From d0a03db788fecf45e878f1a3b792dafddeb4654a Mon Sep 17 00:00:00 2001
From: sfeutrie <simon.feutrier@polytech-lille.net>
Date: Sun, 30 Sep 2018 22:54:22 +0200
Subject: [PATCH] restructuration du site web avec une page d'accueil, de login et d'ajout d'utilisateur et ajout de Spring Security pour l'instant pas opérationnel

---
 PFE06/pom.xml                                                 |  9 ++++++---
 PFE06/src/main/java/com/PFE/ServerManager/Customer.java       | 33 ++++++++++++---------------------
 PFE06/src/main/java/com/PFE/ServerManager/MainController.java | 77 +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++----------------
 PFE06/src/main/java/com/PFE/ServerManager/Role.java           | 24 ++++++++++++++++++++++++
 PFE06/src/main/java/com/PFE/ServerManager/RoleRepository.java | 11 +++++++++++
 PFE06/src/main/java/com/PFE/ServerManager/SecurityConfig.java | 43 +++++++++++++++++++++++++++++++++++++++++++
 PFE06/src/main/resources/application.properties               | 24 +++++++++++++++++++-----
 PFE06/src/main/resources/data.sql                             |  6 ++++++
 PFE06/src/main/resources/templates/home.html                  | 12 ++++++++++++
 PFE06/src/main/resources/templates/login.html                 | 13 +++++++------
 PFE06/src/main/resources/templates/registration.html          | 31 +++++++++++++++++++++++++++++++
 PFE06/src/main/resources/templates/success.html               | 10 ++++++++++
 12 files changed, 242 insertions(+), 51 deletions(-)
 create mode 100644 PFE06/src/main/java/com/PFE/ServerManager/Role.java
 create mode 100644 PFE06/src/main/java/com/PFE/ServerManager/RoleRepository.java
 create mode 100644 PFE06/src/main/java/com/PFE/ServerManager/SecurityConfig.java
 create mode 100644 PFE06/src/main/resources/data.sql
 create mode 100644 PFE06/src/main/resources/templates/home.html
 create mode 100644 PFE06/src/main/resources/templates/registration.html
 create mode 100644 PFE06/src/main/resources/templates/success.html

diff --git a/PFE06/pom.xml b/PFE06/pom.xml
index e748551..76d007a 100644
--- a/PFE06/pom.xml
+++ b/PFE06/pom.xml
@@ -3,8 +3,8 @@
          xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/xsd/maven-4.0.0.xsd">
     <modelVersion>4.0.0</modelVersion>
 
-    <groupId>com.example</groupId>
-    <artifactId>demo</artifactId>
+    <groupId>com.PFE</groupId>
+    <artifactId>ServerManager</artifactId>
     <version>0.0.1-SNAPSHOT</version>
     <packaging>jar</packaging>
 
@@ -33,7 +33,10 @@
             <groupId>org.springframework.boot</groupId>
             <artifactId>spring-boot-starter-web</artifactId>
         </dependency>
-
+        <dependency>
+            <groupId>org.springframework.boot</groupId>
+            <artifactId>spring-boot-starter-security</artifactId>
+        </dependency>
         <dependency>
             <groupId>org.postgresql</groupId>
             <artifactId>postgresql</artifactId>
diff --git a/PFE06/src/main/java/com/PFE/ServerManager/Customer.java b/PFE06/src/main/java/com/PFE/ServerManager/Customer.java
index 5082a68..01d7ef9 100644
--- a/PFE06/src/main/java/com/PFE/ServerManager/Customer.java
+++ b/PFE06/src/main/java/com/PFE/ServerManager/Customer.java
@@ -1,19 +1,14 @@
 package com.PFE.ServerManager;
 
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.GeneratedValue;
-import javax.persistence.GenerationType;
-import javax.persistence.Id;
-import javax.persistence.Table;
-
-@Entity // This tells Hibernate to make a table out of this class
-@Table(name = "Customer") // DON'T USE "User" because it is a reserved name in PostgreSQL
+import javax.persistence.*;
+
+@Entity
+@Table(name = "customer") // NE PAS utiliser "User" car c'est un mot clef réservé pour PostgreSQL
 public class Customer{
 
     @Id
     @GeneratedValue(strategy=GenerationType.AUTO)
-    private Integer id;
+    private Integer customer_id;
 
     @Column(name = "pseudo")
     private String pseudo;
@@ -21,20 +16,17 @@ public class Customer{
     @Column(name = "password")
     private String password;
 
-    public Integer getId() {
-        return id;
-    }
+    @ManyToOne(cascade = CascadeType.ALL)
+    @JoinTable(name = "customer_role", joinColumns = @JoinColumn(name = "customer_id"), inverseJoinColumns = @JoinColumn(name = "role_id"))
+    //private Set<Role> roles;
+    private Role role;
 
-    public String getPseudo() {
-        return pseudo;
-    }
-
-    public String getPassword() {
-        return password;
+    public void setRole(Role role) {
+        this.role = role;
     }
 
     public void setId(Integer id) {
-        this.id = id;
+        this.customer_id = id;
     }
 
     public void setPseudo(String pseudo) {
@@ -44,5 +36,4 @@ public class Customer{
     public void setPassword(String password) {
         this.password = password;
     }
-
 }
\ No newline at end of file
diff --git a/PFE06/src/main/java/com/PFE/ServerManager/MainController.java b/PFE06/src/main/java/com/PFE/ServerManager/MainController.java
index c8cfb8e..dcb46af 100644
--- a/PFE06/src/main/java/com/PFE/ServerManager/MainController.java
+++ b/PFE06/src/main/java/com/PFE/ServerManager/MainController.java
@@ -3,44 +3,89 @@ package com.PFE.ServerManager;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.*;
+import org.springframework.web.servlet.ModelAndView;
 
-import java.util.Map;
-
-@Controller // This means that this class is a Controller
+@Controller
 public class MainController {
-    @Autowired // This means to get the bean called userRepository which is auto-generated by Spring, we will use it to handle the Customers
+
+    @Autowired
     CustomerRepository customerRepository;
 
+    @Autowired
+    RoleRepository roleRepository;
+
     @RequestMapping(value="/")
     public String home(){
-        return "redirect:login";
+        return "home";
     }
 
-    @GetMapping(path="/login") // Map ONLY GET Requests
-    public String login() {
-        return "login";  //return "redirect:/...."; //to send a request to redirect the current page
+    @GetMapping(path="/registration")
+    public String registration() {
+        return "registration";//fait le lien automatiquement avec le page html du même nom  //return "redirect:/....";
     }
 
-    @PostMapping(path="/login")
-    public String addNewUser(@RequestParam String pseudo, @RequestParam String password) {
-        // @RequestParam means it is a parameter from the GET or POST request
-        //the model Map is used by thymeleaf as a storage for values display on the html page
+    @PostMapping(path="/registration")
+    public ModelAndView addNewUser(@RequestParam String pseudo, @RequestParam String password) {
+        //Model map, ModelAndView ou l'utilisation direct comme dans la méthode précédente sont 3 méthodes qui permettent d'envoyer des informations et donc de changer l'apparence d'une page
+        ModelAndView modelAndView = new ModelAndView(); // il n'est peut être pas utile d'utiliser ModelAndView
         Customer n = new Customer();
         n.setPseudo(pseudo);
         n.setPassword(password);
         Customer temp = customerRepository.findByPseudo(pseudo);
 
+        /*Role nRole = roleRepository.findByRole("ADMIN");
+        n.setRoles(new HashSet<Role>(Arrays.asList(nRole)));*/
+        Role role = new Role(); // l'utilisation d'un role au lieu d'un tableau semble valide, ormis la première ligne de la table qui n'est pas utilisé
+        role.setRole("ADMIN");
+        n.setRole(role);
+
         if(temp != null) {
-            return "redirect:login?error";
+            modelAndView.addObject("ok", "l'utilisateur existe déjà");
+            //return "login?fail";
         }
+        else {
+            modelAndView.addObject("ok", "l'utilisateur a bien été ajouté");
+            customerRepository.save(n);
+    }
+        modelAndView.setViewName("registration");
+        return modelAndView;
+    }
 
-        customerRepository.save(n);
-        return "redirect:login?ok";
+    @GetMapping(path="/login")
+    public ModelAndView login(){
+        ModelAndView modelAndView = new ModelAndView();
+        modelAndView.setViewName("login");
+        return modelAndView;
     }
+    //////// Ne fonctionne pas /////////
+    /*public String login() {
+        return "login";  //return "redirect:/...."; //to send a request to redirect the current page
+    }*/
+    /*
+    @PostMapping(path="/login")
+    public ModelAndView connexion(@RequestParam String pseudo, @RequestParam String password) {
+        // @RequestParam means it is a parameter from the GET or POST request
+        //the model Map is used by thymeleaf as a storage for values display on the html page, this is the same way for ModelAndView
+        ModelAndView modelAndView = new ModelAndView();
+        Customer temp = customerRepository.findByPseudo(pseudo);
+        if(temp != null) {
+            modelAndView.addObject("error", "vous etes autorisé à être sur cette page");
+        }
+        else{
+            modelAndView.addObject("error", "vous n'etes pas autorisé à être sur cette page");
+        }
+        modelAndView.setViewName("login");
+        return modelAndView;
+    }*/
+    //////////////////////////
 
     @GetMapping(path="/all")
     public @ResponseBody Iterable<Customer> getAllUsers() {
-        // This returns a JSON or XML with the users
         return customerRepository.findAll();
     }
+
+    @RequestMapping(value="/success")
+    public String success(){
+        return "success";
+    }
 }
\ No newline at end of file
diff --git a/PFE06/src/main/java/com/PFE/ServerManager/Role.java b/PFE06/src/main/java/com/PFE/ServerManager/Role.java
new file mode 100644
index 0000000..bf3560c
--- /dev/null
+++ b/PFE06/src/main/java/com/PFE/ServerManager/Role.java
@@ -0,0 +1,24 @@
+package com.PFE.ServerManager;
+
+import javax.persistence.Column;
+import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
+import javax.persistence.Id;
+import javax.persistence.Table;
+
+@Entity
+@Table(name = "role")
+public class Role {
+    @Id
+    @GeneratedValue(strategy = GenerationType.AUTO)
+    @Column(name = "role_id")
+    private Integer role_id;
+
+    @Column(name = "role")
+    private String role;
+
+    public void setRole(String role) {
+        this.role = role;
+    }
+}
\ No newline at end of file
diff --git a/PFE06/src/main/java/com/PFE/ServerManager/RoleRepository.java b/PFE06/src/main/java/com/PFE/ServerManager/RoleRepository.java
new file mode 100644
index 0000000..afb99c9
--- /dev/null
+++ b/PFE06/src/main/java/com/PFE/ServerManager/RoleRepository.java
@@ -0,0 +1,11 @@
+package com.PFE.ServerManager;
+
+import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.repository.CrudRepository;
+import org.springframework.stereotype.Repository;
+
+@Repository
+public interface RoleRepository extends CrudRepository<Role, Integer> {
+    Role findByRole(String role);
+}
+
diff --git a/PFE06/src/main/java/com/PFE/ServerManager/SecurityConfig.java b/PFE06/src/main/java/com/PFE/ServerManager/SecurityConfig.java
new file mode 100644
index 0000000..0de7503
--- /dev/null
+++ b/PFE06/src/main/java/com/PFE/ServerManager/SecurityConfig.java
@@ -0,0 +1,43 @@
+package com.PFE.ServerManager;
+
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
+import org.springframework.context.annotation.Configuration;
+import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
+import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
+
+import javax.sql.DataSource;
+
+@Configuration
+@EnableAutoConfiguration
+public class SecurityConfig extends WebSecurityConfigurerAdapter {
+
+    @Autowired
+    DataSource dataSource;
+
+    @Autowired
+    public void configAuthentication(AuthenticationManagerBuilder auth) throws Exception {
+        auth.jdbcAuthentication()
+                .dataSource(dataSource)
+                .usersByUsernameQuery("select pseudo, password from customer where pseudo=?")
+                .authoritiesByUsernameQuery("select u.pseudo, r.role from customer u inner join customer_role ur on(u.customer_id=ur.customer_id) inner join role r on(ur.role_id=r.role_id) where u.pseudo=?");
+    }
+
+    @Override
+    protected void configure(HttpSecurity http) throws Exception {
+        http
+                .authorizeRequests()
+                    .antMatchers("/").permitAll()
+                    .antMatchers("/registration").permitAll()
+                    .antMatchers("/login").permitAll()
+                    //.antMatchers("/registration").hasRole("ADMIN").anyRequest().authenticated()
+                    .and()
+                .formLogin()
+                    .loginPage("/login").failureUrl("/login?error=true").defaultSuccessUrl("/success")
+                    .and()
+                .logout()
+                    .permitAll();
+        //http.exceptionHandling().accessDeniedPage("/403");
+    }
+}
\ No newline at end of file
diff --git a/PFE06/src/main/resources/application.properties b/PFE06/src/main/resources/application.properties
index b1d84a5..bb9b2d6 100644
--- a/PFE06/src/main/resources/application.properties
+++ b/PFE06/src/main/resources/application.properties
@@ -2,9 +2,23 @@
 #-----------------------------------------------#
 #---------- Spring Database management ---------#
 #-----------------------------------------------#
-spring.jpa.hibernate.ddl-auto=update
-#"create" if the database doesn't exist : it will reinitialize the DB every time the process is restarted
-#"update" if the database already exists
-spring.datasource.url=jdbc:postgresql://localhost:3306/sql_only
+spring.jpa.hibernate.ddl-auto=create
+#update
+#"create" recrée la base de données à chaque lancement
+#"update" met à jour la base données
+
+#Simon Postgres config :
+spring.datasource.url=jdbc:postgresql://localhost:5432/sql_only
 spring.datasource.username=postgres
-spring.datasource.password=admin
\ No newline at end of file
+spring.datasource.password=idalurf123
+
+#Antoine Postgres config :
+#spring.datasource.url=jdbc:postgresql://localhost:3302/sql_only
+#spring.datasource.username=postgres
+#spring.datasource.password=admin
+
+# montre les communications JPA avec la BDD
+spring.jpa.show-sql = true
+
+# exécute le fichier data.sql pour préciser le role ADMIN
+spring.datasource.initialization-mode=always
\ No newline at end of file
diff --git a/PFE06/src/main/resources/data.sql b/PFE06/src/main/resources/data.sql
new file mode 100644
index 0000000..98ec008
--- /dev/null
+++ b/PFE06/src/main/resources/data.sql
@@ -0,0 +1,6 @@
+/* ce fichier doit être placé dans les ressources afin d'être utilisé */
+INSERT INTO "role" VALUES (1,'ADMIN');
+/*INSERT INTO "customer" VALUES (10,1,'Feutrier','Simon');
+INSERT INTO "customer" VALUES (11,1,'Duquenoy','Antoine');
+INSERT INTO "customer_role" VALUES (1,1);
+INSERT INTO "customer_role" VALUES (2,1);*/
\ No newline at end of file
diff --git a/PFE06/src/main/resources/templates/home.html b/PFE06/src/main/resources/templates/home.html
new file mode 100644
index 0000000..50d943b
--- /dev/null
+++ b/PFE06/src/main/resources/templates/home.html
@@ -0,0 +1,12 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org">
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>Page d'accueil</title>
+</head>
+<body>
+<a th:href="@{/login}">connexion</a>
+<a th:href="@{/registration}">enregistrer des utilisateurs</a>
+</body>
+</html>
\ No newline at end of file
diff --git a/PFE06/src/main/resources/templates/login.html b/PFE06/src/main/resources/templates/login.html
index 44cc934..4bac2e0 100644
--- a/PFE06/src/main/resources/templates/login.html
+++ b/PFE06/src/main/resources/templates/login.html
@@ -1,12 +1,12 @@
 <!DOCTYPE html>
 <html xmlns:th="http://www.thymeleaf.org">
 <head>
-    <title>Add users page</title>
+    <title>Page de connexion</title>
     <meta charset="utf-8"/>
 </head>
     <body>
         <div>
-            <h5>Add new users</h5>
+            <h5>Ajouter de nouveaux utilisateurs :</h5>
             <form th:action="@{/login}" method="POST">
                 <div class="form1">
                     <label for="username">User Name: </label>
@@ -16,14 +16,15 @@
                     <label for="password">Password: </label>
                     <input type="password" id="password" placeholder="Enter Password" name="password"/>
                 </div>
-                <button type="submit">Ajouter</button>
+                <button type="submit">se connecter</button>
             </form>
-            <div th:if="${param.ok}">
+            <span th:utext="${error}"></span>
+            <!--<div th:if="${param.ok}">
                 <span>L'utilisateur a été ajouté !</span>
             </div>
-            <div th:if="${param.error}">
+            <div th:if="${param.fail}">
                 <span>Le pseudo existe déjà !</span>
-            </div>
+            </div>-->
         </div>
     </body>
 </html>
\ No newline at end of file
diff --git a/PFE06/src/main/resources/templates/registration.html b/PFE06/src/main/resources/templates/registration.html
new file mode 100644
index 0000000..2176330
--- /dev/null
+++ b/PFE06/src/main/resources/templates/registration.html
@@ -0,0 +1,31 @@
+<!DOCTYPE html>
+<html xmlns:th="http://www.thymeleaf.org">
+<head>
+    <title>Ajout d'utilisateurs</title>
+    <meta charset="utf-8"/>
+</head>
+<body>
+<div>
+    <h5>Ajout d'utilisateurs :</h5>
+    <form th:action="@{/registration}" method="POST">
+        <div class="form1">
+            <label for="username">User Name: </label>
+            <input type="text" id="username" placeholder="Enter UserName" name="pseudo"/>
+        </div>
+        <div class="form2">
+            <label for="password">Password: </label>
+            <input type="password" id="password" placeholder="Enter Password" name="password"/>
+        </div>
+        <button type="submit">Ajouter</button>
+    </form>
+    <span th:utext="${ok}"></span>
+    <a href="/login">connexion</a>
+    <!--<div th:if="${param.ok}">
+        <span>L'utilisateur a été ajouté !</span>
+    </div>
+    <div th:if="${param.fail}">
+        <span>Le pseudo existe déjà !</span>
+    </div>-->
+</div>
+</body>
+</html>
\ No newline at end of file
diff --git a/PFE06/src/main/resources/templates/success.html b/PFE06/src/main/resources/templates/success.html
new file mode 100644
index 0000000..b4e81f4
--- /dev/null
+++ b/PFE06/src/main/resources/templates/success.html
@@ -0,0 +1,10 @@
+<!DOCTYPE html>
+<html lang="en">
+<head>
+    <meta charset="UTF-8">
+    <title>SUCCESS</title>
+</head>
+<body>
+<a href="/login">connexion</a>
+</body>
+</html>
\ No newline at end of file
--
libgit2 0.21.2