diff --git a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/ApplicationsController.java b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/ApplicationsController.java index 77b2f3e..f09e92e 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/ApplicationsController.java +++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/ApplicationsController.java @@ -30,7 +30,6 @@ public class ApplicationsController { */ @GetMapping("/apps") public ResponseEntity> getAuthorizedApps(@RequestHeader("Authorization") String token){ - return new ResponseEntity<>(getAuthorizedApplications(token), HttpStatus.OK); } @@ -46,24 +45,27 @@ public class ApplicationsController { public ArrayList getAuthorizedApplications(String token){ ArrayList authorizedApps = new ArrayList<>(); + //if unAuthed authorizedApps.add(Applications.Login); - authorizedApps.add(Applications.Profile); User user = authServ.getUserFromToken(token); if(user == null) - return authorizedApps; + return authorizedApps; + // if authed + authorizedApps.add(Applications.Profile); - Role posterRole = user.getRole(); - - if (posterRole == Role.Teacher || posterRole == Role.Student || posterRole == Role.Admin){ + if (!authServ.isNotIn(new Role[]{Role.Teacher,Role.Student,Role.Admin},token)) { authorizedApps.add(Applications.Msg); authorizedApps.add(Applications.Forum); authorizedApps.add(Applications.Rdv); } - if (posterRole == Role.Teacher || posterRole == Role.Secretary || posterRole == Role.Admin) authorizedApps.add(Applications.ManageCourses); + //if Teacher or Secretary or Admin add ManageCourses App + if (!authServ.isNotIn(new Role[]{Role.Teacher,Role.Secretary,Role.Admin},token)) + authorizedApps.add(Applications.ManageCourses); - if (posterRole == Role.InscriptionService || posterRole == Role.Admin) authorizedApps.add(Applications.Inscription); + if (!authServ.isNotIn(new Role[]{Role.InscriptionService,Role.Admin},token)) + authorizedApps.add(Applications.Inscription); return authorizedApps; } diff --git a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CourseController.java b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CourseController.java index 011689f..566121d 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CourseController.java +++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CourseController.java @@ -6,13 +6,12 @@ import org.springframework.web.bind.annotation.*; import ovh.herisson.Clyde.Responses.UnauthorizedResponse; import ovh.herisson.Clyde.Services.AuthenticatorService; import ovh.herisson.Clyde.Services.CourseService; +import ovh.herisson.Clyde.Services.ProtectionService; import ovh.herisson.Clyde.Services.TeacherCourseService; import ovh.herisson.Clyde.Tables.Course; import ovh.herisson.Clyde.Tables.Role; -import ovh.herisson.Clyde.Tables.TeacherCourse; import ovh.herisson.Clyde.Tables.User; - -import java.util.ArrayList; +import java.util.HashMap; import java.util.Map; @RestController @@ -32,20 +31,58 @@ public class CourseController { } @GetMapping("/course/{id}") - public ResponseEntity getCourse(@RequestHeader("Authorization") String token, @PathVariable long id){ + public ResponseEntity> getCourse(@RequestHeader("Authorization") String token, @PathVariable long id){ if (authServ.getUserFromToken(token) == null) return new UnauthorizedResponse<>(null); - return new ResponseEntity<>(courseServ.findById(id), HttpStatus.OK); + Course foundCourse = courseServ.findById(id); + + if (foundCourse == null) + return new ResponseEntity<>(HttpStatus.BAD_REQUEST); + + return new ResponseEntity<>(ProtectionService.courseWithoutPassword(foundCourse), HttpStatus.OK); + } + + @GetMapping("/courses") + public ResponseEntity>> getAllCourses(@RequestHeader("Authorization") String token){ + if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token)) + return new UnauthorizedResponse<>(null); + + return new ResponseEntity<>(ProtectionService.coursesWithoutPasswords(courseServ.findAll()),HttpStatus.OK); + } + + @GetMapping("/courses/owned") + public ResponseEntity>> getOwnedCourses(@RequestHeader("Authorization") String token){ + if (authServ.isNotIn(new Role[]{Role.Admin,Role.Teacher},token)) + return new UnauthorizedResponse<>(null); + + return new ResponseEntity<>(ProtectionService.coursesWithoutPasswords(courseServ.findOwnedCourses(authServ.getUserFromToken(token))),HttpStatus.OK); + } + + @GetMapping("/course/{id}/assistants") + public ResponseEntity>> getCourseAssistants(@RequestHeader("Authorization")String token, @PathVariable long id){ + if (authServ.getUserFromToken(token) == null) + return new UnauthorizedResponse<>(null); + + Iterable assistants = teacherCourseServ.findCourseAssistants(courseServ.findById(id)); + + return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(assistants),HttpStatus.OK); } @PostMapping("/course") - public ResponseEntity postCourse(@RequestHeader("Authorization") String token, @RequestBody Course course){ - if (authServ.isNotSecretaryOrAdmin(token)) + public ResponseEntity> postCourse(@RequestHeader("Authorization") String token, + @RequestBody Course course) + { + + if (authServ.isNotIn(new Role[]{Role.Secretary,Role.Admin},token)) return new UnauthorizedResponse<>(null); - return new ResponseEntity<>(courseServ.save(course), HttpStatus.CREATED); + Course createdCourse = courseServ.save(course); + if (createdCourse == null) + return new ResponseEntity<>(null,HttpStatus.BAD_REQUEST); + + return new ResponseEntity<>(ProtectionService.courseWithoutPassword(createdCourse), HttpStatus.CREATED); } @@ -55,11 +92,15 @@ public class CourseController { @PathVariable long id) { - if (authServ.IsNotIn(new Role[]{Role.Admin,Role.Teacher,Role.Secretary}, token)){ + if (authServ.isNotIn(new Role[]{Role.Admin,Role.Teacher,Role.Secretary}, token)) return new UnauthorizedResponse<>(null); - } - return new ResponseEntity<>(courseServ.modifyData(id, updates, authServ.getUserFromToken(token).getRole()), HttpStatus.OK); + + + if (!courseServ.modifyData(id, updates, authServ.getUserFromToken(token).getRole())) + return new ResponseEntity<>(HttpStatus.BAD_REQUEST); + + return new ResponseEntity<>(HttpStatus.OK); } @PostMapping("/course/{id}") @@ -67,14 +108,30 @@ public class CourseController { @RequestBody Iterable teacherIds, @PathVariable Long id) { - if (authServ.IsNotIn(new Role[]{Role.Admin,Role.Secretary}, token)) + + if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary}, token)) return new UnauthorizedResponse<>(null); + if (!teacherCourseServ.saveAll(teacherIds,courseServ.findById(id))) + return new ResponseEntity<>(HttpStatus.BAD_REQUEST); - teacherCourseServ.saveAll(teacherIds,courseServ.findById(id)); return new ResponseEntity<>(HttpStatus.OK); - } + + @DeleteMapping("course/{id}") + public ResponseEntity deleteUser(@RequestHeader("Authorization") String token, @PathVariable Long id){ + if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary}, token)) + return new UnauthorizedResponse<>(null); + + Course toDelete = courseServ.findById(id); + + if (toDelete == null) + return new ResponseEntity<>(HttpStatus.BAD_REQUEST); + + + courseServ.delete(courseServ.findById(id)); + return new ResponseEntity<>(HttpStatus.OK); + } } diff --git a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CurriculumController.java b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CurriculumController.java index 1892d6c..409e269 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CurriculumController.java +++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/CurriculumController.java @@ -4,13 +4,10 @@ package ovh.herisson.Clyde.EndPoints; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.*; -import ovh.herisson.Clyde.Services.AuthenticatorService; -import ovh.herisson.Clyde.Services.CurriculumCourseService; -import ovh.herisson.Clyde.Services.CurriculumService; +import ovh.herisson.Clyde.Responses.UnauthorizedResponse; +import ovh.herisson.Clyde.Services.*; import ovh.herisson.Clyde.Tables.Curriculum; -import ovh.herisson.Clyde.Tables.CurriculumCourse; import ovh.herisson.Clyde.Tables.Role; -import ovh.herisson.Clyde.Tables.User; import java.util.Map; @@ -22,39 +19,79 @@ public class CurriculumController { private final CurriculumService curriculumServ; private final AuthenticatorService authServ; + private final UserCurriculumService userCurriculumServ; private final CurriculumCourseService curriculumCourseServ; - public CurriculumController(CurriculumService curriculumServ, AuthenticatorService authServ, CurriculumCourseService curriculumCourseServ){ + public CurriculumController(CurriculumService curriculumServ, AuthenticatorService authServ, UserCurriculumService userCurriculumServ, CurriculumCourseService curriculumCourseServ){ this.curriculumServ = curriculumServ; this.authServ = authServ; + this.userCurriculumServ = userCurriculumServ; this.curriculumCourseServ = curriculumCourseServ; } @GetMapping("/curriculum/{id}") - public ResponseEntity findById(@PathVariable long id){ - return new ResponseEntity<>(curriculumServ.findById(id), HttpStatus.OK); - } + public ResponseEntity> findById(@PathVariable long id){ + Curriculum foundCurriculum = curriculumServ.findById(id); - @GetMapping("/curriculums") - public ResponseEntity>> findAllindDepth(){ - return new ResponseEntity<>(curriculumCourseServ.getAllDepthCurriculum(),HttpStatus.OK); + if (foundCurriculum == null) + return new ResponseEntity<>(HttpStatus.BAD_REQUEST); + + return new ResponseEntity<>(curriculumCourseServ.getDepthCurriculum(foundCurriculum), HttpStatus.OK); } @GetMapping("/curriculum") - public ResponseEntity> findAll(){ - return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK); + public ResponseEntity> findSelfCurriculum(@RequestHeader("Authorization") String token){ + if (authServ.getUserFromToken(token) == null) + return new UnauthorizedResponse<>(null); + + Curriculum curriculum = userCurriculumServ.findByUser(authServ.getUserFromToken(token)); + + if (curriculum == null) + return new ResponseEntity<>(HttpStatus.BAD_REQUEST); + + return new ResponseEntity<>(curriculumCourseServ.getDepthCurriculum(curriculum),HttpStatus.OK); } - /**@PostMapping("/curriculum") //todo now - public ResponseEntity postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){ + @GetMapping("/curriculums") + public ResponseEntity>> findAllIndDepth(){ + return new ResponseEntity<>(curriculumCourseServ.getAllDepthCurriculum(),HttpStatus.OK); + } - if (!isSecretaryOrAdmin(token)){ - return new UnauthorizedResponse<>("you're not allowed to post a Curriculum"); - } + @PostMapping("/curriculum") + public ResponseEntity postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){ - CurriculumServ.save(Curriculum); + if (authServ.isNotIn(new Role[]{Role.Secretary,Role.Admin},token)) + return new UnauthorizedResponse<>(null); - return new ResponseEntity<>("created !",HttpStatus.CREATED); - }**/ + return new ResponseEntity<>(curriculumServ.save(curriculum),HttpStatus.CREATED); + } + @PostMapping("/curriculum/{id}") + public ResponseEntity postCoursesToCurriculum(@RequestHeader("Authorization") String token, + @RequestBody Iterable coursesIds, + @PathVariable long id) + { + + if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token)) + return new UnauthorizedResponse<>(null); + + if (!curriculumCourseServ.saveAll(coursesIds, curriculumServ.findById(id))) + return new ResponseEntity<>(HttpStatus.BAD_REQUEST); + + return new ResponseEntity<>(HttpStatus.OK); + } + + @DeleteMapping("/curriculum/{id}") + public ResponseEntity deleteCurriculum(@RequestHeader("Authorization") String token, @PathVariable Long id){ + if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary}, token)) + return new UnauthorizedResponse<>(null); + + Curriculum toDelete = curriculumServ.findById(id); + + if (toDelete == null) + return new ResponseEntity<>(HttpStatus.BAD_REQUEST); + + curriculumServ.delete(toDelete); + return new ResponseEntity<>(HttpStatus.OK); + } } diff --git a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/InscriptionController.java b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/InscriptionController.java index 36946b5..c70e4df 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/InscriptionController.java +++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/InscriptionController.java @@ -6,17 +6,14 @@ import org.springframework.web.bind.annotation.*; import ovh.herisson.Clyde.Responses.UnauthorizedResponse; import ovh.herisson.Clyde.Services.AuthenticatorService; import ovh.herisson.Clyde.Services.InscriptionService; +import ovh.herisson.Clyde.Services.ProtectionService; import ovh.herisson.Clyde.Tables.InscriptionRequest; import ovh.herisson.Clyde.Tables.RequestState; import ovh.herisson.Clyde.Tables.Role; -import ovh.herisson.Clyde.Tables.User; -import java.util.ArrayList; -import java.util.HashMap; import java.util.Map; @RestController @CrossOrigin(originPatterns = "*", allowCredentials = "true") - public class InscriptionController { @@ -32,55 +29,55 @@ public class InscriptionController { @GetMapping("/requests/register") public ResponseEntity>> getAllRequests(@RequestHeader("Authorization") String token){ - if (authServ.isNotSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);} + if (authServ.isNotIn(new Role[]{Role.Admin,Role.InscriptionService},token)) + return new UnauthorizedResponse<>(null); Iterable inscriptionRequests = inscriptionServ.getAll(); - ArrayList> toReturn = new ArrayList<>(); - for (InscriptionRequest i:inscriptionRequests){ - toReturn.add(requestWithoutPassword(i)); - } - - return new ResponseEntity<>(toReturn, HttpStatus.OK); + return new ResponseEntity<>(ProtectionService.requestsWithoutPasswords(inscriptionRequests), HttpStatus.OK); } @GetMapping("/request/register/{id}") - public ResponseEntity> getById(@PathVariable long id){ - InscriptionRequest inscriptionRequest = inscriptionServ.getById(id); - if (inscriptionRequest == null) {return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST);} + public ResponseEntity> getById(@RequestHeader("Authorization") String token, @PathVariable long id){ - return new ResponseEntity<>(requestWithoutPassword(inscriptionRequest), HttpStatus.OK); - } + if (authServ.isNotIn(new Role[]{Role.Admin,Role.InscriptionService},token)) + return new UnauthorizedResponse<>(null); - @GetMapping("request/user/{id}") - public ResponseEntity getUserInscriptionRequest(@PathVariable long id, @RequestHeader("Authorize") String token){ - //todo return l'inscriptionRequest ACTUELLE du user (check si le poster est bien le même que id target ou secretariat) - return null; + InscriptionRequest foundInscriptionRequest = inscriptionServ.getById(id); + + if (foundInscriptionRequest == null) + return new ResponseEntity<>(null, HttpStatus.BAD_REQUEST); + + return new ResponseEntity<>(ProtectionService.requestWithoutPassword(foundInscriptionRequest), HttpStatus.OK); } @PatchMapping("/request/register/{id}") public ResponseEntity changeRequestState(@PathVariable long id, - @RequestHeader("Authorize") String token, - @RequestBody RequestState requestState) + @RequestHeader("Authorization") String token, + @RequestBody RequestState state) { - if (authServ.isNotSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null); - inscriptionServ.modifyState(id, requestState); - return null; + + if (authServ.isNotIn(new Role[]{Role.InscriptionService,Role.Admin},token)) + return new UnauthorizedResponse<>(null); + + if (!inscriptionServ.modifyState(id, state)) + return new ResponseEntity<>(HttpStatus.BAD_REQUEST); + + return new ResponseEntity<>(HttpStatus.OK); + } + @DeleteMapping("/request/register/{id}") + public ResponseEntity deleteRequest(@RequestHeader("Authorization") String token, @PathVariable Long id){ + if (authServ.isNotIn(new Role[]{Role.Admin,Role.InscriptionService}, token)) + return new UnauthorizedResponse<>(null); + + InscriptionRequest toDelete = inscriptionServ.getById(id); + + if (toDelete == null) + return new ResponseEntity<>(HttpStatus.BAD_REQUEST); + + inscriptionServ.delete(toDelete); + return new ResponseEntity<>(HttpStatus.OK); } - private Map requestWithoutPassword(InscriptionRequest inscriptionRequest) { - Map toReturn = new HashMap<>(); - - toReturn.put("id", inscriptionRequest.getId()); - toReturn.put("firstName", inscriptionRequest.getFirstName()); - toReturn.put("lastName", inscriptionRequest.getLastName()); - toReturn.put("address", inscriptionRequest.getAddress()); - toReturn.put("birthDate", inscriptionRequest.getBirthDate()); - toReturn.put("country", inscriptionRequest.getCountry()); - toReturn.put("curriculum", inscriptionRequest.getCurriculum()); - toReturn.put("profilePictureUrl", inscriptionRequest.getProfilePicture()); - toReturn.put("state", inscriptionRequest.getState()); - return toReturn; - } } diff --git a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/LoginController.java b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/LoginController.java index 2be125d..ef3c559 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/LoginController.java +++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/LoginController.java @@ -1,4 +1,5 @@ package ovh.herisson.Clyde.EndPoints; + import com.fasterxml.jackson.annotation.JsonFormat; import org.springframework.http.HttpHeaders; import org.springframework.http.HttpStatus; @@ -6,9 +7,10 @@ import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.*; import ovh.herisson.Clyde.Responses.UnauthorizedResponse; import ovh.herisson.Clyde.Services.AuthenticatorService; +import ovh.herisson.Clyde.Services.ProtectionService; import ovh.herisson.Clyde.Tables.InscriptionRequest; - import java.util.Date; +import java.util.Map; @RestController @CrossOrigin(originPatterns = "*", allowCredentials = "true") @@ -44,9 +46,11 @@ public class LoginController { return ResponseEntity.ok().headers(responseHeaders).build(); } - @PostMapping("/request/register") - public ResponseEntity register(@RequestBody InscriptionRequest inscriptionRequest){ - authServ.register(inscriptionRequest); - return new ResponseEntity<>("Is OK", HttpStatus.CREATED); + @PostMapping("/register") + public ResponseEntity> register(@RequestBody InscriptionRequest inscriptionRequest){ + + InscriptionRequest returnedInscriptionRequest = authServ.register(inscriptionRequest); + + return new ResponseEntity<>(ProtectionService.requestWithoutPassword(returnedInscriptionRequest), HttpStatus.CREATED); } } diff --git a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java index 1750889..6707fb7 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java +++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/MockController.java @@ -6,7 +6,6 @@ import ovh.herisson.Clyde.Repositories.TokenRepository; import ovh.herisson.Clyde.Repositories.UserRepository; import ovh.herisson.Clyde.Services.*; import ovh.herisson.Clyde.Tables.*; - import java.util.ArrayList; import java.util.Arrays; import java.util.Date; @@ -23,16 +22,19 @@ public class MockController { public final CurriculumCourseService CurriculumCourseService; public final CurriculumService curriculumService; public final CourseService courseService; + + public final InscriptionService inscriptionService; ArrayList mockUsers; - public MockController(UserRepository userRepo, TokenRepository tokenRepo, TokenService tokenService, CurriculumCourseService CurriculumCourseService, CurriculumService curriculumService, CourseService courseService){ + public MockController(UserRepository userRepo, TokenRepository tokenRepo, TokenService tokenService, CurriculumCourseService CurriculumCourseService, CurriculumService curriculumService, CourseService courseService, InscriptionService inscriptionService){ this.tokenRepo = tokenRepo; this.userRepo = userRepo; this.tokenService = tokenService; this.CurriculumCourseService = CurriculumCourseService; this.curriculumService = curriculumService; this.courseService = courseService; + this.inscriptionService = inscriptionService; } /** Saves an example of each user type by : @@ -51,12 +53,11 @@ public class MockController { User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student")); User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Secretary,passwordEncoder.encode("secretary")); User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher")); - User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.Teacher,passwordEncoder.encode("inscriptionService")); - mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke)); + User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.InscriptionService,passwordEncoder.encode("inscriptionService")); + mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke,lena)); userRepo.saveAll(mockUsers); - // Course / Curriculum part Curriculum infoBab1 = new Curriculum(1,"info"); @@ -68,7 +69,7 @@ public class MockController { curriculumService.save(psychologyBab1); - Course progra1 = new Course(5,"Programmation et algorithimque 1",joke); + Course progra1 = new Course(5,"Programmation et algorithmique 1",joke); Course chemistry1 = new Course(12, "Thermochimie",joke); Course psycho1 = new Course(21, "rien faire t'as cru c'est psycho",joke); Course commun = new Course(2, "cours commun",joke); @@ -90,15 +91,10 @@ public class MockController { CurriculumCourseService.save(new CurriculumCourse(chemistryBab1,chemistry1)); + InscriptionRequest inscriptionRequest = new InscriptionRequest("helen","prenom","non","helen@gmail.com","america",new Date(),(long) 1,RequestState.Refused,"yes.png","password"); - } - - @DeleteMapping("/mock") - public void deleteMock(){ - for (User user:mockUsers){ - tokenRepo.deleteAll(tokenRepo.getByUser(user)); - } - userRepo.deleteAll(mockUsers); + inscriptionService.save(inscriptionRequest); + } } diff --git a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/StorageController.java b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/StorageController.java index 5ad2052..fb10053 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/StorageController.java +++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/StorageController.java @@ -21,12 +21,13 @@ public class StorageController { @PostMapping("/upload/{fileType}") public ResponseEntity handleFileUpload(@RequestParam("file") MultipartFile file, @PathVariable FileType fileType) { - StorageFile fileEntry = null; + StorageFile fileEntry; try { fileEntry = storageServ.store(file,fileType); } catch(Exception e){ - e.printStackTrace(); + e.printStackTrace(); + return new ResponseEntity<>(null,HttpStatus.BAD_REQUEST); } diff --git a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java index ba07fca..6391b11 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java +++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/TokenController.java @@ -1,11 +1,15 @@ package ovh.herisson.Clyde.EndPoints; - - +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.CrossOrigin; import org.springframework.web.bind.annotation.GetMapping; +import org.springframework.web.bind.annotation.RequestHeader; import org.springframework.web.bind.annotation.RestController; +import ovh.herisson.Clyde.Responses.UnauthorizedResponse; +import ovh.herisson.Clyde.Services.AuthenticatorService; import ovh.herisson.Clyde.Services.TokenService; +import ovh.herisson.Clyde.Tables.Role; import ovh.herisson.Clyde.Tables.Token; @RestController @@ -14,13 +18,20 @@ public class TokenController { private final TokenService tokenServ; - public TokenController(TokenService tokenServ){ + private final AuthenticatorService authServ; + + public TokenController(TokenService tokenServ, AuthenticatorService authServ){ this.tokenServ = tokenServ; + this.authServ = authServ; } @GetMapping("/tokens") - public Iterable getTokens(){ - return tokenServ.getAllTokens(); + public ResponseEntity> getTokens(@RequestHeader("Authorization")String token){ + + if (authServ.isNotIn(new Role[]{Role.Admin},token)) + return new UnauthorizedResponse<>(null); + + return new ResponseEntity<>(tokenServ.getAllTokens(), HttpStatus.OK); } } diff --git a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java index 238ebd3..3ebf67a 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java +++ b/backend/src/main/java/ovh/herisson/Clyde/EndPoints/UserController.java @@ -1,16 +1,15 @@ package ovh.herisson.Clyde.EndPoints; - import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.*; import ovh.herisson.Clyde.Responses.UnauthorizedResponse; import ovh.herisson.Clyde.Services.AuthenticatorService; +import ovh.herisson.Clyde.Services.ProtectionService; import ovh.herisson.Clyde.Services.UserService; import ovh.herisson.Clyde.Tables.Role; import ovh.herisson.Clyde.Tables.User; -import java.security.Key; import java.util.ArrayList; import java.util.HashMap; import java.util.Map; @@ -27,66 +26,89 @@ public class UserController { this.authServ = authServ; } + /** returns information about the connected user + * + * @param token the session token of the user + * @return the user information except his password + */ @GetMapping("/user") - public ResponseEntity> getUser(@RequestHeader("Authorization") String authorization){ + public ResponseEntity> getUser(@RequestHeader("Authorization") String token){ - if (authorization == null) return new UnauthorizedResponse<>(null); - User user = authServ.getUserFromToken(authorization); - if (user == null) return new UnauthorizedResponse<>(null); + User user = authServ.getUserFromToken(token); + if (user == null) return new UnauthorizedResponse<>(null); - return new ResponseEntity<>(userWithoutPassword(user), HttpStatus.OK); + return new ResponseEntity<>(ProtectionService.userWithoutPassword(user), HttpStatus.OK); + } + + + @GetMapping("/user/{id}") + public ResponseEntity> getUserById(@RequestHeader("Authorization") String token, @PathVariable Long id){ + + if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary,Role.InscriptionService},token)) + return new UnauthorizedResponse<>(null); + + return new ResponseEntity<>(ProtectionService.userWithoutPassword(userService.getUserById(id)), HttpStatus.OK); } @PostMapping("/user") - public ResponseEntity postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){ + public ResponseEntity> postUser(@RequestBody User user,@RequestHeader("Authorization") String token){ - if (authServ.isNotSecretaryOrAdmin(authorization)) + if (authServ.isNotIn(new Role[]{Role.Admin,Role.InscriptionService,Role.Secretary},token)) return new UnauthorizedResponse<>(null); - userService.save(user); - return new ResponseEntity<>(String.format("Account created with ID:%s",user.getRegNo()),HttpStatus.CREATED); + return new ResponseEntity<>(ProtectionService.userWithoutPassword(userService.save(user)),HttpStatus.CREATED); } @GetMapping("/users") - public ResponseEntity>> getAllUsers(@RequestHeader("Authorization") String authorization){ + public ResponseEntity>> getAllUsers(@RequestHeader("Authorization") String token){ - if (authServ.isNotSecretaryOrAdmin(authorization)) + if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token)) return new UnauthorizedResponse<>(null); - Iterable users = userService.getAll(); - ArrayList> withoutPassword = new ArrayList<>(); + Role posterRole = authServ.getUserFromToken(token).getRole(); - for (User u :users){ - withoutPassword.add(userWithoutPassword(u)); - } - return new ResponseEntity<>(withoutPassword, HttpStatus.OK); + Iterable users = new ArrayList<>(); + + if (posterRole == Role.Admin) + users = userService.getAll(); + + else if (posterRole == Role.Secretary) + users = userService.getAllExceptAdmins(); + + return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(users), HttpStatus.OK); } - @PatchMapping("/user") - public ResponseEntity patchUser(@RequestBody Map updates, @RequestHeader("Authorization") String authorization) { - if (authorization == null) return new UnauthorizedResponse<>(null); + /** changes the specified user's information + * + * @param updates the changes to be made + * @param token the session token of the user posting the change + * @param id the id of the user to change + * @return a string clarifying the issue (if there is any) + */ + @PatchMapping("/user/{id}") + public ResponseEntity patchUser(@RequestHeader("Authorization") String token, + @RequestBody Map updates, + @PathVariable Long id) { - User poster = authServ.getUserFromToken(authorization); - if (poster == null) {return new UnauthorizedResponse<>("bad authorization");} + if (token == null) return new UnauthorizedResponse<>(null); - if (!userService.modifyData(poster, updates, poster)) + User poster = authServ.getUserFromToken(token); + if (poster == null) {return new UnauthorizedResponse<>("bad token");} + + if (!userService.modifyData(id, updates, poster)) return new UnauthorizedResponse<>("there was an issue with the updates requested"); - return new ResponseEntity<>("data modified", HttpStatus.OK); + return new ResponseEntity<>(null, HttpStatus.OK); } @GetMapping("/teachers") public ResponseEntity>> getAllTeachers(@RequestHeader("Authorization") String token){ if (authServ.getUserFromToken(token) == null) return new UnauthorizedResponse<>(null); + Iterable teachers = userService.getAllTeachers(); - ArrayList> withoutPassword = new ArrayList<>(); - for (User t: teachers){ - withoutPassword.add(userWithoutPassword(t)); - } - - return new ResponseEntity<>(withoutPassword, HttpStatus.OK); + return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(teachers), HttpStatus.OK); } @@ -95,34 +117,22 @@ public class UserController { if (authServ.getUserFromToken(token) == null) return new UnauthorizedResponse<>(null); - Iterable teachers = userService.getAllStudents(); - ArrayList> withoutPassword = new ArrayList<>(); + Iterable students = userService.getAllStudents(); - for (User t: teachers){ - withoutPassword.add(userWithoutPassword(t)); - } - - return new ResponseEntity<>(withoutPassword, HttpStatus.OK); + return new ResponseEntity<>(ProtectionService.usersWithoutPasswords(students), HttpStatus.OK); } + @DeleteMapping("/user/{id}") + public ResponseEntity deleteStudent(@RequestHeader("Authorization") String token, @PathVariable Long id){ + if (authServ.isNotIn(new Role[]{Role.Admin,Role.Secretary},token)) + return new UnauthorizedResponse<>(null); + User toDelete = userService.getUserById(id); + if (toDelete == null) + return new ResponseEntity<>(HttpStatus.BAD_REQUEST); - - /** return user's data except password - * @param user the user to return - * @return all the user data without the password - */ - private HashMap userWithoutPassword(User user){ - HashMap toReturn = new HashMap<>(); - toReturn.put("regNo",user.getRegNo()); - toReturn.put("firstName",user.getFirstName()); - toReturn.put("lastName",user.getLastName()); - toReturn.put("birthDate",user.getBirthDate()); - toReturn.put("country",user.getCountry()); - toReturn.put("address",user.getAddress()); - toReturn.put("role",user.getRole()); - return toReturn; + userService.delete(toDelete); + return new ResponseEntity<>(HttpStatus.OK); } -} - +} \ No newline at end of file diff --git a/backend/src/main/java/ovh/herisson/Clyde/Repositories/CourseRepository.java b/backend/src/main/java/ovh/herisson/Clyde/Repositories/CourseRepository.java index 671a995..aa7564a 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Repositories/CourseRepository.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Repositories/CourseRepository.java @@ -1,8 +1,15 @@ package ovh.herisson.Clyde.Repositories; +import org.springframework.data.jpa.repository.Query; import org.springframework.data.repository.CrudRepository; import ovh.herisson.Clyde.Tables.Course; +import ovh.herisson.Clyde.Tables.User; public interface CourseRepository extends CrudRepository { Course findById(long id); + + + @Query("select c from Course c where c.owner = ?1") + Iterable findAllOwnedCoures(User teacher); + } diff --git a/backend/src/main/java/ovh/herisson/Clyde/Repositories/TeacherCourseRepository.java b/backend/src/main/java/ovh/herisson/Clyde/Repositories/TeacherCourseRepository.java index ffe654a..3dbb7ff 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Repositories/TeacherCourseRepository.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Repositories/TeacherCourseRepository.java @@ -1,8 +1,14 @@ package ovh.herisson.Clyde.Repositories; +import org.springframework.data.jpa.repository.Query; import org.springframework.data.repository.CrudRepository; +import ovh.herisson.Clyde.Tables.Course; import ovh.herisson.Clyde.Tables.TeacherCourse; +import ovh.herisson.Clyde.Tables.User; public interface TeacherCourseRepository extends CrudRepository { + + @Query("select tc.user from TeacherCourse tc where tc.course = ?1") + Iterable findAllAssistantOfCourse(Course course); } diff --git a/backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java b/backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java index d3b422a..53bf3aa 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Repositories/TokenRepository.java @@ -10,7 +10,5 @@ public interface TokenRepository extends CrudRepository { Token getByToken(String token); - Iterable getByUser(User user); - ArrayList getByUserOrderByExpirationDate(User user); } diff --git a/backend/src/main/java/ovh/herisson/Clyde/Repositories/UserCurriculumRepository.java b/backend/src/main/java/ovh/herisson/Clyde/Repositories/UserCurriculumRepository.java new file mode 100644 index 0000000..32f207a --- /dev/null +++ b/backend/src/main/java/ovh/herisson/Clyde/Repositories/UserCurriculumRepository.java @@ -0,0 +1,13 @@ +package ovh.herisson.Clyde.Repositories; + +import org.springframework.data.jpa.repository.Query; +import org.springframework.data.repository.CrudRepository; +import ovh.herisson.Clyde.Tables.Curriculum; +import ovh.herisson.Clyde.Tables.User; +import ovh.herisson.Clyde.Tables.UserCurriculum; + +public interface UserCurriculumRepository extends CrudRepository { + + @Query("select uc.curriculum from UserCurriculum uc where uc.user = ?1") + Curriculum findByUser(User student); +} diff --git a/backend/src/main/java/ovh/herisson/Clyde/Repositories/UserRepository.java b/backend/src/main/java/ovh/herisson/Clyde/Repositories/UserRepository.java index f44760c..413f090 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Repositories/UserRepository.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Repositories/UserRepository.java @@ -4,22 +4,20 @@ import org.springframework.data.jpa.repository.Query; import org.springframework.data.repository.CrudRepository; import ovh.herisson.Clyde.Tables.User; -import java.util.List; - public interface UserRepository extends CrudRepository { User findById(long id); User findByEmail(String email); - /** - @Query(value = "select a.* from Users a ",nativeQuery = true) - Iterable findAllUsers();**/ + @Query("select u from User u where u.role = ovh.herisson.Clyde.Tables.Role.Teacher") Iterable findAllTeachers(); - @Query("select u from User u where u.role = ovh.herisson.Clyde.Tables.Role.Student") Iterable findAllStudents(); + + @Query("select u from User u where u.role <> ovh.herisson.Clyde.Tables.Role.Admin") + Iterable findAllExceptAdmins(); } \ No newline at end of file diff --git a/backend/src/main/java/ovh/herisson/Clyde/Services/AuthenticatorService.java b/backend/src/main/java/ovh/herisson/Clyde/Services/AuthenticatorService.java index 6afcdc0..25c127f 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Services/AuthenticatorService.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Services/AuthenticatorService.java @@ -1,11 +1,7 @@ package ovh.herisson.Clyde.Services; import org.springframework.stereotype.Service; -import ovh.herisson.Clyde.Tables.InscriptionRequest; -import ovh.herisson.Clyde.Tables.Role; -import ovh.herisson.Clyde.Tables.Token; -import ovh.herisson.Clyde.Tables.User; - +import ovh.herisson.Clyde.Tables.*; import java.util.Date; @Service @@ -35,22 +31,12 @@ public class AuthenticatorService { return token; } - public void register(InscriptionRequest inscriptionRequest) { - inscriptionService.save(inscriptionRequest); + public InscriptionRequest register(InscriptionRequest inscriptionRequest) { + inscriptionRequest.setState(RequestState.Pending); + return inscriptionService.save(inscriptionRequest); } - - public boolean isNotSecretaryOrAdmin(String authorization){ - if (authorization ==null) - return true; - - User poster = getUserFromToken(authorization); - if (poster == null) return true; - - return poster.getRole() != Role.Secretary && poster.getRole() != Role.Admin; - } - - public boolean IsNotIn(Role[] roles, String token){ + public boolean isNotIn(Role[] roles, String token){ if (token == null) return true; diff --git a/backend/src/main/java/ovh/herisson/Clyde/Services/CourseService.java b/backend/src/main/java/ovh/herisson/Clyde/Services/CourseService.java index 8278bbe..d17c7b0 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Services/CourseService.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Services/CourseService.java @@ -5,7 +5,6 @@ import ovh.herisson.Clyde.Repositories.CourseRepository; import ovh.herisson.Clyde.Tables.Course; import ovh.herisson.Clyde.Tables.Role; import ovh.herisson.Clyde.Tables.User; - import java.util.Map; @Service @@ -18,6 +17,8 @@ public class CourseService { } public Course save(Course course){ + if (course.getOwner().getRole() != Role.Teacher) + return null; return courseRepo.save(course); } @@ -25,18 +26,37 @@ public class CourseService { return courseRepo.findById(id); } - public Course modifyData(long id, Map updates, Role role) { + + public Iterable findAll() { + return courseRepo.findAll(); + } + + + public Iterable findOwnedCourses(User userFromToken) { + return courseRepo.findAllOwnedCoures(userFromToken); + } + + + + public boolean modifyData(long id, Map updates, Role role) { Course target = courseRepo.findById(id); + if (target == null) + return false; + if (role == Role.Teacher){ for (Map.Entry entry : updates.entrySet()){ if (entry.getKey().equals("title")){ target.setTitle((String) entry.getValue()); - return courseRepo.save(target); + courseRepo.save(target); + return true; } } } + if (role != Role.Secretary) + return false; + for (Map.Entry entry: updates.entrySet()){ switch (entry.getKey()){ case "title": @@ -46,10 +66,18 @@ public class CourseService { target.setCredits((Integer) entry.getValue()); break; case "owner": - target.setOwner((User) entry.getValue()); //todo check if is a teacher ! + if (((User) entry.getValue() ).getRole() != Role.Teacher) + break; + + target.setOwner((User) entry.getValue()); break; } } - return courseRepo.save(target); + courseRepo.save(target); + return true; + } + + public void delete(Course course) { + courseRepo.delete(course); } } diff --git a/backend/src/main/java/ovh/herisson/Clyde/Services/CurriculumCourseService.java b/backend/src/main/java/ovh/herisson/Clyde/Services/CurriculumCourseService.java index ccf1226..19549d0 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Services/CurriculumCourseService.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Services/CurriculumCourseService.java @@ -4,9 +4,7 @@ import org.springframework.stereotype.Service; import ovh.herisson.Clyde.Repositories.CourseRepository; import ovh.herisson.Clyde.Repositories.CurriculumCourseRepository; import ovh.herisson.Clyde.Repositories.CurriculumRepository; -import ovh.herisson.Clyde.Tables.Course; -import ovh.herisson.Clyde.Tables.Curriculum; -import ovh.herisson.Clyde.Tables.CurriculumCourse; +import ovh.herisson.Clyde.Tables.*; import java.util.ArrayList; import java.util.HashMap; @@ -31,17 +29,18 @@ public class CurriculumCourseService { curriculumCourseRepo.save(curriculumCourse); } - public Iterable findAll(){ - return curriculumCourseRepo.findAll(); - } - public Map getDepthCurriculum(Curriculum curriculum){ + if (curriculum == null) + return null; + HashMap toReturn = new HashMap<>(); - ArrayList courses = new ArrayList<>(); - for (Course c: curriculumCourseRepo.findCoursesByCurriculum(curriculum)){ - courses.add(c); + ArrayList> courses = new ArrayList<>(); + Iterable foundCourses = curriculumCourseRepo.findCoursesByCurriculum(curriculum); + + for (Course c: foundCourses){ + courses.add(ProtectionService.courseWithoutPassword(c)); } toReturn.put("courses",courses); toReturn.put("curriculumId", curriculum.getCurriculumId()); @@ -56,13 +55,39 @@ public class CurriculumCourseService { ArrayList> toReturn = new ArrayList<>(); - for (Curriculum curriculum : curriculumCourseRepo.findDistinctCurriculums()){ + for (Curriculum curriculum : curriculumRepo.findAll()){ toReturn.add(getDepthCurriculum(curriculum)); } + + return toReturn; } + /** tries to add all courses to the curriculum + * + * @param coursesIds the ids of the courses to be added + * @param curriculum the curriculum to add the courses to + * @return if the changes were made + */ + public boolean saveAll(Iterable coursesIds, Curriculum curriculum) { + if (curriculum == null || coursesIds == null) + return false; + ArrayList toAdd = new ArrayList<>(); + for (Long courseId : coursesIds){ + Course course = courseRepo.findById((long) courseId); + if (course == null) + return false; + + if (!toAdd.contains(course)) + toAdd.add(course); + } + + for (Course course : toAdd){ + curriculumCourseRepo.save(new CurriculumCourse(curriculum,course)); + } + return true; + } } diff --git a/backend/src/main/java/ovh/herisson/Clyde/Services/CurriculumService.java b/backend/src/main/java/ovh/herisson/Clyde/Services/CurriculumService.java index 6f6d89b..af04d78 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Services/CurriculumService.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Services/CurriculumService.java @@ -1,7 +1,6 @@ package ovh.herisson.Clyde.Services; import org.springframework.stereotype.Service; -import ovh.herisson.Clyde.Repositories.CourseRepository; import ovh.herisson.Clyde.Repositories.CurriculumRepository; import ovh.herisson.Clyde.Tables.Curriculum; @@ -10,23 +9,17 @@ public class CurriculumService { private final CurriculumRepository curriculumRepo; - private final CourseRepository courseRepo; - - public CurriculumService(CurriculumRepository curriculumRepo, CourseRepository courseRepo){ + public CurriculumService(CurriculumRepository curriculumRepo){ this.curriculumRepo = curriculumRepo; - this.courseRepo = courseRepo; } - - - public void save(Curriculum curriculum){ - curriculumRepo.save(curriculum); + public Curriculum save(Curriculum curriculum){ + return curriculumRepo.save(curriculum); } - public Curriculum findById(long id){ return curriculumRepo.findById(id); } - public Iterable findAll(){ - return curriculumRepo.findAll(); + public void delete(Curriculum curriculum) { + curriculumRepo.delete(curriculum); } -} +} \ No newline at end of file diff --git a/backend/src/main/java/ovh/herisson/Clyde/Services/InscriptionService.java b/backend/src/main/java/ovh/herisson/Clyde/Services/InscriptionService.java index 6130fe8..311dbf2 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Services/InscriptionService.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Services/InscriptionService.java @@ -1,21 +1,40 @@ package ovh.herisson.Clyde.Services; +import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder; import org.springframework.stereotype.Service; +import ovh.herisson.Clyde.Repositories.CurriculumRepository; import ovh.herisson.Clyde.Repositories.InscriptionRepository; +import ovh.herisson.Clyde.Repositories.UserCurriculumRepository; +import ovh.herisson.Clyde.Repositories.UserRepository; import ovh.herisson.Clyde.Tables.InscriptionRequest; import ovh.herisson.Clyde.Tables.RequestState; +import ovh.herisson.Clyde.Tables.User; +import ovh.herisson.Clyde.Tables.UserCurriculum; @Service public class InscriptionService { - InscriptionRepository inscriptionRepo; + private final InscriptionRepository inscriptionRepo; - public InscriptionService(InscriptionRepository inscriptionRepo){ + private final UserRepository userRepo; + + private final UserCurriculumRepository userCurriculumRepo; + + private final CurriculumRepository curriculumRepo; + + private final BCryptPasswordEncoder passwordEncoder = new BCryptPasswordEncoder(); + + + public InscriptionService(InscriptionRepository inscriptionRepo, UserRepository userRepo, UserCurriculumRepository userCurriculumRepo, CurriculumRepository curriculumRepo){ this.inscriptionRepo = inscriptionRepo; + this.userRepo = userRepo; + this.userCurriculumRepo = userCurriculumRepo; + this.curriculumRepo = curriculumRepo; } - public void save(InscriptionRequest inscriptionRequest){ - inscriptionRepo.save(inscriptionRequest); + public InscriptionRequest save(InscriptionRequest inscriptionRequest){ + inscriptionRequest.setPassword(passwordEncoder.encode(inscriptionRequest.getPassword())); + return inscriptionRepo.save(inscriptionRequest); } public InscriptionRequest getById(long id){ @@ -26,9 +45,50 @@ public class InscriptionService { return inscriptionRepo.findAll(); } - public void modifyState(long id, RequestState requestState) { - InscriptionRequest inscriptionRequest = getById(id); - inscriptionRequest.setState(requestState); - save(inscriptionRequest); + public boolean modifyState(long id, RequestState requestState) { + InscriptionRequest inscrRequest = getById(id); + + if (inscrRequest == null) + return false; + + // if th state is the same we don't send an email + if (requestState == inscrRequest.getState()) + return false; + + /** todo send an email to tell the poster of the inscrRequest (inscrRequest.getEmail()) + * to notify them that the state of their request changed + * FooEmailFormat toSend = (String.format("Your request state changed from %s to %s"), + * inscrRequest.getState(), requestState) + * FooEmailSender.send(toSend, inscrRequest.getEmail()) + */ + + + //saves the user from the request if accepted + if (requestState == RequestState.Accepted) + { + if (curriculumRepo.findById(inscrRequest.getCurriculumId()) == null) + return false; + + User userFromRequest = new User( + inscrRequest.getLastName(), + inscrRequest.getFirstName(), + inscrRequest.getEmail(), + inscrRequest.getAddress(), + inscrRequest.getCountry(), + inscrRequest.getBirthDate(), + inscrRequest.getProfilePicture(), + inscrRequest.getPassword() + ); + + userRepo.save(userFromRequest); + userCurriculumRepo.save(new UserCurriculum(userFromRequest, curriculumRepo.findById(inscrRequest.getCurriculumId()))); + } + inscrRequest.setState(requestState); + save(inscrRequest); + return true; + } + + public void delete(InscriptionRequest toDelete) { + inscriptionRepo.delete(toDelete); } } diff --git a/backend/src/main/java/ovh/herisson/Clyde/Services/ProtectionService.java b/backend/src/main/java/ovh/herisson/Clyde/Services/ProtectionService.java new file mode 100644 index 0000000..44e53a7 --- /dev/null +++ b/backend/src/main/java/ovh/herisson/Clyde/Services/ProtectionService.java @@ -0,0 +1,105 @@ +package ovh.herisson.Clyde.Services; + +import ovh.herisson.Clyde.Tables.Course; +import ovh.herisson.Clyde.Tables.InscriptionRequest; +import ovh.herisson.Clyde.Tables.User; + +import java.util.ArrayList; +import java.util.HashMap; +import java.util.Map; + +public class ProtectionService { + + /** return user's data except password + * @param user the user to return + * @return all the user data without the password + */ + public static HashMap userWithoutPassword(User user){ + + if (user ==null) + return null; + + HashMap toReturn = new HashMap<>(); + + toReturn.put("regNo",user.getRegNo()); + toReturn.put("lastName",user.getLastName()); + toReturn.put("firstName",user.getFirstName()); + toReturn.put("email", user.getEmail()); + toReturn.put("address",user.getAddress()); + toReturn.put("birthDate",user.getBirthDate()); + toReturn.put("country",user.getCountry()); + toReturn.put("profilePictureUrl",user.getProfilePictureUrl()); + toReturn.put("role",user.getRole()); + return toReturn; + } + + public static Iterable>usersWithoutPasswords(Iterable users){ + ArrayList> toReturn = new ArrayList<>(); + + for (User u : users){ + toReturn.add(userWithoutPassword(u)); + } + + return toReturn; + } + + + + public static HashMap courseWithoutPassword(Course course){ + if (course == null) + return null; + + HashMap toReturn = new HashMap<>(); + + toReturn.put("courseId",course.getCourseID()); + toReturn.put("credits",course.getCredits()); + toReturn.put("title", course.getTitle()); + toReturn.put("owner", userWithoutPassword(course.getOwner())); + return toReturn; + } + + public static Iterable> coursesWithoutPasswords(Iterable courses){ + ArrayList> toReturn = new ArrayList<>(); + + for (Course course: courses){ + toReturn.add(ProtectionService.courseWithoutPassword(course)); + } + + return toReturn; + + } + + + public static Map requestWithoutPassword(InscriptionRequest inscriptionRequest) { + + if (inscriptionRequest == null) + return null; + + Map toReturn = new HashMap<>(); + + toReturn.put("id", inscriptionRequest.getId()); + toReturn.put("lastName", inscriptionRequest.getLastName()); + toReturn.put("firstName", inscriptionRequest.getFirstName()); + toReturn.put("address", inscriptionRequest.getAddress()); + toReturn.put("email",inscriptionRequest.getEmail()); + toReturn.put("birthDate", inscriptionRequest.getBirthDate()); + toReturn.put("country", inscriptionRequest.getCountry()); + toReturn.put("curriculum", inscriptionRequest.getCurriculumId()); + toReturn.put("state", inscriptionRequest.getState()); + toReturn.put("profilePictureUrl", inscriptionRequest.getProfilePicture()); + + return toReturn; + } + + public static Iterable> requestsWithoutPasswords(Iterable inscriptionRequests){ + + ArrayList> toReturn = new ArrayList<>(); + + for (InscriptionRequest i:inscriptionRequests){ + toReturn.add(requestWithoutPassword(i)); + } + return toReturn; + } + +} + diff --git a/backend/src/main/java/ovh/herisson/Clyde/Services/StorageService.java b/backend/src/main/java/ovh/herisson/Clyde/Services/StorageService.java index 79cce04..1fe0c28 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Services/StorageService.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Services/StorageService.java @@ -33,6 +33,9 @@ public class StorageService { public StorageFile store(MultipartFile file, FileType fileType) { + if (file == null || file.getOriginalFilename() == null) + return null; + if (file.getOriginalFilename().isEmpty()){return null;} UUID uuid = UUID.randomUUID(); diff --git a/backend/src/main/java/ovh/herisson/Clyde/Services/TeacherCourseService.java b/backend/src/main/java/ovh/herisson/Clyde/Services/TeacherCourseService.java index 0996adf..dee3a7b 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Services/TeacherCourseService.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Services/TeacherCourseService.java @@ -4,6 +4,7 @@ import org.springframework.stereotype.Controller; import ovh.herisson.Clyde.Repositories.TeacherCourseRepository; import ovh.herisson.Clyde.Repositories.UserRepository; import ovh.herisson.Clyde.Tables.Course; +import ovh.herisson.Clyde.Tables.Role; import ovh.herisson.Clyde.Tables.TeacherCourse; import ovh.herisson.Clyde.Tables.User; @@ -20,20 +21,33 @@ public class TeacherCourseService { this.userRepo = userRepo; } + public Iterable findCourseAssistants(Course course) { + if (course == null) + return null; + return teacherCourseRepo.findAllAssistantOfCourse(course); + } + + public boolean saveAll(Iterable teacherIds, Course course){ - ArrayList addedIds = new ArrayList<>(); + if (course == null || teacherIds == null) + return false; + + ArrayList toAdd = new ArrayList<>(); for (Long teacherId : teacherIds){ User teacher = userRepo.findById((long) teacherId); if ( teacher== null){ return false; } - if (!addedIds.contains(teacherId)) + if (!toAdd.contains(teacher) && teacher.getRole() == Role.Teacher) { - teacherCourseRepo.save(new TeacherCourse(teacher,course)); - addedIds.add(teacherId); + toAdd.add(teacher); } } + for (User teacher: toAdd){ + teacherCourseRepo.save(new TeacherCourse(teacher,course)); + } return true; } + } diff --git a/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java b/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java index 2f746ce..c20977d 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Services/TokenService.java @@ -40,16 +40,19 @@ public class TokenService { public User getUserFromToken(String token) { Token tokenRep = tokenRepo.getByToken(token); - if (tokenRep == null) return null; + if (tokenRep == null) + return null; + return tokenRep.getUser(); } public void saveToken(Token token){ //Si l'utilisateur a déja 5 token delete celui qui devait expirer le plus vite ArrayList tokenList = tokenRepo.getByUserOrderByExpirationDate(token.getUser()); + while(tokenList.size() >= 5){ - tokenRepo.delete(tokenList.get(0)); - tokenList.remove(tokenList.get(0)); + tokenRepo.delete(tokenList.getFirst()); + tokenList.remove(tokenList.getFirst()); } tokenRepo.save(token); } @@ -67,5 +70,5 @@ public class TokenService { tokenRepo.delete(t); } } - }; + } } diff --git a/backend/src/main/java/ovh/herisson/Clyde/Services/UserCurriculumService.java b/backend/src/main/java/ovh/herisson/Clyde/Services/UserCurriculumService.java new file mode 100644 index 0000000..6484e2b --- /dev/null +++ b/backend/src/main/java/ovh/herisson/Clyde/Services/UserCurriculumService.java @@ -0,0 +1,20 @@ +package ovh.herisson.Clyde.Services; + +import org.springframework.stereotype.Service; +import ovh.herisson.Clyde.Repositories.UserCurriculumRepository; +import ovh.herisson.Clyde.Tables.Curriculum; +import ovh.herisson.Clyde.Tables.User; + +@Service +public class UserCurriculumService { + + private final UserCurriculumRepository userCurriculumRepository; + + public UserCurriculumService(UserCurriculumRepository userCurriculumRepository) { + this.userCurriculumRepository = userCurriculumRepository; + } + + public Curriculum findByUser(User student){ + return userCurriculumRepository.findByUser(student); + } +} diff --git a/backend/src/main/java/ovh/herisson/Clyde/Services/UserService.java b/backend/src/main/java/ovh/herisson/Clyde/Services/UserService.java index ff214db..0c88d15 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Services/UserService.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Services/UserService.java @@ -16,8 +16,16 @@ public class UserService { this.userRepo = userRepo; } + + /** return the user identified by th identifier + * + * @param identifier can be an email or the RegNo + * @return the identified user + */ public User getUser(String identifier){ - if (identifier == null) return null; + if (identifier == null) + return null; + try { int id = Integer.parseInt(identifier); return userRepo.findById(id); @@ -32,16 +40,18 @@ public class UserService { * * @param poster the user wanting to modify target's data * @param updates the changes to be made - * @param target the user to update + * @param targetId the id of the user to update * @return if the changes were done or not */ - public boolean modifyData(User poster, Map updates, User target){ + public boolean modifyData(long targetId, Map updates, User poster){ + + User target = userRepo.findById(targetId); + if (target == null) + return false; if (poster.getRegNo().equals(target.getRegNo())){ for (Map.Entry entry : updates.entrySet()){ - if ( entry.getKey().equals("regNo") || entry.getKey().equals("role")) {return false;} - switch (entry.getKey()){ case "firstName": target.setFirstName((String) entry.getValue()); @@ -77,13 +87,14 @@ public class UserService { { for (Map.Entry entry : updates.entrySet()){ - if ( !entry.getKey().equals("role")) {return false;} + if ( entry.getKey().equals("role")) { - if (entry.getValue() == Role.Admin){return false;} + if (entry.getValue() == Role.Admin) {return false;} - target.setRole((Role) entry.getValue()); - userRepo.save(target); - return true; + target.setRole((Role) entry.getValue()); + userRepo.save(target); + return true; + } } } return false; @@ -94,18 +105,29 @@ public class UserService { return passwordEncoder.matches(tryingPassword, user.getPassword()); } - public void save(User user){ + public User save(User user){ user.setPassword(passwordEncoder.encode(user.getPassword())); - userRepo.save(user); + return userRepo.save(user); } public Iterable getAll(){ return userRepo.findAll(); } + public Iterable getAllExceptAdmins(){ + return userRepo.findAllExceptAdmins(); + } public Iterable getAllTeachers (){return userRepo.findAllTeachers();} public Iterable getAllStudents(){return userRepo.findAllStudents();} -} \ No newline at end of file + + public User getUserById(long id) { + return userRepo.findById(id); + } + + public void delete(User user) { + userRepo.delete(user); + } +} diff --git a/backend/src/main/java/ovh/herisson/Clyde/Tables/Course.java b/backend/src/main/java/ovh/herisson/Clyde/Tables/Course.java index e338d7d..df0421d 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Tables/Course.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/Course.java @@ -1,6 +1,8 @@ package ovh.herisson.Clyde.Tables; import jakarta.persistence.*; +import org.hibernate.annotations.OnDelete; +import org.hibernate.annotations.OnDeleteAction; @Entity public class Course { @@ -11,6 +13,7 @@ public class Course { private String title; @ManyToOne(fetch = FetchType.EAGER) + @OnDelete(action = OnDeleteAction.SET_NULL) @JoinColumn(name = "Users") private User owner; diff --git a/backend/src/main/java/ovh/herisson/Clyde/Tables/CurriculumCourse.java b/backend/src/main/java/ovh/herisson/Clyde/Tables/CurriculumCourse.java index 8202e8d..0b660eb 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Tables/CurriculumCourse.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/CurriculumCourse.java @@ -1,6 +1,8 @@ package ovh.herisson.Clyde.Tables; import jakarta.persistence.*; +import org.hibernate.annotations.OnDelete; +import org.hibernate.annotations.OnDeleteAction; @Entity public class CurriculumCourse { @@ -10,9 +12,11 @@ public class CurriculumCourse { @ManyToOne(fetch = FetchType.EAGER) @JoinColumn(name = "Curriculum") + @OnDelete(action = OnDeleteAction.CASCADE) private Curriculum curriculum; @ManyToOne(fetch = FetchType.EAGER) + @OnDelete(action = OnDeleteAction.CASCADE) @JoinColumn(name = "Course") private Course course; diff --git a/backend/src/main/java/ovh/herisson/Clyde/Tables/InscriptionRequest.java b/backend/src/main/java/ovh/herisson/Clyde/Tables/InscriptionRequest.java index dfbf7ed..18e20d0 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Tables/InscriptionRequest.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/InscriptionRequest.java @@ -1,7 +1,6 @@ package ovh.herisson.Clyde.Tables; import jakarta.persistence.*; - import java.util.Date; @@ -17,21 +16,20 @@ public class InscriptionRequest { private String country; private Date birthDate; - @ManyToOne - @JoinColumn(name="Curriculum") - private Curriculum curriculum; + private Long curriculumId; private RequestState state; private String profilePicture; private String password; public InscriptionRequest(){} - public InscriptionRequest(String lastName, String firstName, String address, String email, String country, Date birthDate, RequestState state, String profilePicture, String password){ + public InscriptionRequest(String lastName, String firstName, String address, String email, String country, Date birthDate,Long curriculumId, RequestState state, String profilePicture, String password){ this.lastName = lastName; this.firstName = firstName; this.address = address; this.email = email; this.country = country; this.birthDate = birthDate; + this.curriculumId = curriculumId; this.state = state; this.profilePicture = profilePicture; this.password = password; @@ -89,12 +87,12 @@ public class InscriptionRequest { this.birthDate = birthDate; } - public Curriculum getCurriculum() { - return curriculum; + public long getCurriculumId() { + return curriculumId; } - public void setCurriculum(Curriculum curriculum) { - this.curriculum = curriculum; + public void setCurriculumId(long curriculum) { + this.curriculumId = curriculum; } public RequestState getState() { @@ -112,4 +110,12 @@ public class InscriptionRequest { public void setProfilePicture(String profilePicture) { this.profilePicture = profilePicture; } + + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } } diff --git a/backend/src/main/java/ovh/herisson/Clyde/Tables/ReinscriptionRequest.java b/backend/src/main/java/ovh/herisson/Clyde/Tables/ReInscriptionRequest.java similarity index 79% rename from backend/src/main/java/ovh/herisson/Clyde/Tables/ReinscriptionRequest.java rename to backend/src/main/java/ovh/herisson/Clyde/Tables/ReInscriptionRequest.java index 57ad53c..b96ed42 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Tables/ReinscriptionRequest.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/ReInscriptionRequest.java @@ -1,19 +1,23 @@ package ovh.herisson.Clyde.Tables; import jakarta.persistence.*; +import org.hibernate.annotations.OnDelete; +import org.hibernate.annotations.OnDeleteAction; @Entity -public class ReinscriptionRequest { +public class ReInscriptionRequest { @Id @GeneratedValue(strategy = GenerationType.AUTO) private int id; @ManyToOne @JoinColumn(name = "Users") + @OnDelete(action = OnDeleteAction.CASCADE) private User user; @ManyToOne @JoinColumn(name = "Curriculum") + @OnDelete(action = OnDeleteAction.CASCADE) private Curriculum newCurriculum; private RequestState state; @@ -21,16 +25,16 @@ public class ReinscriptionRequest { //Pour la réinscription on va le mettre a 0 private boolean type = false; - public ReinscriptionRequest(){} + public ReInscriptionRequest(){} - public ReinscriptionRequest(User user, Curriculum newCurriculum, RequestState state, boolean type){ + public ReInscriptionRequest(User user, Curriculum newCurriculum, RequestState state, boolean type){ this.user = user; this.newCurriculum = newCurriculum; this.state = state; this.type = type; } - public ReinscriptionRequest(User user, Curriculum newCurriculum, RequestState state){ + public ReInscriptionRequest(User user, Curriculum newCurriculum, RequestState state){ this.user = user; this.newCurriculum = newCurriculum; this.state = state; diff --git a/backend/src/main/java/ovh/herisson/Clyde/Tables/StorageFile.java b/backend/src/main/java/ovh/herisson/Clyde/Tables/StorageFile.java index afa7985..800d99a 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Tables/StorageFile.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/StorageFile.java @@ -24,7 +24,6 @@ public class StorageFile { public StorageFile(){} - public void setId(Long id) { this.id = id; } diff --git a/backend/src/main/java/ovh/herisson/Clyde/Tables/TeacherCourse.java b/backend/src/main/java/ovh/herisson/Clyde/Tables/TeacherCourse.java index 3392c72..bce123b 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Tables/TeacherCourse.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/TeacherCourse.java @@ -1,6 +1,8 @@ package ovh.herisson.Clyde.Tables; import jakarta.persistence.*; +import org.hibernate.annotations.OnDelete; +import org.hibernate.annotations.OnDeleteAction; @Entity public class TeacherCourse { @@ -9,11 +11,13 @@ public class TeacherCourse { private int id; @ManyToOne(fetch = FetchType.EAGER) + @OnDelete(action = OnDeleteAction.CASCADE) @JoinColumn(name = "Users") private User user; @ManyToOne(fetch = FetchType.EAGER) + @OnDelete(action = OnDeleteAction.CASCADE) @JoinColumn(name = "Course") private Course course; diff --git a/backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java b/backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java index 8aa4c0e..a68f15b 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/Token.java @@ -1,8 +1,8 @@ package ovh.herisson.Clyde.Tables; import jakarta.persistence.*; -import org.springframework.scheduling.annotation.Scheduled; -import ovh.herisson.Clyde.Repositories.TokenRepository; +import org.hibernate.annotations.OnDelete; +import org.hibernate.annotations.OnDeleteAction; import java.util.Date; @@ -13,6 +13,7 @@ public class Token { private int id; @ManyToOne(fetch = FetchType.EAGER) + @OnDelete(action = OnDeleteAction.CASCADE) @JoinColumn(name ="Users") private User user; private String token; diff --git a/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java b/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java index 1f6aa3b..de958df 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/User.java @@ -1,11 +1,8 @@ package ovh.herisson.Clyde.Tables; import jakarta.persistence.*; - import java.util.Date; -//Classe représentant un utilisateur l'attribut password demande surement un peu de rafinement niveau sécurité -//et l'attribut tokenApi doit encore être ajouté vu qu'il faut en discuter @Entity @Table(name = "Users") @@ -37,18 +34,6 @@ public class User { this.password = password; } - - /** Constructor for the first registration request from a student (can't specify a Role) - * - * @param lastName - * @param firstName - * @param email - * @param address - * @param country - * @param birthDate - * @param profilePictureUrl - * @param password - */ public User(String lastName, String firstName, String email, String address, String country, Date birthDate, String profilePictureUrl, String password) { @@ -95,8 +80,8 @@ public class User { return address; } - public void setAddress(String adress) { - this.address = adress; + public void setAddress(String address) { + this.address = address; } public String getCountry() { diff --git a/backend/src/main/java/ovh/herisson/Clyde/Tables/UserCurriculum.java b/backend/src/main/java/ovh/herisson/Clyde/Tables/UserCurriculum.java index 2202763..f42e588 100644 --- a/backend/src/main/java/ovh/herisson/Clyde/Tables/UserCurriculum.java +++ b/backend/src/main/java/ovh/herisson/Clyde/Tables/UserCurriculum.java @@ -1,6 +1,8 @@ package ovh.herisson.Clyde.Tables; import jakarta.persistence.*; +import org.hibernate.annotations.OnDelete; +import org.hibernate.annotations.OnDeleteAction; @Entity public class UserCurriculum { @@ -10,11 +12,13 @@ public class UserCurriculum { //Un étudiant peut avoir plusieurs curriculums @ManyToOne(fetch = FetchType.EAGER) + @OnDelete(action = OnDeleteAction.CASCADE) @JoinColumn(name = "Users") private User user; - @OneToOne(fetch = FetchType.EAGER) + @ManyToOne(fetch = FetchType.EAGER) @JoinColumn(name = "Curriculum") + @OnDelete(action = OnDeleteAction.CASCADE) private Curriculum curriculum; public UserCurriculum(User user, Curriculum curriculum){