 Jan 1970 00:00:01 GMT")
}
/** /**
* Register a user (tokenless) * Register a user (tokenless)
* *

View File

@ -0,0 +1,9 @@
import { restGet } from './restConsumer.js'
export async function appList(){
return restGet("/apps")
}
export async function checkPage(page){
return restGet("/apps/" + page)
}