Max/Backend/UserControllerUpdate #94
@ -48,7 +48,6 @@ public class MockController {
|
|||||||
User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
|
User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
|
||||||
User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Teacher,passwordEncoder.encode("secretary"));
|
User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Teacher,passwordEncoder.encode("secretary"));
|
||||||
User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
|
User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
|
||||||
|
|
||||||
mockUsers = new ArrayList<User>(Arrays.asList(herobrine,joe,meh,joke));
|
mockUsers = new ArrayList<User>(Arrays.asList(herobrine,joe,meh,joke));
|
||||||
|
|
||||||
userRepo.saveAll(mockUsers);
|
userRepo.saveAll(mockUsers);
|
||||||
|
@ -1,15 +1,23 @@
|
|||||||
package ovh.herisson.Clyde.EndPoints;
|
package ovh.herisson.Clyde.EndPoints;
|
||||||
|
|
||||||
|
|
||||||
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
|
|
||||||
|
import org.springframework.http.MediaType;
|
||||||
import org.springframework.http.ResponseEntity;
|
import org.springframework.http.ResponseEntity;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
|
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
|
||||||
import ovh.herisson.Clyde.Services.AuthenticatorService;
|
import ovh.herisson.Clyde.Services.AuthenticatorService;
|
||||||
import ovh.herisson.Clyde.Services.UserService;
|
import ovh.herisson.Clyde.Services.UserService;
|
||||||
|
import ovh.herisson.Clyde.Tables.Role;
|
||||||
import ovh.herisson.Clyde.Tables.User;
|
import ovh.herisson.Clyde.Tables.User;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
|
||||||
@RestController
|
@RestController
|
||||||
@CrossOrigin(origins = "http://localhost:5173")
|
@CrossOrigin(origins = "http://localhost:5173")
|
||||||
@ -23,25 +31,80 @@ public class UserController {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("/user")
|
@GetMapping("/user")
|
||||||
Maxime marked this conversation as resolved
Outdated
|
|||||||
public ResponseEntity<User> getUser(@RequestHeader("Cookie") String authorization){
|
public ResponseEntity<HashMap<String,Object>> getUser(@RequestHeader("Authorization") String authorization){
|
||||||
|
|
||||||
if (authorization == null) return new UnauthorizedResponse<>(null);
|
if (authorization == null) return new UnauthorizedResponse<>(null);
|
||||||
User user = authServ.getUserFromToken(authorization);
|
User user = authServ.getUserFromToken(authorization);
|
||||||
if (user == null) return new UnauthorizedResponse<>(null);
|
if (user == null) return new UnauthorizedResponse<>(null);
|
||||||
return new ResponseEntity<>(user, HttpStatus.OK);
|
|
||||||
|
return new ResponseEntity<>(userWithoutPassword(user), HttpStatus.OK);
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping("/user") //todo check role
|
@PostMapping("/user")
|
||||||
public ResponseEntity<String> postUser(@RequestBody User user){
|
public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
|
||||||
|
|
||||||
|
if (!isSecretaryOrAdmin(authorization))
|
||||||
|
return new UnauthorizedResponse<>(null);
|
||||||
|
|
||||||
userService.save(user);
|
userService.save(user);
|
||||||
return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
|
return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
|
||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("/users")
|
@GetMapping("/users")
|
||||||
public Iterable<User> getAllUsers(){
|
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
|
||||||
return userService.getAll();
|
|
||||||
|
if (!isSecretaryOrAdmin(authorization))
|
||||||
|
return new UnauthorizedResponse<>(null);
|
||||||
|
|
||||||
|
Iterable<User> users = userService.getAll();
|
||||||
|
ArrayList<HashMap<String, Object>> withoutPassword = new ArrayList<>();
|
||||||
|
|
||||||
|
for (User u :users){
|
||||||
|
withoutPassword.add(userWithoutPassword(u));
|
||||||
|
}
|
||||||
|
return new ResponseEntity<>(withoutPassword, HttpStatus.OK);
|
||||||
|
}
|
||||||
|
@PatchMapping("/user")
|
||||||
|
public ResponseEntity<String> patchUser(@RequestBody Map<String,Object> updates, @RequestHeader("Authorization") String authorization) {
|
||||||
|
|
||||||
|
if (authorization == null) return new UnauthorizedResponse<>(null);
|
||||||
|
|
||||||
|
User poster = authServ.getUserFromToken(authorization);
|
||||||
|
if (poster == null) {return new UnauthorizedResponse<>("bad authorization");}
|
||||||
|
|
||||||
|
if (!userService.modifyData(poster, updates, poster))
|
||||||
|
return new UnauthorizedResponse<>("there was an issue with the updates requested");
|
||||||
|
|
||||||
|
return new ResponseEntity<>("data modified", HttpStatus.OK);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/** return user's data except password
|
||||||
|
* @param user the user to return
|
||||||
|
* @return all the user data without the password
|
||||||
|
*/
|
||||||
|
private HashMap<String,Object> userWithoutPassword(User user){
|
||||||
Maxime marked this conversation as resolved
Outdated
tonitch
commented
est ce qu'une Map ne serait pas plus appropriée ? est ce qu'une Map ne serait pas plus appropriée ?
Maxime
commented
hashmapped ! hashmapped !
|
|||||||
|
HashMap<String,Object> toReturn = new HashMap<>();
|
||||||
|
|
||||||
|
toReturn.put("regNo",user.getRegNo());
|
||||||
|
toReturn.put("firstName",user.getFirstName());
|
||||||
|
toReturn.put("lastName",user.getLastName());
|
||||||
|
toReturn.put("birthDate",user.getBirthDate());
|
||||||
|
toReturn.put("country",user.getCountry());
|
||||||
|
toReturn.put("address",user.getAddress());
|
||||||
|
toReturn.put("role",user.getRole());
|
||||||
|
|
||||||
|
return toReturn;
|
||||||
|
}
|
||||||
|
|
||||||
|
private boolean isSecretaryOrAdmin(String authorization){
|
||||||
|
if (authorization ==null)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
User poster = authServ.getUserFromToken(authorization);
|
||||||
|
if (poster == null) return false;
|
||||||
|
|
||||||
|
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -5,16 +5,10 @@ import org.springframework.stereotype.Service;
|
|||||||
import ovh.herisson.Clyde.Repositories.UserRepository;
|
import ovh.herisson.Clyde.Repositories.UserRepository;
|
||||||
import ovh.herisson.Clyde.Tables.Role;
|
import ovh.herisson.Clyde.Tables.Role;
|
||||||
import ovh.herisson.Clyde.Tables.User;
|
import ovh.herisson.Clyde.Tables.User;
|
||||||
|
import java.util.*;
|
||||||
import java.text.DateFormat;
|
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.Arrays;
|
|
||||||
import java.util.Date;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
@Service
|
@Service
|
||||||
public class UserService {
|
public class UserService {
|
||||||
|
|
||||||
private final UserRepository userRepo;
|
private final UserRepository userRepo;
|
||||||
private final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
|
private final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
|
||||||
|
|
||||||
@ -34,17 +28,79 @@ public class UserService {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** modify the target data
|
||||||
|
* verify the permission of modifying from the poster
|
||||||
|
*
|
||||||
|
* @param poster the user wanting to modify target's data
|
||||||
|
* @param updates the changes to be made
|
||||||
|
* @param target the user to update
|
||||||
|
* @return if the changes were done or not
|
||||||
|
*/
|
||||||
|
public boolean modifyData(User poster, Map<String ,Object> updates, User target){
|
||||||
|
|
||||||
|
if (poster.getRegNo().equals(target.getRegNo())){
|
||||||
Maxime marked this conversation as resolved
tonitch
commented
Si c'est du debug il faudrais l'enlever, si c'est du log c'est mieux d'utiliser Si c'est du debug il faudrais l'enlever, si c'est du log c'est mieux d'utiliser `Logger.info(msg)` https://docs.oracle.com/en/java/javase/21/docs/api/java.logging/java/util/logging/Logger.html#info(java.lang.String)
Maxime
commented
hups ! hups !
|
|||||||
|
for (Map.Entry<String, Object> entry : updates.entrySet()){
|
||||||
|
|
||||||
|
if ( entry.getKey().equals("regNo") || entry.getKey().equals("role")) {return false;}
|
||||||
|
|
||||||
|
switch (entry.getKey()){
|
||||||
|
case "firstName":
|
||||||
|
target.setFirstName((String) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "lastName":
|
||||||
|
target.setLastName((String) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "email":
|
||||||
|
target.setEmail((String) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "address":
|
||||||
|
target.setAddress((String) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "country":
|
||||||
|
target.setCountry((String) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "birthDate":
|
||||||
|
target.setBirthDate((Date) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "profilePictureUrl":
|
||||||
|
target.setProfilePictureUrl((String) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "password":
|
||||||
|
target.setPassword(passwordEncoder.encode((String) entry.getValue()));
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
userRepo.save(target);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
// the secretary can change roles (for example if a student becomes a teacher)
|
||||||
|
else if (poster.getRole() == Role.Secretary)
|
||||||
|
{
|
||||||
|
for (Map.Entry<String, Object> entry : updates.entrySet()){
|
||||||
|
|
||||||
|
if ( !entry.getKey().equals("role")) {return false;}
|
||||||
|
|
||||||
|
if (entry.getValue() == Role.Admin){return false;}
|
||||||
|
|
||||||
|
target.setRole((Role) entry.getValue());
|
||||||
|
userRepo.save(target);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
public boolean checkPassword(User user, String tryingPassword){
|
public boolean checkPassword(User user, String tryingPassword){
|
||||||
return passwordEncoder.matches(tryingPassword, user.getPassword());
|
return passwordEncoder.matches(tryingPassword, user.getPassword());
|
||||||
}
|
}
|
||||||
|
|
||||||
public void save(User user){
|
public void save(User user){
|
||||||
|
user.setPassword(passwordEncoder.encode(user.getPassword()));
|
||||||
userRepo.save(user);
|
userRepo.save(user);
|
||||||
}
|
}
|
||||||
|
|
||||||
public Iterable<User> getAll(){
|
public Iterable<User> getAll(){
|
||||||
return userRepo.findAll();
|
return userRepo.findAll();
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
@ -8,12 +8,11 @@ import java.util.Date;
|
|||||||
//et l'attribut tokenApi doit encore être ajouté vu qu'il faut en discuter
|
//et l'attribut tokenApi doit encore être ajouté vu qu'il faut en discuter
|
||||||
|
|
||||||
@Entity
|
@Entity
|
||||||
//Je rajoute un s au nom de la table pour éviter les conflits avec les mots réservés
|
|
||||||
@Table(name = "Users")
|
@Table(name = "Users")
|
||||||
public class User {
|
public class User {
|
||||||
@Id
|
@Id
|
||||||
@GeneratedValue(strategy = GenerationType.AUTO)
|
@GeneratedValue(strategy = GenerationType.AUTO)
|
||||||
private int regNo;
|
private Long regNo;
|
||||||
private String lastName;
|
private String lastName;
|
||||||
private String firstName;
|
private String firstName;
|
||||||
@Column(unique = true)
|
@Column(unique = true)
|
||||||
@ -38,9 +37,34 @@ public class User {
|
|||||||
this.password = password;
|
this.password = password;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/** Constructor for the first registration request from a student (can't specify a Role)
|
||||||
|
*
|
||||||
|
* @param lastName
|
||||||
|
* @param firstName
|
||||||
|
* @param email
|
||||||
|
* @param address
|
||||||
|
* @param country
|
||||||
|
* @param birthDate
|
||||||
|
* @param profilePictureUrl
|
||||||
|
* @param password
|
||||||
|
*/
|
||||||
|
public User(String lastName, String firstName, String email, String address,
|
||||||
|
String country, Date birthDate, String profilePictureUrl, String password)
|
||||||
|
{
|
||||||
|
this.lastName = lastName;
|
||||||
|
this.firstName = firstName;
|
||||||
|
this.email = email;
|
||||||
|
this.address = address;
|
||||||
|
this.country = country;
|
||||||
|
this.birthDate = birthDate;
|
||||||
|
this.profilePictureUrl = profilePictureUrl;
|
||||||
|
this.password = password;
|
||||||
|
this.role = Role.Student;
|
||||||
|
}
|
||||||
public User() {}
|
public User() {}
|
||||||
|
|
||||||
public int getRegNo(){
|
public Long getRegNo(){
|
||||||
return this.regNo;
|
return this.regNo;
|
||||||
}
|
}
|
||||||
public String getLastName() {
|
public String getLastName() {
|
||||||
|
Loading…
Reference in New Issue
Block a user
Autant ça me fait mal que ça soit un Object mais je comprends mais pourquoi une liste du coup ?
hashMapped !