Merge pull request 'Max/Backend/UserControllerUpdate' (#94) from Max/Backend/UserControllerUpdate into master
Reviewed-on: PGL/Clyde#94 Reviewed-by: LeoMoulin <leomoulin125@gmail.com> Reviewed-by: Debucquoy Anthony <d.tonitch@gmail.com>
This commit is contained in:
commit
bb4ee784fa
@ -43,7 +43,6 @@ public class MockController {
|
|||||||
User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
|
User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
|
||||||
User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Teacher,passwordEncoder.encode("secretary"));
|
User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Teacher,passwordEncoder.encode("secretary"));
|
||||||
User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
|
User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
|
||||||
|
|
||||||
mockUsers = new ArrayList<User>(Arrays.asList(herobrine,joe,meh,joke));
|
mockUsers = new ArrayList<User>(Arrays.asList(herobrine,joe,meh,joke));
|
||||||
|
|
||||||
userRepo.saveAll(mockUsers);
|
userRepo.saveAll(mockUsers);
|
||||||
|
|||||||
@ -1,15 +1,23 @@
|
|||||||
package ovh.herisson.Clyde.EndPoints;
|
package ovh.herisson.Clyde.EndPoints;
|
||||||
|
|
||||||
|
|
||||||
|
import jakarta.servlet.http.HttpServletRequest;
|
||||||
import org.springframework.http.HttpStatus;
|
import org.springframework.http.HttpStatus;
|
||||||
|
|
||||||
|
import org.springframework.http.MediaType;
|
||||||
import org.springframework.http.ResponseEntity;
|
import org.springframework.http.ResponseEntity;
|
||||||
import org.springframework.web.bind.annotation.*;
|
import org.springframework.web.bind.annotation.*;
|
||||||
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
|
import ovh.herisson.Clyde.Responses.UnauthorizedResponse;
|
||||||
import ovh.herisson.Clyde.Services.AuthenticatorService;
|
import ovh.herisson.Clyde.Services.AuthenticatorService;
|
||||||
import ovh.herisson.Clyde.Services.UserService;
|
import ovh.herisson.Clyde.Services.UserService;
|
||||||
|
import ovh.herisson.Clyde.Tables.Role;
|
||||||
import ovh.herisson.Clyde.Tables.User;
|
import ovh.herisson.Clyde.Tables.User;
|
||||||
|
|
||||||
|
import java.io.IOException;
|
||||||
|
import java.util.ArrayList;
|
||||||
|
import java.util.HashMap;
|
||||||
|
import java.util.Map;
|
||||||
|
|
||||||
|
|
||||||
@RestController
|
@RestController
|
||||||
@CrossOrigin(origins = "http://localhost:5173")
|
@CrossOrigin(origins = "http://localhost:5173")
|
||||||
@ -23,25 +31,80 @@ public class UserController {
|
|||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("/user")
|
@GetMapping("/user")
|
||||||
public ResponseEntity<User> getUser(@RequestHeader("Cookie") String authorization){
|
public ResponseEntity<HashMap<String,Object>> getUser(@RequestHeader("Authorization") String authorization){
|
||||||
|
|
||||||
if (authorization == null) return new UnauthorizedResponse<>(null);
|
if (authorization == null) return new UnauthorizedResponse<>(null);
|
||||||
User user = authServ.getUserFromToken(authorization);
|
User user = authServ.getUserFromToken(authorization);
|
||||||
if (user == null) return new UnauthorizedResponse<>(null);
|
if (user == null) return new UnauthorizedResponse<>(null);
|
||||||
return new ResponseEntity<>(user, HttpStatus.OK);
|
|
||||||
|
return new ResponseEntity<>(userWithoutPassword(user), HttpStatus.OK);
|
||||||
}
|
}
|
||||||
|
|
||||||
@PostMapping("/user") //todo check role
|
@PostMapping("/user")
|
||||||
public ResponseEntity<String> postUser(@RequestBody User user){
|
public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
|
||||||
|
|
||||||
|
if (!isSecretaryOrAdmin(authorization))
|
||||||
|
return new UnauthorizedResponse<>(null);
|
||||||
|
|
||||||
userService.save(user);
|
userService.save(user);
|
||||||
return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
|
return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED);
|
||||||
}
|
}
|
||||||
|
|
||||||
@GetMapping("/users")
|
@GetMapping("/users")
|
||||||
public Iterable<User> getAllUsers(){
|
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
|
||||||
return userService.getAll();
|
|
||||||
|
if (!isSecretaryOrAdmin(authorization))
|
||||||
|
return new UnauthorizedResponse<>(null);
|
||||||
|
|
||||||
|
Iterable<User> users = userService.getAll();
|
||||||
|
ArrayList<HashMap<String, Object>> withoutPassword = new ArrayList<>();
|
||||||
|
|
||||||
|
for (User u :users){
|
||||||
|
withoutPassword.add(userWithoutPassword(u));
|
||||||
|
}
|
||||||
|
return new ResponseEntity<>(withoutPassword, HttpStatus.OK);
|
||||||
|
}
|
||||||
|
@PatchMapping("/user")
|
||||||
|
public ResponseEntity<String> patchUser(@RequestBody Map<String,Object> updates, @RequestHeader("Authorization") String authorization) {
|
||||||
|
|
||||||
|
if (authorization == null) return new UnauthorizedResponse<>(null);
|
||||||
|
|
||||||
|
User poster = authServ.getUserFromToken(authorization);
|
||||||
|
if (poster == null) {return new UnauthorizedResponse<>("bad authorization");}
|
||||||
|
|
||||||
|
if (!userService.modifyData(poster, updates, poster))
|
||||||
|
return new UnauthorizedResponse<>("there was an issue with the updates requested");
|
||||||
|
|
||||||
|
return new ResponseEntity<>("data modified", HttpStatus.OK);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/** return user's data except password
|
||||||
|
* @param user the user to return
|
||||||
|
* @return all the user data without the password
|
||||||
|
*/
|
||||||
|
private HashMap<String,Object> userWithoutPassword(User user){
|
||||||
|
HashMap<String,Object> toReturn = new HashMap<>();
|
||||||
|
|
||||||
|
toReturn.put("regNo",user.getRegNo());
|
||||||
|
toReturn.put("firstName",user.getFirstName());
|
||||||
|
toReturn.put("lastName",user.getLastName());
|
||||||
|
toReturn.put("birthDate",user.getBirthDate());
|
||||||
|
toReturn.put("country",user.getCountry());
|
||||||
|
toReturn.put("address",user.getAddress());
|
||||||
|
toReturn.put("role",user.getRole());
|
||||||
|
|
||||||
|
return toReturn;
|
||||||
|
}
|
||||||
|
|
||||||
|
private boolean isSecretaryOrAdmin(String authorization){
|
||||||
|
if (authorization ==null)
|
||||||
|
return false;
|
||||||
|
|
||||||
|
User poster = authServ.getUserFromToken(authorization);
|
||||||
|
if (poster == null) return false;
|
||||||
|
|
||||||
|
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -5,16 +5,10 @@ import org.springframework.stereotype.Service;
|
|||||||
import ovh.herisson.Clyde.Repositories.UserRepository;
|
import ovh.herisson.Clyde.Repositories.UserRepository;
|
||||||
import ovh.herisson.Clyde.Tables.Role;
|
import ovh.herisson.Clyde.Tables.Role;
|
||||||
import ovh.herisson.Clyde.Tables.User;
|
import ovh.herisson.Clyde.Tables.User;
|
||||||
|
import java.util.*;
|
||||||
import java.text.DateFormat;
|
|
||||||
import java.util.ArrayList;
|
|
||||||
import java.util.Arrays;
|
|
||||||
import java.util.Date;
|
|
||||||
import java.util.List;
|
|
||||||
|
|
||||||
@Service
|
@Service
|
||||||
public class UserService {
|
public class UserService {
|
||||||
|
|
||||||
private final UserRepository userRepo;
|
private final UserRepository userRepo;
|
||||||
private final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
|
private final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
|
||||||
|
|
||||||
@ -34,17 +28,79 @@ public class UserService {
|
|||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/** modify the target data
|
||||||
|
* verify the permission of modifying from the poster
|
||||||
|
*
|
||||||
|
* @param poster the user wanting to modify target's data
|
||||||
|
* @param updates the changes to be made
|
||||||
|
* @param target the user to update
|
||||||
|
* @return if the changes were done or not
|
||||||
|
*/
|
||||||
|
public boolean modifyData(User poster, Map<String ,Object> updates, User target){
|
||||||
|
|
||||||
|
if (poster.getRegNo().equals(target.getRegNo())){
|
||||||
|
for (Map.Entry<String, Object> entry : updates.entrySet()){
|
||||||
|
|
||||||
|
if ( entry.getKey().equals("regNo") || entry.getKey().equals("role")) {return false;}
|
||||||
|
|
||||||
|
switch (entry.getKey()){
|
||||||
|
case "firstName":
|
||||||
|
target.setFirstName((String) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "lastName":
|
||||||
|
target.setLastName((String) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "email":
|
||||||
|
target.setEmail((String) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "address":
|
||||||
|
target.setAddress((String) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "country":
|
||||||
|
target.setCountry((String) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "birthDate":
|
||||||
|
target.setBirthDate((Date) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "profilePictureUrl":
|
||||||
|
target.setProfilePictureUrl((String) entry.getValue());
|
||||||
|
break;
|
||||||
|
case "password":
|
||||||
|
target.setPassword(passwordEncoder.encode((String) entry.getValue()));
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
userRepo.save(target);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
// the secretary can change roles (for example if a student becomes a teacher)
|
||||||
|
else if (poster.getRole() == Role.Secretary)
|
||||||
|
{
|
||||||
|
for (Map.Entry<String, Object> entry : updates.entrySet()){
|
||||||
|
|
||||||
|
if ( !entry.getKey().equals("role")) {return false;}
|
||||||
|
|
||||||
|
if (entry.getValue() == Role.Admin){return false;}
|
||||||
|
|
||||||
|
target.setRole((Role) entry.getValue());
|
||||||
|
userRepo.save(target);
|
||||||
|
return true;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
return false;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
public boolean checkPassword(User user, String tryingPassword){
|
public boolean checkPassword(User user, String tryingPassword){
|
||||||
return passwordEncoder.matches(tryingPassword, user.getPassword());
|
return passwordEncoder.matches(tryingPassword, user.getPassword());
|
||||||
}
|
}
|
||||||
|
|
||||||
public void save(User user){
|
public void save(User user){
|
||||||
|
user.setPassword(passwordEncoder.encode(user.getPassword()));
|
||||||
userRepo.save(user);
|
userRepo.save(user);
|
||||||
}
|
}
|
||||||
|
|
||||||
public Iterable<User> getAll(){
|
public Iterable<User> getAll(){
|
||||||
return userRepo.findAll();
|
return userRepo.findAll();
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
@ -8,12 +8,11 @@ import java.util.Date;
|
|||||||
//et l'attribut tokenApi doit encore être ajouté vu qu'il faut en discuter
|
//et l'attribut tokenApi doit encore être ajouté vu qu'il faut en discuter
|
||||||
|
|
||||||
@Entity
|
@Entity
|
||||||
//Je rajoute un s au nom de la table pour éviter les conflits avec les mots réservés
|
|
||||||
@Table(name = "Users")
|
@Table(name = "Users")
|
||||||
public class User {
|
public class User {
|
||||||
@Id
|
@Id
|
||||||
@GeneratedValue(strategy = GenerationType.AUTO)
|
@GeneratedValue(strategy = GenerationType.AUTO)
|
||||||
private int regNo;
|
private Long regNo;
|
||||||
private String lastName;
|
private String lastName;
|
||||||
private String firstName;
|
private String firstName;
|
||||||
@Column(unique = true)
|
@Column(unique = true)
|
||||||
@ -38,9 +37,34 @@ public class User {
|
|||||||
this.password = password;
|
this.password = password;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/** Constructor for the first registration request from a student (can't specify a Role)
|
||||||
|
*
|
||||||
|
* @param lastName
|
||||||
|
* @param firstName
|
||||||
|
* @param email
|
||||||
|
* @param address
|
||||||
|
* @param country
|
||||||
|
* @param birthDate
|
||||||
|
* @param profilePictureUrl
|
||||||
|
* @param password
|
||||||
|
*/
|
||||||
|
public User(String lastName, String firstName, String email, String address,
|
||||||
|
String country, Date birthDate, String profilePictureUrl, String password)
|
||||||
|
{
|
||||||
|
this.lastName = lastName;
|
||||||
|
this.firstName = firstName;
|
||||||
|
this.email = email;
|
||||||
|
this.address = address;
|
||||||
|
this.country = country;
|
||||||
|
this.birthDate = birthDate;
|
||||||
|
this.profilePictureUrl = profilePictureUrl;
|
||||||
|
this.password = password;
|
||||||
|
this.role = Role.Student;
|
||||||
|
}
|
||||||
public User() {}
|
public User() {}
|
||||||
|
|
||||||
public int getRegNo(){
|
public Long getRegNo(){
|
||||||
return this.regNo;
|
return this.regNo;
|
||||||
}
|
}
|
||||||
public String getLastName() {
|
public String getLastName() {
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user