added ApplicationController and Application enum #119

Merged
tonitch merged 4 commits from Max/Backend/AppsController into master 2024-03-16 14:51:57 +01:00
13 changed files with 53 additions and 87 deletions
Showing only changes of commit 182be8ac7b - Show all commits

View File

@ -31,22 +31,31 @@ public class ApplicationsController {
return new ResponseEntity<>(getAuthorizedApplications(token), HttpStatus.OK);
}
private ArrayList<Applications> getAuthorizedApplications(String token){
@GetMapping("/apps/{identifier}")
public ResponseEntity<Boolean> getAppAuthorization(@PathVariable Applications identifier, @RequestHeader("Authorization") String token){
if (getAuthorizedApplications(token).contains(identifier)){
return new ResponseEntity<>(true, HttpStatus.OK);
}
return new ResponseEntity<>(false, HttpStatus.OK);
}
public ArrayList<Applications> getAuthorizedApplications(String token){
Role posterRole = authServ.getUserFromToken(token).getRole();
ArrayList<Applications> authorizedApps = new ArrayList<>();
authorizedApps.add(Applications.LOGIN);
authorizedApps.add(Applications.PROFILE);
authorizedApps.add(Applications.Login);
authorizedApps.add(Applications.Profile);
if (posterRole == Role.Teacher || posterRole == Role.Student || posterRole == Role.Admin){
authorizedApps.add(Applications.MSG);
authorizedApps.add(Applications.FORUM);
authorizedApps.add(Applications.RDV);
authorizedApps.add(Applications.Msg);
authorizedApps.add(Applications.Forum);
authorizedApps.add(Applications.Rdv);
Maxime marked this conversation as resolved Outdated

cette ligne est un peut bizzare dans le sens ou si il est admin il va retourner direct et par récupérer les autres... Aussi de base msg forum et rdv c'est que pour les student et profs. Si c'est chiant pourquoi pas laisser msg et forum mais rdv c'est spécifique aux profs et etudiants ^^

cette ligne est un peut bizzare dans le sens ou si il est admin il va retourner direct et par récupérer les autres... Aussi de base msg forum et rdv c'est que pour les student et profs. Si c'est chiant pourquoi pas laisser msg et forum mais rdv c'est spécifique aux profs et etudiants ^^

petit mistake oui bien vu !

petit mistake oui bien vu !
}
if (posterRole == Role.Teacher || posterRole == Role.Secretary || posterRole == Role.Admin) authorizedApps.add(Applications.MANAGECOURSES);
if (posterRole == Role.Teacher || posterRole == Role.Secretary || posterRole == Role.Admin) authorizedApps.add(Applications.ManageCourses);
if (posterRole == Role.InscriptionService || posterRole == Role.Admin) authorizedApps.add(Applications.INSCRIPTION);
if (posterRole == Role.InscriptionService || posterRole == Role.Admin) authorizedApps.add(Applications.Inscription);
return authorizedApps;
}

View File

@ -43,28 +43,4 @@ public class CurriculumController {
public ResponseEntity<Iterable<CurriculumCourse>> findAll(){
return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK);
}
/**@PostMapping("/curriculum")
public ResponseEntity<String> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){
if (!isSecretaryOrAdmin(token)){
return new UnauthorizedResponse<>("you're not allowed to post a Curriculum");
}
CurriculumServ.save(Curriculum);
return new ResponseEntity<>("created !",HttpStatus.CREATED);
}**/
private boolean isSecretaryOrAdmin(String authorization){
if (authorization ==null)
return false;
User poster = authServ.getUserFromToken(authorization);
if (poster == null) return false;
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
}
}

View File

@ -32,7 +32,7 @@ public class InscriptionController {
@GetMapping("/requests/register")
public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){
if (!isSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
if (authServ.isNotSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
@ -64,7 +64,7 @@ public class InscriptionController {
@RequestHeader("Authorize") String token,
@RequestBody RequestState requestState)
{
if (!isSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
if (authServ.isNotSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
inscriptionServ.modifyState(id, requestState);
return null;
}
@ -83,15 +83,4 @@ public class InscriptionController {
toReturn.put("state", inscriptionRequest.getState());
return toReturn;
}
private boolean isSecretaryOrAdmin(String authorization){
if (authorization ==null)
return false;
User poster = authServ.getUserFromToken(authorization);
if (poster == null) return false;
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
}
}

View File

@ -51,6 +51,7 @@ public class MockController {
User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Teacher,passwordEncoder.encode("secretary"));
User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.Teacher,passwordEncoder.encode("inscriptionService"));
mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke));
userRepo.saveAll(mockUsers);

View File

@ -38,7 +38,7 @@ public class UserController {
@PostMapping("/user")
public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
if (!isSecretaryOrAdmin(authorization))
if (authServ.isNotSecretaryOrAdmin(authorization))
return new UnauthorizedResponse<>(null);
userService.save(user);
@ -48,7 +48,7 @@ public class UserController {
@GetMapping("/users")
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
if (!isSecretaryOrAdmin(authorization))
if (authServ.isNotSecretaryOrAdmin(authorization))
return new UnauthorizedResponse<>(null);
Iterable<User> users = userService.getAll();
@ -78,7 +78,6 @@ public class UserController {
*/
private HashMap<String,Object> userWithoutPassword(User user){
HashMap<String,Object> toReturn = new HashMap<>();
toReturn.put("regNo",user.getRegNo());
toReturn.put("firstName",user.getFirstName());
toReturn.put("lastName",user.getLastName());
@ -86,18 +85,7 @@ public class UserController {
toReturn.put("country",user.getCountry());
toReturn.put("address",user.getAddress());
toReturn.put("role",user.getRole());
return toReturn;
}
private boolean isSecretaryOrAdmin(String authorization){
if (authorization ==null)
return false;
User poster = authServ.getUserFromToken(authorization);
if (poster == null) return false;
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
}
}

View File

@ -1,9 +1,8 @@
package ovh.herisson.Clyde.Services;
import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.EndPoints.LoginController;
import ovh.herisson.Clyde.Repositories.InscriptionRepository;
import ovh.herisson.Clyde.Tables.InscriptionRequest;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.Token;
import ovh.herisson.Clyde.Tables.User;
@ -39,4 +38,17 @@ public class AuthenticatorService {
public void register(InscriptionRequest inscriptionRequest) {
inscriptionService.save(inscriptionRequest);
}
public boolean isNotSecretaryOrAdmin(String authorization){
if (authorization ==null)
return true;
User poster = getUserFromToken(authorization);
if (poster == null) return true;
return poster.getRole() != Role.Secretary || poster.getRole() != Role.Admin;
}
}

View File

@ -4,10 +4,8 @@ import org.springframework.stereotype.Service;
import org.springframework.web.multipart.MultipartFile;
import ovh.herisson.Clyde.Repositories.FileRepository;
import ovh.herisson.Clyde.Tables.*;
import java.io.File;
import java.io.IOException;
import java.nio.file.Files;
import java.nio.file.Path;
import java.nio.file.Paths;

View File

@ -5,16 +5,15 @@ import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.Repositories.TokenRepository;
import ovh.herisson.Clyde.Tables.Token;
import ovh.herisson.Clyde.Tables.User;
import java.io.UnsupportedEncodingException;
import java.security.SecureRandom;
import java.util.ArrayList;
import java.util.Base64;
import java.util.Calendar;
import java.util.Date;
@Service
public class TokenService {
TokenRepository tokenRepo;
private final TokenRepository tokenRepo;
public TokenService(TokenRepository tokenRepo){
this.tokenRepo = tokenRepo;
@ -30,13 +29,10 @@ public class TokenService {
new SecureRandom().nextBytes(bytes);
for (int i = 0; i < bytes.length; i++) {
bytes[i] = (byte) (((bytes[i]+256)%256 %95+ 32));
while ((char)bytes[i] == ';'){
bytes[i] = new SecureRandom().generateSeed(1)[0];
}
}
// will never end up in the catch because of the way that SecureRandom.nextBytes is implemented
try {
return new String(bytes,"ISO_8859_1");
return new String(Base64.getEncoder().encode(bytes),"ISO_8859_1");
} catch (UnsupportedEncodingException e) {
throw new RuntimeException(e);
}

View File

@ -2,23 +2,20 @@ package ovh.herisson.Clyde.Tables;
public enum Applications {
// without any token
LOGIN,
Login,
// with any token
PROFILE,
Profile,
// Students and higher authorization
MSG,
FORUM,
RDV,
Msg,
Forum,
Rdv,
// teachers and Secretary authorization
MANAGECOURSES,
ManageCourses,
// InscriptionService authorization
INSCRIPTION;
Inscription
}

View File

@ -3,5 +3,5 @@ package ovh.herisson.Clyde.Tables;
public enum RequestState {
Accepted,
Refused,
Pending;
Pending
}

View File

@ -5,5 +5,5 @@ public enum Role {
Student,
Admin,
InscriptionService,
Secretary;
Secretary
}