isa44.74
/
Organizee
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

pb merge

This commit is contained in:
Sana EL HIRI 2022-01-20 09:48:24 +01:00
parent 4c700c979e b147bc406c
commit 270376f7e3
28 changed files with 1029 additions and 41 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
.file.swp Normal file
View File

Binary file not shown.

9
.idea/Organizee.iml
View File

@ -1,9 +0,0 @@
<?xml version="1.0" encoding="UTF-8"?>
<module type="JAVA_MODULE" version="4">
<component name="NewModuleRootManager" inherit-compiler-output="true">
<exclude-output />
<content url="file://$MODULE_DIR$" />
<orderEntry type="inheritedJdk" />
<orderEntry type="sourceFolder" forTests="false" />
</component>
</module>

5
.idea/compiler.xml
View File

@ -6,12 +6,17 @@
<sourceOutputDir name="target/generated-sources/annotations" />
<sourceTestOutputDir name="target/generated-test-sources/test-annotations" />
<outputRelativeToContentRoot value="true" />
<<<<<<< HEAD
<module name="organizee" />
=======
<module name="Organizee" />
>>>>>>> b147bc406c22caa9c817c7189a325058d8550a69
</profile>
</annotationProcessing>
</component>
<component name="JavacSettings">
<option name="ADDITIONAL_OPTIONS_OVERRIDE">
<module name="Organizee" options="-parameters" />
<module name="organizee" options="-parameters" />
</option>
</component>

9
pom.xml
View File

@ -25,6 +25,15 @@
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-jdbc</artifactId>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-security</artifactId>
</dependency>
<dependency>
<groupId>io.jsonwebtoken</groupId>
<artifactId>jjwt</artifactId>
<version>0.9.1</version>
</dependency>
<dependency>
<groupId>org.springframework.boot</groupId>
<artifactId>spring-boot-starter-web</artifactId>

36
src/main/java/fr/organizee/OrganizeeApplication.java
View File

@ -1,13 +1,47 @@
package fr.organizee;
import fr.organizee.model.Membre;
import fr.organizee.model.Role;
import fr.organizee.service.MembreService;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.CommandLineRunner;
import org.springframework.boot.SpringApplication;
import org.springframework.boot.autoconfigure.SpringBootApplication;
import org.springframework.context.annotation.Bean;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import java.util.ArrayList;
import java.util.Arrays;
@SpringBootApplication
public class OrganizeeApplication {
public class OrganizeeApplication implements CommandLineRunner {
@Autowired
private MembreService membreService;
public static void main(String[] args) {
SpringApplication.run(OrganizeeApplication.class, args);
}
/**
* Ceci est un Bean, un composant
* Méthode de Hachage
* Bcrypt est un algorithme de hachage considé comme le plus sûr.
* bcrypt est un algorithme de hashage unidirectionnel,
* vous ne pourrez jamais retrouver le mot de passe sans connaitre à la fois le grain de sel,
* la clé et les différentes passes que l'algorithme à utiliser.
* Voir le <a href="https://bcrypt-generator.com/"> site pour effectuer un test</a>
*
* @return
*/
@Bean
public BCryptPasswordEncoder bCryptPasswordEncoder() {
return new BCryptPasswordEncoder();
}
@Override
public void run(String... args) throws Exception {
}
}

93
src/main/java/fr/organizee/controller/ContactController.java Normal file
View File

@ -0,0 +1,93 @@
package fr.organizee.controller;
import fr.organizee.model.Contact;
import fr.organizee.model.Membre;
import fr.organizee.model.Team;
import fr.organizee.repository.ContactRepository;
import fr.organizee.repository.TeamRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.persistence.EntityNotFoundException;
import java.util.List;
import java.util.Optional;
@RestController
@CrossOrigin("*")
@RequestMapping("/contacts")
public class ContactController {
@Autowired
private ContactRepository contactRepo;
@GetMapping(value = "/{id}")
@PreAuthorize("hasRole('ROLE_PARENT') or hasRole('ROLE_ENFANT')")
public ResponseEntity<?> findById(@PathVariable int id){
Optional<Contact> contact = null;
try
{
contact = contactRepo.findById(id);
} catch (Exception e) {
return ResponseEntity.status(HttpStatus.NOT_FOUND).body(null);
}
return ResponseEntity.status(HttpStatus.OK).body(contact);
}
@GetMapping(value = "team/{team_id}")
@PreAuthorize("hasRole('ROLE_PARENT') or hasRole('ROLE_ENFANT')")
public ResponseEntity<?> findByTeamId(@PathVariable int team_id){
List<Contact> contacts = null;
try
{
contacts = contactRepo.FindContactsByTeam(team_id);
} catch (Exception e) {
return ResponseEntity.status(HttpStatus.NOT_FOUND).body(null);
}
return ResponseEntity.status(HttpStatus.OK).body(contacts);
}
@PostMapping(value="/add")
@PreAuthorize("hasRole('ROLE_PARENT') or hasRole('ROLE_ENFANT')")
public ResponseEntity<?> addContact(@RequestBody Contact contact){
Contact resultContact = null;
try {
resultContact = contactRepo.saveAndFlush(contact);
} catch (Exception e) {
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(e.getMessage());
}
return ResponseEntity.status(HttpStatus.CREATED).body(resultContact);
}
@PutMapping("/update/{id}")
@PreAuthorize("hasRole('ROLE_PARENT') or hasRole('ROLE_ENFANT')")
public ResponseEntity<?> updateContact(@RequestBody Contact contact, @PathVariable Integer id) throws Exception {
Contact resultContact = null;
try {
resultContact = contactRepo.save(contact);
} catch (Exception e) {
return ResponseEntity.status(HttpStatus.NOT_FOUND).body(e.getMessage());
}
return ResponseEntity.status(HttpStatus.OK).body(resultContact);
}
@DeleteMapping(value = "/delete/{id}")
@PreAuthorize("hasRole('ROLE_PARENT')")
public ResponseEntity<?> deleteContact(@PathVariable int id){
try {
contactRepo.delete(contactRepo.getById(id));
return ResponseEntity.status(HttpStatus.OK).body("Contact effacé !");
} catch (EntityNotFoundException e) {
return ResponseEntity.status(HttpStatus.OK).body("Contact introuvable !");
}
}
}

69
src/main/java/fr/organizee/controller/MembreController.java
View File

@ -1,17 +1,28 @@
package fr.organizee.controller;
import fr.organizee.dto.JsonWebToken;
import fr.organizee.dto.MembreDto;
import fr.organizee.exception.ExistingUsernameException;
import fr.organizee.exception.InvalidCredentialsException;
import fr.organizee.model.Membre;
import fr.organizee.model.Team;
import fr.organizee.repository.MembreRepository;
<<<<<<< HEAD
import fr.organizee.repository.TeamRepository;
=======
//import fr.organizee.repository.TeamRepository;
import fr.organizee.service.MembreService;
>>>>>>> b147bc406c22caa9c817c7189a325058d8550a69
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.persistence.EntityNotFoundException;
import java.util.List;
import java.util.Optional;
import java.util.stream.Collectors;
/* toto */
@RestController
@ -22,7 +33,14 @@ public class MembreController {
@Autowired
private MembreRepository membreRepo;
<<<<<<< HEAD
// @Autowired
=======
@Autowired
private MembreService membreService;
// @Autowired
>>>>>>> b147bc406c22caa9c817c7189a325058d8550a69
// private TeamRepository teamRepo;
// @RequestMapping("/membres")
@ -36,6 +54,7 @@ public class MembreController {
}
@GetMapping(value = "/all")
@PreAuthorize("hasRole('ROLE_PARENT') or hasRole('ROLE_ENFANT')")
public ResponseEntity<?> getAll(){
List<Membre> liste = null;
try
@ -48,6 +67,13 @@ public class MembreController {
return ResponseEntity.status(HttpStatus.OK).body(liste);
}
@GetMapping("/admin/all")
@PreAuthorize("hasRole('ROLE_PARENT')")
public List<MembreDto> getAllAdminUsers() {
return membreService.findAllUsers().stream().map(appUser -> new MembreDto(appUser.getEmail(), appUser.getRoleList())).collect(Collectors.toList());
}
// @GetMapping(value = "/team/all")
// public ResponseEntity<?> getAllTeam(){
// List<Team> liste = null;
@ -62,6 +88,7 @@ public class MembreController {
// }
@GetMapping(value = "/{id}")
@PreAuthorize("hasRole('ROLE_PARENT') or hasRole('ROLE_ENFANT')")
public ResponseEntity<?> findById(@PathVariable int id){
Optional<Membre> membre = null;
try
@ -82,11 +109,12 @@ public class MembreController {
// }
@DeleteMapping(value = "/delete/{id}")
@PreAuthorize("hasRole('ROLE_PARENT')")
public ResponseEntity<?> deleteMembre(@PathVariable int id){
try {
membreRepo.delete(membreRepo.getById(id));
//membreRepo.deleteById(id);
return ResponseEntity.status(HttpStatus.OK).body("Membre effacée !");
return ResponseEntity.status(HttpStatus.OK).body("Membre effacé !");
} catch (EntityNotFoundException e) {
@ -94,19 +122,26 @@ public class MembreController {
}
}
@PostMapping(value="/add", produces="application/json", consumes="application/json")
public ResponseEntity<?> addMembre(@RequestBody Membre membre){
Membre resultMembre = null;
@PostMapping("/sign-up")
public ResponseEntity<JsonWebToken> signUp(@RequestBody Membre membre) {
try {
resultMembre = membreRepo.saveAndFlush(membre);
} catch (Exception e) {
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(e.getMessage());
return ResponseEntity.ok(new JsonWebToken(membreService.signup(membre)));
} catch (ExistingUsernameException ex) {
return ResponseEntity.badRequest().build();
}
}
return ResponseEntity.status(HttpStatus.CREATED).body(resultMembre);
@PostMapping("/sign-in")
public ResponseEntity<JsonWebToken> signIn(@RequestBody Membre membre) {
try {
return ResponseEntity.ok(new JsonWebToken(membreService.signin(membre.getEmail(), membre.getPassword())));
} catch (InvalidCredentialsException ex) {
return ResponseEntity.badRequest().build();
}
}
@PutMapping("/update/{id}")
@PreAuthorize("hasRole('ROLE_PARENT')")
public ResponseEntity<?> updateMembre(@RequestBody Membre membre, @PathVariable Integer id) throws Exception {
Membre resultMembre = null;
try {
@ -148,22 +183,4 @@ public class MembreController {
//
// return ResponseEntity.status(HttpStatus.OK).body(liste);
// }
@PostMapping(value="/login", produces="application/json", consumes="application/json")
public ResponseEntity<?> login(@RequestBody Membre membre){
Membre resultMembre = null;
try {
resultMembre = membreRepo.findByNom(membre.getNom());
if(resultMembre == null){
throw new RuntimeException("User inexistant.");
}
if(!resultMembre.getPassword().equals(membre.getPassword())){
throw new RuntimeException("mauvais password.");
}
} catch (Exception e) {
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(e.getMessage());
}
return ResponseEntity.status(HttpStatus.CREATED).body(resultMembre);
}
}

90
src/main/java/fr/organizee/controller/MenuController.java Normal file
View File

@ -0,0 +1,90 @@
package fr.organizee.controller;
import fr.organizee.model.Contact;
import fr.organizee.model.Menu;
import fr.organizee.repository.MenuRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.persistence.EntityNotFoundException;
import java.util.List;
import java.util.Optional;
@RestController
@CrossOrigin("*")
@RequestMapping("/menus")
public class MenuController {
@Autowired
private MenuRepository menuRepository;
@GetMapping(value = "/{id}")
@PreAuthorize("hasRole('ROLE_PARENT') or hasRole('ROLE_ENFANT')")
public ResponseEntity<?> findById(@PathVariable int id){
Optional<Menu> menu = null;
try
{
menu = menuRepository.findById(id);
} catch (Exception e) {
return ResponseEntity.status(HttpStatus.NOT_FOUND).body(null);
}
return ResponseEntity.status(HttpStatus.OK).body(menu);
}
@GetMapping(value = "team/{team_id}")
@PreAuthorize("hasRole('ROLE_PARENT') or hasRole('ROLE_ENFANT')")
public ResponseEntity<?> findByTeamId(@PathVariable int team_id) {
List<Menu> menus = null;
try {
menus = menuRepository.FindMenusByTeam(team_id);
} catch (Exception e) {
return ResponseEntity.status(HttpStatus.NOT_FOUND).body(null);
}
return ResponseEntity.status(HttpStatus.OK).body(menus);
}
@PostMapping(value="/add")
@PreAuthorize("hasRole('ROLE_PARENT') or hasRole('ROLE_ENFANT')")
public ResponseEntity<?> addMenu(@RequestBody Menu menu){
Menu resultMenu = null;
try {
resultMenu = menuRepository.saveAndFlush(menu);
} catch (Exception e) {
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(e.getMessage());
}
return ResponseEntity.status(HttpStatus.CREATED).body(resultMenu);
}
@PutMapping("/update/{id}")
@PreAuthorize("hasRole('ROLE_PARENT')")
public ResponseEntity<?> updateMenu(@RequestBody Menu menu, @PathVariable Integer id) throws Exception {
Menu resultMenu = null;
try {
resultMenu = menuRepository.save(menu);
} catch (Exception e) {
return ResponseEntity.status(HttpStatus.NOT_FOUND).body(e.getMessage());
}
return ResponseEntity.status(HttpStatus.OK).body(menuRepository);
}
@DeleteMapping(value = "/delete/{id}")
@PreAuthorize("hasRole('ROLE_PARENT')")
public ResponseEntity<?> deleteMenu(@PathVariable int id){
try {
menuRepository.delete(menuRepository.getById(id));
return ResponseEntity.status(HttpStatus.OK).body("Menu effacé !");
} catch (EntityNotFoundException e) {
return ResponseEntity.status(HttpStatus.OK).body("Menu introuvable !");
}
}
}

44
src/main/java/fr/organizee/controller/TeamController.java
View File

@ -1,10 +1,12 @@
package fr.organizee.controller;
import fr.organizee.model.Membre;
import fr.organizee.model.Team;
import fr.organizee.repository.TeamRepository;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.HttpStatus;
import org.springframework.http.ResponseEntity;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.*;
import javax.persistence.EntityNotFoundException;
@ -32,6 +34,7 @@ public class TeamController {
// Récupération de toutes les teams
@GetMapping(value = "/all")
@PreAuthorize("hasRole('ROLE_PARENT')")
public ResponseEntity<?> getAllTeam(){
List<Team> liste = null;
try
@ -45,6 +48,7 @@ public class TeamController {
}
@GetMapping(value = "/{id}")
@PreAuthorize("hasRole('ROLE_PARENT') or hasRole('ROLE_ENFANT')")
public ResponseEntity<?> findTeamById(@PathVariable int id){
Optional<Team> liste = null;
try
@ -57,4 +61,44 @@ public class TeamController {
return ResponseEntity.status(HttpStatus.OK).body(liste);
}
@PostMapping(value="/add", produces="application/json", consumes="application/json")
@PreAuthorize("hasRole('ROLE_PARENT')")
public ResponseEntity<?> addTeam(@RequestBody Team team){
Team resultTeam = null;
try {
resultTeam = teamRepo.saveAndFlush(team);
} catch (Exception e) {
return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(e.getMessage());
}
return ResponseEntity.status(HttpStatus.CREATED).body(resultTeam);
}
@PutMapping("/update/{id}")
@PreAuthorize("hasRole('ROLE_PARENT')")
public ResponseEntity<?> updateTeam(@RequestBody Team team, @PathVariable Integer id) throws Exception {
Team resultTeam = null;
try {
resultTeam = teamRepo.save(team);
} catch (Exception e) {
return ResponseEntity.status(HttpStatus.NOT_FOUND).body(e.getMessage());
}
return ResponseEntity.status(HttpStatus.OK).body(resultTeam);
}
@DeleteMapping(value = "/delete/{id}")
@PreAuthorize("hasRole('ROLE_PARENT')")
public ResponseEntity<?> deleteTeam(@PathVariable int id){
try {
teamRepo.delete(teamRepo.getById(id));
//membreRepo.deleteById(id);
return ResponseEntity.status(HttpStatus.OK).body("Team effacée !");
} catch (EntityNotFoundException e) {
return ResponseEntity.status(HttpStatus.OK).body("Team introuvable !");
}
}
}

18
src/main/java/fr/organizee/dto/JsonWebToken.java Normal file
View File

@ -0,0 +1,18 @@
package fr.organizee.dto;
/**
* Classe spécifique DTO (Data Transfer Object) qui retourne un Jeton au format JSON (REST response)
*
*/
public class JsonWebToken {
private final String token;
public JsonWebToken(String token) {
this.token = token;
}
public String getToken() {
return token;
}
}

53
src/main/java/fr/organizee/dto/MembreDto.java Normal file
View File

@ -0,0 +1,53 @@
package fr.organizee.dto;
import java.util.List;
import com.sun.istack.NotNull;
import fr.organizee.model.Role;
/**
* Specifique : AppUser DTO permet de renvoyer un User sans le mot de passe (REST response).
*/
public class MembreDto {
private Long id;
private String email;
private List<Role> roleList;
public MembreDto() {
}
public MembreDto(@NotNull String email) {
this(email, null);
}
public MembreDto(@NotNull String email, List<Role> roleList) {
this.email = email;
this.roleList = roleList;
}
public Long getId() {
return id;
}
public void setId(Long id) {
this.id = id;
}
public String getEmail() {
return email;
}
public void setEmail(String email) {
this.email = email;
}
public List<Role> getRoleList() {
return roleList;
}
public void setRoleList(List<Role> roleList) {
this.roleList = roleList;
}
}

15
src/main/java/fr/organizee/exception/ExistingUsernameException.java Normal file
View File

@ -0,0 +1,15 @@
package fr.organizee.exception;
/**
* Classe personnalisée pour ©rer un message si l'utilisateur (User) existe en Base de données
*/
public class ExistingUsernameException extends Exception {
private static final long serialVersionUID = 1L;
@Override
public String getMessage()
{
return "Désolé, l'utilisateur existe déjà en base de données !";
}
}

15
src/main/java/fr/organizee/exception/InvalidCredentialsException.java Normal file
View File

@ -0,0 +1,15 @@
package fr.organizee.exception;
/**
* Specific exception that should be thrown when user credentials are not valid.
*/
public class InvalidCredentialsException extends Exception {
private static final long serialVersionUID = -6483691380297851921L;
@Override
public String getMessage()
{
return "L'accréditation est invalide !";
}
}

17
src/main/java/fr/organizee/exception/InvalidJWTException.java Normal file
View File

@ -0,0 +1,17 @@
package fr.organizee.exception;
/**
* Specific exception that should be thrown when a JWT has an invalid format.
*/
public class InvalidJWTException extends Exception {
private static final long serialVersionUID = -6546999838071338632L;
@Override
public String getMessage()
{
return "Le format JWT est invalide !";
}
}

30
src/main/java/fr/organizee/model/Membre.java
View File

@ -2,9 +2,11 @@ package fr.organizee.model;
import com.fasterxml.jackson.annotation.JsonIgnore;
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
import com.sun.istack.NotNull;
import javax.persistence.*;
import java.time.LocalDate;
import java.util.List;
@Entity
@ -15,8 +17,19 @@ public class Membre {
private String nom;
private String prenom;
private LocalDate dateNaissance;
@NotNull
@Column(nullable = false)
private String email;
@NotNull
@Column(nullable = false)
private String password;
@ElementCollection(fetch = FetchType.EAGER)
@Enumerated(EnumType.STRING)
private List<Role> roleList;
private String isAdmin;
private String couleur;
private String smiley;
@ -31,7 +44,7 @@ public class Membre {
public Membre() {
}
public Membre(String nom, String prenom, LocalDate dateNaissance, String email, String password, String isAdmin, String couleur, String smiley, Team team) {
public Membre(String nom, String prenom, LocalDate dateNaissance, @NotNull String email, @NotNull String password, String isAdmin, String couleur, String smiley, Team team, List<Role> roleList) {
this.nom = nom;
this.prenom = prenom;
this.dateNaissance = dateNaissance;
@ -41,8 +54,16 @@ public class Membre {
this.couleur = couleur;
this.smiley = smiley;
this.team = team;
this.roleList=roleList;
}
public Membre(@NotNull String email, @NotNull String password, List<Role> roleList) {
this.email = email;
this.password = password;
this.roleList=roleList;
}
public int getId() {
return id;
}
@ -109,6 +130,13 @@ public class Membre {
this.smiley = smiley;
}
public List<Role> getRoleList() {
return roleList;
}
public void setRoleList(List<Role> roleList) {
this.roleList = roleList;
}
@Override
public String toString() {
return "Membre{" +

4
src/main/java/fr/organizee/model/Menu.java
View File

@ -12,6 +12,7 @@ public class Menu {
private int id;
private String libelle;
private LocalDate dateMenu;
private int validationProposition;
@ManyToOne(cascade = CascadeType.MERGE)
@JoinColumn(name="TEAM_ID")
@JsonIgnoreProperties("menu")
@ -22,9 +23,10 @@ public class Menu {
public Menu() {
}
public Menu(String libelle, LocalDate dateMenu) {
public Menu(String libelle, LocalDate dateMenu, int validationProposition) {
this.libelle = libelle;
this.dateMenu = dateMenu;
this.validationProposition=validationProposition;
}
public int getId() {

16
src/main/java/fr/organizee/model/Role.java Normal file
View File

@ -0,0 +1,16 @@
package fr.organizee.model;
import org.springframework.security.core.GrantedAuthority;
/**
* User possible roles.
*/
public enum Role implements GrantedAuthority {
ROLE_PARENT, ROLE_ENFANT;
@Override
public String getAuthority() {
return name();
}
}

10
src/main/java/fr/organizee/model/Team.java
View File

@ -55,8 +55,16 @@ public class Team {
this.membres = membre;
}
public List<Contact> getContacts() {
return contacts;
}
public void setContacts(List<Contact> contacts) {
this.contacts = contacts;
}
@Override
public String toString() {
return "Team [id=" + id + ", nom=" + nom + ", membre=" + membres + "]";
return "Team [id=" + id + ", nom=" + nom + ", membre=" + membres + ", contact=" + contacts + "]";
}
}

17
src/main/java/fr/organizee/repository/ContactRepository.java
View File

@ -1,4 +1,19 @@
package fr.organizee.repository;
public interface ContactRepository {
import fr.organizee.model.Contact;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.query.Param;
import org.springframework.stereotype.Repository;
import java.util.List;
import java.util.Optional;
@Repository
public interface ContactRepository extends JpaRepository<Contact, Integer> {
@Query(value = "select * from contact where team_id = :team_id", nativeQuery = true)
List<Contact> FindContactsByTeam(@Param("team_id") int team_id);
}

8
src/main/java/fr/organizee/repository/MembreRepository.java
View File

@ -4,7 +4,15 @@ import fr.organizee.model.Membre;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.stereotype.Repository;
import java.util.Optional;
@Repository
public interface MembreRepository extends JpaRepository<Membre, Integer> {
Membre findByNom(String nom);
Optional<Membre> findByEmail(String email);
boolean existsByEmail(String email);
void deleteByEmail(String email);
}

15
src/main/java/fr/organizee/repository/MenuRepository.java
View File

@ -1,4 +1,17 @@
package fr.organizee.repository;
public interface MenuRepository {
import fr.organizee.model.Contact;
import fr.organizee.model.Menu;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.Query;
import org.springframework.data.repository.query.Param;
import org.springframework.stereotype.Repository;
import java.util.List;
@Repository
public interface MenuRepository extends JpaRepository <Menu, Integer> {
@Query(value = "select * from menu where team_id = :team_id", nativeQuery = true)
List<Menu> FindMenusByTeam(@Param("team_id") int team_id);
}

46
src/main/java/fr/organizee/security/JwtTokenFilter.java Normal file
View File

@ -0,0 +1,46 @@
package fr.organizee.security;
import java.io.IOException;
import javax.servlet.FilterChain;
import javax.servlet.ServletException;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;
import org.springframework.http.HttpStatus;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.web.filter.OncePerRequestFilter;
import fr.organizee.exception.InvalidJWTException;
/**
* Filtre specifique en charge d'analyser la requête HTTP qui arrive vers notre Serveur et qui doit
* contenir un JWT valide.
*/
public class JwtTokenFilter extends OncePerRequestFilter {
private JwtTokenProvider jwtTokenProvider;
public JwtTokenFilter(JwtTokenProvider jwtTokenProvider) {
this.jwtTokenProvider = jwtTokenProvider;
}
@Override
protected void doFilterInternal(HttpServletRequest httpServletRequest, HttpServletResponse httpServletResponse, FilterChain filterChain) throws ServletException, IOException {
String token = jwtTokenProvider.resolveToken(httpServletRequest);
try {
if (token != null && jwtTokenProvider.validateToken(token)) {
Authentication auth = jwtTokenProvider.getAuthentication(token);
SecurityContextHolder.getContext().setAuthentication(auth);
}
} catch (InvalidJWTException ex) {
// permet de garantir que le AppClient n'est pas authentifié
SecurityContextHolder.clearContext();
httpServletResponse.sendError(HttpStatus.BAD_REQUEST.value(), "JWT invalide !");
return;
}
filterChain.doFilter(httpServletRequest, httpServletResponse);
}
}

185
src/main/java/fr/organizee/security/JwtTokenProvider.java Normal file
View File

@ -0,0 +1,185 @@
package fr.organizee.security;
import java.util.Base64;
import java.util.Date;
import java.util.List;
import java.util.Objects;
import java.util.stream.Collectors;
import javax.annotation.PostConstruct;
import javax.servlet.http.HttpServletRequest;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.stereotype.Component;
import com.fasterxml.jackson.core.JsonProcessingException;
import fr.organizee.exception.InvalidJWTException;
import fr.organizee.model.Role;
import io.jsonwebtoken.Claims;
import io.jsonwebtoken.JwtException;
import io.jsonwebtoken.Jwts;
import io.jsonwebtoken.SignatureAlgorithm;
/**
* JWT : classe utilitaire chargée de fournir le Jeton (Token) et les ©rifications
*/
@Component
public class JwtTokenProvider {
// on ©cupère le secret dans notre fichier application.properties
@Value("${security.jwt.token.secret-key:secret-key}")
private String secretKey;
// ici on met la valeur par ©faut
@Value("${security.jwt.token.expire-length:3600000}")
private long validityInMilliseconds = 3600000; // 1h pour être pénard
@Autowired
private UserDetailsService userDetailsService;
/**
* Cette ©thode d'initialisation s'exécute avant le constructeur
* Elle encode notre code secret en base64 pour la transmission dans le header
*/
@PostConstruct
protected void init() {
secretKey = Base64.getEncoder().encodeToString(secretKey.getBytes());
}
/**
* Methode qui crée le Token avec :
* username comme un champ "sub",
* User Role comme champ "auth"
* "iat" comme date du jour ,
* "exp" as now date + validity time.
* claims = les droits
struture :
HEADER : Algo + Type de Token
{
"alg": "HS256",
"typ": "JWT"
}
PAYLOAD : data
{
"sub": "pbouget",
"auth": [
"ROLE_ADMIN",
"ROLE_CREATOR",
"ROLE_READER"
],
"iat": 1589817421,
"exp": 1589821021
}
Signature :
Signature avec code secret :
HMACSHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
03888dd6ceb88c3fee410a70802fb93d483fd52d70349d8f7e7581ae346cf658
)
JWT ©¨rer avec cette info :
header = eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.
payload = eyJzdWIiOiJwYm91Z2V0IiwiYXV0aCI6WyJST0xFX0FETUlOIiwiUk9MRV9DUkVBVE9SIiwiUk9MRV9SRUFERVIiXSwiaWF0IjoxNTg5ODE3NDIxLCJleHAiOjE1ODk4MjEwMjF9.
signature = lrKQIkrCzNMwzTN-hs_EdoYYxrb59sAlku7nmaml0vk
©rifier sur https://jwt.io
* @param email the user email.
* @param roles the user roles.
* @return the created JWT as String.
* @throws JsonProcessingException
*/
public String createToken(String email, List<Role> roles){
Claims claims = Jwts.claims().setSubject(email);
claims.put("auth", roles.stream().map(s -> new SimpleGrantedAuthority(s.getAuthority())).filter(Objects::nonNull).collect(Collectors.toList()));
System.out.println("claims = "+claims);
// claims = {sub=pbouget, auth=[ROLE_ADMIN, ROLE_CREATOR, ROLE_READER]}
Date now = new Date();
Date validity = new Date(now.getTime() + validityInMilliseconds);
String leToken = Jwts.builder()//
.setClaims(claims)// le username avec les roles ou setPayload()
.setIssuedAt(now)// 1589817421 pour le 18 mai 2020 à 17 heure 57
.setExpiration(validity)// 1589821021 même date avec 1 heure de plus
.signWith(SignatureAlgorithm.HS256, secretKey) // la signature avec la clef secrête.
.compact(); // concatène l'ensemble pour construire une chaîne
System.out.println(leToken); // pour test cela donne ceci
/*
site pour convertir une date en millisecondes : http://timestamp.fr/?
site structure du jeton : https://www.vaadata.com/blog/fr/jetons-jwt-et-securite-principes-et-cas-dutilisation/
site jwt encoder / ©coder : https://jwt.io/
eyJhbGciOiJIUzI1NiJ9.
eyJzdWIiOiJwYm91Z2V0IiwiYXV0aCI6W3siYXV0aG9yaXR5IjoiUk9MRV9BRE1JTiJ9LHsiYXV0aG9yaXR5IjoiUk9MRV9DUkVBVE9SIn0seyJhdXRob3JpdHkiOiJST0xFX1JFQURFUiJ9XSwiaWF0IjoxNTg5ODE2OTIyLCJleHAiOjE1ODk4MjA1MjJ9.
Cn4_UTjZ2UpJ32FVT3Bd1-VN8K62DVBHQbWiK6MNZ04
*/
// https://www.codeflow.site/fr/article/java__how-to-convert-java-object-to-from-json-jackson
return leToken;
}
/**
* Methode qui retourne un objet Authentication basé sur JWT.
* @param token : le token pour l'authentification.
* @return the authentication si Username est trouvé.
*/
public Authentication getAuthentication(String token) {
UserDetails userDetails = userDetailsService.loadUserByUsername(getEmail(token));
return new UsernamePasswordAuthenticationToken(userDetails, "", userDetails.getAuthorities());
}
/**
* Methode qui extrait le userName du JWT.
* @param token : Token a analyser.
* @return le UserName comme chaîne de caractères.
*/
public String getEmail(String token) {
return Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token).getBody().getSubject();
}
/**
* ©thode qui ©cupère la requete HTTP.
* L'entête doit contenir un champ d'autorisation ou JWT ajoute le token après le mot clef Bearer.
* @param requete : la requête à tester.
* @return le JWT depuis l'entête HTTP.
*/
public String resolveToken(HttpServletRequest requeteHttp) {
String bearerToken = requeteHttp.getHeader("Authorization");
if (bearerToken != null && bearerToken.startsWith("Bearer ")) {
return bearerToken.substring(7);
}
return null;
}
/**
* Methode qui ¿½rifie que JWT est valide.
* La signature doit �tre correcte et la dur�e de validit� du Token doit �tre apr�s "now" (maintenant)
* @param token : Token � valider
* @return True si le Token est valide sinon on lance l'exception InvalidJWTException.
* @throws InvalidJWTException
*/
public boolean validateToken(String token) throws InvalidJWTException {
try {
Jwts.parser().setSigningKey(secretKey).parseClaimsJws(token);
return true;
} catch (JwtException | IllegalArgumentException e) {
throw new InvalidJWTException();
}
}
}

72
src/main/java/fr/organizee/security/WebSecurityConfig.java Normal file
View File

@ -0,0 +1,72 @@
package fr.organizee.security;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.config.BeanIds;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.builders.WebSecurity;
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
/**
* Configuration de S<EFBFBD>curit<EFBFBD> globale pour notre REST API.
*/
@Configuration
@EnableGlobalMethodSecurity(prePostEnabled = true)
@EnableWebSecurity
public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
@Autowired
private JwtTokenProvider jwtTokenProvider;
@Bean(name = BeanIds.AUTHENTICATION_MANAGER)
@Override
public AuthenticationManager authenticationManagerBean() throws Exception {
return super.authenticationManagerBean();
}
/**
* Methode qui configure la s<EFBFBD>curit<EFBFBD> HTTP.
* @param http the HttpSecurity object to configure.
* @throws Exception
*/
@Override
protected void configure(HttpSecurity http) throws Exception {
// Disable CSRF (Cross Site Request Forgery comme votre Token sera stock<EFBFBD> dans le session storage)
http.cors();
http.csrf().disable()
.authorizeRequests()
.antMatchers("/**").permitAll() // accessible sans besoin de s'authentifier
.and()
.authorizeRequests()
.antMatchers("/membres/sign-in").permitAll() // se connecter
.antMatchers("/membres/sign-up").permitAll() // s'inscrire
.antMatchers("membres/all").hasAuthority("ROLE_PARENT") // uniquement pour le r<EFBFBD>le admin
.anyRequest().authenticated(); // tout le reste est autoris<EFBFBD> par un utilisateur authentifi<EFBFBD>
// Appliquer un filtre avec le token pour toutes requ<EFBFBD>tes HTTP
http.addFilterBefore(new JwtTokenFilter(jwtTokenProvider), UsernamePasswordAuthenticationFilter.class);
}
/**
* Methode qui configure la s<EFBFBD>curit<EFBFBD> web.
* Utilis<EFBFBD> pour interdire l'acc<EFBFBD>s à certains r<EFBFBD>pertoires.
* @param web : WebSecurity
* @throws Exception
*/
@Override
public void configure(WebSecurity web) throws Exception {
web.ignoring().antMatchers("/resources/**");
}
}

45
src/main/java/fr/organizee/service/MembreService.java Normal file
View File

@ -0,0 +1,45 @@
package fr.organizee.service;
import java.util.List;
import java.util.Optional;
import org.springframework.stereotype.Service;
import fr.organizee.exception.ExistingUsernameException;
import fr.organizee.exception.InvalidCredentialsException;
import fr.organizee.model.Membre;
@Service
public interface MembreService {
/**
* Methode qui permet à un utilisateur de se connecter.
* @param email : nom de l'utilisateur.
* @param password : mot de passe de l'utilisateur.
* @returnun JWT si credentials est valide, throws InvalidCredentialsException otherwise.
* @throws InvalidCredentialsException
*/
String signin(String email, String password) throws InvalidCredentialsException;
/**
* Methode qui permet de s'inscrire.
* @param membre nouvel utilisateur.
* @return un JWT si user n'existe pas ©  !
* @throws ExistingUsernameException
*/
String signup(Membre membre) throws ExistingUsernameException;
/**
* Methode qui retourne tous les utilisateurs de la bd
* @return the list of all application users.
*/
List<Membre> findAllUsers();
/**
* Methode qui retourne un utilisateur à partir de son username
* @param email the username to look for.
* @return an Optional object containing user if found, empty otherwise.
*/
Optional<Membre> findUserByEmail(String email);
}

69
src/main/java/fr/organizee/service/MembreServiceImpl.java Normal file
View File

@ -0,0 +1,69 @@
package fr.organizee.service;
import java.util.List;
import java.util.Optional;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.AuthenticationException;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.stereotype.Service;
import fr.organizee.exception.ExistingUsernameException;
import fr.organizee.exception.InvalidCredentialsException;
import fr.organizee.model.Membre;
import fr.organizee.repository.MembreRepository;
import fr.organizee.security.JwtTokenProvider;
@Service
public class MembreServiceImpl implements MembreService {
@Autowired
private MembreRepository membreRepository; // permet communication avec la BD
@Autowired
private BCryptPasswordEncoder passwordEncoder; // permet l'encodage du mot de passe
@Autowired
private JwtTokenProvider jwtTokenProvider; // permet la fourniture du Jeton (Token)
@Autowired
private AuthenticationManager authenticationManager; // gestionnaire d'authentification
/**
* Permet de se connecter en encodant le mot de passe avec ©©ration du token.
*/
@Override
public String signin(String email, String password) throws InvalidCredentialsException {
try {
authenticationManager.authenticate(new UsernamePasswordAuthenticationToken(email, password));
return jwtTokenProvider.createToken(email, membreRepository.findByEmail(email).get().getRoleList());
} catch (AuthenticationException e) {
throw new InvalidCredentialsException();
}
}
@Override
public String signup(Membre membre) throws ExistingUsernameException {
if (!membreRepository.existsByEmail(membre.getEmail())) {
Membre membreToSave = new Membre(membre.getEmail(), passwordEncoder.encode(membre.getPassword()), membre.getRoleList());
membreRepository.save(membreToSave);
return jwtTokenProvider.createToken(membre.getEmail(), membre.getRoleList());
} else {
throw new ExistingUsernameException();
}
}
@Override
public List<Membre> findAllUsers() {
return membreRepository.findAll();
}
@Override
public Optional<Membre> findUserByEmail(String email) {
return membreRepository.findByEmail(email);
}
}

40
src/main/java/fr/organizee/service/UserDetailsServiceImpl.java Normal file
View File

@ -0,0 +1,40 @@
package fr.organizee.service;
import java.util.Optional;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.core.userdetails.User;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.core.userdetails.UsernameNotFoundException;
import org.springframework.stereotype.Service;
import fr.organizee.model.Membre;
import fr.organizee.repository.MembreRepository;
@Service
public class UserDetailsServiceImpl implements UserDetailsService {
@Autowired
private MembreRepository userRepository;
@Override
public UserDetails loadUserByUsername(String email) {
final Optional<Membre> user = userRepository.findByEmail(email);
if (!user.isPresent()) {
throw new UsernameNotFoundException("utilisateur '" + email + "' introuvable");
}
return User
.withUsername(email)
.password(user.get().getPassword())
.authorities(user.get().getRoleList())
.accountExpired(false)
.accountLocked(false)
.credentialsExpired(false)
.disabled(false)
.build();
}
}

40
src/main/resources/data.sql
View File

@ -1,3 +1,4 @@
<<<<<<< HEAD
-- --------------------------------------------------------
-- Hôte : 192.168.1.16
-- Version du serveur: 10.3.32-MariaDB-0ubuntu0.20.04.1 - Ubuntu 20.04
@ -60,6 +61,26 @@ CREATE TABLE IF NOT EXISTS `membre` (
-- Export de données de la table organizee.membre : ~0 rows (environ)
/*!40000 ALTER TABLE `membre` DISABLE KEYS */;
=======
INSERT INTO `team` (`id`, `nom`) VALUES
(1, 'Team JAVA'),
(2, 'Team Angular'),
(3, 'Team PHP'),
(4, 'Team Bancal');
INSERT INTO `contact` (`id`, `adresse`, `date_naissance`, `email`, `nom`, `prenom`, `telephone`, `team_id`) VALUES
(1, '7554 Messerschmidt Center', '2021-01-24', 'oogleasane0@cargocollective.com', 'Ophelia', 'O\'Gleasane', '913-198-6499','1'),
(2, '534 Jay Way', '2021-03-26', 'fmowett1@ocn.ne.jp', 'Fiann', 'Mowett', '248-224-7233','1'),
(3, '077 Buell Place', '2021-06-24', 'vlewknor2@spotify.com', 'Vladamir', 'Lewknor', '922-822-3626','1'),
(4, '6226 Esker Street', '2021-04-13', 'jbarmadier3@opensource.org', 'Jervis', 'Barmadier', '838-581-8112','2'),
(5, '28531 Luster Circle', '2021-06-15', 'tmee4@ameblo.jp', 'Tuesday', 'Mee', '761-975-7324','2'),
(6, '96 Hallows Avenue', '2021-08-13', 'tcolvine5@elegantthemes.com', 'Toni', 'Colvine', '348-778-7679','2'),
(7, '6401 Jay Crossing', '2021-01-14', 'rrielly6@netlog.com', 'Riane', 'Rielly', '740-571-0835','3'),
(8, '3273 Cascade Pass', '2021-03-22', 'jlauder7@rambler.ru', 'Juieta', 'Lauder', '928-408-6855','3'),
(9, '1170 Burning Wood Road', '2021-05-31', 'tbolver8@google.ca', 'Thibaut', 'Bolver', '681-860-8291','4'),
(10, '1 Westridge Road', '2021-03-11', 'emebs9@uol.com.br', 'Evered', 'Mebs', '898-483-6075','4');
>>>>>>> b147bc406c22caa9c817c7189a325058d8550a69
INSERT INTO `membre` (`id`, `couleur`, `date_naissance`, `email`, `is_admin`, `nom`, `password`, `prenom`, `smiley`, `team_id`) VALUES
(1, '#fcba03', '2021-12-13', 'hedi@simplon.com', '0', 'SKYWALKER', 'toto', 'Hédi', NULL, 1),
(2, '#8df505', '2021-07-03', 'aline@simplon.com', '0', 'FETT', 'tata', 'Aline', NULL, 1),
@ -67,6 +88,7 @@ INSERT INTO `membre` (`id`, `couleur`, `date_naissance`, `email`, `is_admin`, `n
(4, '#ed09de', '2021-06-29', 'blandine@simplon.com', '0', 'VADER', 'tutu', 'Blandine', NULL, 3),
(5, '#ed09de', '2021-08-29', 'sana@simplon.com', '0', 'C3PO', 'riri', 'Sana', NULL, 4),
(6, '#ed09de', '2021-10-29', 'cecile@simplon.com', '0', 'R2D2', 'loulou', 'Cecile', NULL, 4);
<<<<<<< HEAD
/*!40000 ALTER TABLE `membre` ENABLE KEYS */;
-- Export de la structure de la table organizee.menu
@ -145,3 +167,21 @@ INSERT INTO `todo_list` (`id`, `nom`, `team_id`) VALUES
/*!40101 SET SQL_MODE=IFNULL(@OLD_SQL_MODE, '') */;
/*!40014 SET FOREIGN_KEY_CHECKS=IF(@OLD_FOREIGN_KEY_CHECKS IS NULL, 1, @OLD_FOREIGN_KEY_CHECKS) */;
/*!40101 SET CHARACTER_SET_CLIENT=@OLD_CHARACTER_SET_CLIENT */;
=======
INSERT INTO `todo_list` (`id`, `nom`, `team_id`) VALUES
(1, 'Pour Blandine',1),
(2, 'Corvées',1),
(3, 'Noel',1);
INSERT INTO `tache` (`id`, `etat`, `texte`, `todolist_id`) VALUES
(1, 0, 'Apprendre le PHP', 1),
(2, 0, 'Revoir CRUD', 1),
(3, 0, 'Acheter des guirlandes', 3),
(4, 0, 'Acheter un sapin', 3),
(5, 0, 'Trouver un repas', 3);
INSERT INTO `evenement` (`id`, `all_day`, `event_debut`, `event_fin`, `libelle`, `membre_id`, `team_id`) VALUES
(1, 0, '2022-01-13 09:00:33', '2022-01-13 13:04:38', 'Simplon', 1, 1);
>>>>>>> b147bc406c22caa9c817c7189a325058d8550a69