Model Role OUT + data.sql a jour

2022-03-11 14:34:22 +01:00 · 2022-03-11 14:34:22 +01:00 · b1e1952da8
commit b1e1952da8
parent b9ad367ed3
12 changed files with 373 additions and 176 deletions
--- a/src/main/java/fr/cardon/simpleat/controller/PersonneController.java
+++ b/src/main/java/fr/cardon/simpleat/controller/PersonneController.java
@ -21,9 +21,7 @@ import fr.cardon.simpleat.dto.JsonWebToken;
 import fr.cardon.simpleat.exception.ExistingUsernameException;
 import fr.cardon.simpleat.exception.InvalidCredentialsException;
 import fr.cardon.simpleat.model.Personne;
-import fr.cardon.simpleat.model.Role;
 import fr.cardon.simpleat.repository.PersonneRepository;
-import fr.cardon.simpleat.repository.RoleRepository;
 import fr.cardon.simpleat.service.PersonneService;

@RestController
@ -34,9 +32,6 @@ public class PersonneController {
 	@Autowired
 	private PersonneRepository personneRepository;
 	
-	@Autowired
-	private RoleRepository roleRepository;
-	
 	@Autowired
 	private PersonneService personneService;
 	
@ -51,7 +46,6 @@ public class PersonneController {
 		p1.setPrenom("pouet");
 		p1.setEmail("pouetcoco@gmail.com");
 		p1.setPassword("hjfdzov");
-		p1.setRoles(findRoleById(2));
 		
 		//ajoutPersonne(p1);
 		
@ -68,27 +62,28 @@ public class PersonneController {

 	
 	@GetMapping("/users")
-	//@PreAuthorize("hasRole('ROLE_ADMIN')")
+	@PreAuthorize("hasRole('ROLE_ADMIN')")
 	public Collection<Personne> findAll(){

 		return personneRepository.findAll();
 	}
 	
 	@GetMapping("/user/{id}")
-	//@PreAuthorize("hasRole('ROLE_ADMIN')")
+	@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_READER')")
 	public Personne findPersonneById(@PathVariable int id){

 		return personneRepository.findById(id);
 	}
 	
-	@PostMapping("/add-user")
-	//@PreAuthorize("hasRole('ROLE_ADMIN')")
-	public ResponseEntity<?> ajoutPersonne(@RequestBody Personne personne){
-		return ResponseEntity.status(HttpStatus.OK).body(personneRepository.save(personne));
-	}
+//	@PostMapping("/add-user")
+//	@PreAuthorize("hasRole('ROLE_ADMIN')")
+//	public ResponseEntity<?> ajoutPersonne(@RequestBody Personne personne){
+//		return ResponseEntity.status(HttpStatus.OK).body(personneRepository.save(personne));
+//	}

 	
 	@PutMapping(value = "/update-user/{id}")
+	@PreAuthorize("hasRole('ROLE_ADMIN')")
 	public ResponseEntity<?> modifPerso(@PathVariable int id, @RequestBody Personne personne){

 //		Personne persoAModif= null;
@ -101,6 +96,7 @@ public class PersonneController {
 	}	
 	
 	@DeleteMapping(value = "/delete-user/{id}")
+	@PreAuthorize("hasRole('ROLE_ADMIN')")
 	public void suppressionPerso(@PathVariable int id){
 //		Personne persoASuppr= new Personne();
 //		persoASuppr = findById(id);
@ -109,23 +105,20 @@ public class PersonneController {
 	}

 	
-	public Collection<Role> findRoleById(int idRole){
-		return roleRepository.findCollectionById(idRole);
-	}
-	
 	@PostMapping("/signin")
-	   public ResponseEntity<JsonWebToken> signIn(@RequestBody Personne personne) {
-	        try {
-	        	// ici on créé un JWT en passant l'email et le mot de passe
-	        	// récupéré de l'objet user passé en paramètre.
-	            return ResponseEntity.ok(new JsonWebToken(personneService.signin(personne.getEmail(), personne.getPassword())));
-	        } catch (InvalidCredentialsException ex) {
-	        	// on renvoie une réponse négative
-	            return ResponseEntity.badRequest().build();
-	        }
-	    }
+	public ResponseEntity<JsonWebToken> signIn(@RequestBody Personne personne) {
+        try {
+        	// ici on créé un JWT en passant l'email et le mot de passe
+        	// récupéré de l'objet user passé en paramètre.
+            return ResponseEntity.ok(new JsonWebToken(personneService.signin(personne.getEmail(), personne.getPassword())));
+        } catch (InvalidCredentialsException ex) {
+        	// on renvoie une réponse négative
+            return ResponseEntity.badRequest().build();
+        }
+    }
 	 
 	 @PostMapping("/signup")
+	 @PreAuthorize("hasRole('ROLE_ADMIN')")
 	    public ResponseEntity<JsonWebToken> signUp(@RequestBody Personne personne) {
 	        try {
 	            return ResponseEntity.ok(new JsonWebToken(personneService.signup(personne)));
--- a/src/main/java/fr/cardon/simpleat/controller/PreferenceController.java
+++ b/src/main/java/fr/cardon/simpleat/controller/PreferenceController.java
@ -6,6 +6,7 @@ import java.util.Optional;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.CrossOrigin;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
@ -35,6 +36,7 @@ public class PreferenceController {
 	private RestaurantRepository restaurantRepository;
 	
 	@GetMapping("/preferences")
+	@PreAuthorize("hasRole('ROLE_ADMIN')")
 	public Collection<Preference> findAll(){

 		return preferenceRepository.findAll();
@ -42,6 +44,7 @@ public class PreferenceController {
 	
 	
 	@GetMapping("/preference/{iduser}/{idrestau}")
+	@PreAuthorize("hasRole('ROLE_ADMIN')")
 	public Optional<Preference> findPreferenceById(@PathVariable int iduser, @PathVariable int idrestau ){
 		PreferencePK id = new PreferencePK(personneRepository.getById(iduser) ,restaurantRepository.getById(idrestau));
 		System.out.println(iduser);
@ -56,6 +59,7 @@ public class PreferenceController {
 //	}
 	
 	@PostMapping("/add-preference/{iduser}/{idrestau}")
+	@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_READER')")
 	public ResponseEntity<?> ajoutPreference(@PathVariable int iduser, @PathVariable int idrestau ){
 		System.out.println("hello");
 		Preference preference = new Preference(new PreferencePK(personneRepository.getById(iduser) ,restaurantRepository.getById(idrestau)));
@ -70,6 +74,7 @@ public class PreferenceController {
 //	}	
 //	
 	@DeleteMapping("/delete-preference/{iduser}/{idrestau}")
+	@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_READER')")
 	public void deletePreferenceById(@PathVariable int iduser, @PathVariable int idrestau ){
 		PreferencePK id = new PreferencePK(personneRepository.getById(iduser) ,restaurantRepository.getById(idrestau));
 		preferenceRepository.deleteById(id);
--- a/src/main/java/fr/cardon/simpleat/controller/RestaurantController.java
+++ b/src/main/java/fr/cardon/simpleat/controller/RestaurantController.java
@ -27,18 +27,20 @@ public class RestaurantController {
 	private RestaurantRepository restaurantRepository;
 	
 	@GetMapping("/restaurants")
+	@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_READER')")
 	public Collection<Restaurant> findAll(){

 		return restaurantRepository.findAll();
 	}
 	
 	@GetMapping("/restaurant/{id}")
+	@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_READER')")
 	public Restaurant findRestaurantById(@PathVariable int id){
 		return restaurantRepository.findById(id);
 	}
 	
 	@PostMapping("/add-restaurant")
-	//@PreAuthorize("hasRole('ROLE_ADMIN')")
+	@PreAuthorize("hasRole('ROLE_ADMIN')")
 	public ResponseEntity<?> ajoutRestaurant(@RequestBody Restaurant personne){
 		return ResponseEntity.status(HttpStatus.OK).body(restaurantRepository.save(personne));
 	}
@ -51,6 +53,7 @@ public class RestaurantController {
 	}	
 	
 	@DeleteMapping(value = "/delete-restaurant/{id}")
+	@PreAuthorize("hasRole('ROLE_ADMIN')")
 	public void suppressionRestaurant(@PathVariable int id){
 		
 		restaurantRepository.deleteById(id);
--- a/src/main/java/fr/cardon/simpleat/controller/TypeRestauController.java
+++ b/src/main/java/fr/cardon/simpleat/controller/TypeRestauController.java
@ -7,6 +7,7 @@ import java.util.List;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.http.ResponseEntity;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.web.bind.annotation.CrossOrigin;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
@ -28,33 +29,39 @@ public class TypeRestauController {
    private TypeRestauRepository typeRestauRepository;

    @GetMapping("/types")
+	@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_READER')")
    public Collection<TypeRestau> findAll(){

        return typeRestauRepository.findAll();
    }

    @GetMapping("/type/{id}")
+	@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_READER')")
    public TypeRestau findTypetById(@PathVariable int id){
        return typeRestauRepository.findById(id);
    }

    @GetMapping("/restaurantbytype/{id}")
+	@PreAuthorize("hasRole('ROLE_ADMIN') or hasRole('ROLE_READER')")
    public List<Restaurant> findRestauByType(@PathVariable int id){
    	return findTypetById(id).getRestaurants();
    }

    @PostMapping("/add-type")
+	@PreAuthorize("hasRole('ROLE_ADMIN')")
    public ResponseEntity<?> ajoutType(@RequestBody TypeRestau type){
        return ResponseEntity.status(HttpStatus.OK).body(typeRestauRepository.save(type));
    }


    @PutMapping(value = "/update-type/{id}")
+	@PreAuthorize("hasRole('ROLE_ADMIN')")
    public ResponseEntity<?> modifType(@PathVariable int id, @RequestBody TypeRestau type){
        return ResponseEntity.status(HttpStatus.OK).body(typeRestauRepository.save(type));
    }

    @DeleteMapping(value = "/delete-type/{id}")
+	@PreAuthorize("hasRole('ROLE_ADMIN')")
    public void suppressionType(@PathVariable int id){

        typeRestauRepository.deleteById(id);
--- a/src/main/java/fr/cardon/simpleat/dto/PersonneDto.java
+++ b/src/main/java/fr/cardon/simpleat/dto/PersonneDto.java
@ -5,7 +5,6 @@ import java.util.List;

 import com.sun.istack.NotNull;

-import fr.cardon.simpleat.model.Role;

 /**
 * Specifique : AppUser DTO permet de renvoyer un User sans le mot de passe (REST response).
@ -14,18 +13,9 @@ public class PersonneDto {
 	
 	    private Long id;
 	    private String email;
-	    private List<Role> roleList;
 	    
 	    public PersonneDto() { }

-	    public PersonneDto(@NotNull String email) {
-	        this(email,null);
-	    }
-
-	    public PersonneDto(@NotNull String email, List<Role> roleList) {
-	        this.email = email;
-	        this.roleList = roleList;
-	    }

 		public Long getId() {
 			return id;
@ -43,13 +33,4 @@ public class PersonneDto {
 			this.email = email;
 		}

-		public List<Role> getRoleList() {
-			return roleList;
-		}
-
-		public void setRoleList(List<Role> roleList) {
-			this.roleList = roleList;
-		}
-	    
-
 }
--- a/src/main/java/fr/cardon/simpleat/model/EnumRole.java
+++ b/src/main/java/fr/cardon/simpleat/model/EnumRole.java
@ -4,7 +4,7 @@ import org.springframework.security.core.GrantedAuthority;

 public enum EnumRole implements GrantedAuthority {
 	
-    ROLE_ADMIN, ROLE_CREATOR, ROLE_READER;
+    ROLE_ADMIN, ROLE_READER;

    @Override
    public String getAuthority() {
--- a/src/main/java/fr/cardon/simpleat/model/Personne.java
+++ b/src/main/java/fr/cardon/simpleat/model/Personne.java
@ -33,7 +33,6 @@ public class Personne {
    private String prenom;
    private String email;
    private String password;
-    private Collection<Role> roles = new ArrayList<Role>();
    private Collection<Preference> preference = new ArrayList<Preference>();
    private List<EnumRole> roleList;
    
@ -77,19 +76,6 @@ public Personne(String email, String password, List<EnumRole> roleList) {
 	}


-	public Personne(String nom, String prenom, String email, String password,
-			Collection<fr.cardon.simpleat.model.Role> roles, Collection<Preference> preference,
-			List<EnumRole> roleList) {
-		super();
-		this.nom = nom;
-		this.prenom = prenom;
-		this.email = email;
-		this.password = password;
-		this.roles = roles;
-		this.preference = preference;
-		this.roleList = roleList;
-	}
-

 	@Id
 	@GeneratedValue(strategy = GenerationType.IDENTITY)
@ -132,19 +118,6 @@ public Personne(String email, String password, List<EnumRole> roleList) {
 	public void setPassword(String password) {
 		this.password = password;
 	}
-
-	@ManyToMany
-	@JoinTable(name="role_personne",
-	joinColumns = @JoinColumn(name = "id_perso"/*nom créé dans table asso*/,referencedColumnName = "id_personne" /*classe en cours*/) )
-	@JsonIgnoreProperties("roles")
-	public Collection<Role> getRoles() {
-		return roles;
-	}
-
-
-	public void setRoles(Collection<Role> roles) {
-		this.roles = roles;
-	}
 	

 	@OneToMany(mappedBy = "preferencePK.personne", cascade = CascadeType.REMOVE)
--- a/src/main/java/fr/cardon/simpleat/model/Role.java
+++ b/src/main/java/fr/cardon/simpleat/model/Role.java
@ -1,41 +0,0 @@
-package fr.cardon.simpleat.model;
-
-import javax.persistence.Column;
-import javax.persistence.Entity;
-import javax.persistence.Id;
-
-@Entity
-public class Role {
-	
-	private int id;
-	private String intitule;
-	
-	
-	public Role() {
-		super();
-		// TODO Auto-generated constructor stub
-	}
-
-	public Role(int id, String intitule) {
-		super();
-		this.id = id;
-		this.intitule = intitule;
-	}
-	
-	@Id
-	@Column(name = "id_role")
-	public int getId() {
-		return id;
-	}
-	public void setId(int id) {
-		this.id = id;
-	}
-	@Column(nullable = false)
-	public String getIntitule() {
-		return intitule;
-	}
-	public void setIntitule(String intitule) {
-		this.intitule = intitule;
-	}
-
-}
--- a/src/main/java/fr/cardon/simpleat/repository/RoleRepository.java
+++ b/src/main/java/fr/cardon/simpleat/repository/RoleRepository.java
@ -1,16 +0,0 @@
-package fr.cardon.simpleat.repository;
-
-import java.util.Collection;
-
-import org.springframework.data.jpa.repository.JpaRepository;
-import org.springframework.stereotype.Repository;
-
-import fr.cardon.simpleat.model.Role;
-
-@Repository
-public interface RoleRepository extends JpaRepository<Role, Integer> {
-
-
-	  Collection<Role> findCollectionById(int id);
-	  
-}