Max/Backend/ReturnUserPasswordIssue #137

Merged
Maxime merged 17 commits from Max/Backend/ReturnUserPasswordIssue into master 2024-03-17 21:36:54 +01:00
29 changed files with 492 additions and 264 deletions

View File

@ -30,7 +30,6 @@ public class ApplicationsController {
*/
@GetMapping("/apps")
public ResponseEntity<Iterable<Applications>> getAuthorizedApps(@RequestHeader("Authorization") String token){
return new ResponseEntity<>(getAuthorizedApplications(token), HttpStatus.OK);
}
@ -46,24 +45,27 @@ public class ApplicationsController {
public ArrayList<Applications> getAuthorizedApplications(String token){
ArrayList<Applications> authorizedApps = new ArrayList<>();
//if unAuthed
authorizedApps.add(Applications.Login);
authorizedApps.add(Applications.Profile);
User user = authServ.getUserFromToken(token);
if(user == null)
return authorizedApps;
return authorizedApps;
// if authed
authorizedApps.add(Applications.Profile);
Role posterRole = user.getRole();
if (posterRole == Role.Teacher || posterRole == Role.Student || posterRole == Role.Admin){
if (!authServ.isNotIn(new Role[]{Role.Teacher,Role.Student,Role.Admin},token)) {
authorizedApps.add(Applications.Msg);
authorizedApps.add(Applications.Forum);
authorizedApps.add(Applications.Rdv);
}
if (posterRole == Role.Teacher || posterRole == Role.Secretary || posterRole == Role.Admin) authorizedApps.add(Applications.ManageCourses);
//if Teacher or Secretary or Admin add ManageCourses App
if (!authServ.isNotIn(new Role[]{Role.Teacher,Role.Secretary,Role.Admin},token))
authorizedApps.add(Applications.ManageCourses);
if (posterRole == Role.InscriptionService || posterRole == Role.Admin) authorizedApps.add(Applications.Inscription);
if (!authServ.isNotIn(new Role[]{Role.InscriptionService,Role.Admin},token))
authorizedApps.add(Applications.Inscription);
return authorizedApps;
}

View File

@ -6,13 +6,13 @@ import org.springframework.web.bind.annotation.*;
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Services.CourseService;
import ovh.herisson.Clyde.Services.ProtectionService;
import ovh.herisson.Clyde.Services.TeacherCourseService;
import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.TeacherCourse;
import ovh.herisson.Clyde.Tables.User;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
@RestController
@ -32,20 +32,58 @@ public class CourseController {
}
@GetMapping("/course/{id}")
public ResponseEntity<Course> getCourse(@RequestHeader("Authorization") String token, @PathVariable long id){
public ResponseEntity<HashMap<String,Object>> getCourse(@RequestHeader("Authorization") String token, @PathVariable long id){
if (authServ.getUserFromToken(token) == null)
return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(courseServ.findById(id), HttpStatus.OK);
Course foundCourse = courseServ.findById(id);
if (foundCourse == null)
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(ProtectionService.courseWithoutPassword(foundCourse), HttpStatus.OK);
}
@GetMapping("/courses")
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllCourses(@RequestHeader("Authorization") String token){
if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(ProtectionService.coursesWithoutPasswords(courseServ.findAll()),HttpStatus.OK);
}
@GetMapping("/courses/owned")
public ResponseEntity<Iterable<HashMap<String ,Object>>> getOwnedCourses(@RequestHeader("Authorization") String token){
if (authServ.isNotIn(new Role[]{Role.Admin,Role.Teacher},token))
return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(ProtectionService.coursesWithoutPasswords(courseServ.findOwnedCourses(authServ.getUserFromToken(token))),HttpStatus.OK);
}
@GetMapping("/course/{id}/assistants")
public ResponseEntity<Iterable<HashMap<String,Object>>> getCourseAssistants(@RequestHeader("Authorization")String token, @PathVariable long id){
if (authServ.getUserFromToken(token) == null)
return new UnauthorizedResponse<>(null);
Iterable<User> assistants = teacherCourseServ.findCourseAssistants(courseServ.findById(id));
return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(assistants),HttpStatus.OK);
}
@PostMapping("/course")
public ResponseEntity<Course> postCourse(@RequestHeader("Authorization") String token, @RequestBody Course course){
if (authServ.isNotSecretaryOrAdmin(token))
public ResponseEntity<Map<String ,Object>> postCourse(@RequestHeader("Authorization") String token,
@RequestBody Course course)
{
if (authServ.isNotIn(new Role[]{Role.Secretary,Role.Admin},token))
return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(courseServ.save(course), HttpStatus.CREATED);
Course createdCourse = courseServ.save(course);
if (createdCourse == null)
return new ResponseEntity<>(null,HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(ProtectionService.courseWithoutPassword(createdCourse), HttpStatus.CREATED);
}
@ -55,11 +93,15 @@ public class CourseController {
@PathVariable long id)
{
if (authServ.IsNotIn(new Role[]{Role.Admin,Role.Teacher,Role.Secretary}, token)){
if (authServ.isNotIn(new Role[]{Role.Admin,Role.Teacher,Role.Secretary}, token))
return new UnauthorizedResponse<>(null);
}
return new ResponseEntity<>(courseServ.modifyData(id, updates, authServ.getUserFromToken(token).getRole()), HttpStatus.OK);
if (!courseServ.modifyData(id, updates, authServ.getUserFromToken(token).getRole()))
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(HttpStatus.OK);
}
@PostMapping("/course/{id}")
@ -67,14 +109,14 @@ public class CourseController {
@RequestBody Iterable<Long> teacherIds,
@PathVariable Long id)
{
if (authServ.IsNotIn(new Role[]{Role.Admin,Role.Secretary}, token))
if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary}, token))
return new UnauthorizedResponse<>(null);
if (!teacherCourseServ.saveAll(teacherIds,courseServ.findById(id)))
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
teacherCourseServ.saveAll(teacherIds,courseServ.findById(id));
return new ResponseEntity<>(HttpStatus.OK);
}
}

View File

@ -4,13 +4,12 @@ package ovh.herisson.Clyde.EndPoints;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Services.CurriculumCourseService;
import ovh.herisson.Clyde.Services.CurriculumService;
import ovh.herisson.Clyde.Tables.Curriculum;
import ovh.herisson.Clyde.Tables.CurriculumCourse;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.User;
import java.util.Map;
@ -31,30 +30,41 @@ public class CurriculumController {
}
@GetMapping("/curriculum/{id}")
public ResponseEntity<Curriculum> findById(@PathVariable long id){
return new ResponseEntity<>(curriculumServ.findById(id), HttpStatus.OK);
public ResponseEntity<Map<String,Object>> findById(@PathVariable long id){
Curriculum foundCurriculum = curriculumServ.findById(id);
if (foundCurriculum == null)
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(curriculumCourseServ.getDepthCurriculum(foundCurriculum), HttpStatus.OK);
}
@GetMapping("/curriculums")
public ResponseEntity<Iterable<Map<String, Object>>> findAllindDepth(){
public ResponseEntity<Iterable<Map<String, Object>>> findAllIndDepth(){
return new ResponseEntity<>(curriculumCourseServ.getAllDepthCurriculum(),HttpStatus.OK);
}
@GetMapping("/curriculum")
public ResponseEntity<Iterable<CurriculumCourse>> findAll(){
return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK);
@PostMapping("/curriculum")
public ResponseEntity<Curriculum> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){
if (authServ.isNotIn(new Role[]{Role.Secretary,Role.Admin},token))
return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(curriculumServ.save(curriculum),HttpStatus.CREATED);
}
/**@PostMapping("/curriculum") //todo now
public ResponseEntity<String> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){
@PostMapping("/curriculum/{id}")
public ResponseEntity<String> postCoursesToCurriculum(@RequestHeader("Authorization") String token,
@RequestBody Iterable<Long> coursesIds,
@PathVariable long id)
{
if (!isSecretaryOrAdmin(token)){
return new UnauthorizedResponse<>("you're not allowed to post a Curriculum");
}
if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
return new UnauthorizedResponse<>(null);
CurriculumServ.save(Curriculum);
return new ResponseEntity<>("created !",HttpStatus.CREATED);
}**/
if (!curriculumCourseServ.saveAll(coursesIds, curriculumServ.findById(id)))
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(HttpStatus.OK);
}
}

View File

@ -9,14 +9,12 @@ import ovh.herisson.Clyde.Services.InscriptionService;
import ovh.herisson.Clyde.Tables.InscriptionRequest;
import ovh.herisson.Clyde.Tables.RequestState;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.User;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
@RestController
@CrossOrigin(originPatterns = "*", allowCredentials = "true")
public class InscriptionController {
@ -32,7 +30,8 @@ public class InscriptionController {
@GetMapping("/requests/register")
public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){
if (authServ.isNotSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
if (authServ.isNotIn(new Role[]{Role.Admin,Role.InscriptionService},token))
return new UnauthorizedResponse<>(null);
Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
@ -46,41 +45,48 @@ public class InscriptionController {
@GetMapping("/request/register/{id}")
public ResponseEntity<Map<String,Object>> getById(@PathVariable long id){
InscriptionRequest inscriptionRequest = inscriptionServ.getById(id);
if (inscriptionRequest == null) {return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);}
public ResponseEntity<Map<String,Object>> getById(@RequestHeader("Authorization") String token, @PathVariable long id){
return new ResponseEntity<>(requestWithoutPassword(inscriptionRequest), HttpStatus.OK);
}
if (authServ.isNotIn(new Role[]{Role.Admin,Role.InscriptionService},token))
return new UnauthorizedResponse<>(null);
@GetMapping("request/user/{id}")
public ResponseEntity<InscriptionRequest> getUserInscriptionRequest(@PathVariable long id, @RequestHeader("Authorize") String token){
//todo return l'inscriptionRequest ACTUELLE du user (check si le poster est bien le même que id target ou secretariat)
return null;
InscriptionRequest foundInscriptionRequest = inscriptionServ.getById(id);
if (foundInscriptionRequest == null)
return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(requestWithoutPassword(foundInscriptionRequest), HttpStatus.OK);
}
@PatchMapping("/request/register/{id}")
public ResponseEntity<InscriptionRequest> changeRequestState(@PathVariable long id,
@RequestHeader("Authorize") String token,
@RequestHeader("Authorization") String token,
@RequestBody RequestState requestState)
{
if (authServ.isNotSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
inscriptionServ.modifyState(id, requestState);
return null;
if (authServ.isNotIn(new Role[]{Role.InscriptionService,Role.Admin},token))
return new UnauthorizedResponse<>(null);
if (!inscriptionServ.modifyState(id, requestState))
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(HttpStatus.OK);
}
private Map<String, Object> requestWithoutPassword(InscriptionRequest inscriptionRequest) {
Map<String, Object> toReturn = new HashMap<>();
toReturn.put("id", inscriptionRequest.getId());
toReturn.put("firstName", inscriptionRequest.getFirstName());
toReturn.put("lastName", inscriptionRequest.getLastName());
toReturn.put("firstName", inscriptionRequest.getFirstName());
toReturn.put("address", inscriptionRequest.getAddress());
toReturn.put("email",inscriptionRequest.getEmail());
toReturn.put("birthDate", inscriptionRequest.getBirthDate());
toReturn.put("country", inscriptionRequest.getCountry());
toReturn.put("curriculum", inscriptionRequest.getCurriculum());
toReturn.put("profilePictureUrl", inscriptionRequest.getProfilePicture());
toReturn.put("curriculum", inscriptionRequest.getCurriculumId());
toReturn.put("state", inscriptionRequest.getState());
toReturn.put("profilePictureUrl", inscriptionRequest.getProfilePicture());
return toReturn;
}
}

View File

@ -1,4 +1,5 @@
package ovh.herisson.Clyde.EndPoints;
import com.fasterxml.jackson.annotation.JsonFormat;
import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus;
@ -7,7 +8,6 @@ import org.springframework.web.bind.annotation.*;
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Tables.InscriptionRequest;
import java.util.Date;
@RestController
@ -44,9 +44,8 @@ public class LoginController {
return ResponseEntity.ok().headers(responseHeaders).build();
}
@PostMapping("/request/register")
public ResponseEntity<String> register(@RequestBody InscriptionRequest inscriptionRequest){
authServ.register(inscriptionRequest);
return new ResponseEntity<>("Is OK", HttpStatus.CREATED);
@PostMapping("/register")
public ResponseEntity<InscriptionRequest> register(@RequestBody InscriptionRequest inscriptionRequest){
return new ResponseEntity<>(authServ.register(inscriptionRequest), HttpStatus.CREATED);
}
}

View File

@ -6,7 +6,6 @@ import ovh.herisson.Clyde.Repositories.TokenRepository;
import ovh.herisson.Clyde.Repositories.UserRepository;
import ovh.herisson.Clyde.Services.*;
import ovh.herisson.Clyde.Tables.*;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Date;
@ -51,12 +50,11 @@ public class MockController {
User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Secretary,passwordEncoder.encode("secretary"));
User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.Teacher,passwordEncoder.encode("inscriptionService"));
mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke));
User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.InscriptionService,passwordEncoder.encode("inscriptionService"));
mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke,lena));
userRepo.saveAll(mockUsers);
// Course / Curriculum part
Curriculum infoBab1 = new Curriculum(1,"info");
@ -68,7 +66,7 @@ public class MockController {
curriculumService.save(psychologyBab1);
Course progra1 = new Course(5,"Programmation et algorithimque 1",joke);
Course progra1 = new Course(5,"Programmation et algorithmique 1",joke);
Course chemistry1 = new Course(12, "Thermochimie",joke);
Course psycho1 = new Course(21, "rien faire t'as cru c'est psycho",joke);
Course commun = new Course(2, "cours commun",joke);
@ -89,16 +87,6 @@ public class MockController {
CurriculumCourseService.save(new CurriculumCourse(chemistryBab1,commun));
CurriculumCourseService.save(new CurriculumCourse(chemistryBab1,chemistry1));
}
@DeleteMapping("/mock")
public void deleteMock(){
for (User user:mockUsers){
tokenRepo.deleteAll(tokenRepo.getByUser(user));
}
userRepo.deleteAll(mockUsers);
}
}

View File

@ -22,12 +22,13 @@ public class StorageController {
@PostMapping("/upload/{fileType}")
public ResponseEntity<StorageFile> handleFileUpload(@RequestParam("file") MultipartFile file, @PathVariable FileType fileType) {
StorageFile fileEntry = null;
StorageFile fileEntry;
try {
fileEntry = storageServ.store(file,fileType);
} catch(Exception e){
e.printStackTrace();
e.printStackTrace();
return new ResponseEntity<>(null,HttpStatus.BAD_REQUEST);
}

View File

@ -1,11 +1,15 @@
package ovh.herisson.Clyde.EndPoints;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RestController;
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Services.TokenService;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.Token;
@RestController
@ -14,13 +18,20 @@ public class TokenController {
private final TokenService tokenServ;
public TokenController(TokenService tokenServ){
private final AuthenticatorService authServ;
public TokenController(TokenService tokenServ, AuthenticatorService authServ){
this.tokenServ = tokenServ;
this.authServ = authServ;
}
@GetMapping("/tokens")
public Iterable<Token> getTokens(){
return tokenServ.getAllTokens();
public ResponseEntity<Iterable<Token>> getTokens(@RequestHeader("Authorization")String token){
if (authServ.isNotIn(new Role[]{Role.Admin},token))
return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(tokenServ.getAllTokens(), HttpStatus.OK);
}
}

View File

@ -1,16 +1,15 @@
package ovh.herisson.Clyde.EndPoints;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Services.ProtectionService;
import ovh.herisson.Clyde.Services.UserService;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.User;
import java.security.Key;
import java.util.ArrayList;
import java.util.HashMap;
import java.util.Map;
@ -27,66 +26,79 @@ public class UserController {
this.authServ = authServ;
}
/** returns information about the connected user
*
* @param token the session token of the user
* @return the user information except his password
*/
@GetMapping("/user")
public ResponseEntity<HashMap<String,Object>> getUser(@RequestHeader("Authorization") String authorization){
public ResponseEntity<HashMap<String,Object>> getUser(@RequestHeader("Authorization") String token){
if (authorization == null) return new UnauthorizedResponse<>(null);
User user = authServ.getUserFromToken(authorization);
if (user == null) return new UnauthorizedResponse<>(null);
User user = authServ.getUserFromToken(token);
if (user == null) return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(userWithoutPassword(user), HttpStatus.OK);
return new ResponseEntity<>(ProtectionService.userWithoutPassword(user), HttpStatus.OK);
}
@PostMapping("/user")
public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
public ResponseEntity<Map<String ,Object>> postUser(@RequestBody User user,@RequestHeader("Authorization") String token){
if (authServ.isNotSecretaryOrAdmin(authorization))
if (authServ.isNotIn(new Role[]{Role.Admin,Role.InscriptionService,Role.Secretary},token))
return new UnauthorizedResponse<>(null);
userService.save(user);
return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
return new ResponseEntity<>(ProtectionService.userWithoutPassword(userService.save(user)),HttpStatus.CREATED);
}
@GetMapping("/users")
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String token){
if (authServ.isNotSecretaryOrAdmin(authorization))
if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
return new UnauthorizedResponse<>(null);
Iterable<User> users = userService.getAll();
ArrayList<HashMap<String, Object>> withoutPassword = new ArrayList<>();
Role posterRole = authServ.getUserFromToken(token).getRole();
for (User u :users){
withoutPassword.add(userWithoutPassword(u));
}
return new ResponseEntity<>(withoutPassword, HttpStatus.OK);
Iterable<User> users = new ArrayList<>();
if (posterRole == Role.Admin)
users = userService.getAll();
else if (posterRole == Role.Secretary)
users = userService.getAllExceptAdmins();
return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(users), HttpStatus.OK);
}
@PatchMapping("/user")
public ResponseEntity<String> patchUser(@RequestBody Map<String,Object> updates, @RequestHeader("Authorization") String authorization) {
if (authorization == null) return new UnauthorizedResponse<>(null);
/** changes the specified user's information
*
* @param updates the changes to be made
* @param token the session token of the user posting the change
* @param id the id of the user to change
* @return a string clarifying the issue (if there is any)
*/
@PatchMapping("/user/{id}")
public ResponseEntity<String> patchUser(@RequestHeader("Authorization") String token,
@RequestBody Map<String,Object> updates,
@PathVariable Long id) {
User poster = authServ.getUserFromToken(authorization);
if (poster == null) {return new UnauthorizedResponse<>("bad authorization");}
if (token == null) return new UnauthorizedResponse<>(null);
if (!userService.modifyData(poster, updates, poster))
User poster = authServ.getUserFromToken(token);
if (poster == null) {return new UnauthorizedResponse<>("bad token");}
if (!userService.modifyData(id, updates, poster))
return new UnauthorizedResponse<>("there was an issue with the updates requested");
return new ResponseEntity<>("data modified", HttpStatus.OK);
return new ResponseEntity<>(null, HttpStatus.OK);
}
@GetMapping("/teachers")
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllTeachers(@RequestHeader("Authorization") String token){
if (authServ.getUserFromToken(token) == null)
return new UnauthorizedResponse<>(null);
Iterable<User> teachers = userService.getAllTeachers();
ArrayList<HashMap<String, Object>> withoutPassword = new ArrayList<>();
for (User t: teachers){
withoutPassword.add(userWithoutPassword(t));
}
return new ResponseEntity<>(withoutPassword, HttpStatus.OK);
return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(teachers), HttpStatus.OK);
}
@ -95,34 +107,8 @@ public class UserController {
if (authServ.getUserFromToken(token) == null)
return new UnauthorizedResponse<>(null);
Iterable<User> teachers = userService.getAllStudents();
ArrayList<HashMap<String, Object>> withoutPassword = new ArrayList<>();
Iterable<User> students = userService.getAllStudents();
for (User t: teachers){
withoutPassword.add(userWithoutPassword(t));
}
return new ResponseEntity<>(withoutPassword, HttpStatus.OK);
}
/** return user's data except password
* @param user the user to return
* @return all the user data without the password
*/
private HashMap<String,Object> userWithoutPassword(User user){
HashMap<String,Object> toReturn = new HashMap<>();
toReturn.put("regNo",user.getRegNo());
toReturn.put("firstName",user.getFirstName());
toReturn.put("lastName",user.getLastName());
toReturn.put("birthDate",user.getBirthDate());
toReturn.put("country",user.getCountry());
toReturn.put("address",user.getAddress());
toReturn.put("role",user.getRole());
return toReturn;
return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(students), HttpStatus.OK);
}
}

View File

@ -1,8 +1,15 @@
package ovh.herisson.Clyde.Repositories;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.CrudRepository;
import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.User;
public interface CourseRepository extends CrudRepository<Course,Long> {
Course findById(long id);
@Query("select c from Course c where c.owner = ?1")
Iterable<Course> findAllOwnedCoures(User teacher);
}

View File

@ -1,8 +1,14 @@
package ovh.herisson.Clyde.Repositories;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.CrudRepository;
import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.TeacherCourse;
import ovh.herisson.Clyde.Tables.User;
public interface TeacherCourseRepository extends CrudRepository<TeacherCourse, Long> {
@Query("select tc.user from TeacherCourse tc where tc.course = ?1")
Iterable<User> findAllAssistantOfCourse(Course course);
}

View File

@ -10,7 +10,5 @@ public interface TokenRepository extends CrudRepository<Token,Long> {
Token getByToken(String token);
Iterable<Token> getByUser(User user);
ArrayList <Token> getByUserOrderByExpirationDate(User user);
}

View File

@ -0,0 +1,7 @@
package ovh.herisson.Clyde.Repositories;
import org.springframework.data.repository.CrudRepository;
import ovh.herisson.Clyde.Tables.UserCurriculum;
public interface UserCurriculumRepository extends CrudRepository<UserCurriculum, Long> {
}

View File

@ -4,22 +4,20 @@ import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.CrudRepository;
import ovh.herisson.Clyde.Tables.User;
import java.util.List;
public interface UserRepository extends CrudRepository<User, Long> {
User findById(long id);
User findByEmail(String email);
/**
@Query(value = "select a.* from Users a ",nativeQuery = true)
Iterable<User> findAllUsers();**/
@Query("select u from User u where u.role = ovh.herisson.Clyde.Tables.Role.Teacher")
Iterable<User> findAllTeachers();
@Query("select u from User u where u.role = ovh.herisson.Clyde.Tables.Role.Student")
Iterable<User> findAllStudents();
@Query("select u from User u where u.role <> ovh.herisson.Clyde.Tables.Role.Admin")
Iterable<User> findAllExceptAdmins();
}

View File

@ -1,11 +1,7 @@
package ovh.herisson.Clyde.Services;
import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.Tables.InscriptionRequest;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.Token;
import ovh.herisson.Clyde.Tables.User;
import ovh.herisson.Clyde.Tables.*;
import java.util.Date;
@Service
@ -35,22 +31,11 @@ public class AuthenticatorService {
return token;
}
public void register(InscriptionRequest inscriptionRequest) {
inscriptionService.save(inscriptionRequest);
public InscriptionRequest register(InscriptionRequest inscriptionRequest) {
return inscriptionService.save(inscriptionRequest);
}
public boolean isNotSecretaryOrAdmin(String authorization){
if (authorization ==null)
return true;
User poster = getUserFromToken(authorization);
if (poster == null) return true;
return poster.getRole() != Role.Secretary || poster.getRole() != Role.Admin;
}
public boolean IsNotIn(Role[] roles, String token){
public boolean isNotIn(Role[] roles, String token){
if (token == null)
return true;

View File

@ -5,7 +5,6 @@ import ovh.herisson.Clyde.Repositories.CourseRepository;
import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.User;
import java.util.Map;
@Service
@ -18,6 +17,8 @@ public class CourseService {
}
public Course save(Course course){
if (course.getOwner().getRole() != Role.Teacher)
return null;
return courseRepo.save(course);
}
@ -25,18 +26,37 @@ public class CourseService {
return courseRepo.findById(id);
}
public Course modifyData(long id, Map<String, Object> updates, Role role) {
public Iterable<Course> findAll() {
return courseRepo.findAll();
}
public Iterable<Course> findOwnedCourses(User userFromToken) {
return courseRepo.findAllOwnedCoures(userFromToken);
}
public boolean modifyData(long id, Map<String, Object> updates, Role role) {
Course target = courseRepo.findById(id);
if (target == null)
return false;
if (role == Role.Teacher){
for (Map.Entry<String, Object> entry : updates.entrySet()){
if (entry.getKey().equals("title")){
target.setTitle((String) entry.getValue());
return courseRepo.save(target);
courseRepo.save(target);
return true;
}
}
}
if (role != Role.Secretary)
return false;
for (Map.Entry<String ,Object> entry: updates.entrySet()){
switch (entry.getKey()){
case "title":
@ -46,10 +66,15 @@ public class CourseService {
target.setCredits((Integer) entry.getValue());
break;
case "owner":
target.setOwner((User) entry.getValue()); //todo check if is a teacher !
if (((User) entry.getValue() ).getRole() != Role.Teacher)
break;
target.setOwner((User) entry.getValue());
break;
}
}
return courseRepo.save(target);
courseRepo.save(target);
return true;
}
}

View File

@ -4,9 +4,7 @@ import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.Repositories.CourseRepository;
import ovh.herisson.Clyde.Repositories.CurriculumCourseRepository;
import ovh.herisson.Clyde.Repositories.CurriculumRepository;
import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.Curriculum;
import ovh.herisson.Clyde.Tables.CurriculumCourse;
import ovh.herisson.Clyde.Tables.*;
import java.util.ArrayList;
import java.util.HashMap;
@ -31,17 +29,18 @@ public class CurriculumCourseService {
curriculumCourseRepo.save(curriculumCourse);
}
public Iterable<CurriculumCourse> findAll(){
return curriculumCourseRepo.findAll();
}
public Map<String, Object> getDepthCurriculum(Curriculum curriculum){
if (curriculum == null)
return null;
HashMap<String ,Object> toReturn = new HashMap<>();
ArrayList<Course> courses = new ArrayList<>();
for (Course c: curriculumCourseRepo.findCoursesByCurriculum(curriculum)){
courses.add(c);
ArrayList<Map<String ,Object>> courses = new ArrayList<>();
Iterable<Course> foundCourses = curriculumCourseRepo.findCoursesByCurriculum(curriculum);
for (Course c: foundCourses){
courses.add(ProtectionService.courseWithoutPassword(c));
}
toReturn.put("courses",courses);
toReturn.put("curriculumId", curriculum.getCurriculumId());
@ -56,13 +55,39 @@ public class CurriculumCourseService {
ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
for (Curriculum curriculum : curriculumCourseRepo.findDistinctCurriculums()){
for (Curriculum curriculum : curriculumRepo.findAll()){
toReturn.add(getDepthCurriculum(curriculum));
}
return toReturn;
}
/** tries to add all courses to the curriculum
*
* @param coursesIds the ids of the courses to be added
* @param curriculum the curriculum to add the courses to
* @return if the changes were made
*/
public boolean saveAll(Iterable<Long> coursesIds, Curriculum curriculum) {
if (curriculum == null || coursesIds == null)
return false;
ArrayList<Course> toAdd = new ArrayList<>();
for (Long courseId : coursesIds){
Course course = courseRepo.findById((long) courseId);
if (course == null)
return false;
if (!toAdd.contains(course))
toAdd.add(course);
}
for (Course course : toAdd){
curriculumCourseRepo.save(new CurriculumCourse(curriculum,course));
}
return true;
}
}

View File

@ -1,7 +1,6 @@
package ovh.herisson.Clyde.Services;
import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.Repositories.CourseRepository;
import ovh.herisson.Clyde.Repositories.CurriculumRepository;
import ovh.herisson.Clyde.Tables.Curriculum;
@ -10,23 +9,14 @@ public class CurriculumService {
private final CurriculumRepository curriculumRepo;
private final CourseRepository courseRepo;
public CurriculumService(CurriculumRepository curriculumRepo, CourseRepository courseRepo){
public CurriculumService(CurriculumRepository curriculumRepo){
this.curriculumRepo = curriculumRepo;
this.courseRepo = courseRepo;
}
public void save(Curriculum curriculum){
curriculumRepo.save(curriculum);
public Curriculum save(Curriculum curriculum){
return curriculumRepo.save(curriculum);
}
public Curriculum findById(long id){
return curriculumRepo.findById(id);
}
public Iterable<Curriculum> findAll(){
return curriculumRepo.findAll();
}
}

View File

@ -1,21 +1,40 @@
package ovh.herisson.Clyde.Services;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.Repositories.CurriculumRepository;
import ovh.herisson.Clyde.Repositories.InscriptionRepository;
import ovh.herisson.Clyde.Repositories.UserCurriculumRepository;
import ovh.herisson.Clyde.Repositories.UserRepository;
import ovh.herisson.Clyde.Tables.InscriptionRequest;
import ovh.herisson.Clyde.Tables.RequestState;
import ovh.herisson.Clyde.Tables.User;
import ovh.herisson.Clyde.Tables.UserCurriculum;
@Service
public class InscriptionService {
InscriptionRepository inscriptionRepo;
private final InscriptionRepository inscriptionRepo;
public InscriptionService(InscriptionRepository inscriptionRepo){
private final UserRepository userRepo;
private final UserCurriculumRepository userCurriculumRepo;
private final CurriculumRepository curriculumRepo;
private final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
public InscriptionService(InscriptionRepository inscriptionRepo, UserRepository userRepo, UserCurriculumRepository userCurriculumRepo, CurriculumRepository curriculumRepo){
this.inscriptionRepo = inscriptionRepo;
this.userRepo = userRepo;
this.userCurriculumRepo = userCurriculumRepo;
this.curriculumRepo = curriculumRepo;
}
public void save(InscriptionRequest inscriptionRequest){
inscriptionRepo.save(inscriptionRequest);
public InscriptionRequest save(InscriptionRequest inscriptionRequest){
inscriptionRequest.setPassword(passwordEncoder.encode(inscriptionRequest.getPassword()));
return inscriptionRepo.save(inscriptionRequest);
}
public InscriptionRequest getById(long id){
@ -26,9 +45,46 @@ public class InscriptionService {
return inscriptionRepo.findAll();
}
public void modifyState(long id, RequestState requestState) {
InscriptionRequest inscriptionRequest = getById(id);
inscriptionRequest.setState(requestState);
save(inscriptionRequest);
public boolean modifyState(long id, RequestState requestState) {
InscriptionRequest inscrRequest = getById(id);
if (inscrRequest == null)
return false;
// if th state is the same we don't send an email
if (requestState == inscrRequest.getState())
return false;
/** todo send an email to tell the poster of the inscrRequest (inscrRequest.getEmail())
* to notify them that the state of their request changed
* FooEmailFormat toSend = (String.format("Your request state changed from %s to %s"),
* inscrRequest.getState(), requestState)
* FooEmailSender.send(toSend, inscrRequest.getEmail())
*/
//saves the user from the request if accepted
if (requestState == RequestState.Accepted)
{
if (curriculumRepo.findById(inscrRequest.getCurriculumId()) == null)
return false;
User userFromRequest = new User(
inscrRequest.getLastName(),
inscrRequest.getFirstName(),
inscrRequest.getEmail(),
inscrRequest.getAddress(),
inscrRequest.getCountry(),
inscrRequest.getBirthDate(),
inscrRequest.getProfilePicture(),
inscrRequest.getPassword()
);
userRepo.save(userFromRequest);
userCurriculumRepo.save(new UserCurriculum(userFromRequest, curriculumRepo.findById(inscrRequest.getCurriculumId())));
}
inscrRequest.setState(requestState);
save(inscrRequest);
return true;
}
}

View File

@ -0,0 +1,65 @@
package ovh.herisson.Clyde.Services;
import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.User;
import java.util.ArrayList;
import java.util.HashMap;
public class ProtectionService {
/** return user's data except password
* @param user the user to return
* @return all the user data without the password
*/
public static HashMap<String,Object> userWithoutPassword(User user){
HashMap<String,Object> toReturn = new HashMap<>();
toReturn.put("regNo",user.getRegNo());
toReturn.put("lastName",user.getLastName());
toReturn.put("firstName",user.getFirstName());
toReturn.put("email", user.getEmail());
toReturn.put("address",user.getAddress());
toReturn.put("birthDate",user.getBirthDate());
toReturn.put("country",user.getCountry());
toReturn.put("profilePictureUrl",user.getProfilePictureUrl());
toReturn.put("role",user.getRole());
return toReturn;
}
public static Iterable<HashMap<String ,Object>>usersWithoutPasswords(Iterable<User> users){
ArrayList<HashMap<String,Object>> toReturn = new ArrayList<>();
for (User u : users){
toReturn.add(userWithoutPassword(u));
}
return toReturn;
}
public static HashMap<String,Object> courseWithoutPassword(Course course){
HashMap<String ,Object> toReturn = new HashMap<>();
toReturn.put("courseId",course.getCourseID());
toReturn.put("credits",course.getCredits());
toReturn.put("title", course.getTitle());
toReturn.put("owner", userWithoutPassword(course.getOwner()));
return toReturn;
}
public static Iterable<HashMap<String ,Object>> coursesWithoutPasswords(Iterable<Course> courses){
ArrayList<HashMap<String,Object>> toReturn = new ArrayList<>();
for (Course course: courses){
toReturn.add(ProtectionService.courseWithoutPassword(course));
}
return toReturn;
}
}

View File

@ -35,6 +35,9 @@ public class StorageService {
public StorageFile store(MultipartFile file, FileType fileType) {
if (file == null || file.getOriginalFilename() == null)
return null;
if (file.getOriginalFilename().isEmpty()){return null;}
UUID uuid = UUID.randomUUID();

View File

@ -4,6 +4,7 @@ import org.springframework.stereotype.Controller;
import ovh.herisson.Clyde.Repositories.TeacherCourseRepository;
import ovh.herisson.Clyde.Repositories.UserRepository;
import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.TeacherCourse;
import ovh.herisson.Clyde.Tables.User;
@ -20,20 +21,33 @@ public class TeacherCourseService {
this.userRepo = userRepo;
}
public Iterable<User> findCourseAssistants(Course course) {
if (course == null)
return null;
return teacherCourseRepo.findAllAssistantOfCourse(course);
}
public boolean saveAll(Iterable<Long> teacherIds, Course course){
ArrayList<Long> addedIds = new ArrayList<>();
if (course == null || teacherIds == null)
return false;
ArrayList<User> toAdd = new ArrayList<>();
for (Long teacherId : teacherIds){
User teacher = userRepo.findById((long) teacherId);
if ( teacher== null){
return false;
}
if (!addedIds.contains(teacherId))
if (!toAdd.contains(teacher) && teacher.getRole() == Role.Teacher)
{
teacherCourseRepo.save(new TeacherCourse(teacher,course));
addedIds.add(teacherId);
toAdd.add(teacher);
}
}
for (User teacher: toAdd){
teacherCourseRepo.save(new TeacherCourse(teacher,course));
}
return true;
}
}

View File

@ -40,16 +40,19 @@ public class TokenService {
public User getUserFromToken(String token) {
Token tokenRep = tokenRepo.getByToken(token);
if (tokenRep == null) return null;
if (tokenRep == null)
return null;
return tokenRep.getUser();
}
public void saveToken(Token token){
//Si l'utilisateur a déja 5 token delete celui qui devait expirer le plus vite
ArrayList<Token> tokenList = tokenRepo.getByUserOrderByExpirationDate(token.getUser());
while(tokenList.size() >= 5){
tokenRepo.delete(tokenList.get(0));
tokenList.remove(tokenList.get(0));
tokenRepo.delete(tokenList.getFirst());
tokenList.remove(tokenList.getFirst());
}
tokenRepo.save(token);
}
@ -67,5 +70,5 @@ public class TokenService {
tokenRepo.delete(t);
}
}
};
}
}

View File

@ -17,8 +17,15 @@ public class UserService {
}
/** return the user identified by th identifier
*
* @param identifier can be an email or the RegNo
* @return the identified user
*/
public User getUser(String identifier){
if (identifier == null) return null;
if (identifier == null)
return null;
try {
int id = Integer.parseInt(identifier);
return userRepo.findById(id);
@ -33,16 +40,18 @@ public class UserService {
*
* @param poster the user wanting to modify target's data
* @param updates the changes to be made
* @param target the user to update
* @param targetId the id of the user to update
* @return if the changes were done or not
*/
public boolean modifyData(User poster, Map<String ,Object> updates, User target){
public boolean modifyData(long targetId, Map<String ,Object> updates, User poster){
User target = userRepo.findById(targetId);
if (target == null)
return false;
if (poster.getRegNo().equals(target.getRegNo())){
for (Map.Entry<String, Object> entry : updates.entrySet()){
if ( entry.getKey().equals("regNo") || entry.getKey().equals("role")) {return false;}
switch (entry.getKey()){
case "firstName":
target.setFirstName((String) entry.getValue());
@ -78,13 +87,14 @@ public class UserService {
{
for (Map.Entry<String, Object> entry : updates.entrySet()){
if ( !entry.getKey().equals("role")) {return false;}
if ( entry.getKey().equals("role")) {
if (entry.getValue() == Role.Admin){return false;}
if (entry.getValue() == Role.Admin) {return false;}
target.setRole((Role) entry.getValue());
userRepo.save(target);
return true;
target.setRole((Role) entry.getValue());
userRepo.save(target);
return true;
}
}
}
return false;
@ -95,15 +105,18 @@ public class UserService {
return passwordEncoder.matches(tryingPassword, user.getPassword());
}
public void save(User user){
public User save(User user){
user.setPassword(passwordEncoder.encode(user.getPassword()));
userRepo.save(user);
return userRepo.save(user);
}
public Iterable<User> getAll(){
return userRepo.findAll();
}
public Iterable<User> getAllExceptAdmins(){
return userRepo.findAllExceptAdmins();
}
public Iterable<User> getAllTeachers (){return userRepo.findAllTeachers();}

View File

@ -1,7 +1,6 @@
package ovh.herisson.Clyde.Tables;
import jakarta.persistence.*;
import java.util.Date;
@ -17,21 +16,20 @@ public class InscriptionRequest {
private String country;
private Date birthDate;
@ManyToOne
@JoinColumn(name="Curriculum")
private Curriculum curriculum;
private Long curriculumId;
private RequestState state;
private String profilePicture;
private String password;
public InscriptionRequest(){}
public InscriptionRequest(String lastName, String firstName, String address, String email, String country, Date birthDate, RequestState state, String profilePicture, String password){
public InscriptionRequest(String lastName, String firstName, String address, String email, String country, Date birthDate,Long curriculumId, RequestState state, String profilePicture, String password){
this.lastName = lastName;
this.firstName = firstName;
this.address = address;
this.email = email;
this.country = country;
this.birthDate = birthDate;
this.curriculumId = curriculumId;
this.state = state;
this.profilePicture = profilePicture;
this.password = password;
@ -89,12 +87,12 @@ public class InscriptionRequest {
this.birthDate = birthDate;
}
public Curriculum getCurriculum() {
return curriculum;
public long getCurriculumId() {
return curriculumId;
}
public void setCurriculum(Curriculum curriculum) {
this.curriculum = curriculum;
public void setCurriculumId(long curriculum) {
this.curriculumId = curriculum;
}
public RequestState getState() {
@ -112,4 +110,12 @@ public class InscriptionRequest {
public void setProfilePicture(String profilePicture) {
this.profilePicture = profilePicture;
}
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
}

View File

@ -3,7 +3,7 @@ package ovh.herisson.Clyde.Tables;
import jakarta.persistence.*;
@Entity
public class ReinscriptionRequest {
public class ReInscriptionRequest {
@Id
@GeneratedValue(strategy = GenerationType.AUTO)
private int id;
@ -21,16 +21,16 @@ public class ReinscriptionRequest {
//Pour la réinscription on va le mettre a 0
private boolean type = false;
public ReinscriptionRequest(){}
public ReInscriptionRequest(){}
public ReinscriptionRequest(User user, Curriculum newCurriculum, RequestState state, boolean type){
public ReInscriptionRequest(User user, Curriculum newCurriculum, RequestState state, boolean type){
this.user = user;
this.newCurriculum = newCurriculum;
this.state = state;
this.type = type;
}
public ReinscriptionRequest(User user, Curriculum newCurriculum, RequestState state){
public ReInscriptionRequest(User user, Curriculum newCurriculum, RequestState state){
this.user = user;
this.newCurriculum = newCurriculum;
this.state = state;

View File

@ -24,7 +24,6 @@ public class StorageFile {
public StorageFile(){}
public void setId(Long id) {
this.id = id;
}

View File

@ -1,8 +1,6 @@
package ovh.herisson.Clyde.Tables;
import jakarta.persistence.*;
import org.springframework.scheduling.annotation.Scheduled;
import ovh.herisson.Clyde.Repositories.TokenRepository;
import java.util.Date;

View File

@ -1,11 +1,8 @@
package ovh.herisson.Clyde.Tables;
import jakarta.persistence.*;
import java.util.Date;
//Classe représentant un utilisateur l'attribut password demande surement un peu de rafinement niveau sécurité
//et l'attribut tokenApi doit encore être ajouté vu qu'il faut en discuter
@Entity
@Table(name = "Users")
@ -37,18 +34,6 @@ public class User {
this.password = password;
}
/** Constructor for the first registration request from a student (can't specify a Role)
*
* @param lastName
* @param firstName
* @param email
* @param address
* @param country
* @param birthDate
* @param profilePictureUrl
* @param password
*/
public User(String lastName, String firstName, String email, String address,
String country, Date birthDate, String profilePictureUrl, String password)
{
@ -95,8 +80,8 @@ public class User {
return address;
}
public void setAddress(String adress) {
this.address = adress;
public void setAddress(String address) {
this.address = address;
}
public String getCountry() {