2024-03-16 14:38:20 +01:00
13 changed files with 109 additions and 64 deletions
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/ApplicationsController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/ApplicationsController.java
@ -0,0 +1,62 @@
 package ovh.herisson.Clyde.EndPoints;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PathVariable;
 import org.springframework.web.bind.annotation.RequestHeader;
 import org.springframework.web.bind.annotation.RestController;
 import ovh.herisson.Clyde.Services.AuthenticatorService;
 import ovh.herisson.Clyde.Tables.Applications;
 import ovh.herisson.Clyde.Tables.Role;
 import java.util.ArrayList;
@RestController
 public class ApplicationsController {
    AuthenticatorService authServ;
    public ApplicationsController(AuthenticatorService authServ){
    this.authServ = authServ;
    }
    /** return a list of authorized applications.
     *  depends on the token
     */
    @GetMapping("/apps")
    public ResponseEntity<Iterable<Applications>> getAuthorizedApps(@RequestHeader("Authorization") String token){
        return new ResponseEntity<>(getAuthorizedApplications(token), HttpStatus.OK);
    }
    @GetMapping("/apps/{identifier}")
    public ResponseEntity<Boolean> getAppAuthorization(@PathVariable Applications identifier, @RequestHeader("Authorization") String token){
        if (getAuthorizedApplications(token).contains(identifier)){
            return new ResponseEntity<>(true, HttpStatus.OK);
        }
        return new ResponseEntity<>(false, HttpStatus.OK);
    }
    public ArrayList<Applications> getAuthorizedApplications(String token){
        Role posterRole = authServ.getUserFromToken(token).getRole();
        ArrayList<Applications> authorizedApps = new ArrayList<>();
        authorizedApps.add(Applications.Login);
        authorizedApps.add(Applications.Profile);
        authorizedApps.add(Applications.Msg);
        authorizedApps.add(Applications.Forum);
        authorizedApps.add(Applications.Rdv);
        if (posterRole == Role.Student || posterRole == Role.Admin) return authorizedApps;
        if (posterRole == Role.Teacher || posterRole == Role.Secretary || posterRole == Role.Admin) authorizedApps.add(Applications.ManageCourses);
        if (posterRole == Role.InscriptionService || posterRole == Role.Admin) authorizedApps.add(Applications.Inscription);
        return authorizedApps;
    }
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CurriculumController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CurriculumController.java
@ -43,28 +43,4 @@ public class CurriculumController {
    public ResponseEntity<Iterable<CurriculumCourse>> findAll(){
        return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK);
    }
    /**@PostMapping("/curriculum")
    public ResponseEntity<String> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){
        if (!isSecretaryOrAdmin(token)){
            return new UnauthorizedResponse<>("you're not allowed to post a Curriculum");
        }
        CurriculumServ.save(Curriculum);
        return new ResponseEntity<>("created !",HttpStatus.CREATED);
    }**/
    private boolean isSecretaryOrAdmin(String authorization){
        if (authorization ==null)
            return false;
        User poster = authServ.getUserFromToken(authorization);
        if (poster == null) return false;
        return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
    }
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/InscriptionController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/InscriptionController.java
@ -32,7 +32,7 @@ public class InscriptionController {
    @GetMapping("/requests/register")
    public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){
-        if (!isSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
+        if (authServ.isNotSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
        Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
        ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
@ -64,7 +64,7 @@ public class InscriptionController {
                                                                 @RequestHeader("Authorize") String token,
                                                                 @RequestBody RequestState requestState)
    {
-        if (!isSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
+        if (authServ.isNotSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
        inscriptionServ.modifyState(id, requestState);
        return null;
    }
@ -83,15 +83,4 @@ public class InscriptionController {
        toReturn.put("state", inscriptionRequest.getState());
        return toReturn;
    }
-
+}
    private boolean isSecretaryOrAdmin(String authorization){
        if (authorization ==null)
            return false;
        User poster = authServ.getUserFromToken(authorization);
        if (poster == null) return false;
        return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
    }
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/LoginController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/LoginController.java
@ -49,4 +49,4 @@ public class LoginController {
        authServ.register(inscriptionRequest);
        return new ResponseEntity<>("Is OK", HttpStatus.OK);
    }
-}
+}
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java
@ -51,6 +51,7 @@ public class MockController {
        User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
        User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Teacher,passwordEncoder.encode("secretary"));
        User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
        User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.Teacher,passwordEncoder.encode("inscriptionService"));
        mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke));
        userRepo.saveAll(mockUsers);
--- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java
@ -38,7 +38,7 @@ public class UserController {
    @PostMapping("/user")
    public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
-        if (!isSecretaryOrAdmin(authorization))
+        if (authServ.isNotSecretaryOrAdmin(authorization))
            return new UnauthorizedResponse<>(null);
        userService.save(user);
@ -48,7 +48,7 @@ public class UserController {
    @GetMapping("/users")
    public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
-        if (!isSecretaryOrAdmin(authorization))
+        if (authServ.isNotSecretaryOrAdmin(authorization))
            return new UnauthorizedResponse<>(null);
        Iterable<User> users = userService.getAll();
@ -78,7 +78,6 @@ public class UserController {
         */
    private HashMap<String,Object> userWithoutPassword(User user){
        HashMap<String,Object> toReturn = new HashMap<>();
        toReturn.put("regNo",user.getRegNo());
        toReturn.put("firstName",user.getFirstName());
        toReturn.put("lastName",user.getLastName());
@ -86,18 +85,7 @@ public class UserController {
        toReturn.put("country",user.getCountry());
        toReturn.put("address",user.getAddress());
        toReturn.put("role",user.getRole());
        return toReturn;
    }
    private boolean isSecretaryOrAdmin(String authorization){
        if (authorization ==null)
            return false;
        User poster = authServ.getUserFromToken(authorization);
        if (poster == null) return false;
        return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
    }
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/AuthenticatorService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/AuthenticatorService.java
@ -1,9 +1,8 @@
 package ovh.herisson.Clyde.Services;
 import org.springframework.stereotype.Service;
 import ovh.herisson.Clyde.EndPoints.LoginController;
 import ovh.herisson.Clyde.Repositories.InscriptionRepository;
 import ovh.herisson.Clyde.Tables.InscriptionRequest;
 import ovh.herisson.Clyde.Tables.Role;
 import ovh.herisson.Clyde.Tables.Token;
 import ovh.herisson.Clyde.Tables.User;
@ -39,4 +38,17 @@ public class AuthenticatorService {
    public void register(InscriptionRequest inscriptionRequest) {
        inscriptionService.save(inscriptionRequest);
    }
    public boolean isNotSecretaryOrAdmin(String authorization){
        if (authorization ==null)
            return true;
        User poster = getUserFromToken(authorization);
        if (poster == null) return true;
        return poster.getRole() != Role.Secretary || poster.getRole() != Role.Admin;
    }
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/InscriptionService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/InscriptionService.java
@ -31,4 +31,4 @@ public class InscriptionService {
        inscriptionRequest.setState(requestState);
        save(inscriptionRequest);
    }
-}
+}
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/StorageService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/StorageService.java
@ -4,10 +4,8 @@ import org.springframework.stereotype.Service;
 import org.springframework.web.multipart.MultipartFile;
 import ovh.herisson.Clyde.Repositories.FileRepository;
 import ovh.herisson.Clyde.Tables.*;
 import java.io.File;
 import java.io.IOException;
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
--- a/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java
@ -5,17 +5,15 @@ import org.springframework.stereotype.Service;
 import ovh.herisson.Clyde.Repositories.TokenRepository;
 import ovh.herisson.Clyde.Tables.Token;
 import ovh.herisson.Clyde.Tables.User;
 import java.io.UnsupportedEncodingException;
 import java.security.SecureRandom;
 import java.util.ArrayList;
 import java.util.Base64;
 import java.util.Calendar;
 import java.util.Date;
@Service
 public class TokenService {
-    TokenRepository tokenRepo;
+    private final TokenRepository tokenRepo;
    public TokenService(TokenRepository tokenRepo){
        this.tokenRepo = tokenRepo;
--- a/backend/src/main/java/ovh/herisson/Clyde/Tables/Applications.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/Applications.java
@ -0,0 +1,21 @@
 package ovh.herisson.Clyde.Tables;
 public enum Applications {
    // without any token
    Login,
    // with any token
    Profile,
    // Students and higher authorization
    Msg,
    Forum,
    Rdv,
    // teachers and Secretary authorization
    ManageCourses,
    // InscriptionService authorization
    Inscription
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Tables/RequestState.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/RequestState.java
@ -3,5 +3,5 @@ package ovh.herisson.Clyde.Tables;
 public enum RequestState {
    Accepted,
    Refused,
-    Pending;
+    Pending
 }
--- a/backend/src/main/java/ovh/herisson/Clyde/Tables/Role.java
+++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/Role.java
@ -5,5 +5,5 @@ public enum Role {
    Student,
    Admin,
    InscriptionService,
-    Secretary;
+    Secretary
-}
+}