Commit 8f35fffd80cd827c3dd37bd5387fcad75367533c

Authored by Geoffrey PREUD'HOMME
1 parent dabc7821

Ajout de la sécurité

.gitignore
... ... @@ -8,3 +8,4 @@ target/
8 8 demo*/
9 9 .idea/dictionaries/
10 10 etunicorn.db
  11 +.idea/dataSources
... ...
.idea/dataSources/0d8f27ad-8161-4ee1-8557-56db7fbf44cc/storage.xml deleted
... ... @@ -1,2 +0,0 @@
1   -<?xml version="1.0" encoding="UTF-8"?>
2   -<storage-settings staging-layout="plain" base-layout="schema-zip" language="H2"/>
3 0 \ No newline at end of file
.idea/dataSources/a06fd1f6-5928-4430-a317-e5ebc0e00a82/storage.xml deleted
... ... @@ -1,2 +0,0 @@
1   -<?xml version="1.0" encoding="UTF-8"?>
2   -<storage-settings staging-layout="plain" base-layout="schema-zip" language="H2"/>
3 0 \ No newline at end of file
.idea/dataSources/a88dec51-cb33-4875-a137-6d17703d6d6c/storage.xml deleted
... ... @@ -1,2 +0,0 @@
1   -<?xml version="1.0" encoding="UTF-8"?>
2   -<storage-settings staging-layout="plain" base-layout="schema-zip" language="H2"/>
3 0 \ No newline at end of file
.idea/dataSources/ebfeef5a-f196-4340-9424-14e4e8aaadbb.xml deleted
... ... @@ -1,30 +0,0 @@
1   -<?xml version="1.0" encoding="UTF-8"?>
2   -<dataSource name="etunicorn.db">
3   - <database-model serializer="dbm" rdbms="SQLITE" format-version="4.0">
4   - <root id="1"/>
5   - <schema id="2" parent="1">
6   - <Current>1</Current>
7   - <Visible>1</Visible>
8   - </schema>
9   - <table id="3" parent="2" name="personne"/>
10   - <column id="4" parent="3" name="id">
11   - <DataType>INTEGER(0,-1)|4</DataType>
12   - </column>
13   - <column id="5" parent="3" name="carte">
14   - <Position>1</Position>
15   - <DataType>VARCHAR(0,-1)|12</DataType>
16   - </column>
17   - <column id="6" parent="3" name="login">
18   - <Position>2</Position>
19   - <DataType>VARCHAR(0,-1)|12</DataType>
20   - </column>
21   - <column id="7" parent="3" name="naissance">
22   - <Position>3</Position>
23   - <DataType>TIMESTAMP(0,-1)|12</DataType>
24   - </column>
25   - <key id="8" parent="3">
26   - <ColNames>id</ColNames>
27   - <Primary>1</Primary>
28   - </key>
29   - </database-model>
30   -</dataSource>
31 0 \ No newline at end of file
.idea/dataSources/ebfeef5a-f196-4340-9424-14e4e8aaadbb/storage.xml deleted
... ... @@ -1,2 +0,0 @@
1   -<?xml version="1.0" encoding="UTF-8"?>
2   -<storage-settings staging-layout="plain" base-layout="schema-zip" language="SQLite"/>
3 0 \ No newline at end of file
src/main/java/etunicorn/Application.java
... ... @@ -8,6 +8,9 @@ import org.springframework.boot.autoconfigure.jdbc.DataSourceBuilder;
8 8 import org.springframework.context.annotation.Bean;
9 9  
10 10 import javax.sql.DataSource;
  11 +import java.util.ArrayList;
  12 +import java.util.Date;
  13 +import java.util.List;
11 14  
12 15 /**
13 16 * etunicorn-server
... ... @@ -23,17 +26,33 @@ public class Application {
23 26 }
24 27  
25 28 @Bean
26   - public CommandLineRunner demo(PermissionRepository permissionRepository) {
  29 + public CommandLineRunner demo(PermissionRepository permissionRepository,
  30 + RoleRepository roleRepository,
  31 + PersonneRepository personneRepository,
  32 + SessionRepository sessionRepository) {
27 33 return (args) -> {
28   - permissionRepository.save(new Permission("ROLE_ADMIN"));
29   - permissionRepository.save(new Permission("CONSO_ADMIN"));
30   - permissionRepository.save(new Permission("EVNMT_ADMIN"));
  34 + permissionRepository.save(new Permission("PERSONNE_ADD"));
  35 + permissionRepository.save(new Permission("PERSONNE_EDIT"));
  36 + permissionRepository.save(new Permission("PERSONNE_GET"));
  37 + permissionRepository.save(new Permission("PERSONNE_LIST"));
  38 + permissionRepository.save(new Permission("PERSONNE_REMOVE"));
  39 + permissionRepository.save(new Permission("ROLE_ADD"));
  40 + permissionRepository.save(new Permission("ROLE_DELETE"));
  41 + permissionRepository.save(new Permission("ROLE_PERMISSION_ADD"));
  42 + permissionRepository.save(new Permission("ROLE_PERMISSION_LIST"));
  43 + permissionRepository.save(new Permission("ROLE_PERMISSION_REMOVE"));
31 44 // ...
  45 +
  46 + roleRepository.save(new Role("admin", (List<Permission>) permissionRepository.findAll()));
  47 + roleRepository.save(new Role("etudiant", new ArrayList<>()));
  48 + personneRepository.save(new Personne("carte", new Date(), "gbontoux", roleRepository.findByNom("admin")));
  49 + sessionRepository.save(new Session(personneRepository.findByLogin("gbontoux"), "A", new Date(new Date().getTime() + 1000 * 60 * 10)));
  50 +
32 51 };
33 52 }
34 53  
35 54 @Bean
36   - public DataSource dataSource(){
  55 + public DataSource dataSource() {
37 56 DataSourceBuilder dataSourceBuilder = DataSourceBuilder.create();
38 57 dataSourceBuilder.driverClassName("org.sqlite.JDBC");
39 58 dataSourceBuilder.url("jdbc:sqlite:etunicorn.db");
... ...
src/main/java/etunicorn/BaseController.java 0 → 100644
... ... @@ -0,0 +1,36 @@
  1 +package etunicorn;
  2 +
  3 +import org.springframework.beans.factory.annotation.Autowired;
  4 +import org.springframework.web.bind.annotation.RestController;
  5 +
  6 +import javax.servlet.http.HttpServletRequest;
  7 +
  8 +/**
  9 + * etunicorn-server
  10 + * Copyright © 2017 Le Club Info Polytech Lille
  11 + * Tous droits réservés
  12 + */
  13 +@RestController
  14 +public class BaseController {
  15 +
  16 + // Permettent la vérification de permissions dans les méthodes de controlleur
  17 + @Autowired
  18 + private HttpServletRequest request;
  19 + @Autowired
  20 + private SessionService sessionService;
  21 + @Autowired
  22 + private PermissionRepository permissionRepository;
  23 +
  24 + protected boolean hasPermission(Permission permission) {
  25 + Session session = sessionService.getSession(request);
  26 + if (session == null || permission == null) {
  27 + return false;
  28 + }
  29 + return session.hasPermission(permission);
  30 + }
  31 +
  32 + protected boolean hasPermission(String nomPermission) {
  33 + Permission permission = permissionRepository.findByNom(nomPermission);
  34 + return hasPermission(permission);
  35 + }
  36 +}
... ...
src/main/java/etunicorn/LoginController.java
... ... @@ -7,8 +7,6 @@ import org.springframework.web.bind.annotation.PathVariable;
7 7 import org.springframework.web.bind.annotation.RequestParam;
8 8 import org.springframework.web.bind.annotation.RestController;
9 9  
10   -import java.util.Date;
11   -
12 10 /**
13 11 * etunicorn-server
14 12 * Copyright © 2017 Le Club Info Polytech Lille
... ... @@ -17,22 +15,27 @@ import java.util.Date;
17 15 @RestController
18 16 public class LoginController implements etunicorn.generated.LoginController {
19 17 @Autowired
20   - private PermissionRepository permissionRepository;
  18 + private PersonneRepository personneRepository;
  19 +
  20 + @Autowired
  21 + private SessionService sessionService;
21 22  
22 23 @Override
  24 + @RestrictedTo(authentifie = false)
23 25 public ResponseEntity<?> updateLogin(@RequestParam String login, @RequestParam String password) {
24   - // TODO C'est du debug !
25   - Role role = new Role();
26   - role.setNom("superman");
27   - for (Permission permission : permissionRepository.findAll()) {
28   - role.addPermission(permission);
  26 + Personne personne = personneRepository.findByLogin(login);
  27 + if (personne == null) {
  28 + return new ResponseEntity<Object>(HttpStatus.UNAUTHORIZED);
29 29 }
30   - Personne personne = new Personne();
31   - personne.setLogin("gbontoux");
32   - personne.setCarte("39cdd9ed0b191d");
33   - personne.setNaissance(new Date("14-Feb-1997"));
34   - personne.setRole(role);
35   - return new ResponseEntity<Object>(personne, HttpStatus.OK);
  30 +
  31 + // TODO Vraie vérification du mot de passe
  32 + if (!password.equals("test")) {
  33 + return new ResponseEntity<Object>(HttpStatus.UNAUTHORIZED);
  34 + }
  35 +
  36 + Session session = sessionService.createSession(personne);
  37 +
  38 + return new ResponseEntity<Object>(session, HttpStatus.OK);
36 39 }
37 40  
38 41 @Override
... ...
src/main/java/etunicorn/Personne.java
... ... @@ -31,6 +31,13 @@ public class Personne {
31 31 public Personne() {
32 32 }
33 33  
  34 + public Personne(String carte, Date naissance, String login, Role role) {
  35 + this.carte = carte;
  36 + this.naissance = naissance;
  37 + this.login = login;
  38 + this.role = role;
  39 + }
  40 +
34 41 public int getId() {
35 42 return id;
36 43 }
... ... @@ -70,4 +77,8 @@ public class Personne {
70 77 public void setRole(Role role) {
71 78 this.role = role;
72 79 }
  80 +
  81 + public boolean hasPermission(Permission permission) {
  82 + return role.hasPermission(permission);
  83 + }
73 84 }
... ...
src/main/java/etunicorn/PersonneController.java
... ... @@ -19,7 +19,7 @@ import java.util.List;
19 19 */
20 20  
21 21 @RestController
22   -public class PersonneController implements etunicorn.generated.PersonneController {
  22 +public class PersonneController extends BaseController implements etunicorn.generated.PersonneController {
23 23 @Autowired
24 24 private PersonneRepository personneRepository;
25 25  
... ... @@ -27,10 +27,12 @@ public class PersonneController implements etunicorn.generated.PersonneControlle
27 27 private RoleRepository roleRepository;
28 28  
29 29 @Override
  30 + @RestrictedTo("PERSONNE_LIST")
30 31 public ResponseEntity<?> getPersonne() {
31 32 return new ResponseEntity<List>((List) this.personneRepository.findAll(), HttpStatus.OK);
32 33 }
33 34  
  35 +
34 36 private ResponseEntity<?> mergePersonne(Personne personne, String carte, Date naissance, String login, String role) {
35 37 if (carte != null) {
36 38 personne.setCarte(carte);
... ... @@ -41,11 +43,16 @@ public class PersonneController implements etunicorn.generated.PersonneControlle
41 43 if (login != null) {
42 44 personne.setLogin(login);
43 45 }
  46 + // TODO Il faut que login ou carte soient mis
44 47 if (role != null) {
45   - Role roleObj = roleRepository.findByNom(role);
46   - personne.setRole(roleObj);
47   - if (roleObj == null) {
48   - return new ResponseEntity<Object>("Rôle inconnu", HttpStatus.NOT_FOUND);
  48 + if (hasPermission("PERSONNE_ROLE")) {
  49 + Role roleObj = roleRepository.findByNom(role);
  50 + personne.setRole(roleObj);
  51 + if (roleObj == null) {
  52 + return new ResponseEntity<Object>("Rôle inconnu", HttpStatus.NOT_FOUND);
  53 + }
  54 + } else {
  55 + return new ResponseEntity<Object>(HttpStatus.FORBIDDEN);
49 56 }
50 57 }
51 58 try {
... ... @@ -57,12 +64,14 @@ public class PersonneController implements etunicorn.generated.PersonneControlle
57 64 }
58 65  
59 66 @Override
  67 + @RestrictedTo("PERSONNE_ADD")
60 68 public ResponseEntity<?> updatePersonne(@RequestParam(required = false) String carte, @RequestParam(required = false) Date naissance, @RequestParam(required = false) String login, @RequestParam(required = false) String role) {
61 69 Personne personne = new Personne();
62 70 return mergePersonne(personne, carte, naissance, login, role);
63 71 }
64 72  
65 73 @Override
  74 + @RestrictedTo("PERSONNE_GET")
66 75 public ResponseEntity<?> getPersonneById(@PathVariable BigDecimal idPersonne) {
67 76 Personne personne = personneRepository.findById(idPersonne.intValueExact());
68 77 if (personne == null) {
... ... @@ -72,6 +81,7 @@ public class PersonneController implements etunicorn.generated.PersonneControlle
72 81 }
73 82  
74 83 @Override
  84 + @RestrictedTo("PERSONNE_EDIT")
75 85 public ResponseEntity<?> updatePersonneById(@PathVariable BigDecimal idPersonne, @RequestParam(required = false) String carte, @RequestParam(required = false) Date naissance, @RequestParam(required = false) String login, @RequestParam(required = false) String role) {
76 86 Personne personne = personneRepository.findById(idPersonne.intValueExact());
77 87 if (personne == null) {
... ... @@ -81,6 +91,7 @@ public class PersonneController implements etunicorn.generated.PersonneControlle
81 91 }
82 92  
83 93 @Override
  94 + @RestrictedTo("PERSONNE_REMOVE")
84 95 public ResponseEntity<?> deletePersonneById(@PathVariable BigDecimal idPersonne) {
85 96 Personne personne = personneRepository.findById(idPersonne.intValueExact());
86 97 if (personne == null) {
... ...
src/main/java/etunicorn/RestrictedTo.java 0 → 100644
... ... @@ -0,0 +1,17 @@
  1 +package etunicorn;
  2 +
  3 +import java.lang.annotation.*;
  4 +
  5 +/**
  6 + * etunicorn-server
  7 + * Copyright © 2017 Le Club Info Polytech Lille
  8 + * Tous droits réservés
  9 + */
  10 +@Target(value = {ElementType.METHOD, ElementType.PARAMETER})
  11 +@Retention(value = RetentionPolicy.RUNTIME)
  12 +@Documented
  13 +public @interface RestrictedTo {
  14 + String value() default "";
  15 +
  16 + boolean authentifie() default true;
  17 +}
... ...
src/main/java/etunicorn/Role.java
... ... @@ -25,6 +25,11 @@ public class Role {
25 25 public Role() {
26 26 }
27 27  
  28 + public Role(String nom, List<Permission> permissions) {
  29 + this.nom = nom;
  30 + this.permissions = permissions;
  31 + }
  32 +
28 33 public String getNom() {
29 34 return nom;
30 35 }
... ... @@ -41,6 +46,10 @@ public class Role {
41 46 this.permissions = permissions;
42 47 }
43 48  
  49 + public boolean hasPermission(Permission permission) {
  50 + return permissions.contains(permission);
  51 + }
  52 +
44 53 public void addPermission(Permission permission) {
45 54 this.permissions.add(permission);
46 55 }
... ...
src/main/java/etunicorn/RoleController.java
... ... @@ -17,7 +17,7 @@ import java.util.List;
17 17 * Tous droits réservés
18 18 */
19 19 @RestController
20   -public class RoleController implements etunicorn.generated.RoleController {
  20 +public class RoleController extends BaseController implements etunicorn.generated.RoleController {
21 21 @Autowired
22 22 private RoleRepository roleRepository;
23 23  
... ... @@ -30,6 +30,7 @@ public class RoleController implements etunicorn.generated.RoleController {
30 30 }
31 31  
32 32 @Override
  33 + @RestrictedTo("ROLE_ADD")
33 34 public ResponseEntity<?> updateRole(@RequestParam String nom) {
34 35 Role oldRole = roleRepository.findByNom(nom);
35 36 if (oldRole != null) {
... ... @@ -46,6 +47,7 @@ public class RoleController implements etunicorn.generated.RoleController {
46 47 }
47 48  
48 49 @Override
  50 + @RestrictedTo("ROLE_DELETE")
49 51 public ResponseEntity<?> deleteRoleById(@PathVariable String nomRole) {
50 52 Role role = roleRepository.findByNom(nomRole);
51 53 if (role == null) {
... ... @@ -56,6 +58,7 @@ public class RoleController implements etunicorn.generated.RoleController {
56 58 }
57 59  
58 60 @Override
  61 + @RestrictedTo("ROLE_PERMISSION_ADD")
59 62 public ResponseEntity<?> updateRoleById(@PathVariable String nomRole, @RequestParam String nom) {
60 63 Role role = roleRepository.findByNom(nomRole);
61 64 if (role == null) {
... ... @@ -75,6 +78,7 @@ public class RoleController implements etunicorn.generated.RoleController {
75 78 }
76 79  
77 80 @Override
  81 + @RestrictedTo("ROLE_PERMISSION_REMOVE")
78 82 public ResponseEntity<?> deleteRoleByNomPermission(@PathVariable String nomPermission, @PathVariable String nomRole) {
79 83 Role role = roleRepository.findByNom(nomRole);
80 84 if (role == null) {
... ... @@ -90,6 +94,7 @@ public class RoleController implements etunicorn.generated.RoleController {
90 94 }
91 95  
92 96 @Override
  97 + @RestrictedTo("ROLE_PERMISSION_LIST")
93 98 public ResponseEntity<?> getPermission() {
94 99 return new ResponseEntity<List>((List) permissionRepository.findAll(), HttpStatus.OK);
95 100 }
... ...
src/main/java/etunicorn/SecurityInterceptor.java 0 → 100644
... ... @@ -0,0 +1,70 @@
  1 +package etunicorn;
  2 +
  3 +import org.springframework.beans.factory.annotation.Autowired;
  4 +import org.springframework.http.HttpStatus;
  5 +import org.springframework.transaction.annotation.Transactional;
  6 +import org.springframework.web.method.HandlerMethod;
  7 +import org.springframework.web.servlet.ModelAndView;
  8 +import org.springframework.web.servlet.handler.HandlerInterceptorAdapter;
  9 +
  10 +import javax.servlet.http.HttpServletRequest;
  11 +import javax.servlet.http.HttpServletResponse;
  12 +
  13 +/**
  14 + * etunicorn-server
  15 + * Copyright © 2017 Le Club Info Polytech Lille
  16 + * Tous droits réservés
  17 + */
  18 +public class SecurityInterceptor extends HandlerInterceptorAdapter {
  19 + @Autowired
  20 + SessionService sessionService;
  21 + @Autowired
  22 + PermissionRepository permissionRepository;
  23 +
  24 + public SecurityInterceptor() {
  25 + super();
  26 + }
  27 +
  28 + @Override
  29 + @Transactional
  30 + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
  31 + Session session = sessionService.getSession(request);
  32 +
  33 + HandlerMethod method = (HandlerMethod) handler;
  34 + RestrictedTo annotation = method.getMethodAnnotation(RestrictedTo.class);
  35 +
  36 + Permission requiredPermission = permissionRepository.findByNom(annotation.value());
  37 + if (requiredPermission == null) {
  38 + response.setStatus(HttpStatus.NOT_IMPLEMENTED.value());
  39 + return false;
  40 + }
  41 +
  42 + if (annotation.authentifie()) {
  43 + if (session == null) {
  44 + response.setStatus(HttpStatus.UNAUTHORIZED.value());
  45 + return false;
  46 + } else {
  47 + if (!session.hasPermission(requiredPermission)) {
  48 + response.setStatus(HttpStatus.FORBIDDEN.value());
  49 + return false;
  50 + }
  51 + }
  52 + }
  53 + return super.preHandle(request, response, handler);
  54 + }
  55 +
  56 + @Override
  57 + public void postHandle(HttpServletRequest request, HttpServletResponse response, Object handler, ModelAndView modelAndView) throws Exception {
  58 + super.postHandle(request, response, handler, modelAndView);
  59 + }
  60 +
  61 + @Override
  62 + public void afterCompletion(HttpServletRequest request, HttpServletResponse response, Object handler, Exception ex) throws Exception {
  63 + super.afterCompletion(request, response, handler, ex);
  64 + }
  65 +
  66 + @Override
  67 + public void afterConcurrentHandlingStarted(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
  68 + super.afterConcurrentHandlingStarted(request, response, handler);
  69 + }
  70 +}
... ...
src/main/java/etunicorn/Session.java
... ... @@ -8,7 +8,9 @@ import java.security.SecureRandom;
8 8 import java.util.Date;
9 9  
10 10 /**
11   - * Created by geoffrey on 04/02/17.
  11 + * etunicorn-server
  12 + * Copyright © 2017 Le Club Info Polytech Lille
  13 + * Tous droits réservés
12 14 */
13 15 @Entity
14 16 public class Session {
... ... @@ -16,11 +18,11 @@ public class Session {
16 18 // Durée par défaut d'une session en secondes
17 19 private static final int SESSION_DURATION = 10 * 60;
18 20 private static SecureRandom random = new SecureRandom();
  21 + // TODO Vérifier si c'est bien initialisé qu'une seule fois par éxecution car c'est lourd à initialiser
19 22 @ManyToOne
20 23 private Personne personne;
21 24 @Id
22 25 private String token;
23   - // TODO Vérifier si c'est bien initialisé qu'une seule fois par éxecution car c'est lourd à initialiser
24 26 private Date validity;
25 27  
26 28  
... ... @@ -34,6 +36,12 @@ public class Session {
34 36 this.validity = new Date(new Date().getTime() + SESSION_DURATION * 1000);
35 37 }
36 38  
  39 + public Session(Personne personne, String token, Date validity) {
  40 + this.personne = personne;
  41 + this.token = token;
  42 + this.validity = validity;
  43 + }
  44 +
37 45 public Personne getPersonne() {
38 46 return personne;
39 47 }
... ... @@ -57,4 +65,8 @@ public class Session {
57 65 public void setValidity(Date validity) {
58 66 this.validity = validity;
59 67 }
  68 +
  69 + public boolean hasPermission(Permission permission) {
  70 + return personne.hasPermission(permission);
  71 + }
60 72 }
... ...
src/main/java/etunicorn/SessionRepository.java
... ... @@ -3,7 +3,9 @@ package etunicorn;
3 3 import org.springframework.data.repository.CrudRepository;
4 4  
5 5 /**
6   - * Created by geoffrey on 04/02/17.
  6 + * etunicorn-server
  7 + * Copyright © 2017 Le Club Info Polytech Lille
  8 + * Tous droits réservés
7 9 */
8 10 public interface SessionRepository extends CrudRepository<Session, Long> {
9 11 Session findByToken(String token);
... ...
src/main/java/etunicorn/SessionService.java 0 → 100644
... ... @@ -0,0 +1,58 @@
  1 +package etunicorn;
  2 +
  3 +import org.springframework.beans.factory.annotation.Autowired;
  4 +import org.springframework.stereotype.Service;
  5 +
  6 +import javax.servlet.http.HttpServletRequest;
  7 +import java.util.Date;
  8 +
  9 +/**
  10 + * etunicorn-server
  11 + * Copyright © 2017 Le Club Info Polytech Lille
  12 + * Tous droits réservés
  13 + */
  14 +@Service("sessionService")
  15 +public class SessionService {
  16 + @Autowired
  17 + private SessionRepository sessionRepository;
  18 + @Autowired
  19 + private PersonneRepository personneRepository;
  20 +
  21 + public SessionService() {
  22 + }
  23 +
  24 + public Session getSession(HttpServletRequest request) {
  25 + String token = request.getHeader("Authorization");
  26 + return getSession(token);
  27 + }
  28 +
  29 + public Session getSession(String token) {
  30 + if (token == null) {
  31 + return null;
  32 + } else {
  33 + Session session = sessionRepository.findByToken(token);
  34 + if (session == null) {
  35 + return null;
  36 + } else {
  37 + if (session.getValidity().compareTo(new Date()) < 0) {
  38 + return null;
  39 + } else {
  40 + // Vérifie si la personne est toujours dans la base de données
  41 + Personne personne = personneRepository.findById(session.getPersonne().getId());
  42 + if (personne == null) {
  43 + return null;
  44 + } else {
  45 + return session;
  46 + }
  47 + }
  48 + }
  49 + }
  50 + }
  51 +
  52 + public Session createSession(Personne personne) {
  53 + Session session = new Session(personne);
  54 + sessionRepository.save(session);
  55 + return session;
  56 + }
  57 +
  58 +}
... ...
src/main/java/etunicorn/WebMvcConfig.java
1 1 package etunicorn;
2 2  
  3 +import org.springframework.context.annotation.Bean;
3 4 import org.springframework.context.annotation.Configuration;
4 5 import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
5 6 import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter;
... ... @@ -13,9 +14,16 @@ import org.springframework.web.servlet.config.annotation.WebMvcConfigurerAdapter
13 14 @Configuration
14 15 public class WebMvcConfig extends WebMvcConfigurerAdapter {
15 16  
  17 + // http://stackoverflow.com/a/18218439
  18 + @Bean
  19 + public SecurityInterceptor securityInterceptor() {
  20 + return new SecurityInterceptor();
  21 + }
  22 +
16 23 @Override
17 24 public void addInterceptors(InterceptorRegistry registry) {
18 25 registry.addInterceptor(new GitHeaderInterceptor());
  26 + registry.addInterceptor(securityInterceptor());
19 27 }
20 28 }
21 29  
... ...
src/main/java/etunicorn/databaseConfiguration/SQLiteDialect.java
1 1 package etunicorn.databaseConfiguration;
2 2  
3 3 /**
4   - * Created by badet on 29/01/2017.
  4 + * etunicorn-server
  5 + * Copyright © 2017 Le Club Info Polytech Lille
  6 + * Tous droits réservés
5 7 */
6 8  
7 9 import org.hibernate.dialect.Dialect;
... ...