1
0
forked from PGL/Clyde

Merge pull request 'Max/Backend/ReturnUserPasswordIssue' (#137) from Max/Backend/ReturnUserPasswordIssue into master

Reviewed-on: PGL/Clyde#137
Reviewed-by: Wal <karpinskiwal@gmail.com>
Reviewed-by: LeoMoulin <leomoulin125@gmail.com>
Reviewed-by: Debucquoy Anthony <d.tonitch@gmail.com>
This commit is contained in:
Maxime 2024-03-17 21:36:53 +01:00
commit 7a23dcc96a
29 changed files with 492 additions and 264 deletions

View File

@ -30,7 +30,6 @@ public class ApplicationsController {
*/ */
@GetMapping("/apps") @GetMapping("/apps")
public ResponseEntity<Iterable<Applications>> getAuthorizedApps(@RequestHeader("Authorization") String token){ public ResponseEntity<Iterable<Applications>> getAuthorizedApps(@RequestHeader("Authorization") String token){
return new ResponseEntity<>(getAuthorizedApplications(token), HttpStatus.OK); return new ResponseEntity<>(getAuthorizedApplications(token), HttpStatus.OK);
} }
@ -46,24 +45,27 @@ public class ApplicationsController {
public ArrayList<Applications> getAuthorizedApplications(String token){ public ArrayList<Applications> getAuthorizedApplications(String token){
ArrayList<Applications> authorizedApps = new ArrayList<>(); ArrayList<Applications> authorizedApps = new ArrayList<>();
//if unAuthed
authorizedApps.add(Applications.Login); authorizedApps.add(Applications.Login);
authorizedApps.add(Applications.Profile);
User user = authServ.getUserFromToken(token); User user = authServ.getUserFromToken(token);
if(user == null) if(user == null)
return authorizedApps; return authorizedApps;
// if authed
authorizedApps.add(Applications.Profile);
Role posterRole = user.getRole(); if (!authServ.isNotIn(new Role[]{Role.Teacher,Role.Student,Role.Admin},token)) {
if (posterRole == Role.Teacher || posterRole == Role.Student || posterRole == Role.Admin){
authorizedApps.add(Applications.Msg); authorizedApps.add(Applications.Msg);
authorizedApps.add(Applications.Forum); authorizedApps.add(Applications.Forum);
authorizedApps.add(Applications.Rdv); authorizedApps.add(Applications.Rdv);
} }
if (posterRole == Role.Teacher || posterRole == Role.Secretary || posterRole == Role.Admin) authorizedApps.add(Applications.ManageCourses); //if Teacher or Secretary or Admin add ManageCourses App
if (!authServ.isNotIn(new Role[]{Role.Teacher,Role.Secretary,Role.Admin},token))
authorizedApps.add(Applications.ManageCourses);
if (posterRole == Role.InscriptionService || posterRole == Role.Admin) authorizedApps.add(Applications.Inscription); if (!authServ.isNotIn(new Role[]{Role.InscriptionService,Role.Admin},token))
authorizedApps.add(Applications.Inscription);
return authorizedApps; return authorizedApps;
} }

View File

@ -6,13 +6,13 @@ import org.springframework.web.bind.annotation.*;
import ovh.herisson.Clyde.Responses.UnauthorizedResponse; import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
import ovh.herisson.Clyde.Services.AuthenticatorService; import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Services.CourseService; import ovh.herisson.Clyde.Services.CourseService;
import ovh.herisson.Clyde.Services.ProtectionService;
import ovh.herisson.Clyde.Services.TeacherCourseService; import ovh.herisson.Clyde.Services.TeacherCourseService;
import ovh.herisson.Clyde.Tables.Course; import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.Role; import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.TeacherCourse;
import ovh.herisson.Clyde.Tables.User; import ovh.herisson.Clyde.Tables.User;
import java.util.ArrayList; import java.util.HashMap;
import java.util.Map; import java.util.Map;
@RestController @RestController
@ -32,20 +32,58 @@ public class CourseController {
} }
@GetMapping("/course/{id}") @GetMapping("/course/{id}")
public ResponseEntity<Course> getCourse(@RequestHeader("Authorization") String token, @PathVariable long id){ public ResponseEntity<HashMap<String,Object>> getCourse(@RequestHeader("Authorization") String token, @PathVariable long id){
if (authServ.getUserFromToken(token) == null) if (authServ.getUserFromToken(token) == null)
return new UnauthorizedResponse<>(null); return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(courseServ.findById(id), HttpStatus.OK); Course foundCourse = courseServ.findById(id);
if (foundCourse == null)
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(ProtectionService.courseWithoutPassword(foundCourse), HttpStatus.OK);
}
@GetMapping("/courses")
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllCourses(@RequestHeader("Authorization") String token){
if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(ProtectionService.coursesWithoutPasswords(courseServ.findAll()),HttpStatus.OK);
}
@GetMapping("/courses/owned")
public ResponseEntity<Iterable<HashMap<String ,Object>>> getOwnedCourses(@RequestHeader("Authorization") String token){
if (authServ.isNotIn(new Role[]{Role.Admin,Role.Teacher},token))
return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(ProtectionService.coursesWithoutPasswords(courseServ.findOwnedCourses(authServ.getUserFromToken(token))),HttpStatus.OK);
}
@GetMapping("/course/{id}/assistants")
public ResponseEntity<Iterable<HashMap<String,Object>>> getCourseAssistants(@RequestHeader("Authorization")String token, @PathVariable long id){
if (authServ.getUserFromToken(token) == null)
return new UnauthorizedResponse<>(null);
Iterable<User> assistants = teacherCourseServ.findCourseAssistants(courseServ.findById(id));
return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(assistants),HttpStatus.OK);
} }
@PostMapping("/course") @PostMapping("/course")
public ResponseEntity<Course> postCourse(@RequestHeader("Authorization") String token, @RequestBody Course course){ public ResponseEntity<Map<String ,Object>> postCourse(@RequestHeader("Authorization") String token,
if (authServ.isNotSecretaryOrAdmin(token)) @RequestBody Course course)
{
if (authServ.isNotIn(new Role[]{Role.Secretary,Role.Admin},token))
return new UnauthorizedResponse<>(null); return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(courseServ.save(course), HttpStatus.CREATED); Course createdCourse = courseServ.save(course);
if (createdCourse == null)
return new ResponseEntity<>(null,HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(ProtectionService.courseWithoutPassword(createdCourse), HttpStatus.CREATED);
} }
@ -55,11 +93,15 @@ public class CourseController {
@PathVariable long id) @PathVariable long id)
{ {
if (authServ.IsNotIn(new Role[]{Role.Admin,Role.Teacher,Role.Secretary}, token)){ if (authServ.isNotIn(new Role[]{Role.Admin,Role.Teacher,Role.Secretary}, token))
return new UnauthorizedResponse<>(null); return new UnauthorizedResponse<>(null);
}
return new ResponseEntity<>(courseServ.modifyData(id, updates, authServ.getUserFromToken(token).getRole()), HttpStatus.OK);
if (!courseServ.modifyData(id, updates, authServ.getUserFromToken(token).getRole()))
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(HttpStatus.OK);
} }
@PostMapping("/course/{id}") @PostMapping("/course/{id}")
@ -67,14 +109,14 @@ public class CourseController {
@RequestBody Iterable<Long> teacherIds, @RequestBody Iterable<Long> teacherIds,
@PathVariable Long id) @PathVariable Long id)
{ {
if (authServ.IsNotIn(new Role[]{Role.Admin,Role.Secretary}, token))
if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary}, token))
return new UnauthorizedResponse<>(null); return new UnauthorizedResponse<>(null);
if (!teacherCourseServ.saveAll(teacherIds,courseServ.findById(id)))
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
teacherCourseServ.saveAll(teacherIds,courseServ.findById(id));
return new ResponseEntity<>(HttpStatus.OK); return new ResponseEntity<>(HttpStatus.OK);
} }
} }

View File

@ -4,13 +4,12 @@ package ovh.herisson.Clyde.EndPoints;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
import ovh.herisson.Clyde.Services.AuthenticatorService; import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Services.CurriculumCourseService; import ovh.herisson.Clyde.Services.CurriculumCourseService;
import ovh.herisson.Clyde.Services.CurriculumService; import ovh.herisson.Clyde.Services.CurriculumService;
import ovh.herisson.Clyde.Tables.Curriculum; import ovh.herisson.Clyde.Tables.Curriculum;
import ovh.herisson.Clyde.Tables.CurriculumCourse;
import ovh.herisson.Clyde.Tables.Role; import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.User;
import java.util.Map; import java.util.Map;
@ -31,30 +30,41 @@ public class CurriculumController {
} }
@GetMapping("/curriculum/{id}") @GetMapping("/curriculum/{id}")
public ResponseEntity<Curriculum> findById(@PathVariable long id){ public ResponseEntity<Map<String,Object>> findById(@PathVariable long id){
return new ResponseEntity<>(curriculumServ.findById(id), HttpStatus.OK); Curriculum foundCurriculum = curriculumServ.findById(id);
if (foundCurriculum == null)
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(curriculumCourseServ.getDepthCurriculum(foundCurriculum), HttpStatus.OK);
} }
@GetMapping("/curriculums") @GetMapping("/curriculums")
public ResponseEntity<Iterable<Map<String, Object>>> findAllindDepth(){ public ResponseEntity<Iterable<Map<String, Object>>> findAllIndDepth(){
return new ResponseEntity<>(curriculumCourseServ.getAllDepthCurriculum(),HttpStatus.OK); return new ResponseEntity<>(curriculumCourseServ.getAllDepthCurriculum(),HttpStatus.OK);
} }
@GetMapping("/curriculum") @PostMapping("/curriculum")
public ResponseEntity<Iterable<CurriculumCourse>> findAll(){ public ResponseEntity<Curriculum> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){
return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK);
if (authServ.isNotIn(new Role[]{Role.Secretary,Role.Admin},token))
return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(curriculumServ.save(curriculum),HttpStatus.CREATED);
} }
/**@PostMapping("/curriculum") //todo now @PostMapping("/curriculum/{id}")
public ResponseEntity<String> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){ public ResponseEntity<String> postCoursesToCurriculum(@RequestHeader("Authorization") String token,
@RequestBody Iterable<Long> coursesIds,
@PathVariable long id)
{
if (!isSecretaryOrAdmin(token)){ if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
return new UnauthorizedResponse<>("you're not allowed to post a Curriculum"); return new UnauthorizedResponse<>(null);
}
CurriculumServ.save(Curriculum); if (!curriculumCourseServ.saveAll(coursesIds, curriculumServ.findById(id)))
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
return new ResponseEntity<>("created !",HttpStatus.CREATED);
}**/
return new ResponseEntity<>(HttpStatus.OK);
}
} }

View File

@ -9,14 +9,12 @@ import ovh.herisson.Clyde.Services.InscriptionService;
import ovh.herisson.Clyde.Tables.InscriptionRequest; import ovh.herisson.Clyde.Tables.InscriptionRequest;
import ovh.herisson.Clyde.Tables.RequestState; import ovh.herisson.Clyde.Tables.RequestState;
import ovh.herisson.Clyde.Tables.Role; import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.User;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
@RestController @RestController
@CrossOrigin(originPatterns = "*", allowCredentials = "true") @CrossOrigin(originPatterns = "*", allowCredentials = "true")
public class InscriptionController { public class InscriptionController {
@ -32,7 +30,8 @@ public class InscriptionController {
@GetMapping("/requests/register") @GetMapping("/requests/register")
public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){ public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){
if (authServ.isNotSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);} if (authServ.isNotIn(new Role[]{Role.Admin,Role.InscriptionService},token))
return new UnauthorizedResponse<>(null);
Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll(); Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
ArrayList<Map<String,Object>> toReturn = new ArrayList<>(); ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
@ -46,41 +45,48 @@ public class InscriptionController {
@GetMapping("/request/register/{id}") @GetMapping("/request/register/{id}")
public ResponseEntity<Map<String,Object>> getById(@PathVariable long id){ public ResponseEntity<Map<String,Object>> getById(@RequestHeader("Authorization") String token, @PathVariable long id){
InscriptionRequest inscriptionRequest = inscriptionServ.getById(id);
if (inscriptionRequest == null) {return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);}
return new ResponseEntity<>(requestWithoutPassword(inscriptionRequest), HttpStatus.OK); if (authServ.isNotIn(new Role[]{Role.Admin,Role.InscriptionService},token))
} return new UnauthorizedResponse<>(null);
@GetMapping("request/user/{id}") InscriptionRequest foundInscriptionRequest = inscriptionServ.getById(id);
public ResponseEntity<InscriptionRequest> getUserInscriptionRequest(@PathVariable long id, @RequestHeader("Authorize") String token){
//todo return l'inscriptionRequest ACTUELLE du user (check si le poster est bien le même que id target ou secretariat) if (foundInscriptionRequest == null)
return null; return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(requestWithoutPassword(foundInscriptionRequest), HttpStatus.OK);
} }
@PatchMapping("/request/register/{id}") @PatchMapping("/request/register/{id}")
public ResponseEntity<InscriptionRequest> changeRequestState(@PathVariable long id, public ResponseEntity<InscriptionRequest> changeRequestState(@PathVariable long id,
@RequestHeader("Authorize") String token, @RequestHeader("Authorization") String token,
@RequestBody RequestState requestState) @RequestBody RequestState requestState)
{ {
if (authServ.isNotSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
inscriptionServ.modifyState(id, requestState); if (authServ.isNotIn(new Role[]{Role.InscriptionService,Role.Admin},token))
return null; return new UnauthorizedResponse<>(null);
if (!inscriptionServ.modifyState(id, requestState))
return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
return new ResponseEntity<>(HttpStatus.OK);
} }
private Map<String, Object> requestWithoutPassword(InscriptionRequest inscriptionRequest) { private Map<String, Object> requestWithoutPassword(InscriptionRequest inscriptionRequest) {
Map<String, Object> toReturn = new HashMap<>(); Map<String, Object> toReturn = new HashMap<>();
toReturn.put("id", inscriptionRequest.getId()); toReturn.put("id", inscriptionRequest.getId());
toReturn.put("firstName", inscriptionRequest.getFirstName());
toReturn.put("lastName", inscriptionRequest.getLastName()); toReturn.put("lastName", inscriptionRequest.getLastName());
toReturn.put("firstName", inscriptionRequest.getFirstName());
toReturn.put("address", inscriptionRequest.getAddress()); toReturn.put("address", inscriptionRequest.getAddress());
toReturn.put("email",inscriptionRequest.getEmail());
toReturn.put("birthDate", inscriptionRequest.getBirthDate()); toReturn.put("birthDate", inscriptionRequest.getBirthDate());
toReturn.put("country", inscriptionRequest.getCountry()); toReturn.put("country", inscriptionRequest.getCountry());
toReturn.put("curriculum", inscriptionRequest.getCurriculum()); toReturn.put("curriculum", inscriptionRequest.getCurriculumId());
toReturn.put("profilePictureUrl", inscriptionRequest.getProfilePicture());
toReturn.put("state", inscriptionRequest.getState()); toReturn.put("state", inscriptionRequest.getState());
toReturn.put("profilePictureUrl", inscriptionRequest.getProfilePicture());
return toReturn; return toReturn;
} }
} }

View File

@ -1,4 +1,5 @@
package ovh.herisson.Clyde.EndPoints; package ovh.herisson.Clyde.EndPoints;
import com.fasterxml.jackson.annotation.JsonFormat; import com.fasterxml.jackson.annotation.JsonFormat;
import org.springframework.http.HttpHeaders; import org.springframework.http.HttpHeaders;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
@ -7,7 +8,6 @@ import org.springframework.web.bind.annotation.*;
import ovh.herisson.Clyde.Responses.UnauthorizedResponse; import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
import ovh.herisson.Clyde.Services.AuthenticatorService; import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Tables.InscriptionRequest; import ovh.herisson.Clyde.Tables.InscriptionRequest;
import java.util.Date; import java.util.Date;
@RestController @RestController
@ -44,9 +44,8 @@ public class LoginController {
return ResponseEntity.ok().headers(responseHeaders).build(); return ResponseEntity.ok().headers(responseHeaders).build();
} }
@PostMapping("/request/register") @PostMapping("/register")
public ResponseEntity<String> register(@RequestBody InscriptionRequest inscriptionRequest){ public ResponseEntity<InscriptionRequest> register(@RequestBody InscriptionRequest inscriptionRequest){
authServ.register(inscriptionRequest); return new ResponseEntity<>(authServ.register(inscriptionRequest), HttpStatus.CREATED);
return new ResponseEntity<>("Is OK", HttpStatus.CREATED);
} }
} }

View File

@ -6,7 +6,6 @@ import ovh.herisson.Clyde.Repositories.TokenRepository;
import ovh.herisson.Clyde.Repositories.UserRepository; import ovh.herisson.Clyde.Repositories.UserRepository;
import ovh.herisson.Clyde.Services.*; import ovh.herisson.Clyde.Services.*;
import ovh.herisson.Clyde.Tables.*; import ovh.herisson.Clyde.Tables.*;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.Arrays; import java.util.Arrays;
import java.util.Date; import java.util.Date;
@ -51,12 +50,11 @@ public class MockController {
User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student")); User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Secretary,passwordEncoder.encode("secretary")); User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Secretary,passwordEncoder.encode("secretary"));
User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher")); User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.Teacher,passwordEncoder.encode("inscriptionService")); User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.InscriptionService,passwordEncoder.encode("inscriptionService"));
mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke)); mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke,lena));
userRepo.saveAll(mockUsers); userRepo.saveAll(mockUsers);
// Course / Curriculum part // Course / Curriculum part
Curriculum infoBab1 = new Curriculum(1,"info"); Curriculum infoBab1 = new Curriculum(1,"info");
@ -68,7 +66,7 @@ public class MockController {
curriculumService.save(psychologyBab1); curriculumService.save(psychologyBab1);
Course progra1 = new Course(5,"Programmation et algorithimque 1",joke); Course progra1 = new Course(5,"Programmation et algorithmique 1",joke);
Course chemistry1 = new Course(12, "Thermochimie",joke); Course chemistry1 = new Course(12, "Thermochimie",joke);
Course psycho1 = new Course(21, "rien faire t'as cru c'est psycho",joke); Course psycho1 = new Course(21, "rien faire t'as cru c'est psycho",joke);
Course commun = new Course(2, "cours commun",joke); Course commun = new Course(2, "cours commun",joke);
@ -89,16 +87,6 @@ public class MockController {
CurriculumCourseService.save(new CurriculumCourse(chemistryBab1,commun)); CurriculumCourseService.save(new CurriculumCourse(chemistryBab1,commun));
CurriculumCourseService.save(new CurriculumCourse(chemistryBab1,chemistry1)); CurriculumCourseService.save(new CurriculumCourse(chemistryBab1,chemistry1));
}
@DeleteMapping("/mock")
public void deleteMock(){
for (User user:mockUsers){
tokenRepo.deleteAll(tokenRepo.getByUser(user));
}
userRepo.deleteAll(mockUsers);
} }
} }

View File

@ -22,12 +22,13 @@ public class StorageController {
@PostMapping("/upload/{fileType}") @PostMapping("/upload/{fileType}")
public ResponseEntity<StorageFile> handleFileUpload(@RequestParam("file") MultipartFile file, @PathVariable FileType fileType) { public ResponseEntity<StorageFile> handleFileUpload(@RequestParam("file") MultipartFile file, @PathVariable FileType fileType) {
StorageFile fileEntry = null; StorageFile fileEntry;
try { try {
fileEntry = storageServ.store(file,fileType); fileEntry = storageServ.store(file,fileType);
} catch(Exception e){ } catch(Exception e){
e.printStackTrace(); e.printStackTrace();
return new ResponseEntity<>(null,HttpStatus.BAD_REQUEST);
} }

View File

@ -1,11 +1,15 @@
package ovh.herisson.Clyde.EndPoints; package ovh.herisson.Clyde.EndPoints;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.CrossOrigin; import org.springframework.web.bind.annotation.CrossOrigin;
import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.RequestHeader;
import org.springframework.web.bind.annotation.RestController; import org.springframework.web.bind.annotation.RestController;
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Services.TokenService; import ovh.herisson.Clyde.Services.TokenService;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.Token; import ovh.herisson.Clyde.Tables.Token;
@RestController @RestController
@ -14,13 +18,20 @@ public class TokenController {
private final TokenService tokenServ; private final TokenService tokenServ;
public TokenController(TokenService tokenServ){ private final AuthenticatorService authServ;
public TokenController(TokenService tokenServ, AuthenticatorService authServ){
this.tokenServ = tokenServ; this.tokenServ = tokenServ;
this.authServ = authServ;
} }
@GetMapping("/tokens") @GetMapping("/tokens")
public Iterable<Token> getTokens(){ public ResponseEntity<Iterable<Token>> getTokens(@RequestHeader("Authorization")String token){
return tokenServ.getAllTokens();
if (authServ.isNotIn(new Role[]{Role.Admin},token))
return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(tokenServ.getAllTokens(), HttpStatus.OK);
} }
} }

View File

@ -1,16 +1,15 @@
package ovh.herisson.Clyde.EndPoints; package ovh.herisson.Clyde.EndPoints;
import org.springframework.http.HttpStatus; import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity; import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*; import org.springframework.web.bind.annotation.*;
import ovh.herisson.Clyde.Responses.UnauthorizedResponse; import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
import ovh.herisson.Clyde.Services.AuthenticatorService; import ovh.herisson.Clyde.Services.AuthenticatorService;
import ovh.herisson.Clyde.Services.ProtectionService;
import ovh.herisson.Clyde.Services.UserService; import ovh.herisson.Clyde.Services.UserService;
import ovh.herisson.Clyde.Tables.Role; import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.User; import ovh.herisson.Clyde.Tables.User;
import java.security.Key;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
import java.util.Map; import java.util.Map;
@ -27,66 +26,79 @@ public class UserController {
this.authServ = authServ; this.authServ = authServ;
} }
/** returns information about the connected user
*
* @param token the session token of the user
* @return the user information except his password
*/
@GetMapping("/user") @GetMapping("/user")
public ResponseEntity<HashMap<String,Object>> getUser(@RequestHeader("Authorization") String authorization){ public ResponseEntity<HashMap<String,Object>> getUser(@RequestHeader("Authorization") String token){
if (authorization == null) return new UnauthorizedResponse<>(null); User user = authServ.getUserFromToken(token);
User user = authServ.getUserFromToken(authorization); if (user == null) return new UnauthorizedResponse<>(null);
if (user == null) return new UnauthorizedResponse<>(null);
return new ResponseEntity<>(userWithoutPassword(user), HttpStatus.OK); return new ResponseEntity<>(ProtectionService.userWithoutPassword(user), HttpStatus.OK);
} }
@PostMapping("/user") @PostMapping("/user")
public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){ public ResponseEntity<Map<String ,Object>> postUser(@RequestBody User user,@RequestHeader("Authorization") String token){
if (authServ.isNotSecretaryOrAdmin(authorization)) if (authServ.isNotIn(new Role[]{Role.Admin,Role.InscriptionService,Role.Secretary},token))
return new UnauthorizedResponse<>(null); return new UnauthorizedResponse<>(null);
userService.save(user); return new ResponseEntity<>(ProtectionService.userWithoutPassword(userService.save(user)),HttpStatus.CREATED);
return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
} }
@GetMapping("/users") @GetMapping("/users")
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){ public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String token){
if (authServ.isNotSecretaryOrAdmin(authorization)) if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token))
return new UnauthorizedResponse<>(null); return new UnauthorizedResponse<>(null);
Iterable<User> users = userService.getAll(); Role posterRole = authServ.getUserFromToken(token).getRole();
ArrayList<HashMap<String, Object>> withoutPassword = new ArrayList<>();
for (User u :users){ Iterable<User> users = new ArrayList<>();
withoutPassword.add(userWithoutPassword(u));
} if (posterRole == Role.Admin)
return new ResponseEntity<>(withoutPassword, HttpStatus.OK); users = userService.getAll();
else if (posterRole == Role.Secretary)
users = userService.getAllExceptAdmins();
return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(users), HttpStatus.OK);
} }
@PatchMapping("/user")
public ResponseEntity<String> patchUser(@RequestBody Map<String,Object> updates, @RequestHeader("Authorization") String authorization) {
if (authorization == null) return new UnauthorizedResponse<>(null); /** changes the specified user's information
*
* @param updates the changes to be made
* @param token the session token of the user posting the change
* @param id the id of the user to change
* @return a string clarifying the issue (if there is any)
*/
@PatchMapping("/user/{id}")
public ResponseEntity<String> patchUser(@RequestHeader("Authorization") String token,
@RequestBody Map<String,Object> updates,
@PathVariable Long id) {
User poster = authServ.getUserFromToken(authorization); if (token == null) return new UnauthorizedResponse<>(null);
if (poster == null) {return new UnauthorizedResponse<>("bad authorization");}
if (!userService.modifyData(poster, updates, poster)) User poster = authServ.getUserFromToken(token);
if (poster == null) {return new UnauthorizedResponse<>("bad token");}
if (!userService.modifyData(id, updates, poster))
return new UnauthorizedResponse<>("there was an issue with the updates requested"); return new UnauthorizedResponse<>("there was an issue with the updates requested");
return new ResponseEntity<>("data modified", HttpStatus.OK); return new ResponseEntity<>(null, HttpStatus.OK);
} }
@GetMapping("/teachers") @GetMapping("/teachers")
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllTeachers(@RequestHeader("Authorization") String token){ public ResponseEntity<Iterable<HashMap<String,Object>>> getAllTeachers(@RequestHeader("Authorization") String token){
if (authServ.getUserFromToken(token) == null) if (authServ.getUserFromToken(token) == null)
return new UnauthorizedResponse<>(null); return new UnauthorizedResponse<>(null);
Iterable<User> teachers = userService.getAllTeachers(); Iterable<User> teachers = userService.getAllTeachers();
ArrayList<HashMap<String, Object>> withoutPassword = new ArrayList<>();
for (User t: teachers){ return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(teachers), HttpStatus.OK);
withoutPassword.add(userWithoutPassword(t));
}
return new ResponseEntity<>(withoutPassword, HttpStatus.OK);
} }
@ -95,34 +107,8 @@ public class UserController {
if (authServ.getUserFromToken(token) == null) if (authServ.getUserFromToken(token) == null)
return new UnauthorizedResponse<>(null); return new UnauthorizedResponse<>(null);
Iterable<User> teachers = userService.getAllStudents(); Iterable<User> students = userService.getAllStudents();
ArrayList<HashMap<String, Object>> withoutPassword = new ArrayList<>();
for (User t: teachers){ return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(students), HttpStatus.OK);
withoutPassword.add(userWithoutPassword(t));
}
return new ResponseEntity<>(withoutPassword, HttpStatus.OK);
} }
}
/** return user's data except password
* @param user the user to return
* @return all the user data without the password
*/
private HashMap<String,Object> userWithoutPassword(User user){
HashMap<String,Object> toReturn = new HashMap<>();
toReturn.put("regNo",user.getRegNo());
toReturn.put("firstName",user.getFirstName());
toReturn.put("lastName",user.getLastName());
toReturn.put("birthDate",user.getBirthDate());
toReturn.put("country",user.getCountry());
toReturn.put("address",user.getAddress());
toReturn.put("role",user.getRole());
return toReturn;
}
}

View File

@ -1,8 +1,15 @@
package ovh.herisson.Clyde.Repositories; package ovh.herisson.Clyde.Repositories;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.CrudRepository; import org.springframework.data.repository.CrudRepository;
import ovh.herisson.Clyde.Tables.Course; import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.User;
public interface CourseRepository extends CrudRepository<Course,Long> { public interface CourseRepository extends CrudRepository<Course,Long> {
Course findById(long id); Course findById(long id);
@Query("select c from Course c where c.owner = ?1")
Iterable<Course> findAllOwnedCoures(User teacher);
} }

View File

@ -1,8 +1,14 @@
package ovh.herisson.Clyde.Repositories; package ovh.herisson.Clyde.Repositories;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.CrudRepository; import org.springframework.data.repository.CrudRepository;
import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.TeacherCourse; import ovh.herisson.Clyde.Tables.TeacherCourse;
import ovh.herisson.Clyde.Tables.User;
public interface TeacherCourseRepository extends CrudRepository<TeacherCourse, Long> { public interface TeacherCourseRepository extends CrudRepository<TeacherCourse, Long> {
@Query("select tc.user from TeacherCourse tc where tc.course = ?1")
Iterable<User> findAllAssistantOfCourse(Course course);
} }

View File

@ -10,7 +10,5 @@ public interface TokenRepository extends CrudRepository<Token,Long> {
Token getByToken(String token); Token getByToken(String token);
Iterable<Token> getByUser(User user);
ArrayList <Token> getByUserOrderByExpirationDate(User user); ArrayList <Token> getByUserOrderByExpirationDate(User user);
} }

View File

@ -0,0 +1,7 @@
package ovh.herisson.Clyde.Repositories;
import org.springframework.data.repository.CrudRepository;
import ovh.herisson.Clyde.Tables.UserCurriculum;
public interface UserCurriculumRepository extends CrudRepository<UserCurriculum, Long> {
}

View File

@ -4,22 +4,20 @@ import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.CrudRepository; import org.springframework.data.repository.CrudRepository;
import ovh.herisson.Clyde.Tables.User; import ovh.herisson.Clyde.Tables.User;
import java.util.List;
public interface UserRepository extends CrudRepository<User, Long> { public interface UserRepository extends CrudRepository<User, Long> {
User findById(long id); User findById(long id);
User findByEmail(String email); User findByEmail(String email);
/**
@Query(value = "select a.* from Users a ",nativeQuery = true)
Iterable<User> findAllUsers();**/
@Query("select u from User u where u.role = ovh.herisson.Clyde.Tables.Role.Teacher") @Query("select u from User u where u.role = ovh.herisson.Clyde.Tables.Role.Teacher")
Iterable<User> findAllTeachers(); Iterable<User> findAllTeachers();
@Query("select u from User u where u.role = ovh.herisson.Clyde.Tables.Role.Student") @Query("select u from User u where u.role = ovh.herisson.Clyde.Tables.Role.Student")
Iterable<User> findAllStudents(); Iterable<User> findAllStudents();
@Query("select u from User u where u.role <> ovh.herisson.Clyde.Tables.Role.Admin")
Iterable<User> findAllExceptAdmins();
} }

View File

@ -1,11 +1,7 @@
package ovh.herisson.Clyde.Services; package ovh.herisson.Clyde.Services;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.Tables.InscriptionRequest; import ovh.herisson.Clyde.Tables.*;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.Token;
import ovh.herisson.Clyde.Tables.User;
import java.util.Date; import java.util.Date;
@Service @Service
@ -35,22 +31,11 @@ public class AuthenticatorService {
return token; return token;
} }
public void register(InscriptionRequest inscriptionRequest) { public InscriptionRequest register(InscriptionRequest inscriptionRequest) {
inscriptionService.save(inscriptionRequest); return inscriptionService.save(inscriptionRequest);
} }
public boolean isNotIn(Role[] roles, String token){
public boolean isNotSecretaryOrAdmin(String authorization){
if (authorization ==null)
return true;
User poster = getUserFromToken(authorization);
if (poster == null) return true;
return poster.getRole() != Role.Secretary || poster.getRole() != Role.Admin;
}
public boolean IsNotIn(Role[] roles, String token){
if (token == null) if (token == null)
return true; return true;

View File

@ -5,7 +5,6 @@ import ovh.herisson.Clyde.Repositories.CourseRepository;
import ovh.herisson.Clyde.Tables.Course; import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.Role; import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.User; import ovh.herisson.Clyde.Tables.User;
import java.util.Map; import java.util.Map;
@Service @Service
@ -18,6 +17,8 @@ public class CourseService {
} }
public Course save(Course course){ public Course save(Course course){
if (course.getOwner().getRole() != Role.Teacher)
return null;
return courseRepo.save(course); return courseRepo.save(course);
} }
@ -25,18 +26,37 @@ public class CourseService {
return courseRepo.findById(id); return courseRepo.findById(id);
} }
public Course modifyData(long id, Map<String, Object> updates, Role role) {
public Iterable<Course> findAll() {
return courseRepo.findAll();
}
public Iterable<Course> findOwnedCourses(User userFromToken) {
return courseRepo.findAllOwnedCoures(userFromToken);
}
public boolean modifyData(long id, Map<String, Object> updates, Role role) {
Course target = courseRepo.findById(id); Course target = courseRepo.findById(id);
if (target == null)
return false;
if (role == Role.Teacher){ if (role == Role.Teacher){
for (Map.Entry<String, Object> entry : updates.entrySet()){ for (Map.Entry<String, Object> entry : updates.entrySet()){
if (entry.getKey().equals("title")){ if (entry.getKey().equals("title")){
target.setTitle((String) entry.getValue()); target.setTitle((String) entry.getValue());
return courseRepo.save(target); courseRepo.save(target);
return true;
} }
} }
} }
if (role != Role.Secretary)
return false;
for (Map.Entry<String ,Object> entry: updates.entrySet()){ for (Map.Entry<String ,Object> entry: updates.entrySet()){
switch (entry.getKey()){ switch (entry.getKey()){
case "title": case "title":
@ -46,10 +66,15 @@ public class CourseService {
target.setCredits((Integer) entry.getValue()); target.setCredits((Integer) entry.getValue());
break; break;
case "owner": case "owner":
target.setOwner((User) entry.getValue()); //todo check if is a teacher ! if (((User) entry.getValue() ).getRole() != Role.Teacher)
break;
target.setOwner((User) entry.getValue());
break; break;
} }
} }
return courseRepo.save(target); courseRepo.save(target);
return true;
} }
} }

View File

@ -4,9 +4,7 @@ import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.Repositories.CourseRepository; import ovh.herisson.Clyde.Repositories.CourseRepository;
import ovh.herisson.Clyde.Repositories.CurriculumCourseRepository; import ovh.herisson.Clyde.Repositories.CurriculumCourseRepository;
import ovh.herisson.Clyde.Repositories.CurriculumRepository; import ovh.herisson.Clyde.Repositories.CurriculumRepository;
import ovh.herisson.Clyde.Tables.Course; import ovh.herisson.Clyde.Tables.*;
import ovh.herisson.Clyde.Tables.Curriculum;
import ovh.herisson.Clyde.Tables.CurriculumCourse;
import java.util.ArrayList; import java.util.ArrayList;
import java.util.HashMap; import java.util.HashMap;
@ -31,17 +29,18 @@ public class CurriculumCourseService {
curriculumCourseRepo.save(curriculumCourse); curriculumCourseRepo.save(curriculumCourse);
} }
public Iterable<CurriculumCourse> findAll(){
return curriculumCourseRepo.findAll();
}
public Map<String, Object> getDepthCurriculum(Curriculum curriculum){ public Map<String, Object> getDepthCurriculum(Curriculum curriculum){
if (curriculum == null)
return null;
HashMap<String ,Object> toReturn = new HashMap<>(); HashMap<String ,Object> toReturn = new HashMap<>();
ArrayList<Course> courses = new ArrayList<>(); ArrayList<Map<String ,Object>> courses = new ArrayList<>();
for (Course c: curriculumCourseRepo.findCoursesByCurriculum(curriculum)){ Iterable<Course> foundCourses = curriculumCourseRepo.findCoursesByCurriculum(curriculum);
courses.add(c);
for (Course c: foundCourses){
courses.add(ProtectionService.courseWithoutPassword(c));
} }
toReturn.put("courses",courses); toReturn.put("courses",courses);
toReturn.put("curriculumId", curriculum.getCurriculumId()); toReturn.put("curriculumId", curriculum.getCurriculumId());
@ -56,13 +55,39 @@ public class CurriculumCourseService {
ArrayList<Map<String,Object>> toReturn = new ArrayList<>(); ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
for (Curriculum curriculum : curriculumCourseRepo.findDistinctCurriculums()){ for (Curriculum curriculum : curriculumRepo.findAll()){
toReturn.add(getDepthCurriculum(curriculum)); toReturn.add(getDepthCurriculum(curriculum));
} }
return toReturn; return toReturn;
} }
/** tries to add all courses to the curriculum
*
* @param coursesIds the ids of the courses to be added
* @param curriculum the curriculum to add the courses to
* @return if the changes were made
*/
public boolean saveAll(Iterable<Long> coursesIds, Curriculum curriculum) {
if (curriculum == null || coursesIds == null)
return false;
ArrayList<Course> toAdd = new ArrayList<>();
for (Long courseId : coursesIds){
Course course = courseRepo.findById((long) courseId);
if (course == null)
return false;
if (!toAdd.contains(course))
toAdd.add(course);
}
for (Course course : toAdd){
curriculumCourseRepo.save(new CurriculumCourse(curriculum,course));
}
return true;
}
} }

View File

@ -1,7 +1,6 @@
package ovh.herisson.Clyde.Services; package ovh.herisson.Clyde.Services;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.Repositories.CourseRepository;
import ovh.herisson.Clyde.Repositories.CurriculumRepository; import ovh.herisson.Clyde.Repositories.CurriculumRepository;
import ovh.herisson.Clyde.Tables.Curriculum; import ovh.herisson.Clyde.Tables.Curriculum;
@ -10,23 +9,14 @@ public class CurriculumService {
private final CurriculumRepository curriculumRepo; private final CurriculumRepository curriculumRepo;
private final CourseRepository courseRepo; public CurriculumService(CurriculumRepository curriculumRepo){
public CurriculumService(CurriculumRepository curriculumRepo, CourseRepository courseRepo){
this.curriculumRepo = curriculumRepo; this.curriculumRepo = curriculumRepo;
this.courseRepo = courseRepo;
} }
public Curriculum save(Curriculum curriculum){
return curriculumRepo.save(curriculum);
public void save(Curriculum curriculum){
curriculumRepo.save(curriculum);
} }
public Curriculum findById(long id){ public Curriculum findById(long id){
return curriculumRepo.findById(id); return curriculumRepo.findById(id);
} }
public Iterable<Curriculum> findAll(){ }
return curriculumRepo.findAll();
}
}

View File

@ -1,21 +1,40 @@
package ovh.herisson.Clyde.Services; package ovh.herisson.Clyde.Services;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service; import org.springframework.stereotype.Service;
import ovh.herisson.Clyde.Repositories.CurriculumRepository;
import ovh.herisson.Clyde.Repositories.InscriptionRepository; import ovh.herisson.Clyde.Repositories.InscriptionRepository;
import ovh.herisson.Clyde.Repositories.UserCurriculumRepository;
import ovh.herisson.Clyde.Repositories.UserRepository;
import ovh.herisson.Clyde.Tables.InscriptionRequest; import ovh.herisson.Clyde.Tables.InscriptionRequest;
import ovh.herisson.Clyde.Tables.RequestState; import ovh.herisson.Clyde.Tables.RequestState;
import ovh.herisson.Clyde.Tables.User;
import ovh.herisson.Clyde.Tables.UserCurriculum;
@Service @Service
public class InscriptionService { public class InscriptionService {
InscriptionRepository inscriptionRepo; private final InscriptionRepository inscriptionRepo;
public InscriptionService(InscriptionRepository inscriptionRepo){ private final UserRepository userRepo;
private final UserCurriculumRepository userCurriculumRepo;
private final CurriculumRepository curriculumRepo;
private final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
public InscriptionService(InscriptionRepository inscriptionRepo, UserRepository userRepo, UserCurriculumRepository userCurriculumRepo, CurriculumRepository curriculumRepo){
this.inscriptionRepo = inscriptionRepo; this.inscriptionRepo = inscriptionRepo;
this.userRepo = userRepo;
this.userCurriculumRepo = userCurriculumRepo;
this.curriculumRepo = curriculumRepo;
} }
public void save(InscriptionRequest inscriptionRequest){ public InscriptionRequest save(InscriptionRequest inscriptionRequest){
inscriptionRepo.save(inscriptionRequest); inscriptionRequest.setPassword(passwordEncoder.encode(inscriptionRequest.getPassword()));
return inscriptionRepo.save(inscriptionRequest);
} }
public InscriptionRequest getById(long id){ public InscriptionRequest getById(long id){
@ -26,9 +45,46 @@ public class InscriptionService {
return inscriptionRepo.findAll(); return inscriptionRepo.findAll();
} }
public void modifyState(long id, RequestState requestState) { public boolean modifyState(long id, RequestState requestState) {
InscriptionRequest inscriptionRequest = getById(id); InscriptionRequest inscrRequest = getById(id);
inscriptionRequest.setState(requestState);
save(inscriptionRequest); if (inscrRequest == null)
return false;
// if th state is the same we don't send an email
if (requestState == inscrRequest.getState())
return false;
/** todo send an email to tell the poster of the inscrRequest (inscrRequest.getEmail())
* to notify them that the state of their request changed
* FooEmailFormat toSend = (String.format("Your request state changed from %s to %s"),
* inscrRequest.getState(), requestState)
* FooEmailSender.send(toSend, inscrRequest.getEmail())
*/
//saves the user from the request if accepted
if (requestState == RequestState.Accepted)
{
if (curriculumRepo.findById(inscrRequest.getCurriculumId()) == null)
return false;
User userFromRequest = new User(
inscrRequest.getLastName(),
inscrRequest.getFirstName(),
inscrRequest.getEmail(),
inscrRequest.getAddress(),
inscrRequest.getCountry(),
inscrRequest.getBirthDate(),
inscrRequest.getProfilePicture(),
inscrRequest.getPassword()
);
userRepo.save(userFromRequest);
userCurriculumRepo.save(new UserCurriculum(userFromRequest, curriculumRepo.findById(inscrRequest.getCurriculumId())));
}
inscrRequest.setState(requestState);
save(inscrRequest);
return true;
} }
} }

View File

@ -0,0 +1,65 @@
package ovh.herisson.Clyde.Services;
import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.User;
import java.util.ArrayList;
import java.util.HashMap;
public class ProtectionService {
/** return user's data except password
* @param user the user to return
* @return all the user data without the password
*/
public static HashMap<String,Object> userWithoutPassword(User user){
HashMap<String,Object> toReturn = new HashMap<>();
toReturn.put("regNo",user.getRegNo());
toReturn.put("lastName",user.getLastName());
toReturn.put("firstName",user.getFirstName());
toReturn.put("email", user.getEmail());
toReturn.put("address",user.getAddress());
toReturn.put("birthDate",user.getBirthDate());
toReturn.put("country",user.getCountry());
toReturn.put("profilePictureUrl",user.getProfilePictureUrl());
toReturn.put("role",user.getRole());
return toReturn;
}
public static Iterable<HashMap<String ,Object>>usersWithoutPasswords(Iterable<User> users){
ArrayList<HashMap<String,Object>> toReturn = new ArrayList<>();
for (User u : users){
toReturn.add(userWithoutPassword(u));
}
return toReturn;
}
public static HashMap<String,Object> courseWithoutPassword(Course course){
HashMap<String ,Object> toReturn = new HashMap<>();
toReturn.put("courseId",course.getCourseID());
toReturn.put("credits",course.getCredits());
toReturn.put("title", course.getTitle());
toReturn.put("owner", userWithoutPassword(course.getOwner()));
return toReturn;
}
public static Iterable<HashMap<String ,Object>> coursesWithoutPasswords(Iterable<Course> courses){
ArrayList<HashMap<String,Object>> toReturn = new ArrayList<>();
for (Course course: courses){
toReturn.add(ProtectionService.courseWithoutPassword(course));
}
return toReturn;
}
}

View File

@ -35,6 +35,9 @@ public class StorageService {
public StorageFile store(MultipartFile file, FileType fileType) { public StorageFile store(MultipartFile file, FileType fileType) {
if (file == null || file.getOriginalFilename() == null)
return null;
if (file.getOriginalFilename().isEmpty()){return null;} if (file.getOriginalFilename().isEmpty()){return null;}
UUID uuid = UUID.randomUUID(); UUID uuid = UUID.randomUUID();

View File

@ -4,6 +4,7 @@ import org.springframework.stereotype.Controller;
import ovh.herisson.Clyde.Repositories.TeacherCourseRepository; import ovh.herisson.Clyde.Repositories.TeacherCourseRepository;
import ovh.herisson.Clyde.Repositories.UserRepository; import ovh.herisson.Clyde.Repositories.UserRepository;
import ovh.herisson.Clyde.Tables.Course; import ovh.herisson.Clyde.Tables.Course;
import ovh.herisson.Clyde.Tables.Role;
import ovh.herisson.Clyde.Tables.TeacherCourse; import ovh.herisson.Clyde.Tables.TeacherCourse;
import ovh.herisson.Clyde.Tables.User; import ovh.herisson.Clyde.Tables.User;
@ -20,20 +21,33 @@ public class TeacherCourseService {
this.userRepo = userRepo; this.userRepo = userRepo;
} }
public Iterable<User> findCourseAssistants(Course course) {
if (course == null)
return null;
return teacherCourseRepo.findAllAssistantOfCourse(course);
}
public boolean saveAll(Iterable<Long> teacherIds, Course course){ public boolean saveAll(Iterable<Long> teacherIds, Course course){
ArrayList<Long> addedIds = new ArrayList<>(); if (course == null || teacherIds == null)
return false;
ArrayList<User> toAdd = new ArrayList<>();
for (Long teacherId : teacherIds){ for (Long teacherId : teacherIds){
User teacher = userRepo.findById((long) teacherId); User teacher = userRepo.findById((long) teacherId);
if ( teacher== null){ if ( teacher== null){
return false; return false;
} }
if (!addedIds.contains(teacherId)) if (!toAdd.contains(teacher) && teacher.getRole() == Role.Teacher)
{ {
teacherCourseRepo.save(new TeacherCourse(teacher,course)); toAdd.add(teacher);
addedIds.add(teacherId);
} }
} }
for (User teacher: toAdd){
teacherCourseRepo.save(new TeacherCourse(teacher,course));
}
return true; return true;
} }
} }

View File

@ -40,16 +40,19 @@ public class TokenService {
public User getUserFromToken(String token) { public User getUserFromToken(String token) {
Token tokenRep = tokenRepo.getByToken(token); Token tokenRep = tokenRepo.getByToken(token);
if (tokenRep == null) return null; if (tokenRep == null)
return null;
return tokenRep.getUser(); return tokenRep.getUser();
} }
public void saveToken(Token token){ public void saveToken(Token token){
//Si l'utilisateur a déja 5 token delete celui qui devait expirer le plus vite //Si l'utilisateur a déja 5 token delete celui qui devait expirer le plus vite
ArrayList<Token> tokenList = tokenRepo.getByUserOrderByExpirationDate(token.getUser()); ArrayList<Token> tokenList = tokenRepo.getByUserOrderByExpirationDate(token.getUser());
while(tokenList.size() >= 5){ while(tokenList.size() >= 5){
tokenRepo.delete(tokenList.get(0)); tokenRepo.delete(tokenList.getFirst());
tokenList.remove(tokenList.get(0)); tokenList.remove(tokenList.getFirst());
} }
tokenRepo.save(token); tokenRepo.save(token);
} }
@ -67,5 +70,5 @@ public class TokenService {
tokenRepo.delete(t); tokenRepo.delete(t);
} }
} }
}; }
} }

View File

@ -17,8 +17,15 @@ public class UserService {
} }
/** return the user identified by th identifier
*
* @param identifier can be an email or the RegNo
* @return the identified user
*/
public User getUser(String identifier){ public User getUser(String identifier){
if (identifier == null) return null; if (identifier == null)
return null;
try { try {
int id = Integer.parseInt(identifier); int id = Integer.parseInt(identifier);
return userRepo.findById(id); return userRepo.findById(id);
@ -33,16 +40,18 @@ public class UserService {
* *
* @param poster the user wanting to modify target's data * @param poster the user wanting to modify target's data
* @param updates the changes to be made * @param updates the changes to be made
* @param target the user to update * @param targetId the id of the user to update
* @return if the changes were done or not * @return if the changes were done or not
*/ */
public boolean modifyData(User poster, Map<String ,Object> updates, User target){ public boolean modifyData(long targetId, Map<String ,Object> updates, User poster){
User target = userRepo.findById(targetId);
if (target == null)
return false;
if (poster.getRegNo().equals(target.getRegNo())){ if (poster.getRegNo().equals(target.getRegNo())){
for (Map.Entry<String, Object> entry : updates.entrySet()){ for (Map.Entry<String, Object> entry : updates.entrySet()){
if ( entry.getKey().equals("regNo") || entry.getKey().equals("role")) {return false;}
switch (entry.getKey()){ switch (entry.getKey()){
case "firstName": case "firstName":
target.setFirstName((String) entry.getValue()); target.setFirstName((String) entry.getValue());
@ -78,13 +87,14 @@ public class UserService {
{ {
for (Map.Entry<String, Object> entry : updates.entrySet()){ for (Map.Entry<String, Object> entry : updates.entrySet()){
if ( !entry.getKey().equals("role")) {return false;} if ( entry.getKey().equals("role")) {
if (entry.getValue() == Role.Admin){return false;} if (entry.getValue() == Role.Admin) {return false;}
target.setRole((Role) entry.getValue()); target.setRole((Role) entry.getValue());
userRepo.save(target); userRepo.save(target);
return true; return true;
}
} }
} }
return false; return false;
@ -95,15 +105,18 @@ public class UserService {
return passwordEncoder.matches(tryingPassword, user.getPassword()); return passwordEncoder.matches(tryingPassword, user.getPassword());
} }
public void save(User user){ public User save(User user){
user.setPassword(passwordEncoder.encode(user.getPassword())); user.setPassword(passwordEncoder.encode(user.getPassword()));
userRepo.save(user); return userRepo.save(user);
} }
public Iterable<User> getAll(){ public Iterable<User> getAll(){
return userRepo.findAll(); return userRepo.findAll();
} }
public Iterable<User> getAllExceptAdmins(){
return userRepo.findAllExceptAdmins();
}
public Iterable<User> getAllTeachers (){return userRepo.findAllTeachers();} public Iterable<User> getAllTeachers (){return userRepo.findAllTeachers();}

View File

@ -1,7 +1,6 @@
package ovh.herisson.Clyde.Tables; package ovh.herisson.Clyde.Tables;
import jakarta.persistence.*; import jakarta.persistence.*;
import java.util.Date; import java.util.Date;
@ -17,21 +16,20 @@ public class InscriptionRequest {
private String country; private String country;
private Date birthDate; private Date birthDate;
@ManyToOne private Long curriculumId;
@JoinColumn(name="Curriculum")
private Curriculum curriculum;
private RequestState state; private RequestState state;
private String profilePicture; private String profilePicture;
private String password; private String password;
public InscriptionRequest(){} public InscriptionRequest(){}
public InscriptionRequest(String lastName, String firstName, String address, String email, String country, Date birthDate, RequestState state, String profilePicture, String password){ public InscriptionRequest(String lastName, String firstName, String address, String email, String country, Date birthDate,Long curriculumId, RequestState state, String profilePicture, String password){
this.lastName = lastName; this.lastName = lastName;
this.firstName = firstName; this.firstName = firstName;
this.address = address; this.address = address;
this.email = email; this.email = email;
this.country = country; this.country = country;
this.birthDate = birthDate; this.birthDate = birthDate;
this.curriculumId = curriculumId;
this.state = state; this.state = state;
this.profilePicture = profilePicture; this.profilePicture = profilePicture;
this.password = password; this.password = password;
@ -89,12 +87,12 @@ public class InscriptionRequest {
this.birthDate = birthDate; this.birthDate = birthDate;
} }
public Curriculum getCurriculum() { public long getCurriculumId() {
return curriculum; return curriculumId;
} }
public void setCurriculum(Curriculum curriculum) { public void setCurriculumId(long curriculum) {
this.curriculum = curriculum; this.curriculumId = curriculum;
} }
public RequestState getState() { public RequestState getState() {
@ -112,4 +110,12 @@ public class InscriptionRequest {
public void setProfilePicture(String profilePicture) { public void setProfilePicture(String profilePicture) {
this.profilePicture = profilePicture; this.profilePicture = profilePicture;
} }
public String getPassword() {
return password;
}
public void setPassword(String password) {
this.password = password;
}
} }

View File

@ -3,7 +3,7 @@ package ovh.herisson.Clyde.Tables;
import jakarta.persistence.*; import jakarta.persistence.*;
@Entity @Entity
public class ReinscriptionRequest { public class ReInscriptionRequest {
@Id @Id
@GeneratedValue(strategy = GenerationType.AUTO) @GeneratedValue(strategy = GenerationType.AUTO)
private int id; private int id;
@ -21,16 +21,16 @@ public class ReinscriptionRequest {
//Pour la réinscription on va le mettre a 0 //Pour la réinscription on va le mettre a 0
private boolean type = false; private boolean type = false;
public ReinscriptionRequest(){} public ReInscriptionRequest(){}
public ReinscriptionRequest(User user, Curriculum newCurriculum, RequestState state, boolean type){ public ReInscriptionRequest(User user, Curriculum newCurriculum, RequestState state, boolean type){
this.user = user; this.user = user;
this.newCurriculum = newCurriculum; this.newCurriculum = newCurriculum;
this.state = state; this.state = state;
this.type = type; this.type = type;
} }
public ReinscriptionRequest(User user, Curriculum newCurriculum, RequestState state){ public ReInscriptionRequest(User user, Curriculum newCurriculum, RequestState state){
this.user = user; this.user = user;
this.newCurriculum = newCurriculum; this.newCurriculum = newCurriculum;
this.state = state; this.state = state;

View File

@ -24,7 +24,6 @@ public class StorageFile {
public StorageFile(){} public StorageFile(){}
public void setId(Long id) { public void setId(Long id) {
this.id = id; this.id = id;
} }

View File

@ -1,8 +1,6 @@
package ovh.herisson.Clyde.Tables; package ovh.herisson.Clyde.Tables;
import jakarta.persistence.*; import jakarta.persistence.*;
import org.springframework.scheduling.annotation.Scheduled;
import ovh.herisson.Clyde.Repositories.TokenRepository;
import java.util.Date; import java.util.Date;

View File

@ -1,11 +1,8 @@
package ovh.herisson.Clyde.Tables; package ovh.herisson.Clyde.Tables;
import jakarta.persistence.*; import jakarta.persistence.*;
import java.util.Date; import java.util.Date;
//Classe représentant un utilisateur l'attribut password demande surement un peu de rafinement niveau sécurité
//et l'attribut tokenApi doit encore être ajouté vu qu'il faut en discuter
@Entity @Entity
@Table(name = "Users") @Table(name = "Users")
@ -37,18 +34,6 @@ public class User {
this.password = password; this.password = password;
} }
/** Constructor for the first registration request from a student (can't specify a Role)
*
* @param lastName
* @param firstName
* @param email
* @param address
* @param country
* @param birthDate
* @param profilePictureUrl
* @param password
*/
public User(String lastName, String firstName, String email, String address, public User(String lastName, String firstName, String email, String address,
String country, Date birthDate, String profilePictureUrl, String password) String country, Date birthDate, String profilePictureUrl, String password)
{ {
@ -95,8 +80,8 @@ public class User {
return address; return address;
} }
public void setAddress(String adress) { public void setAddress(String address) {
this.address = adress; this.address = address;
} }
public String getCountry() { public String getCountry() {