diff --git a/src/main/java/etunicorn/Application.java b/src/main/java/etunicorn/Application.java index bfd0d7f..ed7cc45 100644 --- a/src/main/java/etunicorn/Application.java +++ b/src/main/java/etunicorn/Application.java @@ -1,5 +1,13 @@ package etunicorn; +import etunicorn.entity.Permission; +import etunicorn.entity.Personne; +import etunicorn.entity.Role; +import etunicorn.entity.Session; +import etunicorn.repository.PermissionRepository; +import etunicorn.repository.PersonneRepository; +import etunicorn.repository.RoleRepository; +import etunicorn.repository.SessionRepository; import org.springframework.boot.CommandLineRunner; import org.springframework.boot.SpringApplication; import org.springframework.boot.autoconfigure.EnableAutoConfiguration; diff --git a/src/main/java/etunicorn/BaseController.java b/src/main/java/etunicorn/BaseController.java deleted file mode 100644 index d21466f..0000000 --- a/src/main/java/etunicorn/BaseController.java +++ /dev/null @@ -1,145 +0,0 @@ -package etunicorn; - -import com.fasterxml.jackson.annotation.JsonProperty; -import net.minidev.json.JSONObject; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.data.repository.Repository; -import org.springframework.http.HttpStatus; -import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.RestController; - -import javax.persistence.Entity; -import javax.servlet.http.HttpServletRequest; -import java.lang.reflect.Constructor; -import java.lang.reflect.InvocationTargetException; -import java.lang.reflect.Method; -import java.util.LinkedHashMap; -import java.util.Map; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -@RestController -public class BaseController { - - // Utilités pour merger un request dans une entity - @Autowired - Map repositories; - // Permettent la vérification de permissions dans les méthodes de controlleur - @Autowired - private HttpServletRequest request; - @Autowired - private SessionService sessionService; - @Autowired - private PermissionRepository permissionRepository; - - protected boolean hasPermission(Permission permission) { - Session session = sessionService.getSession(request); - if (session == null || permission == null) { - return false; - } - return session.hasPermission(permission); - } - - protected boolean hasPermission(String nomPermission) { - Permission permission = permissionRepository.findByNom(nomPermission); - return hasPermission(permission); - } - - // Utilités pour générer des erreurs - ResponseEntity generateError(HttpStatus status, String message) { - JSONObject json = new JSONObject(); - json.put("status", status.value()); - json.put("message", message); - return new ResponseEntity(json, status); - } - - ResponseEntity generateError(HttpStatus status) { - return generateError(status, String.format("Erreur de type %d", status.value())); - } - - ResponseEntity generateError(HttpStatus status, Exception exception, String message) { - JSONObject json = new JSONObject(); - json.put("status", status.value()); - json.put("message", message); - json.put("errorMessage", exception.getLocalizedMessage()); - json.put("stacktrace", exception.getStackTrace().toString()); - return new ResponseEntity(json, status); - } - - ResponseEntity generateError(Exception exception) { - return generateError(HttpStatus.INTERNAL_SERVER_ERROR, exception, exception.getLocalizedMessage()); - } - - protected Object getEntityFromObject(String className, LinkedHashMap object) throws NotEnoughDataException { - Object repository = repositories.get(className + "Repository"); - for (Method findMethod : repository.getClass().getMethods()) { - String findMethodName = findMethod.getName(); - if (findMethodName.startsWith("findBy")) { - String key = Character.toLowerCase(findMethodName.charAt(6)) + findMethodName.substring(7); - if (object.containsKey(key)) { - try { - Object data = object.get(key); - return findMethod.invoke(repository, data); - } catch (IllegalAccessException e) { - continue; - } catch (InvocationTargetException e) { - continue; - } - } else { - continue; - } - } - } - throw new NotEnoughDataException(); - } - - protected void mergeRequestInEntity(Object request, Object entity) throws EntityRequestMismatchException, NotEnoughDataException, ObjectNotFoundException { - for (Method getMethode : request.getClass().getMethods()) { - String getMethodName = getMethode.getName(); - JsonProperty annotation = getMethode.getAnnotation(JsonProperty.class); - if (getMethodName.startsWith("get") && annotation != null) { - String fieldName = annotation.value(); - String setMethodName = "s" + getMethodName.substring(1); - Method setMethode; - Class fieldClass; - try { - fieldClass = entity.getClass().getMethod(getMethodName).getReturnType(); - setMethode = entity.getClass().getMethod(setMethodName, fieldClass); - } catch (NoSuchMethodException e) { - throw new EntityRequestMismatchException(); - } - try { - if (getMethode.invoke(request) != null) { - Object data = getMethode.invoke(request); - if (data.getClass() != fieldClass) { - if (fieldClass.getAnnotation(Entity.class) != null) { - data = getEntityFromObject(fieldName, (LinkedHashMap) data); - if (data == null) { - throw new ObjectNotFoundException(); - } - } else { - Constructor constructor = fieldClass.getConstructor(data.getClass()); - if (constructor != null) { - data = constructor.newInstance(data); - } - } - } - setMethode.invoke(entity, data); - } - } catch (IllegalAccessException e) { - throw new EntityRequestMismatchException(); - } catch (InvocationTargetException e) { - throw new EntityRequestMismatchException(); - } catch (NoSuchMethodException e) { - throw new EntityRequestMismatchException(); - } catch (InstantiationException e) { - throw new EntityRequestMismatchException(); - } - } - - } - } -} diff --git a/src/main/java/etunicorn/EntityRequestMismatchException.java b/src/main/java/etunicorn/EntityRequestMismatchException.java deleted file mode 100644 index 4197a3c..0000000 --- a/src/main/java/etunicorn/EntityRequestMismatchException.java +++ /dev/null @@ -1,9 +0,0 @@ -package etunicorn; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -public class EntityRequestMismatchException extends Exception { -} diff --git a/src/main/java/etunicorn/LoginController.java b/src/main/java/etunicorn/LoginController.java deleted file mode 100644 index 081c976..0000000 --- a/src/main/java/etunicorn/LoginController.java +++ /dev/null @@ -1,53 +0,0 @@ -package etunicorn; - -import etunicorn.generated.model.UpdateLoginRequest; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.http.HttpStatus; -import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; - -import javax.validation.Valid; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -@RestController -public class LoginController implements etunicorn.generated.LoginController { - @Autowired - private PersonneRepository personneRepository; - - @Autowired - private SessionService sessionService; - - @Override - @RestrictedTo(authentifie = false) - public ResponseEntity updateLogin(@Valid @RequestBody UpdateLoginRequest updateLoginRequest) { - return null; - } - public ResponseEntity updateLogin(@RequestParam String login, @RequestParam String password) { - Personne personne = personneRepository.findByLogin(login); - if (personne == null) { - return new ResponseEntity(HttpStatus.UNAUTHORIZED); - } - - // TODO Vraie vérification du mot de passe - if (!password.equals("test")) { - return new ResponseEntity(HttpStatus.UNAUTHORIZED); - } - - Session session = sessionService.createSession(personne); - - return new ResponseEntity(session, HttpStatus.OK); - } - - - @Override - public ResponseEntity deleteLoginByToken(@PathVariable String token) { - return null; - } -} diff --git a/src/main/java/etunicorn/NotEnoughDataException.java b/src/main/java/etunicorn/NotEnoughDataException.java deleted file mode 100644 index 9167e07..0000000 --- a/src/main/java/etunicorn/NotEnoughDataException.java +++ /dev/null @@ -1,9 +0,0 @@ -package etunicorn; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -public class NotEnoughDataException extends Exception { -} diff --git a/src/main/java/etunicorn/ObjectNotFoundException.java b/src/main/java/etunicorn/ObjectNotFoundException.java deleted file mode 100644 index e05149e..0000000 --- a/src/main/java/etunicorn/ObjectNotFoundException.java +++ /dev/null @@ -1,9 +0,0 @@ -package etunicorn; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -public class ObjectNotFoundException extends Exception { -} diff --git a/src/main/java/etunicorn/Permission.java b/src/main/java/etunicorn/Permission.java deleted file mode 100644 index 507f13f..0000000 --- a/src/main/java/etunicorn/Permission.java +++ /dev/null @@ -1,30 +0,0 @@ -package etunicorn; - -import javax.persistence.Entity; -import javax.persistence.Id; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -@Entity -public class Permission { - - @Id - private String nom; - - public Permission() { - } - - public Permission(String nom) { - this.nom = nom; - } - public String getNom() { - return nom; - } - - public void setNom(String nom) { - this.nom = nom; - } -} diff --git a/src/main/java/etunicorn/PermissionRepository.java b/src/main/java/etunicorn/PermissionRepository.java deleted file mode 100644 index 4aced53..0000000 --- a/src/main/java/etunicorn/PermissionRepository.java +++ /dev/null @@ -1,12 +0,0 @@ -package etunicorn; - -import org.springframework.data.repository.CrudRepository; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -public interface PermissionRepository extends CrudRepository { - Permission findByNom(String nom); -} diff --git a/src/main/java/etunicorn/Personne.java b/src/main/java/etunicorn/Personne.java deleted file mode 100644 index a95bcc8..0000000 --- a/src/main/java/etunicorn/Personne.java +++ /dev/null @@ -1,80 +0,0 @@ -package etunicorn; - -import javax.persistence.*; -import java.util.Date; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -@Entity -public class Personne { - - - @ManyToOne - public Role role; - @Id - @GeneratedValue(strategy = GenerationType.AUTO) - private int id; - @Column(unique = true) - private String carte; - private Date naissance; - @Column(unique = true) - private String login; - - - public Personne() { - } - - public Personne(String carte, Date naissance, String login, Role role) { - this.carte = carte; - this.naissance = naissance; - this.login = login; - this.role = role; - } - - public int getId() { - return id; - } - - public void setId(int id) { - this.id = id; - } - - public String getCarte() { - return carte; - } - - public void setCarte(String carte) { - this.carte = carte; - } - - public Date getNaissance() { - return naissance; - } - - public void setNaissance(Date naissance) { - this.naissance = naissance; - } - - public String getLogin() { - return login; - } - - public void setLogin(String login) { - this.login = login; - } - - public Role getRole() { - return role; - } - - public void setRole(Role role) { - this.role = role; - } - - public boolean hasPermission(Permission permission) { - return role.hasPermission(permission); - } -} diff --git a/src/main/java/etunicorn/PersonneController.java b/src/main/java/etunicorn/PersonneController.java deleted file mode 100644 index 66f27db..0000000 --- a/src/main/java/etunicorn/PersonneController.java +++ /dev/null @@ -1,124 +0,0 @@ -package etunicorn; - -import etunicorn.generated.model.UpdatePersonneByIdRequest; -import etunicorn.generated.model.UpdatePersonneRequest; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.dao.DataIntegrityViolationException; -import org.springframework.http.HttpStatus; -import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; - -import javax.validation.Valid; -import java.math.BigDecimal; -import java.util.Date; -import java.util.List; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ - -@RestController -public class PersonneController extends BaseController implements etunicorn.generated.PersonneController { - @Autowired - private PersonneRepository personneRepository; - - @Autowired - private RoleRepository roleRepository; - - @Override - @RestrictedTo("PERSONNE_LIST") - public ResponseEntity getPersonne() { - return new ResponseEntity((List) this.personneRepository.findAll(), HttpStatus.OK); - } - - private ResponseEntity mergePersonne(Personne personne, String carte, Date naissance, String login, String role) { - if (carte != null) { - personne.setCarte(carte); - } - if (naissance != null) { - personne.setNaissance(naissance); - } - if (login != null) { - personne.setLogin(login); - } - // TODO Il faut que login ou carte soient mis - if (role != null) { - if (hasPermission("PERSONNE_ROLE")) { - Role roleObj = roleRepository.findByNom(role); - personne.setRole(roleObj); - if (roleObj == null) { - return new ResponseEntity("Rôle inconnu", HttpStatus.NOT_FOUND); - } - } else { - return new ResponseEntity(HttpStatus.FORBIDDEN); - } - } - try { - this.personneRepository.save(personne); - } catch (DataIntegrityViolationException e) { - return new ResponseEntity(HttpStatus.CONFLICT); - } - return new ResponseEntity(personne, HttpStatus.CREATED); - } - - @Override - @RestrictedTo("PERSONNE_ADD") - public ResponseEntity updatePersonne(@Valid @RequestBody UpdatePersonneRequest updatePersonneRequest) { - Personne personne = new Personne(); - try { - mergeRequestInEntity(updatePersonneRequest, personne); - } catch (EntityRequestMismatchException e) { - return generateError(e); - } catch (NotEnoughDataException e) { - return generateError(HttpStatus.BAD_REQUEST, e, "Il n'y a pas suffisament de données pour identifier un sous-objet"); - } catch (ObjectNotFoundException e) { - return generateError(HttpStatus.NOT_FOUND, e, "Sous-objet non trouvé"); - } - return new ResponseEntity(personne, HttpStatus.CREATED); - } - public ResponseEntity updatePersonne(@RequestParam(required = false) String carte, @RequestParam(required = false) Date naissance, @RequestParam(required = false) String login, @RequestParam(required = false) String role) { - Personne personne = new Personne(); - return mergePersonne(personne, carte, naissance, login, role); - } - - @Override - @RestrictedTo("PERSONNE_GET") - public ResponseEntity getPersonneById(@PathVariable BigDecimal idPersonne) { - Personne personne = personneRepository.findById(idPersonne.intValueExact()); - if (personne == null) { - return new ResponseEntity(HttpStatus.NOT_FOUND); - } - return new ResponseEntity(personne, HttpStatus.OK); - } - - @Override - @RestrictedTo("PERSONNE_EDIT") - public ResponseEntity updatePersonneById(@PathVariable BigDecimal idPersonne, @Valid @RequestBody UpdatePersonneByIdRequest updatePersonneByIdRequest) { - return null; - } - - public ResponseEntity updatePersonneById(@PathVariable BigDecimal idPersonne, @RequestParam(required = false) String carte, @RequestParam(required = false) Date naissance, @RequestParam(required = false) String login, @RequestParam(required = false) String role) { - Personne personne = personneRepository.findById(idPersonne.intValueExact()); - if (personne == null) { - return new ResponseEntity(HttpStatus.NOT_FOUND); - } - return mergePersonne(personne, carte, naissance, login, role); - } - - @Override - @RestrictedTo("PERSONNE_REMOVE") - public ResponseEntity deletePersonneById(@PathVariable BigDecimal idPersonne) { - Personne personne = personneRepository.findById(idPersonne.intValueExact()); - if (personne == null) { - return new ResponseEntity(HttpStatus.NOT_FOUND); - } - personneRepository.delete(personne); - return new ResponseEntity(personne, HttpStatus.NO_CONTENT); - } - -} diff --git a/src/main/java/etunicorn/PersonneRepository.java b/src/main/java/etunicorn/PersonneRepository.java deleted file mode 100644 index 8b0d28a..0000000 --- a/src/main/java/etunicorn/PersonneRepository.java +++ /dev/null @@ -1,15 +0,0 @@ -package etunicorn; - -import org.springframework.data.repository.CrudRepository; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -public interface PersonneRepository extends CrudRepository { - Personne findByLogin(String login); - - Personne findByCarte(String carte); - Personne findById(Integer id); -} diff --git a/src/main/java/etunicorn/Role.java b/src/main/java/etunicorn/Role.java deleted file mode 100644 index 202fbab..0000000 --- a/src/main/java/etunicorn/Role.java +++ /dev/null @@ -1,60 +0,0 @@ -package etunicorn; - -import javax.persistence.Column; -import javax.persistence.Entity; -import javax.persistence.Id; -import javax.persistence.OneToMany; -import java.util.ArrayList; -import java.util.Collection; -import java.util.List; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -@Entity -public class Role { - @Id - @Column(unique = true) - private String nom = "etudiant"; - - @OneToMany - private List permissions = new ArrayList<>(); - - public Role() { - } - - public Role(String nom, List permissions) { - this.nom = nom; - this.permissions = permissions; - } - - public String getNom() { - return nom; - } - - public void setNom(String nom) { - this.nom = nom; - } - - public Collection getPermissions() { - return permissions; - } - - public void setPermissions(List permissions) { - this.permissions = permissions; - } - - public boolean hasPermission(Permission permission) { - return permissions.contains(permission); - } - - public void addPermission(Permission permission) { - this.permissions.add(permission); - } - - public void delPermission(Permission permission) { - this.permissions.remove(permission); - } -} diff --git a/src/main/java/etunicorn/RoleController.java b/src/main/java/etunicorn/RoleController.java deleted file mode 100644 index a9ea4a5..0000000 --- a/src/main/java/etunicorn/RoleController.java +++ /dev/null @@ -1,118 +0,0 @@ -package etunicorn; - - -import etunicorn.generated.model.UpdateRoleByIdRequest; -import etunicorn.generated.model.UpdateRoleRequest; -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.dao.DataIntegrityViolationException; -import org.springframework.http.HttpStatus; -import org.springframework.http.ResponseEntity; -import org.springframework.web.bind.annotation.PathVariable; -import org.springframework.web.bind.annotation.RequestBody; -import org.springframework.web.bind.annotation.RequestParam; -import org.springframework.web.bind.annotation.RestController; - -import javax.validation.Valid; -import java.math.BigDecimal; -import java.util.List; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -@RestController -public class RoleController extends BaseController implements etunicorn.generated.RoleController { - @Autowired - private RoleRepository roleRepository; - - @Autowired - private PermissionRepository permissionRepository; - - @Override - public ResponseEntity getRole() { - return new ResponseEntity((List) roleRepository.findAll(), HttpStatus.OK); - } - - @Override - @RestrictedTo("ROLE_ADD") - public ResponseEntity updateRole(@Valid @RequestBody UpdateRoleRequest updateRoleRequest) { - return null; - } - public ResponseEntity updateRole(@RequestParam String nom) { - Role oldRole = roleRepository.findByNom(nom); - if (oldRole != null) { - return new ResponseEntity(HttpStatus.CONFLICT); - } - Role role = new Role(); - role.setNom(nom); - try { - roleRepository.save(role); - } catch (DataIntegrityViolationException e) { - return new ResponseEntity(HttpStatus.CONFLICT); - } - return new ResponseEntity(role, HttpStatus.CREATED); - } - - @Override - @RestrictedTo("ROLE_DELETE") - public ResponseEntity deleteRoleById(@PathVariable BigDecimal nomRole) { - return null; - } - public ResponseEntity deleteRoleById(@PathVariable String nomRole) { - Role role = roleRepository.findByNom(nomRole); - if (role == null) { - return new ResponseEntity("Rôle inconnu", HttpStatus.NOT_FOUND); - } - roleRepository.delete(role); - return new ResponseEntity(HttpStatus.NO_CONTENT); - } - - @Override - @RestrictedTo("ROLE_PERMISSION_ADD") - public ResponseEntity updateRoleById(@PathVariable BigDecimal nomRole, @Valid @RequestBody UpdateRoleByIdRequest updateRoleByIdRequest) { - return null; - } - public ResponseEntity updateRoleById(@PathVariable String nomRole, @RequestParam String nom) { - Role role = roleRepository.findByNom(nomRole); - if (role == null) { - return new ResponseEntity("Rôle inconnu", HttpStatus.NOT_FOUND); - } - Permission permission = permissionRepository.findByNom(nom); - if (permission == null) { - return new ResponseEntity("Permission inconnue", HttpStatus.NOT_FOUND); - } - role.addPermission(permission); - try { - roleRepository.save(role); - } catch (DataIntegrityViolationException e) { - // Si la permission était déjà là, on fait rien - } - return new ResponseEntity(role, HttpStatus.ACCEPTED); - } - - @Override - @RestrictedTo("ROLE_PERMISSION_REMOVE") - public ResponseEntity deleteRoleByNomPermission(@PathVariable String nomPermission, @PathVariable BigDecimal nomRole) { - return null; - } - public ResponseEntity deleteRoleByNomPermission(@PathVariable String nomPermission, @PathVariable String nomRole) { - Role role = roleRepository.findByNom(nomRole); - if (role == null) { - return new ResponseEntity("Rôle inconnu", HttpStatus.NOT_FOUND); - } - Permission permission = permissionRepository.findByNom(nomPermission); - if (permission == null) { - return new ResponseEntity("Permission inconnue", HttpStatus.NOT_FOUND); - } - role.delPermission(permission); - roleRepository.save(role); - return new ResponseEntity(role, HttpStatus.ACCEPTED); - } - - @Override - @RestrictedTo("ROLE_PERMISSION_LIST") - public ResponseEntity getPermission() { - return new ResponseEntity((List) permissionRepository.findAll(), HttpStatus.OK); - } -} diff --git a/src/main/java/etunicorn/RoleRepository.java b/src/main/java/etunicorn/RoleRepository.java deleted file mode 100644 index 734dffc..0000000 --- a/src/main/java/etunicorn/RoleRepository.java +++ /dev/null @@ -1,12 +0,0 @@ -package etunicorn; - -import org.springframework.data.repository.CrudRepository; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -public interface RoleRepository extends CrudRepository { - Role findByNom(String nom); -} diff --git a/src/main/java/etunicorn/SecurityInterceptor.java b/src/main/java/etunicorn/SecurityInterceptor.java index 8469994..a2b3b9f 100644 --- a/src/main/java/etunicorn/SecurityInterceptor.java +++ b/src/main/java/etunicorn/SecurityInterceptor.java @@ -1,5 +1,9 @@ package etunicorn; +import etunicorn.entity.Permission; +import etunicorn.entity.Session; +import etunicorn.repository.PermissionRepository; +import etunicorn.service.SessionService; import org.springframework.beans.factory.annotation.Autowired; import org.springframework.http.HttpStatus; import org.springframework.transaction.annotation.Transactional; diff --git a/src/main/java/etunicorn/Session.java b/src/main/java/etunicorn/Session.java deleted file mode 100644 index 08a5b8f..0000000 --- a/src/main/java/etunicorn/Session.java +++ /dev/null @@ -1,72 +0,0 @@ -package etunicorn; - -import javax.persistence.Entity; -import javax.persistence.Id; -import javax.persistence.ManyToOne; -import java.math.BigInteger; -import java.security.SecureRandom; -import java.util.Date; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -@Entity -public class Session { - - // Durée par défaut d'une session en secondes - private static final int SESSION_DURATION = 10 * 60; - private static SecureRandom random = new SecureRandom(); - // TODO Vérifier si c'est bien initialisé qu'une seule fois par éxecution car c'est lourd à initialiser - @ManyToOne - private Personne personne; - @Id - private String token; - private Date validity; - - - public Session() { - } - - public Session(Personne personne) { - this.personne = personne; - // From http://stackoverflow.com/a/41156 - this.token = new BigInteger(130, random).toString(32); - this.validity = new Date(new Date().getTime() + SESSION_DURATION * 1000); - } - - public Session(Personne personne, String token, Date validity) { - this.personne = personne; - this.token = token; - this.validity = validity; - } - - public Personne getPersonne() { - return personne; - } - - public void setPersonne(Personne personne) { - this.personne = personne; - } - - public String getToken() { - return token; - } - - public void setToken(String token) { - this.token = token; - } - - public Date getValidity() { - return validity; - } - - public void setValidity(Date validity) { - this.validity = validity; - } - - public boolean hasPermission(Permission permission) { - return personne.hasPermission(permission); - } -} diff --git a/src/main/java/etunicorn/SessionRepository.java b/src/main/java/etunicorn/SessionRepository.java deleted file mode 100644 index ae6af90..0000000 --- a/src/main/java/etunicorn/SessionRepository.java +++ /dev/null @@ -1,12 +0,0 @@ -package etunicorn; - -import org.springframework.data.repository.CrudRepository; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -public interface SessionRepository extends CrudRepository { - Session findByToken(String token); -} diff --git a/src/main/java/etunicorn/SessionService.java b/src/main/java/etunicorn/SessionService.java deleted file mode 100644 index 665b304..0000000 --- a/src/main/java/etunicorn/SessionService.java +++ /dev/null @@ -1,58 +0,0 @@ -package etunicorn; - -import org.springframework.beans.factory.annotation.Autowired; -import org.springframework.stereotype.Service; - -import javax.servlet.http.HttpServletRequest; -import java.util.Date; - -/** - * etunicorn-server - * Copyright © 2017 Le Club Info Polytech Lille - * Tous droits réservés - */ -@Service("sessionService") -public class SessionService { - @Autowired - private SessionRepository sessionRepository; - @Autowired - private PersonneRepository personneRepository; - - public SessionService() { - } - - public Session getSession(HttpServletRequest request) { - String token = request.getHeader("Authorization"); - return getSession(token); - } - - public Session getSession(String token) { - if (token == null) { - return null; - } else { - Session session = sessionRepository.findByToken(token); - if (session == null) { - return null; - } else { - if (session.getValidity().compareTo(new Date()) < 0) { - return null; - } else { - // Vérifie si la personne est toujours dans la base de données - Personne personne = personneRepository.findById(session.getPersonne().getId()); - if (personne == null) { - return null; - } else { - return session; - } - } - } - } - } - - public Session createSession(Personne personne) { - Session session = new Session(personne); - sessionRepository.save(session); - return session; - } - -} diff --git a/src/main/java/etunicorn/controller/BaseController.java b/src/main/java/etunicorn/controller/BaseController.java new file mode 100644 index 0000000..a543019 --- /dev/null +++ b/src/main/java/etunicorn/controller/BaseController.java @@ -0,0 +1,152 @@ +package etunicorn.controller; + +import com.fasterxml.jackson.annotation.JsonProperty; +import etunicorn.entity.Permission; +import etunicorn.entity.Session; +import etunicorn.exception.EntityRequestMismatchException; +import etunicorn.exception.NotEnoughDataException; +import etunicorn.exception.ObjectNotFoundException; +import etunicorn.repository.PermissionRepository; +import etunicorn.service.SessionService; +import net.minidev.json.JSONObject; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.data.repository.Repository; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.RestController; + +import javax.persistence.Entity; +import javax.servlet.http.HttpServletRequest; +import java.lang.reflect.Constructor; +import java.lang.reflect.InvocationTargetException; +import java.lang.reflect.Method; +import java.util.LinkedHashMap; +import java.util.Map; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +@RestController +public class BaseController { + + // Utilités pour merger un request dans une entity + @Autowired + Map repositories; + // Permettent la vérification de permissions dans les méthodes de controlleur + @Autowired + private HttpServletRequest request; + @Autowired + private SessionService sessionService; + @Autowired + private PermissionRepository permissionRepository; + + protected boolean hasPermission(Permission permission) { + Session session = sessionService.getSession(request); + if (session == null || permission == null) { + return false; + } + return session.hasPermission(permission); + } + + protected boolean hasPermission(String nomPermission) { + Permission permission = permissionRepository.findByNom(nomPermission); + return hasPermission(permission); + } + + // Utilités pour générer des erreurs + ResponseEntity generateError(HttpStatus status, String message) { + JSONObject json = new JSONObject(); + json.put("status", status.value()); + json.put("message", message); + return new ResponseEntity(json, status); + } + + ResponseEntity generateError(HttpStatus status) { + return generateError(status, String.format("Erreur de type %d", status.value())); + } + + ResponseEntity generateError(HttpStatus status, Exception exception, String message) { + JSONObject json = new JSONObject(); + json.put("status", status.value()); + json.put("message", message); + json.put("errorMessage", exception.getLocalizedMessage()); + json.put("stacktrace", exception.getStackTrace().toString()); + return new ResponseEntity(json, status); + } + + ResponseEntity generateError(Exception exception) { + return generateError(HttpStatus.INTERNAL_SERVER_ERROR, exception, exception.getLocalizedMessage()); + } + + protected Object getEntityFromObject(String className, LinkedHashMap object) throws NotEnoughDataException { + Object repository = repositories.get(className + "Repository"); + for (Method findMethod : repository.getClass().getMethods()) { + String findMethodName = findMethod.getName(); + if (findMethodName.startsWith("findBy")) { + String key = Character.toLowerCase(findMethodName.charAt(6)) + findMethodName.substring(7); + if (object.containsKey(key)) { + try { + Object data = object.get(key); + return findMethod.invoke(repository, data); + } catch (IllegalAccessException e) { + continue; + } catch (InvocationTargetException e) { + continue; + } + } else { + continue; + } + } + } + throw new NotEnoughDataException(); + } + + protected void mergeRequestInEntity(Object request, Object entity) throws EntityRequestMismatchException, NotEnoughDataException, ObjectNotFoundException { + for (Method getMethode : request.getClass().getMethods()) { + String getMethodName = getMethode.getName(); + JsonProperty annotation = getMethode.getAnnotation(JsonProperty.class); + if (getMethodName.startsWith("get") && annotation != null) { + String fieldName = annotation.value(); + String setMethodName = "s" + getMethodName.substring(1); + Method setMethode; + Class fieldClass; + try { + fieldClass = entity.getClass().getMethod(getMethodName).getReturnType(); + setMethode = entity.getClass().getMethod(setMethodName, fieldClass); + } catch (NoSuchMethodException e) { + throw new EntityRequestMismatchException(); + } + try { + if (getMethode.invoke(request) != null) { + Object data = getMethode.invoke(request); + if (data.getClass() != fieldClass) { + if (fieldClass.getAnnotation(Entity.class) != null) { + data = getEntityFromObject(fieldName, (LinkedHashMap) data); + if (data == null) { + throw new ObjectNotFoundException(); + } + } else { + Constructor constructor = fieldClass.getConstructor(data.getClass()); + if (constructor != null) { + data = constructor.newInstance(data); + } + } + } + setMethode.invoke(entity, data); + } + } catch (IllegalAccessException e) { + throw new EntityRequestMismatchException(); + } catch (InvocationTargetException e) { + throw new EntityRequestMismatchException(); + } catch (NoSuchMethodException e) { + throw new EntityRequestMismatchException(); + } catch (InstantiationException e) { + throw new EntityRequestMismatchException(); + } + } + + } + } +} diff --git a/src/main/java/etunicorn/controller/LoginController.java b/src/main/java/etunicorn/controller/LoginController.java new file mode 100644 index 0000000..20458db --- /dev/null +++ b/src/main/java/etunicorn/controller/LoginController.java @@ -0,0 +1,58 @@ +package etunicorn.controller; + +import etunicorn.RestrictedTo; +import etunicorn.entity.Personne; +import etunicorn.entity.Session; +import etunicorn.generated.model.UpdateLoginRequest; +import etunicorn.repository.PersonneRepository; +import etunicorn.service.SessionService; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.RestController; + +import javax.validation.Valid; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +@RestController +public class LoginController implements etunicorn.generated.LoginController { + @Autowired + private PersonneRepository personneRepository; + + @Autowired + private SessionService sessionService; + + @Override + @RestrictedTo(authentifie = false) + public ResponseEntity updateLogin(@Valid @RequestBody UpdateLoginRequest updateLoginRequest) { + return null; + } + public ResponseEntity updateLogin(@RequestParam String login, @RequestParam String password) { + Personne personne = personneRepository.findByLogin(login); + if (personne == null) { + return new ResponseEntity(HttpStatus.UNAUTHORIZED); + } + + // TODO Vraie vérification du mot de passe + if (!password.equals("test")) { + return new ResponseEntity(HttpStatus.UNAUTHORIZED); + } + + Session session = sessionService.createSession(personne); + + return new ResponseEntity(session, HttpStatus.OK); + } + + + @Override + public ResponseEntity deleteLoginByToken(@PathVariable String token) { + return null; + } +} diff --git a/src/main/java/etunicorn/controller/PersonneController.java b/src/main/java/etunicorn/controller/PersonneController.java new file mode 100644 index 0000000..4c58c4a --- /dev/null +++ b/src/main/java/etunicorn/controller/PersonneController.java @@ -0,0 +1,132 @@ +package etunicorn.controller; + +import etunicorn.RestrictedTo; +import etunicorn.entity.Personne; +import etunicorn.entity.Role; +import etunicorn.exception.EntityRequestMismatchException; +import etunicorn.exception.NotEnoughDataException; +import etunicorn.exception.ObjectNotFoundException; +import etunicorn.generated.model.UpdatePersonneByIdRequest; +import etunicorn.generated.model.UpdatePersonneRequest; +import etunicorn.repository.PersonneRepository; +import etunicorn.repository.RoleRepository; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.dao.DataIntegrityViolationException; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.RestController; + +import javax.validation.Valid; +import java.math.BigDecimal; +import java.util.Date; +import java.util.List; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ + +@RestController +public class PersonneController extends BaseController implements etunicorn.generated.PersonneController { + @Autowired + private PersonneRepository personneRepository; + + @Autowired + private RoleRepository roleRepository; + + @Override + @RestrictedTo("PERSONNE_LIST") + public ResponseEntity getPersonne() { + return new ResponseEntity((List) this.personneRepository.findAll(), HttpStatus.OK); + } + + private ResponseEntity mergePersonne(Personne personne, String carte, Date naissance, String login, String role) { + if (carte != null) { + personne.setCarte(carte); + } + if (naissance != null) { + personne.setNaissance(naissance); + } + if (login != null) { + personne.setLogin(login); + } + // TODO Il faut que login ou carte soient mis + if (role != null) { + if (hasPermission("PERSONNE_ROLE")) { + Role roleObj = roleRepository.findByNom(role); + personne.setRole(roleObj); + if (roleObj == null) { + return new ResponseEntity("Rôle inconnu", HttpStatus.NOT_FOUND); + } + } else { + return new ResponseEntity(HttpStatus.FORBIDDEN); + } + } + try { + this.personneRepository.save(personne); + } catch (DataIntegrityViolationException e) { + return new ResponseEntity(HttpStatus.CONFLICT); + } + return new ResponseEntity(personne, HttpStatus.CREATED); + } + + @Override + @RestrictedTo("PERSONNE_ADD") + public ResponseEntity updatePersonne(@Valid @RequestBody UpdatePersonneRequest updatePersonneRequest) { + Personne personne = new Personne(); + try { + mergeRequestInEntity(updatePersonneRequest, personne); + } catch (EntityRequestMismatchException e) { + return generateError(e); + } catch (NotEnoughDataException e) { + return generateError(HttpStatus.BAD_REQUEST, e, "Il n'y a pas suffisament de données pour identifier un sous-objet"); + } catch (ObjectNotFoundException e) { + return generateError(HttpStatus.NOT_FOUND, e, "Sous-objet non trouvé"); + } + return new ResponseEntity(personne, HttpStatus.CREATED); + } + public ResponseEntity updatePersonne(@RequestParam(required = false) String carte, @RequestParam(required = false) Date naissance, @RequestParam(required = false) String login, @RequestParam(required = false) String role) { + Personne personne = new Personne(); + return mergePersonne(personne, carte, naissance, login, role); + } + + @Override + @RestrictedTo("PERSONNE_GET") + public ResponseEntity getPersonneById(@PathVariable BigDecimal idPersonne) { + Personne personne = personneRepository.findById(idPersonne.intValueExact()); + if (personne == null) { + return new ResponseEntity(HttpStatus.NOT_FOUND); + } + return new ResponseEntity(personne, HttpStatus.OK); + } + + @Override + @RestrictedTo("PERSONNE_EDIT") + public ResponseEntity updatePersonneById(@PathVariable BigDecimal idPersonne, @Valid @RequestBody UpdatePersonneByIdRequest updatePersonneByIdRequest) { + return null; + } + + public ResponseEntity updatePersonneById(@PathVariable BigDecimal idPersonne, @RequestParam(required = false) String carte, @RequestParam(required = false) Date naissance, @RequestParam(required = false) String login, @RequestParam(required = false) String role) { + Personne personne = personneRepository.findById(idPersonne.intValueExact()); + if (personne == null) { + return new ResponseEntity(HttpStatus.NOT_FOUND); + } + return mergePersonne(personne, carte, naissance, login, role); + } + + @Override + @RestrictedTo("PERSONNE_REMOVE") + public ResponseEntity deletePersonneById(@PathVariable BigDecimal idPersonne) { + Personne personne = personneRepository.findById(idPersonne.intValueExact()); + if (personne == null) { + return new ResponseEntity(HttpStatus.NOT_FOUND); + } + personneRepository.delete(personne); + return new ResponseEntity(personne, HttpStatus.NO_CONTENT); + } + +} diff --git a/src/main/java/etunicorn/controller/RoleController.java b/src/main/java/etunicorn/controller/RoleController.java new file mode 100644 index 0000000..8750f24 --- /dev/null +++ b/src/main/java/etunicorn/controller/RoleController.java @@ -0,0 +1,123 @@ +package etunicorn.controller; + + +import etunicorn.RestrictedTo; +import etunicorn.entity.Permission; +import etunicorn.entity.Role; +import etunicorn.generated.model.UpdateRoleByIdRequest; +import etunicorn.generated.model.UpdateRoleRequest; +import etunicorn.repository.PermissionRepository; +import etunicorn.repository.RoleRepository; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.dao.DataIntegrityViolationException; +import org.springframework.http.HttpStatus; +import org.springframework.http.ResponseEntity; +import org.springframework.web.bind.annotation.PathVariable; +import org.springframework.web.bind.annotation.RequestBody; +import org.springframework.web.bind.annotation.RequestParam; +import org.springframework.web.bind.annotation.RestController; + +import javax.validation.Valid; +import java.math.BigDecimal; +import java.util.List; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +@RestController +public class RoleController extends BaseController implements etunicorn.generated.RoleController { + @Autowired + private RoleRepository roleRepository; + + @Autowired + private PermissionRepository permissionRepository; + + @Override + public ResponseEntity getRole() { + return new ResponseEntity((List) roleRepository.findAll(), HttpStatus.OK); + } + + @Override + @RestrictedTo("ROLE_ADD") + public ResponseEntity updateRole(@Valid @RequestBody UpdateRoleRequest updateRoleRequest) { + return null; + } + public ResponseEntity updateRole(@RequestParam String nom) { + Role oldRole = roleRepository.findByNom(nom); + if (oldRole != null) { + return new ResponseEntity(HttpStatus.CONFLICT); + } + Role role = new Role(); + role.setNom(nom); + try { + roleRepository.save(role); + } catch (DataIntegrityViolationException e) { + return new ResponseEntity(HttpStatus.CONFLICT); + } + return new ResponseEntity(role, HttpStatus.CREATED); + } + + @Override + @RestrictedTo("ROLE_DELETE") + public ResponseEntity deleteRoleById(@PathVariable BigDecimal nomRole) { + return null; + } + public ResponseEntity deleteRoleById(@PathVariable String nomRole) { + Role role = roleRepository.findByNom(nomRole); + if (role == null) { + return new ResponseEntity("Rôle inconnu", HttpStatus.NOT_FOUND); + } + roleRepository.delete(role); + return new ResponseEntity(HttpStatus.NO_CONTENT); + } + + @Override + @RestrictedTo("ROLE_PERMISSION_ADD") + public ResponseEntity updateRoleById(@PathVariable BigDecimal nomRole, @Valid @RequestBody UpdateRoleByIdRequest updateRoleByIdRequest) { + return null; + } + public ResponseEntity updateRoleById(@PathVariable String nomRole, @RequestParam String nom) { + Role role = roleRepository.findByNom(nomRole); + if (role == null) { + return new ResponseEntity("Rôle inconnu", HttpStatus.NOT_FOUND); + } + Permission permission = permissionRepository.findByNom(nom); + if (permission == null) { + return new ResponseEntity("Permission inconnue", HttpStatus.NOT_FOUND); + } + role.addPermission(permission); + try { + roleRepository.save(role); + } catch (DataIntegrityViolationException e) { + // Si la permission était déjà là, on fait rien + } + return new ResponseEntity(role, HttpStatus.ACCEPTED); + } + + @Override + @RestrictedTo("ROLE_PERMISSION_REMOVE") + public ResponseEntity deleteRoleByNomPermission(@PathVariable String nomPermission, @PathVariable BigDecimal nomRole) { + return null; + } + public ResponseEntity deleteRoleByNomPermission(@PathVariable String nomPermission, @PathVariable String nomRole) { + Role role = roleRepository.findByNom(nomRole); + if (role == null) { + return new ResponseEntity("Rôle inconnu", HttpStatus.NOT_FOUND); + } + Permission permission = permissionRepository.findByNom(nomPermission); + if (permission == null) { + return new ResponseEntity("Permission inconnue", HttpStatus.NOT_FOUND); + } + role.delPermission(permission); + roleRepository.save(role); + return new ResponseEntity(role, HttpStatus.ACCEPTED); + } + + @Override + @RestrictedTo("ROLE_PERMISSION_LIST") + public ResponseEntity getPermission() { + return new ResponseEntity((List) permissionRepository.findAll(), HttpStatus.OK); + } +} diff --git a/src/main/java/etunicorn/entity/Permission.java b/src/main/java/etunicorn/entity/Permission.java new file mode 100644 index 0000000..0052288 --- /dev/null +++ b/src/main/java/etunicorn/entity/Permission.java @@ -0,0 +1,30 @@ +package etunicorn.entity; + +import javax.persistence.Entity; +import javax.persistence.Id; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +@Entity +public class Permission { + + @Id + private String nom; + + public Permission() { + } + + public Permission(String nom) { + this.nom = nom; + } + public String getNom() { + return nom; + } + + public void setNom(String nom) { + this.nom = nom; + } +} diff --git a/src/main/java/etunicorn/entity/Personne.java b/src/main/java/etunicorn/entity/Personne.java new file mode 100644 index 0000000..9093723 --- /dev/null +++ b/src/main/java/etunicorn/entity/Personne.java @@ -0,0 +1,80 @@ +package etunicorn.entity; + +import javax.persistence.*; +import java.util.Date; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +@Entity +public class Personne { + + + @ManyToOne + public Role role; + @Id + @GeneratedValue(strategy = GenerationType.AUTO) + private int id; + @Column(unique = true) + private String carte; + private Date naissance; + @Column(unique = true) + private String login; + + + public Personne() { + } + + public Personne(String carte, Date naissance, String login, Role role) { + this.carte = carte; + this.naissance = naissance; + this.login = login; + this.role = role; + } + + public int getId() { + return id; + } + + public void setId(int id) { + this.id = id; + } + + public String getCarte() { + return carte; + } + + public void setCarte(String carte) { + this.carte = carte; + } + + public Date getNaissance() { + return naissance; + } + + public void setNaissance(Date naissance) { + this.naissance = naissance; + } + + public String getLogin() { + return login; + } + + public void setLogin(String login) { + this.login = login; + } + + public Role getRole() { + return role; + } + + public void setRole(Role role) { + this.role = role; + } + + public boolean hasPermission(Permission permission) { + return role.hasPermission(permission); + } +} diff --git a/src/main/java/etunicorn/entity/Role.java b/src/main/java/etunicorn/entity/Role.java new file mode 100644 index 0000000..bbf26d5 --- /dev/null +++ b/src/main/java/etunicorn/entity/Role.java @@ -0,0 +1,60 @@ +package etunicorn.entity; + +import javax.persistence.Column; +import javax.persistence.Entity; +import javax.persistence.Id; +import javax.persistence.OneToMany; +import java.util.ArrayList; +import java.util.Collection; +import java.util.List; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +@Entity +public class Role { + @Id + @Column(unique = true) + private String nom = "etudiant"; + + @OneToMany + private List permissions = new ArrayList<>(); + + public Role() { + } + + public Role(String nom, List permissions) { + this.nom = nom; + this.permissions = permissions; + } + + public String getNom() { + return nom; + } + + public void setNom(String nom) { + this.nom = nom; + } + + public Collection getPermissions() { + return permissions; + } + + public void setPermissions(List permissions) { + this.permissions = permissions; + } + + public boolean hasPermission(Permission permission) { + return permissions.contains(permission); + } + + public void addPermission(Permission permission) { + this.permissions.add(permission); + } + + public void delPermission(Permission permission) { + this.permissions.remove(permission); + } +} diff --git a/src/main/java/etunicorn/entity/Session.java b/src/main/java/etunicorn/entity/Session.java new file mode 100644 index 0000000..ed1b4f1 --- /dev/null +++ b/src/main/java/etunicorn/entity/Session.java @@ -0,0 +1,72 @@ +package etunicorn.entity; + +import javax.persistence.Entity; +import javax.persistence.Id; +import javax.persistence.ManyToOne; +import java.math.BigInteger; +import java.security.SecureRandom; +import java.util.Date; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +@Entity +public class Session { + + // Durée par défaut d'une session en secondes + private static final int SESSION_DURATION = 10 * 60; + private static SecureRandom random = new SecureRandom(); + // TODO Vérifier si c'est bien initialisé qu'une seule fois par éxecution car c'est lourd à initialiser + @ManyToOne + private Personne personne; + @Id + private String token; + private Date validity; + + + public Session() { + } + + public Session(Personne personne) { + this.personne = personne; + // From http://stackoverflow.com/a/41156 + this.token = new BigInteger(130, random).toString(32); + this.validity = new Date(new Date().getTime() + SESSION_DURATION * 1000); + } + + public Session(Personne personne, String token, Date validity) { + this.personne = personne; + this.token = token; + this.validity = validity; + } + + public Personne getPersonne() { + return personne; + } + + public void setPersonne(Personne personne) { + this.personne = personne; + } + + public String getToken() { + return token; + } + + public void setToken(String token) { + this.token = token; + } + + public Date getValidity() { + return validity; + } + + public void setValidity(Date validity) { + this.validity = validity; + } + + public boolean hasPermission(Permission permission) { + return personne.hasPermission(permission); + } +} diff --git a/src/main/java/etunicorn/exception/EntityRequestMismatchException.java b/src/main/java/etunicorn/exception/EntityRequestMismatchException.java new file mode 100644 index 0000000..f8d275d --- /dev/null +++ b/src/main/java/etunicorn/exception/EntityRequestMismatchException.java @@ -0,0 +1,9 @@ +package etunicorn.exception; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +public class EntityRequestMismatchException extends Exception { +} diff --git a/src/main/java/etunicorn/exception/NotEnoughDataException.java b/src/main/java/etunicorn/exception/NotEnoughDataException.java new file mode 100644 index 0000000..37cf56f --- /dev/null +++ b/src/main/java/etunicorn/exception/NotEnoughDataException.java @@ -0,0 +1,9 @@ +package etunicorn.exception; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +public class NotEnoughDataException extends Exception { +} diff --git a/src/main/java/etunicorn/exception/ObjectNotFoundException.java b/src/main/java/etunicorn/exception/ObjectNotFoundException.java new file mode 100644 index 0000000..52d8a19 --- /dev/null +++ b/src/main/java/etunicorn/exception/ObjectNotFoundException.java @@ -0,0 +1,9 @@ +package etunicorn.exception; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +public class ObjectNotFoundException extends Exception { +} diff --git a/src/main/java/etunicorn/repository/PermissionRepository.java b/src/main/java/etunicorn/repository/PermissionRepository.java new file mode 100644 index 0000000..a757abf --- /dev/null +++ b/src/main/java/etunicorn/repository/PermissionRepository.java @@ -0,0 +1,13 @@ +package etunicorn.repository; + +import etunicorn.entity.Permission; +import org.springframework.data.repository.CrudRepository; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +public interface PermissionRepository extends CrudRepository { + Permission findByNom(String nom); +} diff --git a/src/main/java/etunicorn/repository/PersonneRepository.java b/src/main/java/etunicorn/repository/PersonneRepository.java new file mode 100644 index 0000000..6afc0a6 --- /dev/null +++ b/src/main/java/etunicorn/repository/PersonneRepository.java @@ -0,0 +1,16 @@ +package etunicorn.repository; + +import etunicorn.entity.Personne; +import org.springframework.data.repository.CrudRepository; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +public interface PersonneRepository extends CrudRepository { + Personne findByLogin(String login); + + Personne findByCarte(String carte); + Personne findById(Integer id); +} diff --git a/src/main/java/etunicorn/repository/RoleRepository.java b/src/main/java/etunicorn/repository/RoleRepository.java new file mode 100644 index 0000000..dc76028 --- /dev/null +++ b/src/main/java/etunicorn/repository/RoleRepository.java @@ -0,0 +1,13 @@ +package etunicorn.repository; + +import etunicorn.entity.Role; +import org.springframework.data.repository.CrudRepository; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +public interface RoleRepository extends CrudRepository { + Role findByNom(String nom); +} diff --git a/src/main/java/etunicorn/repository/SessionRepository.java b/src/main/java/etunicorn/repository/SessionRepository.java new file mode 100644 index 0000000..004b2bb --- /dev/null +++ b/src/main/java/etunicorn/repository/SessionRepository.java @@ -0,0 +1,13 @@ +package etunicorn.repository; + +import etunicorn.entity.Session; +import org.springframework.data.repository.CrudRepository; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +public interface SessionRepository extends CrudRepository { + Session findByToken(String token); +} diff --git a/src/main/java/etunicorn/service/SessionService.java b/src/main/java/etunicorn/service/SessionService.java new file mode 100644 index 0000000..d63e857 --- /dev/null +++ b/src/main/java/etunicorn/service/SessionService.java @@ -0,0 +1,62 @@ +package etunicorn.service; + +import etunicorn.entity.Personne; +import etunicorn.entity.Session; +import etunicorn.repository.PersonneRepository; +import etunicorn.repository.SessionRepository; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Service; + +import javax.servlet.http.HttpServletRequest; +import java.util.Date; + +/** + * etunicorn-server + * Copyright © 2017 Le Club Info Polytech Lille + * Tous droits réservés + */ +@Service("sessionService") +public class SessionService { + @Autowired + private SessionRepository sessionRepository; + @Autowired + private PersonneRepository personneRepository; + + public SessionService() { + } + + public Session getSession(HttpServletRequest request) { + String token = request.getHeader("Authorization"); + return getSession(token); + } + + public Session getSession(String token) { + if (token == null) { + return null; + } else { + Session session = sessionRepository.findByToken(token); + if (session == null) { + return null; + } else { + if (session.getValidity().compareTo(new Date()) < 0) { + return null; + } else { + // Vérifie si la personne est toujours dans la base de données + Personne personne = personneRepository.findById(session.getPersonne().getId()); + if (personne == null) { + return null; + } else { + return session; + } + } + } + } + } + + public Session createSession(Personne personne) { + Session session = new Session(personne); + sessionRepository.save(session); + return session; + } + +} -- libgit2 0.21.2