Max/Backend/BackendClean #121
| @ -0,0 +1,62 @@ | ||||
| package ovh.herisson.Clyde.EndPoints; | ||||
|  | ||||
| import org.springframework.http.HttpStatus; | ||||
| import org.springframework.http.ResponseEntity; | ||||
| import org.springframework.web.bind.annotation.GetMapping; | ||||
| import org.springframework.web.bind.annotation.PathVariable; | ||||
| import org.springframework.web.bind.annotation.RequestHeader; | ||||
| import org.springframework.web.bind.annotation.RestController; | ||||
| import ovh.herisson.Clyde.Services.AuthenticatorService; | ||||
| import ovh.herisson.Clyde.Tables.Applications; | ||||
| import ovh.herisson.Clyde.Tables.Role; | ||||
|  | ||||
| import java.util.ArrayList; | ||||
|  | ||||
| @RestController | ||||
| public class ApplicationsController { | ||||
|  | ||||
|     AuthenticatorService authServ; | ||||
|  | ||||
|     public ApplicationsController(AuthenticatorService authServ){ | ||||
|     this.authServ = authServ; | ||||
|     } | ||||
|  | ||||
|  | ||||
|     /** return a list of authorized applications. | ||||
|      *  depends on the token | ||||
|      */ | ||||
|     @GetMapping("/apps") | ||||
|     public ResponseEntity<Iterable<Applications>> getAuthorizedApps(@RequestHeader("Authorization") String token){ | ||||
|  | ||||
|         return new ResponseEntity<>(getAuthorizedApplications(token), HttpStatus.OK); | ||||
|     } | ||||
|  | ||||
|     @GetMapping("/apps/{identifier}") | ||||
|     public ResponseEntity<Boolean> getAppAuthorization(@PathVariable Applications identifier, @RequestHeader("Authorization") String token){ | ||||
|  | ||||
|         if (getAuthorizedApplications(token).contains(identifier)){ | ||||
|             return new ResponseEntity<>(true, HttpStatus.OK); | ||||
|         } | ||||
|         return new ResponseEntity<>(false, HttpStatus.OK); | ||||
|     } | ||||
|  | ||||
|     public ArrayList<Applications> getAuthorizedApplications(String token){ | ||||
|         Role posterRole = authServ.getUserFromToken(token).getRole(); | ||||
|         ArrayList<Applications> authorizedApps = new ArrayList<>(); | ||||
|  | ||||
|         authorizedApps.add(Applications.Login); | ||||
|         authorizedApps.add(Applications.Profile); | ||||
|         authorizedApps.add(Applications.Msg); | ||||
|         authorizedApps.add(Applications.Forum); | ||||
|         authorizedApps.add(Applications.Rdv); | ||||
|  | ||||
|         if (posterRole == Role.Student || posterRole == Role.Admin) return authorizedApps; | ||||
|  | ||||
|         if (posterRole == Role.Teacher || posterRole == Role.Secretary || posterRole == Role.Admin) authorizedApps.add(Applications.ManageCourses); | ||||
|  | ||||
|         if (posterRole == Role.InscriptionService || posterRole == Role.Admin) authorizedApps.add(Applications.Inscription); | ||||
|  | ||||
|         return authorizedApps; | ||||
|     } | ||||
|  | ||||
| } | ||||
| @ -43,28 +43,4 @@ public class CurriculumController { | ||||
|     public ResponseEntity<Iterable<CurriculumCourse>> findAll(){ | ||||
|         return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK); | ||||
|     } | ||||
|  | ||||
|     /**@PostMapping("/curriculum") | ||||
|     public ResponseEntity<String> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){ | ||||
|  | ||||
|         if (!isSecretaryOrAdmin(token)){ | ||||
|             return new UnauthorizedResponse<>("you're not allowed to post a Curriculum"); | ||||
|         } | ||||
|  | ||||
|         CurriculumServ.save(Curriculum); | ||||
|  | ||||
|         return new ResponseEntity<>("created !",HttpStatus.CREATED); | ||||
|     }**/ | ||||
|  | ||||
|  | ||||
|  | ||||
|     private boolean isSecretaryOrAdmin(String authorization){ | ||||
|         if (authorization ==null) | ||||
|             return false; | ||||
|  | ||||
|         User poster = authServ.getUserFromToken(authorization); | ||||
|         if (poster == null) return false; | ||||
|  | ||||
|         return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin; | ||||
|     } | ||||
| } | ||||
|  | ||||
| @ -32,7 +32,7 @@ public class InscriptionController { | ||||
|     @GetMapping("/requests/register") | ||||
|     public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){ | ||||
|  | ||||
|         if (!isSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);} | ||||
|         if (authServ.isNotSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);} | ||||
|  | ||||
|         Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll(); | ||||
|         ArrayList<Map<String,Object>> toReturn = new ArrayList<>(); | ||||
| @ -64,7 +64,7 @@ public class InscriptionController { | ||||
|                                                                  @RequestHeader("Authorize") String token, | ||||
|                                                                  @RequestBody RequestState requestState) | ||||
|     { | ||||
|         if (!isSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null); | ||||
|         if (authServ.isNotSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null); | ||||
|         inscriptionServ.modifyState(id, requestState); | ||||
|         return null; | ||||
|     } | ||||
| @ -83,15 +83,4 @@ public class InscriptionController { | ||||
|         toReturn.put("state", inscriptionRequest.getState()); | ||||
|         return toReturn; | ||||
|     } | ||||
|  | ||||
|  | ||||
|     private boolean isSecretaryOrAdmin(String authorization){ | ||||
|         if (authorization ==null) | ||||
|             return false; | ||||
|  | ||||
|         User poster = authServ.getUserFromToken(authorization); | ||||
|         if (poster == null) return false; | ||||
|  | ||||
|         return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin; | ||||
|     } | ||||
| } | ||||
| @ -51,6 +51,7 @@ public class MockController { | ||||
|         User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student")); | ||||
|         User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Teacher,passwordEncoder.encode("secretary")); | ||||
|         User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher")); | ||||
|         User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.Teacher,passwordEncoder.encode("inscriptionService")); | ||||
|         mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke)); | ||||
|  | ||||
|         userRepo.saveAll(mockUsers); | ||||
|  | ||||
| @ -38,7 +38,7 @@ public class UserController { | ||||
|     @PostMapping("/user") | ||||
|     public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){ | ||||
|  | ||||
|         if (!isSecretaryOrAdmin(authorization)) | ||||
|         if (authServ.isNotSecretaryOrAdmin(authorization)) | ||||
|             return new UnauthorizedResponse<>(null); | ||||
|  | ||||
|         userService.save(user); | ||||
| @ -48,7 +48,7 @@ public class UserController { | ||||
|     @GetMapping("/users") | ||||
|     public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){ | ||||
|  | ||||
|         if (!isSecretaryOrAdmin(authorization)) | ||||
|         if (authServ.isNotSecretaryOrAdmin(authorization)) | ||||
|             return new UnauthorizedResponse<>(null); | ||||
|  | ||||
|         Iterable<User> users = userService.getAll(); | ||||
| @ -78,7 +78,6 @@ public class UserController { | ||||
|          */ | ||||
|     private HashMap<String,Object> userWithoutPassword(User user){ | ||||
|         HashMap<String,Object> toReturn = new HashMap<>(); | ||||
|  | ||||
|         toReturn.put("regNo",user.getRegNo()); | ||||
|         toReturn.put("firstName",user.getFirstName()); | ||||
|         toReturn.put("lastName",user.getLastName()); | ||||
| @ -86,18 +85,7 @@ public class UserController { | ||||
|         toReturn.put("country",user.getCountry()); | ||||
|         toReturn.put("address",user.getAddress()); | ||||
|         toReturn.put("role",user.getRole()); | ||||
|  | ||||
|         return toReturn; | ||||
|     } | ||||
|  | ||||
|     private boolean isSecretaryOrAdmin(String authorization){ | ||||
|         if (authorization ==null) | ||||
|             return false; | ||||
|  | ||||
|         User poster = authServ.getUserFromToken(authorization); | ||||
|         if (poster == null) return false; | ||||
|  | ||||
|         return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin; | ||||
|     } | ||||
| } | ||||
|  | ||||
|  | ||||
| @ -1,9 +1,8 @@ | ||||
| package ovh.herisson.Clyde.Services; | ||||
|  | ||||
| import org.springframework.stereotype.Service; | ||||
| import ovh.herisson.Clyde.EndPoints.LoginController; | ||||
| import ovh.herisson.Clyde.Repositories.InscriptionRepository; | ||||
| import ovh.herisson.Clyde.Tables.InscriptionRequest; | ||||
| import ovh.herisson.Clyde.Tables.Role; | ||||
| import ovh.herisson.Clyde.Tables.Token; | ||||
| import ovh.herisson.Clyde.Tables.User; | ||||
|  | ||||
| @ -39,4 +38,17 @@ public class AuthenticatorService { | ||||
|     public void register(InscriptionRequest inscriptionRequest) { | ||||
|         inscriptionService.save(inscriptionRequest); | ||||
|     } | ||||
|  | ||||
|  | ||||
|     public boolean isNotSecretaryOrAdmin(String authorization){ | ||||
|         if (authorization ==null) | ||||
|             return true; | ||||
|  | ||||
|         User poster = getUserFromToken(authorization); | ||||
|         if (poster == null) return true; | ||||
|  | ||||
|         return poster.getRole() != Role.Secretary || poster.getRole() != Role.Admin; | ||||
|     } | ||||
|  | ||||
| } | ||||
|  | ||||
|  | ||||
| @ -4,10 +4,8 @@ import org.springframework.stereotype.Service; | ||||
| import org.springframework.web.multipart.MultipartFile; | ||||
| import ovh.herisson.Clyde.Repositories.FileRepository; | ||||
| import ovh.herisson.Clyde.Tables.*; | ||||
|  | ||||
| import java.io.File; | ||||
| import java.io.IOException; | ||||
|  | ||||
| import java.nio.file.Files; | ||||
| import java.nio.file.Path; | ||||
| import java.nio.file.Paths; | ||||
|  | ||||
| @ -5,17 +5,15 @@ import org.springframework.stereotype.Service; | ||||
| import ovh.herisson.Clyde.Repositories.TokenRepository; | ||||
| import ovh.herisson.Clyde.Tables.Token; | ||||
| import ovh.herisson.Clyde.Tables.User; | ||||
|  | ||||
| import java.io.UnsupportedEncodingException; | ||||
| import java.security.SecureRandom; | ||||
| import java.util.ArrayList; | ||||
| import java.util.Base64; | ||||
| import java.util.Calendar; | ||||
| import java.util.Date; | ||||
|  | ||||
| @Service | ||||
| public class TokenService { | ||||
|     TokenRepository tokenRepo; | ||||
|     private final TokenRepository tokenRepo; | ||||
|  | ||||
|     public TokenService(TokenRepository tokenRepo){ | ||||
|         this.tokenRepo = tokenRepo; | ||||
|  | ||||
| @ -0,0 +1,21 @@ | ||||
| package ovh.herisson.Clyde.Tables; | ||||
|  | ||||
| public enum Applications { | ||||
|     // without any token | ||||
|     Login, | ||||
|  | ||||
|     // with any token | ||||
|     Profile, | ||||
|  | ||||
|  | ||||
|     // Students and higher authorization | ||||
|     Msg, | ||||
|     Forum, | ||||
|     Rdv, | ||||
|  | ||||
|     // teachers and Secretary authorization | ||||
|     ManageCourses, | ||||
|  | ||||
|     // InscriptionService authorization | ||||
|     Inscription | ||||
| } | ||||
| @ -3,5 +3,5 @@ package ovh.herisson.Clyde.Tables; | ||||
| public enum RequestState { | ||||
|     Accepted, | ||||
|     Refused, | ||||
|     Pending; | ||||
|     Pending | ||||
| } | ||||
|  | ||||
| @ -5,5 +5,5 @@ public enum Role { | ||||
|     Student, | ||||
|     Admin, | ||||
|     InscriptionService, | ||||
|     Secretary; | ||||
|     Secretary | ||||
| } | ||||
		Reference in New Issue
	
	Block a user