Profil, merge Master and corrections
This commit is contained in:
@ -0,0 +1,62 @@
|
|||||||
|
package ovh.herisson.Clyde.EndPoints;
|
||||||
|
|
||||||
|
import org.springframework.http.HttpStatus;
|
||||||
|
import org.springframework.http.ResponseEntity;
|
||||||
|
import org.springframework.web.bind.annotation.GetMapping;
|
||||||
|
import org.springframework.web.bind.annotation.PathVariable;
|
||||||
|
import org.springframework.web.bind.annotation.RequestHeader;
|
||||||
|
import org.springframework.web.bind.annotation.RestController;
|
||||||
|
import ovh.herisson.Clyde.Services.AuthenticatorService;
|
||||||
|
import ovh.herisson.Clyde.Tables.Applications;
|
||||||
|
import ovh.herisson.Clyde.Tables.Role;
|
||||||
|
|
||||||
|
import java.util.ArrayList;
|
||||||
|
|
||||||
|
@RestController
|
||||||
|
public class ApplicationsController {
|
||||||
|
|
||||||
|
AuthenticatorService authServ;
|
||||||
|
|
||||||
|
public ApplicationsController(AuthenticatorService authServ){
|
||||||
|
this.authServ = authServ;
|
||||||
|
}
|
||||||
|
|
||||||
|
|
||||||
|
/** return a list of authorized applications.
|
||||||
|
* depends on the token
|
||||||
|
*/
|
||||||
|
@GetMapping("/apps")
|
||||||
|
public ResponseEntity<Iterable<Applications>> getAuthorizedApps(@RequestHeader("Authorization") String token){
|
||||||
|
|
||||||
|
return new ResponseEntity<>(getAuthorizedApplications(token), HttpStatus.OK);
|
||||||
|
}
|
||||||
|
|
||||||
|
@GetMapping("/apps/{identifier}")
|
||||||
|
public ResponseEntity<Boolean> getAppAuthorization(@PathVariable Applications identifier, @RequestHeader("Authorization") String token){
|
||||||
|
|
||||||
|
if (getAuthorizedApplications(token).contains(identifier)){
|
||||||
|
return new ResponseEntity<>(true, HttpStatus.OK);
|
||||||
|
}
|
||||||
|
return new ResponseEntity<>(false, HttpStatus.OK);
|
||||||
|
}
|
||||||
|
|
||||||
|
public ArrayList<Applications> getAuthorizedApplications(String token){
|
||||||
|
Role posterRole = authServ.getUserFromToken(token).getRole();
|
||||||
|
ArrayList<Applications> authorizedApps = new ArrayList<>();
|
||||||
|
|
||||||
|
authorizedApps.add(Applications.Login);
|
||||||
|
authorizedApps.add(Applications.Profile);
|
||||||
|
|
||||||
|
if (posterRole == Role.Teacher || posterRole == Role.Student || posterRole == Role.Admin){
|
||||||
|
authorizedApps.add(Applications.Msg);
|
||||||
|
authorizedApps.add(Applications.Forum);
|
||||||
|
authorizedApps.add(Applications.Rdv);
|
||||||
|
}
|
||||||
|
|
||||||
|
if (posterRole == Role.Teacher || posterRole == Role.Secretary || posterRole == Role.Admin) authorizedApps.add(Applications.ManageCourses);
|
||||||
|
|
||||||
|
if (posterRole == Role.InscriptionService || posterRole == Role.Admin) authorizedApps.add(Applications.Inscription);
|
||||||
|
|
||||||
|
return authorizedApps;
|
||||||
|
}
|
||||||
|
}
|
||||||
@ -43,28 +43,4 @@ public class CurriculumController {
|
|||||||
public ResponseEntity<Iterable<CurriculumCourse>> findAll(){
|
public ResponseEntity<Iterable<CurriculumCourse>> findAll(){
|
||||||
return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK);
|
return new ResponseEntity<>(curriculumCourseServ.findAll(),HttpStatus.OK);
|
||||||
}
|
}
|
||||||
|
|
||||||
/**@PostMapping("/curriculum")
|
|
||||||
public ResponseEntity<String> postCurriculum(@RequestHeader("Authorization") String token,@RequestBody Curriculum curriculum){
|
|
||||||
|
|
||||||
if (!isSecretaryOrAdmin(token)){
|
|
||||||
return new UnauthorizedResponse<>("you're not allowed to post a Curriculum");
|
|
||||||
}
|
|
||||||
|
|
||||||
CurriculumServ.save(Curriculum);
|
|
||||||
|
|
||||||
return new ResponseEntity<>("created !",HttpStatus.CREATED);
|
|
||||||
}**/
|
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
private boolean isSecretaryOrAdmin(String authorization){
|
|
||||||
if (authorization ==null)
|
|
||||||
return false;
|
|
||||||
|
|
||||||
User poster = authServ.getUserFromToken(authorization);
|
|
||||||
if (poster == null) return false;
|
|
||||||
|
|
||||||
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|||||||
@ -32,7 +32,7 @@ public class InscriptionController {
|
|||||||
@GetMapping("/requests/register")
|
@GetMapping("/requests/register")
|
||||||
public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){
|
public ResponseEntity<Iterable<Map<String,Object>>> getAllRequests(@RequestHeader("Authorization") String token){
|
||||||
|
|
||||||
if (!isSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
|
if (authServ.isNotSecretaryOrAdmin(token)){return new UnauthorizedResponse<>(null);}
|
||||||
|
|
||||||
Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
|
Iterable<InscriptionRequest> inscriptionRequests = inscriptionServ.getAll();
|
||||||
ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
|
ArrayList<Map<String,Object>> toReturn = new ArrayList<>();
|
||||||
@ -64,7 +64,7 @@ public class InscriptionController {
|
|||||||
@RequestHeader("Authorize") String token,
|
@RequestHeader("Authorize") String token,
|
||||||
@RequestBody RequestState requestState)
|
@RequestBody RequestState requestState)
|
||||||
{
|
{
|
||||||
if (!isSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
|
if (authServ.isNotSecretaryOrAdmin(token)) return new UnauthorizedResponse<>(null);
|
||||||
inscriptionServ.modifyState(id, requestState);
|
inscriptionServ.modifyState(id, requestState);
|
||||||
return null;
|
return null;
|
||||||
}
|
}
|
||||||
@ -83,15 +83,4 @@ public class InscriptionController {
|
|||||||
toReturn.put("state", inscriptionRequest.getState());
|
toReturn.put("state", inscriptionRequest.getState());
|
||||||
return toReturn;
|
return toReturn;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
private boolean isSecretaryOrAdmin(String authorization){
|
|
||||||
if (authorization ==null)
|
|
||||||
return false;
|
|
||||||
|
|
||||||
User poster = authServ.getUserFromToken(authorization);
|
|
||||||
if (poster == null) return false;
|
|
||||||
|
|
||||||
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
@ -51,6 +51,7 @@ public class MockController {
|
|||||||
User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
|
User joe = new User("Mama","Joe","student@student.com","roundabout","DaWarudo",new Date(0), null,Role.Student,passwordEncoder.encode("student"));
|
||||||
User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Secretary,passwordEncoder.encode("secretary"));
|
User meh = new User("Inspiration","lackOf","secretary@secretary.com","a Box","the street",new Date(0), null,Role.Secretary,passwordEncoder.encode("secretary"));
|
||||||
User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
|
User joke = new User("CthemBalls","Lemme","teacher@teacher.com","lab","faculty",new Date(0), null,Role.Teacher,passwordEncoder.encode("teacher"));
|
||||||
|
User lena = new User("Louille","Lena","inscriptionService@InscriptionService.com","no","yes",new Date(0), null,Role.InscriptionService,passwordEncoder.encode("inscriptionService"));
|
||||||
mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke));
|
mockUsers = new ArrayList<>(Arrays.asList(herobrine,joe,meh,joke));
|
||||||
|
|
||||||
userRepo.saveAll(mockUsers);
|
userRepo.saveAll(mockUsers);
|
||||||
|
|||||||
@ -38,7 +38,7 @@ public class UserController {
|
|||||||
@PostMapping("/user")
|
@PostMapping("/user")
|
||||||
public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
|
public ResponseEntity<String> postUser(@RequestBody User user,@RequestHeader("Authorization") String authorization){
|
||||||
|
|
||||||
if (!isSecretaryOrAdmin(authorization))
|
if (authServ.isNotSecretaryOrAdmin(authorization))
|
||||||
return new UnauthorizedResponse<>(null);
|
return new UnauthorizedResponse<>(null);
|
||||||
|
|
||||||
userService.save(user);
|
userService.save(user);
|
||||||
@ -48,7 +48,7 @@ public class UserController {
|
|||||||
@GetMapping("/users")
|
@GetMapping("/users")
|
||||||
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
|
public ResponseEntity<Iterable<HashMap<String,Object>>> getAllUsers(@RequestHeader("Authorization") String authorization){
|
||||||
|
|
||||||
if (!isSecretaryOrAdmin(authorization))
|
if (authServ.isNotSecretaryOrAdmin(authorization))
|
||||||
return new UnauthorizedResponse<>(null);
|
return new UnauthorizedResponse<>(null);
|
||||||
|
|
||||||
Iterable<User> users = userService.getAll();
|
Iterable<User> users = userService.getAll();
|
||||||
@ -78,7 +78,6 @@ public class UserController {
|
|||||||
*/
|
*/
|
||||||
private HashMap<String,Object> userWithoutPassword(User user){
|
private HashMap<String,Object> userWithoutPassword(User user){
|
||||||
HashMap<String,Object> toReturn = new HashMap<>();
|
HashMap<String,Object> toReturn = new HashMap<>();
|
||||||
|
|
||||||
toReturn.put("regNo",user.getRegNo());
|
toReturn.put("regNo",user.getRegNo());
|
||||||
toReturn.put("firstName",user.getFirstName());
|
toReturn.put("firstName",user.getFirstName());
|
||||||
toReturn.put("lastName",user.getLastName());
|
toReturn.put("lastName",user.getLastName());
|
||||||
@ -90,15 +89,5 @@ public class UserController {
|
|||||||
|
|
||||||
return toReturn;
|
return toReturn;
|
||||||
}
|
}
|
||||||
|
|
||||||
private boolean isSecretaryOrAdmin(String authorization){
|
|
||||||
if (authorization ==null)
|
|
||||||
return false;
|
|
||||||
|
|
||||||
User poster = authServ.getUserFromToken(authorization);
|
|
||||||
if (poster == null) return false;
|
|
||||||
|
|
||||||
return poster.getRole() == Role.Secretary && poster.getRole() == Role.Admin;
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -1,9 +1,8 @@
|
|||||||
package ovh.herisson.Clyde.Services;
|
package ovh.herisson.Clyde.Services;
|
||||||
|
|
||||||
import org.springframework.stereotype.Service;
|
import org.springframework.stereotype.Service;
|
||||||
import ovh.herisson.Clyde.EndPoints.LoginController;
|
|
||||||
import ovh.herisson.Clyde.Repositories.InscriptionRepository;
|
|
||||||
import ovh.herisson.Clyde.Tables.InscriptionRequest;
|
import ovh.herisson.Clyde.Tables.InscriptionRequest;
|
||||||
|
import ovh.herisson.Clyde.Tables.Role;
|
||||||
import ovh.herisson.Clyde.Tables.Token;
|
import ovh.herisson.Clyde.Tables.Token;
|
||||||
import ovh.herisson.Clyde.Tables.User;
|
import ovh.herisson.Clyde.Tables.User;
|
||||||
|
|
||||||
@ -39,4 +38,17 @@ public class AuthenticatorService {
|
|||||||
public void register(InscriptionRequest inscriptionRequest) {
|
public void register(InscriptionRequest inscriptionRequest) {
|
||||||
inscriptionService.save(inscriptionRequest);
|
inscriptionService.save(inscriptionRequest);
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
||||||
|
public boolean isNotSecretaryOrAdmin(String authorization){
|
||||||
|
if (authorization ==null)
|
||||||
|
return true;
|
||||||
|
|
||||||
|
User poster = getUserFromToken(authorization);
|
||||||
|
if (poster == null) return true;
|
||||||
|
|
||||||
|
return poster.getRole() != Role.Secretary || poster.getRole() != Role.Admin;
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|||||||
@ -4,10 +4,8 @@ import org.springframework.stereotype.Service;
|
|||||||
import org.springframework.web.multipart.MultipartFile;
|
import org.springframework.web.multipart.MultipartFile;
|
||||||
import ovh.herisson.Clyde.Repositories.FileRepository;
|
import ovh.herisson.Clyde.Repositories.FileRepository;
|
||||||
import ovh.herisson.Clyde.Tables.*;
|
import ovh.herisson.Clyde.Tables.*;
|
||||||
|
|
||||||
import java.io.File;
|
import java.io.File;
|
||||||
import java.io.IOException;
|
import java.io.IOException;
|
||||||
|
|
||||||
import java.nio.file.Files;
|
import java.nio.file.Files;
|
||||||
import java.nio.file.Path;
|
import java.nio.file.Path;
|
||||||
import java.nio.file.Paths;
|
import java.nio.file.Paths;
|
||||||
|
|||||||
@ -5,16 +5,15 @@ import org.springframework.stereotype.Service;
|
|||||||
import ovh.herisson.Clyde.Repositories.TokenRepository;
|
import ovh.herisson.Clyde.Repositories.TokenRepository;
|
||||||
import ovh.herisson.Clyde.Tables.Token;
|
import ovh.herisson.Clyde.Tables.Token;
|
||||||
import ovh.herisson.Clyde.Tables.User;
|
import ovh.herisson.Clyde.Tables.User;
|
||||||
|
|
||||||
import java.io.UnsupportedEncodingException;
|
import java.io.UnsupportedEncodingException;
|
||||||
import java.security.SecureRandom;
|
import java.security.SecureRandom;
|
||||||
import java.util.ArrayList;
|
import java.util.ArrayList;
|
||||||
|
import java.util.Base64;
|
||||||
import java.util.Calendar;
|
import java.util.Calendar;
|
||||||
import java.util.Date;
|
|
||||||
|
|
||||||
@Service
|
@Service
|
||||||
public class TokenService {
|
public class TokenService {
|
||||||
TokenRepository tokenRepo;
|
private final TokenRepository tokenRepo;
|
||||||
|
|
||||||
public TokenService(TokenRepository tokenRepo){
|
public TokenService(TokenRepository tokenRepo){
|
||||||
this.tokenRepo = tokenRepo;
|
this.tokenRepo = tokenRepo;
|
||||||
@ -30,13 +29,10 @@ public class TokenService {
|
|||||||
new SecureRandom().nextBytes(bytes);
|
new SecureRandom().nextBytes(bytes);
|
||||||
for (int i = 0; i < bytes.length; i++) {
|
for (int i = 0; i < bytes.length; i++) {
|
||||||
bytes[i] = (byte) (((bytes[i]+256)%256 %95+ 32));
|
bytes[i] = (byte) (((bytes[i]+256)%256 %95+ 32));
|
||||||
while ((char)bytes[i] == ';'){
|
|
||||||
bytes[i] = new SecureRandom().generateSeed(1)[0];
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
// will never end up in the catch because of the way that SecureRandom.nextBytes is implemented
|
// will never end up in the catch because of the way that SecureRandom.nextBytes is implemented
|
||||||
try {
|
try {
|
||||||
return new String(bytes,"ISO_8859_1");
|
return new String(Base64.getEncoder().encode(bytes),"ISO_8859_1");
|
||||||
} catch (UnsupportedEncodingException e) {
|
} catch (UnsupportedEncodingException e) {
|
||||||
throw new RuntimeException(e);
|
throw new RuntimeException(e);
|
||||||
}
|
}
|
||||||
|
|||||||
@ -0,0 +1,21 @@
|
|||||||
|
package ovh.herisson.Clyde.Tables;
|
||||||
|
|
||||||
|
public enum Applications {
|
||||||
|
// without any token
|
||||||
|
Login,
|
||||||
|
|
||||||
|
// with any token
|
||||||
|
Profile,
|
||||||
|
|
||||||
|
|
||||||
|
// Students and higher authorization
|
||||||
|
Msg,
|
||||||
|
Forum,
|
||||||
|
Rdv,
|
||||||
|
|
||||||
|
// teachers and Secretary authorization
|
||||||
|
ManageCourses,
|
||||||
|
|
||||||
|
// InscriptionService authorization
|
||||||
|
Inscription
|
||||||
|
}
|
||||||
@ -3,5 +3,5 @@ package ovh.herisson.Clyde.Tables;
|
|||||||
public enum RequestState {
|
public enum RequestState {
|
||||||
Accepted,
|
Accepted,
|
||||||
Refused,
|
Refused,
|
||||||
Pending;
|
Pending
|
||||||
}
|
}
|
||||||
|
|||||||
@ -5,5 +5,5 @@ public enum Role {
|
|||||||
Student,
|
Student,
|
||||||
Admin,
|
Admin,
|
||||||
InscriptionService,
|
InscriptionService,
|
||||||
Secretary;
|
Secretary
|
||||||
}
|
}
|
||||||
@ -2,6 +2,7 @@
|
|||||||
import { toast } from 'vue3-toastify';
|
import { toast } from 'vue3-toastify';
|
||||||
import { ref, computed } from 'vue'
|
import { ref, computed } from 'vue'
|
||||||
import i18n, { setLang } from './i18n.js'
|
import i18n, { setLang } from './i18n.js'
|
||||||
|
import { isLogged } from '@/rest/Users.js'
|
||||||
|
|
||||||
|
|
||||||
// Liste des apps
|
// Liste des apps
|
||||||
@ -23,6 +24,7 @@
|
|||||||
const currentPath = ref(window.location.hash)
|
const currentPath = ref(window.location.hash)
|
||||||
|
|
||||||
window.addEventListener('hashchange', () => {
|
window.addEventListener('hashchange', () => {
|
||||||
|
Logged.value = isLogged();
|
||||||
currentPath.value = window.location.hash
|
currentPath.value = window.location.hash
|
||||||
})
|
})
|
||||||
|
|
||||||
@ -36,6 +38,8 @@
|
|||||||
const login=ref(i18n("app.login"))
|
const login=ref(i18n("app.login"))
|
||||||
const active=ref(false)
|
const active=ref(false)
|
||||||
|
|
||||||
|
const Logged = ref(isLogged());
|
||||||
|
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
<template>
|
<template>
|
||||||
@ -49,11 +53,11 @@
|
|||||||
</a></li>
|
</a></li>
|
||||||
<li title=home>
|
<li title=home>
|
||||||
<a class="icon" href="#home">
|
<a class="icon" href="#home">
|
||||||
<div class=" fa-solid fa-house" style="margin-top: 7px; margin-bottom: 3px;"></div>
|
<div class=" fa-solid fa-house" style="margin-top: 7px; margin-bottom: 3px;"></div>
|
||||||
</a></li>
|
</a></li>
|
||||||
<li style="float: right;" title=login>
|
<li style="float: right;" title=login>
|
||||||
<a class="icon" href="#/login">
|
<a class="icon" href="#/login">
|
||||||
<div class="fa-solid fa-user" style="margin-top: 7px; margin-bottom: 3px;"></div>
|
<div class="fa-solid fa-user" :style="Logged ? 'color: orange' : 'haha'" style="margin-top: 7px; margin-bottom: 3px; "></div>
|
||||||
</a></li>
|
</a></li>
|
||||||
<li style="float: right;" title=notifications>
|
<li style="float: right;" title=notifications>
|
||||||
<a class="icon" href="#Notifications">
|
<a class="icon" href="#Notifications">
|
||||||
|
|||||||
@ -1,7 +1,7 @@
|
|||||||
<script setup>
|
<script setup>
|
||||||
import { ref } from 'vue'
|
import { ref } from 'vue'
|
||||||
import i18n from '@/i18n.js'
|
import i18n from '@/i18n.js'
|
||||||
import { login , register } from '@/rest/Users.js'
|
import { login , register , disconnect} from '@/rest/Users.js'
|
||||||
import { getAllCurriculums } from '@/rest/curriculum.js'
|
import { getAllCurriculums } from '@/rest/curriculum.js'
|
||||||
import { uploadProfilePicture } from '@/rest/uploads.js'
|
import { uploadProfilePicture } from '@/rest/uploads.js'
|
||||||
import {toast} from 'vue3-toastify'
|
import {toast} from 'vue3-toastify'
|
||||||
@ -42,6 +42,8 @@
|
|||||||
return toast('Password and Confirm Password are different',{type: "error",});
|
return toast('Password and Confirm Password are different',{type: "error",});
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
disconnect()
|
||||||
|
|
||||||
</script>
|
</script>
|
||||||
|
|
||||||
|
|
||||||
|
|||||||
@ -125,7 +125,7 @@ function getPP(){
|
|||||||
<div>
|
<div>
|
||||||
</div>
|
</div>
|
||||||
|
|
||||||
<div v-if="(user.role=='teacher')">
|
<div v-if="(user.role==='Teacher')">
|
||||||
<div class="listTitle">
|
<div class="listTitle">
|
||||||
{{i18n("profile.course.list")}}
|
{{i18n("profile.course.list")}}
|
||||||
</div>
|
</div>
|
||||||
|
|||||||
@ -1,9 +1,18 @@
|
|||||||
import { restGet, restPost } from './restConsumer.js'
|
import { restGet, restPost } from './restConsumer.js'
|
||||||
|
import { getCookie, setCookie } from '@/utils.js'
|
||||||
|
|
||||||
export async function login(user, pass, exp){
|
export async function login(user, pass, exp){
|
||||||
return restPost("/login", {identifier: user, password: pass, expirationDate: exp});
|
return restPost("/login", {identifier: user, password: pass, expirationDate: exp});
|
||||||
}
|
}
|
||||||
|
|
||||||
|
export function isLogged(){
|
||||||
|
return getCookie("session_token") != ""
|
||||||
|
}
|
||||||
|
|
||||||
|
export function disconnect(){
|
||||||
|
setCookie("session_token", ";expires= Thu, 01 Jan 1970 00:00:01 GMT")
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Register a user (tokenless)
|
* Register a user (tokenless)
|
||||||
*
|
*
|
||||||
|
|||||||
9
frontend/src/rest/apps.js
Normal file
9
frontend/src/rest/apps.js
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
import { restGet } from './restConsumer.js'
|
||||||
|
|
||||||
|
export async function appList(){
|
||||||
|
return restGet("/apps")
|
||||||
|
}
|
||||||
|
|
||||||
|
export async function checkPage(page){
|
||||||
|
return restGet("/apps/" + page)
|
||||||
|
}
|
||||||
Reference in New Issue
Block a user