Ana Sayfa Keşfet Yardım
Giriş Yap
TripleA
/
demovote-backend
3
0
Çatalla 0
Dosyalar Sorunlar 0 Değişiklik İstekleri 0 Wiki
Kaynağa Gözat

dev en cours

rajah 1 yıl önce
ebeveyn
195136c384
işleme
0c17a3344f
32 değiştirilmiş dosya ile 406 ekleme ve 307 silme
Görünümü Böl Farklılık Durumunu Göster
  1. BIN
      .gradle/8.11.1/checksums/checksums.lock
  2. BIN
      .gradle/8.11.1/executionHistory/executionHistory.bin
  3. BIN
      .gradle/8.11.1/executionHistory/executionHistory.lock
  4. BIN
      .gradle/8.11.1/fileHashes/fileHashes.bin
  5. BIN
      .gradle/8.11.1/fileHashes/fileHashes.lock
  6. BIN
      .gradle/buildOutputCleanup/buildOutputCleanup.lock
  7. BIN
      .gradle/file-system.probe
  8. 1 1
      bin/main/application.properties
  9. 2 0
      build.gradle
  10. 2 2
      src/main/java/fr/triplea/demovote/DemovoteApplication.java
  11. 0 27
      src/main/java/fr/triplea/demovote/persistence/dao/PrivilegeRepository.java
  12. 3 7
      src/main/java/fr/triplea/demovote/persistence/dao/RoleRepository.java
  13. 45 0
      src/main/java/fr/triplea/demovote/persistence/dto/LoginTransfer.java
  14. 0 24
      src/main/java/fr/triplea/demovote/persistence/model/Participant.java
  15. 0 115
      src/main/java/fr/triplea/demovote/persistence/model/Privilege.java
  16. 1 12
      src/main/java/fr/triplea/demovote/persistence/model/Role.java
  17. 71 0
      src/main/java/fr/triplea/demovote/security/MyRememberMeServices.java
  18. 46 0
      src/main/java/fr/triplea/demovote/security/MyUserDetailsService.java
  19. 18 69
      src/main/java/fr/triplea/demovote/spring/CreateDefaultValues.java
  20. 73 0
      src/main/java/fr/triplea/demovote/spring/SecurityConfig.java
  21. 22 0
      src/main/java/fr/triplea/demovote/web/controller/AccountController.java
  22. 72 0
      src/main/java/fr/triplea/demovote/web/controller/AuthController.java
  23. 4 4
      src/main/java/fr/triplea/demovote/web/controller/BulletinController.java
  24. 7 7
      src/main/java/fr/triplea/demovote/web/controller/CategorieController.java
  25. 1 2
      src/main/java/fr/triplea/demovote/web/controller/DiversController.java
  26. 3 3
      src/main/java/fr/triplea/demovote/web/controller/MessageController.java
  27. 8 8
      src/main/java/fr/triplea/demovote/web/controller/ParticipantController.java
  28. 5 5
      src/main/java/fr/triplea/demovote/web/controller/PreferenceController.java
  29. 3 3
      src/main/java/fr/triplea/demovote/web/controller/PresentationController.java
  30. 10 9
      src/main/java/fr/triplea/demovote/web/controller/ProductionController.java
  31. 8 8
      src/main/java/fr/triplea/demovote/web/controller/VariableController.java
  32. 1 1
      src/main/resources/application.properties

BIN
.gradle/8.11.1/checksums/checksums.lock
Dosyayı Görüntüle


BIN
.gradle/8.11.1/executionHistory/executionHistory.bin
Dosyayı Görüntüle


BIN
.gradle/8.11.1/executionHistory/executionHistory.lock
Dosyayı Görüntüle


BIN
.gradle/8.11.1/fileHashes/fileHashes.bin
Dosyayı Görüntüle


BIN
.gradle/8.11.1/fileHashes/fileHashes.lock
Dosyayı Görüntüle


BIN
.gradle/buildOutputCleanup/buildOutputCleanup.lock
Dosyayı Görüntüle


BIN
.gradle/file-system.probe
Dosyayı Görüntüle


+ 1 - 1
bin/main/application.properties
Dosyayı Görüntüle 

@@ -10,4 +10,4 @@ spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
 
 
 logging.level.org.springframework=INFO
 
 
-server.servlet.context-path=/
 
+server.servlet.context-path=/demovote-api/v1

+ 2 - 0
build.gradle
Dosyayı Görüntüle 

@@ -18,6 +18,7 @@ dependencies {
 
 
   implementation 'org.springframework.boot:spring-boot-starter-actuator'
 
   implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
 
+	implementation 'org.springframework.boot:spring-boot-starter-security'
 
   implementation 'org.springframework.boot:spring-boot-starter-web'
 
 
   implementation 'io.hypersistence:hypersistence-utils-hibernate-63:3.9.0'
 
@@ -31,6 +32,7 @@ dependencies {
 
   providedRuntime 'org.springframework.boot:spring-boot-starter-tomcat'
 
 	
   testImplementation 'org.springframework.boot:spring-boot-starter-test'
 
+	testImplementation 'org.springframework.security:spring-security-test'
 
 
   testRuntimeOnly 'org.junit.platform:junit-platform-launcher'
 
 }

+ 2 - 2
src/main/java/fr/triplea/demovote/DemovoteApplication.java
Dosyayı Görüntüle 

@@ -3,9 +3,9 @@ package fr.triplea.demovote;
 
 import org.springframework.boot.SpringApplication;
 
 import org.springframework.boot.autoconfigure.SpringBootApplication;
 
 
-@SpringBootApplication(exclude = {
 
+@SpringBootApplication( /*exclude = {
 
     org.springframework.boot.autoconfigure.security.servlet.SecurityAutoConfiguration.class,
 
-    org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration.class}
 
+    org.springframework.boot.actuate.autoconfigure.security.servlet.ManagementWebSecurityAutoConfiguration.class}*/
 
     )
 
 public class DemovoteApplication 
 {

+ 0 - 27
src/main/java/fr/triplea/demovote/persistence/dao/PrivilegeRepository.java
Dosyayı Görüntüle 

@@ -1,27 +0,0 @@
 
-package fr.triplea.demovote.persistence.dao;
 
-
 
-import java.util.List;
 
-
 
-import org.springframework.data.jpa.repository.JpaRepository;
 
-import org.springframework.data.jpa.repository.NativeQuery;
 
-import org.springframework.data.repository.query.Param;
 
-
 
-import fr.triplea.demovote.persistence.model.Privilege;
 
-import fr.triplea.demovote.persistence.model.Role;
 
-
 
-public interface PrivilegeRepository extends JpaRepository<Privilege, Integer> 
-{
 
-  
-  @NativeQuery("SELECT DISTINCT p.* FROM vote.privileges AS p WHERE p.numero_privilege = :id ")
 
-  Privilege findById(@Param("id") int id);
 
-
 
-  @NativeQuery("SELECT DISTINCT p.* FROM vote.privileges AS p WHERE p.libelle = :libelle ")
 
-  Privilege findByLibelle(@Param("libelle") String libelle);
 
-  
-  @NativeQuery("SELECT DISTINCT p.* FROM vote.roles_privileges AS rp INNER JOIN vote.roles AS r ON rp.numero_role = r.numero_role INNER JOIN vote.privileges AS p ON rp.numero_privilege = r.numero_privilege WHERE r.flag_actif IS TRUE AND r.numero_role = :role ")
 
-  List<Privilege> findbyRole(@Param("role") Role role);
 
-
 
-  @Override
 
-  void delete(Privilege privilege);
 
-  
-}

+ 3 - 7
src/main/java/fr/triplea/demovote/persistence/dao/RoleRepository.java
Dosyayı Görüntüle 

@@ -6,24 +6,20 @@ import org.springframework.data.jpa.repository.JpaRepository;
 
 import org.springframework.data.jpa.repository.NativeQuery;
 
 import org.springframework.data.repository.query.Param;
 
 
-import fr.triplea.demovote.persistence.model.Privilege;
 
 import fr.triplea.demovote.persistence.model.Role;
 
 
 public interface RoleRepository extends JpaRepository<Role, Integer> 
 {
 
 
-  @NativeQuery("SELECT DISTINCT r.* FROM vote.roles AS r WHERE r.numero_role = :id AND r.flag_actif IS TRUE ")
 
+  @NativeQuery("SELECT DISTINCT r.* FROM vote.roles AS r WHERE r.numero_role = :id ")
 
   Role findById(@Param("id") int id);
 
   
-  @NativeQuery("SELECT DISTINCT r.* FROM vote.roles AS r WHERE r.libelle = :libelle AND  r.flag_actif IS TRUE ")
 
+  @NativeQuery("SELECT DISTINCT r.* FROM vote.roles AS r WHERE r.libelle = :libelle ")
 
   Role findByLibelle(@Param("libelle") String libelle);
 
   
-  @NativeQuery("SELECT DISTINCT r.* FROM vote.roles AS r WHERE r.flag_actif IS TRUE ")
 
+  @NativeQuery("SELECT DISTINCT r.* FROM vote.roles AS r ")
 
   List<Role> findAll();
 
   
-  @NativeQuery("SELECT DISTINCT r.* FROM vote.roles_privileges AS rp INNER JOIN vote.roles AS r ON rp.numero_role = r.numero_role INNER JOIN vote.privileges AS p ON rp.numero_privilege = r.numero_privilege WHERE r.flag_actif IS TRUE AND p.numero_privilege = :privilege ")
 
-  List<Role> findbyPrivilege(@Param("privilege") Privilege privilege);
 
-
 
   @Override
 
   void delete(Role role);

+ 45 - 0
src/main/java/fr/triplea/demovote/persistence/dto/LoginTransfer.java
Dosyayı Görüntüle 

@@ -0,0 +1,45 @@
 
+package fr.triplea.demovote.persistence.dto;
 
+
 
+public class LoginTransfer
 
+{
 
+  
+  private String username;
 
+  public void setUsername(String s) { this.username = new String(s); }
 
+  public String getUsername() { return this.username; }
 
+  
+  private String password;
 
+  public void setPassword(String s) { this.password = new String(s); }
 
+  public String getPassword() { return this.password; }
 
+  
+  private String token;
 
+  public void setToken(String s) { this.token = new String(s); }
 
+  public String getToken() { return this.token; }
 
+    
+  private Integer id;
 
+  public void setId(int i) { this.id = i; }
 
+  public Integer getId() { return this.id; }
 
+  
+  private String nom;
 
+  public void setNom(String s) { this.nom = new String(s); }
 
+  public String getNom() { return this.nom; }
 
+  
+  private String prenom;
 
+  public void setPrenom(String s) { this.prenom = new String(s); }
 
+  public String getPrenom() { return this.prenom; }
 
+  
+  private String role;
 
+  public void setRole(String s) { this.role = new String(s); }
 
+  public String getRole() { return this.role; }
 
+
 
+  
+  @Override
 
+  public String toString() 
+  {
 
+    final StringBuilder builder = new StringBuilder();
 
+      
+    builder.append("UserTransfer [username=").append(this.username).append(", role=").append(role).append("]");
 
+      
+    return builder.toString();
 
+  }
 
+ 
+}

+ 0 - 24
src/main/java/fr/triplea/demovote/persistence/model/Participant.java
Dosyayı Görüntüle 

@@ -302,30 +302,6 @@ public class Participant
 
     return _roles.containsAll(roles);
 
   }
 
 
-  @Transient
 
-  public boolean hasAnyPrivileges(String... privileges) { return hasAnyPrivileges(Arrays.asList(privileges)); }
 
-
 
-  @Transient
 
-  public boolean hasAnyPrivileges(List<String> privileges) 
-  {
 
-    Set<String> _privileges = this.getRoles().stream().flatMap(s -> s.getPrivileges().stream()).map(Privilege::getLibelle).collect(Collectors.toSet());
 
-      
-    Sets.SetView<String> intersection = Sets.intersection(_privileges, Sets.newHashSet(privileges));
 
-    
-    return !intersection.isEmpty();
 
-  }
 
-
 
-  @Transient
 
-  public boolean hasPrivileges(String... privileges) { return hasPrivileges(Arrays.asList(privileges)); }
 
-
 
-  @Transient
 
-  public boolean hasPrivileges(List<String> privileges) 
-  {
 
-    Set<String> _privileges = this.getRoles().stream().flatMap(s -> s.getPrivileges().stream()).map(Privilege::getLibelle).collect(Collectors.toSet());
 
-    
-    return _privileges.containsAll(privileges);
 
-  }
 
-
 
   
   @Override
 
   public int hashCode()

+ 0 - 115
src/main/java/fr/triplea/demovote/persistence/model/Privilege.java
Dosyayı Görüntüle 

@@ -1,115 +0,0 @@
 
-package fr.triplea.demovote.persistence.model;
 
-
 
-import java.time.LocalDateTime;
 
-import java.time.format.DateTimeFormatter;
 
-import java.util.List;
 
-import java.util.Locale;
 
-
 
-import org.hibernate.annotations.CreationTimestamp;
 
-import org.hibernate.annotations.UpdateTimestamp;
 
-import org.springframework.util.StringUtils;
 
-
 
-import com.fasterxml.jackson.annotation.JsonFormat;
 
-
 
-import jakarta.persistence.Column;
 
-import jakarta.persistence.Entity;
 
-import jakarta.persistence.GeneratedValue;
 
-import jakarta.persistence.GenerationType;
 
-import jakarta.persistence.Id;
 
-import jakarta.persistence.ManyToMany;
 
-import jakarta.persistence.Table;
 
-import jakarta.persistence.Temporal;
 
-import jakarta.persistence.TemporalType;
 
-import jakarta.persistence.Transient;
 
-
 
-@Entity(name = "vote.privileges")
 
-@Table(name = "privileges")
 
-public class Privilege
 
-{
 
-  
-  @Temporal(TemporalType.TIMESTAMP)
 
-  @CreationTimestamp
 
-  @JsonFormat(shape=JsonFormat.Shape.STRING, pattern="dd/MM/yyyy HH:mm:ss", timezone="Europe/Paris")
 
-  private LocalDateTime dateCreation;
 
-  
-  @Temporal(TemporalType.TIMESTAMP)
 
-  @UpdateTimestamp
 
-  @JsonFormat(shape=JsonFormat.Shape.STRING, pattern="dd/MM/yyyy HH:mm:ss", timezone="Europe/Paris")
 
-  private LocalDateTime dateModification;
 
-  
-  @Id
 
-  @GeneratedValue(strategy = GenerationType.IDENTITY)
 
-  @Column(name = "numero_privilege", nullable = false)
 
-  private Integer numeroPrivilege;
 
- 
-  @Column(length = 128, nullable = false)
 
-  private String libelle;
 
-  
-  @ManyToMany(mappedBy = "privileges")
 
-  private List<Role> roles;
 
- 
-  
-  public Privilege() { super(); }
 
-
 
-  
-  @Transient
 
-  DateTimeFormatter df = DateTimeFormatter.ofPattern("dd/MM/yyyy HH:mm:ss", Locale.FRANCE);
 
-  
-  public void setDateCreation(LocalDateTime d) { this.dateCreation = d; }
 
-  public void setDateCreation(String s) { this.dateCreation = LocalDateTime.parse(s, df); }
 
-  public LocalDateTime getDateCreation() { return this.dateCreation; }
 
-  
-  public void setDateModification(LocalDateTime d) { this.dateModification = d; }
 
-  public void setDateModification(String s) { this.dateModification = LocalDateTime.parse(s, df); }
 
-  public LocalDateTime getDateModification() { return this.dateModification; }
 
-  
-  public void setNumeroPrivilege(Integer numeroPrivilege) { this.numeroPrivilege = numeroPrivilege; }
 
-  public Integer getNumeroPrivilege() { return this.numeroPrivilege; }
 
-  
-  public void setLibelle(String str) { if (str != null) { this.libelle = StringUtils.truncate(str, 128); } }
 
-  public String getLibelle() { return this.libelle; }
 
-  
-  public List<Role> getRoles() { return roles; }
 
-  public void setRoles(final List<Role> roles) { this.roles = roles; }
 
-  
-  
-
 
-  @Override
 
-  public int hashCode() 
-  {
 
-    final int prime = 42;
 
-    int result = 1;
 
-    result = (prime * result) + ((getLibelle() == null) ? 0 : getLibelle().hashCode());
 
-    return result;
 
-  }
 
-
 
-  @Override
 
-  public boolean equals(final Object obj) 
-  {
 
-    if (this == obj) { return true; }
 
-    if (obj == null) { return false; }
 
-    if (getClass() != obj.getClass()) { return false; }
 
-      
-    final Privilege p = (Privilege) obj;
 
-    if (getNumeroPrivilege() == null) { if (p.getNumeroPrivilege() == null) { return false; } } else if (!getNumeroPrivilege().equals(p.getNumeroPrivilege())) { return false; }
 
-    if (getLibelle() == null) { if (p.getLibelle() == null) { return false; } } else if (!getLibelle().equals(p.getLibelle())) { return false; }
 
-    
-    return true;
 
-  }
 
-
 
-  @Override
 
-  public String toString() 
-  {
 
-    final StringBuilder builder = new StringBuilder();
 
-    
-    builder.append("Privilege [id=")
 
-           .append(numeroPrivilege)
 
-           .append(", libelle=").append(libelle)
 
-           .append(", créé=").append(dateCreation)
 
-           .append(", modifié=").append(dateModification)
 
-           .append("]");
 
-
 
-    return builder.toString();
 
-  }
 
-
 
-}

+ 1 - 12
src/main/java/fr/triplea/demovote/persistence/model/Role.java
Dosyayı Görüntüle 

@@ -16,8 +16,6 @@ import jakarta.persistence.Entity;
 
 import jakarta.persistence.GeneratedValue;
 
 import jakarta.persistence.GenerationType;
 
 import jakarta.persistence.Id;
 
-import jakarta.persistence.JoinColumn;
 
-import jakarta.persistence.JoinTable;
 
 import jakarta.persistence.ManyToMany;
 
 import jakarta.persistence.Table;
 
 import jakarta.persistence.Temporal;
 
@@ -50,12 +48,6 @@ public class Role
 
   @Column(length = 64, nullable = false)
 
   private String libelle;
 
 
-  @ManyToMany
 
-  @JoinTable(name = "roles_privileges", 
-             joinColumns = @JoinColumn(name = "numero_role", referencedColumnName = "numero_role"), 
-             inverseJoinColumns = @JoinColumn(name = "numero_privilege", referencedColumnName = "numero_privilege"))
 
-  private List<Privilege> privileges;
 
-
 
   @ManyToMany(mappedBy = "roles")
 
   private List<Participant> participants;
 
 
@@ -84,10 +76,7 @@ public class Role
 
   
   public void setLibelle(String str) { if (str != null) { this.libelle = StringUtils.truncate(str, 64); } }
 
   public String getLibelle() { return this.libelle; }
 
-
 
-  public List<Privilege> getPrivileges() { return this.privileges; }
 
-  public void setPrivileges(final List<Privilege> privileges) { this.privileges = privileges; }
 
-  
+ 
   public List<Participant> getParticipants() { return participants; }
 
   public void setUsers(final List<Participant> participants) { this.participants = participants; }

+ 71 - 0
src/main/java/fr/triplea/demovote/security/MyRememberMeServices.java
Dosyayı Görüntüle 

@@ -0,0 +1,71 @@
 
+package fr.triplea.demovote.security;
 
+
 
+import java.util.Date;
 
+
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.security.authentication.AuthenticationDetailsSource;
 
+import org.springframework.security.authentication.RememberMeAuthenticationToken;
 
+import org.springframework.security.core.Authentication;
 
+import org.springframework.security.core.authority.mapping.GrantedAuthoritiesMapper;
 
+import org.springframework.security.core.authority.mapping.NullAuthoritiesMapper;
 
+import org.springframework.security.core.userdetails.UserDetails;
 
+import org.springframework.security.core.userdetails.UserDetailsService;
 
+import org.springframework.security.web.authentication.WebAuthenticationDetailsSource;
 
+import org.springframework.security.web.authentication.rememberme.PersistentRememberMeToken;
 
+import org.springframework.security.web.authentication.rememberme.PersistentTokenBasedRememberMeServices;
 
+import org.springframework.security.web.authentication.rememberme.PersistentTokenRepository;
 
+
 
+import fr.triplea.demovote.persistence.dao.ParticipantRepository;
 
+import fr.triplea.demovote.persistence.model.Participant;
 
+import jakarta.servlet.http.HttpServletRequest;
 
+import jakarta.servlet.http.HttpServletResponse;
 
+
 
+public class MyRememberMeServices extends PersistentTokenBasedRememberMeServices 
+{
 
+
 
+  @Autowired
 
+  private ParticipantRepository participantRepository;
 
+
 
+  private String key;
 
+  private PersistentTokenRepository tokenRepository;
 
+
 
+  private GrantedAuthoritiesMapper authoritiesMapper = new NullAuthoritiesMapper();
 
+  private AuthenticationDetailsSource<HttpServletRequest, ?> authenticationDetailsSource = new WebAuthenticationDetailsSource();
 
+
 
+  public MyRememberMeServices(String key, UserDetailsService userDetailsService, PersistentTokenRepository tokenRepository) 
+  {
 
+    super(key, userDetailsService, tokenRepository);
 
+    this.key = key;
 
+    this.tokenRepository = tokenRepository;
 
+  }
 
+
 
+
 
+  @Override
 
+  protected void onLoginSuccess(HttpServletRequest request, HttpServletResponse response, Authentication successfulAuthentication) 
+  {
 
+    String pseudonyme = ((Participant) successfulAuthentication.getPrincipal()).getPseudonyme();
 
+
 
+    PersistentRememberMeToken persistentToken = new PersistentRememberMeToken(pseudonyme, generateSeriesData(), generateTokenData(), new Date());
 
+
 
+    try 
+    {
 
+      tokenRepository.createNewToken(persistentToken);
 
+      
+      this.setCookie(new String[] { persistentToken.getSeries(), persistentToken.getTokenValue() }, this.getTokenValiditySeconds(), request, response);
 
+    } 
+    catch (Exception e) {}
 
+  }
 
+
 
+  @Override
 
+  protected Authentication createSuccessfulAuthentication(HttpServletRequest request, UserDetails user) 
+  {
 
+    Participant participant = participantRepository.findByPseudonyme(user.getUsername());
 
+    
+    RememberMeAuthenticationToken auth = new RememberMeAuthenticationToken(key, participant, authoritiesMapper.mapAuthorities(user.getAuthorities()));
 
+    
+    auth.setDetails(authenticationDetailsSource.buildDetails(request));
 
+    
+    return auth;
 
+  }
 
+
 
+}

+ 46 - 0
src/main/java/fr/triplea/demovote/security/MyUserDetailsService.java
Dosyayı Görüntüle 

@@ -0,0 +1,46 @@
 
+package fr.triplea.demovote.security;
 
+
 
+import java.util.Set;
 
+import java.util.stream.Collectors;
 
+
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.security.core.GrantedAuthority;
 
+import org.springframework.security.core.authority.SimpleGrantedAuthority;
 
+import org.springframework.security.core.userdetails.UserDetails;
 
+import org.springframework.security.core.userdetails.UserDetailsService;
 
+import org.springframework.security.core.userdetails.UsernameNotFoundException;
 
+import org.springframework.stereotype.Service;
 
+import org.springframework.transaction.annotation.Transactional;
 
+
 
+import fr.triplea.demovote.persistence.dao.ParticipantRepository;
 
+import fr.triplea.demovote.persistence.model.Participant;
 
+
 
+@Service("userDetailsService")
 
+@Transactional
 
+public class MyUserDetailsService implements UserDetailsService 
+{
 
+
 
+  @Autowired
 
+  private ParticipantRepository participantRepository;
 
+
 
+  
+  public MyUserDetailsService() { }
 
+
 
+  
+  @Override
 
+  public UserDetails loadUserByUsername(final String pseudonyme) throws UsernameNotFoundException 
+  {
 
+    try 
+    {
 
+      final Participant participant = participantRepository.findByPseudonyme(pseudonyme);
 
+      
+      if (participant == null) { throw new UsernameNotFoundException("Pseudonyme non trouvé : " + pseudonyme); }
 
+
 
+      Set<GrantedAuthority> authorities = participant.getRoles().stream().map((role) -> new SimpleGrantedAuthority(role.getLibelle())).collect(Collectors.toSet());
 
+
 
+      return new org.springframework.security.core.userdetails.User(participant.getEmail(), participant.getMotDePasse(), authorities);
 
+    } 
+    catch (final Exception e) { throw new RuntimeException(e); }
 
+   }
 
+
 
+}

+ 18 - 69
src/main/java/fr/triplea/demovote/spring/CreateDefaultValues.java
Dosyayı Görüntüle 

@@ -10,11 +10,9 @@ import org.springframework.stereotype.Component;
 
 import org.springframework.transaction.annotation.Transactional;
 
 
 import fr.triplea.demovote.persistence.dao.ParticipantRepository;
 
-import fr.triplea.demovote.persistence.dao.PrivilegeRepository;
 
 import fr.triplea.demovote.persistence.dao.RoleRepository;
 
 import fr.triplea.demovote.persistence.dao.VariableRepository;
 
 import fr.triplea.demovote.persistence.model.Participant;
 
-import fr.triplea.demovote.persistence.model.Privilege;
 
 import fr.triplea.demovote.persistence.model.Role;
 
 import fr.triplea.demovote.persistence.model.Variable;
 
 
@@ -32,9 +30,6 @@ public class CreateDefaultValues implements ApplicationListener<ContextRefreshed
 
   @Autowired
 
   private RoleRepository roleRepository;
 
 
-  @Autowired
 
-  private PrivilegeRepository privilegeRepository;
 
-
 
   @Autowired
 
   private VariableRepository variableRepository;
 
 
@@ -44,73 +39,45 @@ public class CreateDefaultValues implements ApplicationListener<ContextRefreshed
 
   {
 
     if (initialise) { return; } 
     
-    Privilege listeVariablesPrivilege = addPrivilegeIfMissing("LISTE_VARIABLES");
 
-
 
-    Privilege donneesPersonnellesPrivilege = addPrivilegeIfMissing("PAGE_DONNEES_PERSONNELLES");
 
-
 
-    Privilege listeParticipantsPrivilege = addPrivilegeIfMissing("LISTE_PARTICIPANTS");
 
-    Privilege modificationMotsDePasses = addPrivilegeIfMissing("MODIFICATION_MOTS_DE_PASSES");
 
-
 
-    Privilege listeProductionsPrivilegeAdmin = addPrivilegeIfMissing("LISTE_PRODUCTIONS_ADMIN");
 
-    Privilege listeProductionsPrivilegeUser = addPrivilegeIfMissing("LISTE_PRODUCTIONS_USER");
 
-    
-    Privilege listeCategoriesPrivilege = addPrivilegeIfMissing("LISTE_CATEGORIES");
 
-
 
-    Privilege listePresentationsPrivilege = addPrivilegeIfMissing("LISTE_PRESENTATIONS");
 
-
 
-    Privilege pageVoterPrivilege = addPrivilegeIfMissing("PAGE_VOTER");
 
-
 
-    Privilege pageResultatsPrivilege = addPrivilegeIfMissing("PAGE_RESULTATS");
 
-
 
-    Privilege pageMessageriePrivilege = addPrivilegeIfMissing("PAGE_MESSAGERIE");
 
-
 
-   
-    List<Privilege> adminPrivileges = Arrays.asList(listeVariablesPrivilege, modificationMotsDePasses, listeCategoriesPrivilege, listePresentationsPrivilege, listeProductionsPrivilegeAdmin);
 
-    List<Privilege> orgaPrivileges = Arrays.asList(listeParticipantsPrivilege);
 
-    List<Privilege> userPrivileges = Arrays.asList(donneesPersonnellesPrivilege, pageMessageriePrivilege, listeProductionsPrivilegeUser, pageVoterPrivilege, pageResultatsPrivilege);
 
-   
-    Role adminRole = addRoleIfMissing("Administrateur", adminPrivileges);
 
-    Role orgaRole = addRoleIfMissing("Organisateur", orgaPrivileges);
 
-    Role userRole = addRoleIfMissing("Participant", userPrivileges);
 
+    Role adminRole = addRoleIfMissing("Administrateur");
 
+    Role orgaRole = addRoleIfMissing("Organisateur");
 
+    Role userRole = addRoleIfMissing("Participant");
 
     
     
     List<Participant> participants = participantRepository.findAll();
 
     
     for (Participant participant : participants)
 
     {
 
+      boolean changed = false;
 
+      
       List<Role> roles = participant.getRoles();
 
       
       if (roles == null) 
       { 
-        participant.setRoles(Arrays.asList(userRole)); 
-        participantRepository.saveAndFlush(participant);
 
+        roles = Arrays.asList(userRole);
 
+        changed = true;
 
       } 
       else 
       { 
         if (!roles.contains(userRole)) 
         { 
-          participant.setRoles(roles); 
-          participantRepository.saveAndFlush(participant);
 
+          roles.add(userRole);
 
+          changed = true;
 
         }
 
       }
 
       
       if (participant.getEmail().equalsIgnoreCase(CreateDefaultValues.EMAIL_ADMIN))
 
       {
 
-        if (!roles.contains(adminRole)) 
-        { 
-          roles.add(adminRole);
 
-          participant.setRoles(roles); 
-          participantRepository.saveAndFlush(participant);
 
-        }
 
-        if (!roles.contains(orgaRole)) 
-        { 
-          roles.add(orgaRole);
 
-          participant.setRoles(roles); 
-          participantRepository.saveAndFlush(participant);
 
-        }
 
+        if (!roles.contains(adminRole)) { roles.add(adminRole); changed = true; }
 
+        if (!roles.contains(orgaRole)) { roles.add(orgaRole); changed = true; }
 
+      }
 
+      
+      if (changed)
 
+      {
 
+        participant.setRoles(roles); 
+        participantRepository.saveAndFlush(participant);
 
       }
 
     }
 
-
 
     
     addVariableIfMissing("Application", "TIME_ZONE", "Europe/Paris");
 
     addVariableIfMissing("Application", "LIBELLE_COURT_JOUR1", "Ven1");
 
@@ -162,24 +129,7 @@ public class CreateDefaultValues implements ApplicationListener<ContextRefreshed
 
   }
 
 
   @Transactional
 
-  public Privilege addPrivilegeIfMissing(final String libelle) 
-  {
 
-    Privilege privilege = privilegeRepository.findByLibelle(libelle);
 
-    
-    if (privilege == null) 
-    {
 
-      privilege = new Privilege();
 
-      
-      privilege.setLibelle(libelle);
 
-      
-      privilege = privilegeRepository.save(privilege);
 
-    }
 
-    
-    return privilege;
 
-  }
 
-
 
-  @Transactional
 
-  public Role addRoleIfMissing(final String libelle, final List<Privilege> privileges) 
+  public Role addRoleIfMissing(final String libelle) 
   {
 
     Role role = roleRepository.findByLibelle(libelle);
 
     
@@ -188,7 +138,6 @@ public class CreateDefaultValues implements ApplicationListener<ContextRefreshed
 
       role = new Role(); 
       
       role.setLibelle(libelle); 
-      role.setPrivileges(privileges);
 
 
       role = roleRepository.save(role);
 
     }

+ 73 - 0
src/main/java/fr/triplea/demovote/spring/SecurityConfig.java
Dosyayı Görüntüle 

@@ -0,0 +1,73 @@
 
+package fr.triplea.demovote.spring;
 
+
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.context.annotation.Bean;
 
+import org.springframework.context.annotation.Configuration;
 
+import org.springframework.security.authentication.AuthenticationManager;
 
+import org.springframework.security.config.annotation.authentication.configuration.AuthenticationConfiguration;
 
+import org.springframework.security.config.annotation.web.builders.HttpSecurity;
 
+import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
 
+import org.springframework.security.core.session.SessionRegistry;
 
+import org.springframework.security.core.session.SessionRegistryImpl;
 
+import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 
+import org.springframework.security.crypto.password.PasswordEncoder;
 
+import org.springframework.security.web.SecurityFilterChain;
 
+import org.springframework.security.web.authentication.rememberme.InMemoryTokenRepositoryImpl;
 
+
 
+import fr.triplea.demovote.security.MyRememberMeServices;
 
+import fr.triplea.demovote.security.MyUserDetailsService;
 
+
 
+@Configuration
 
+@EnableWebSecurity
 
+public class SecurityConfig
 
+{
 
+
 
+  @Autowired
 
+  private MyUserDetailsService userDetailsService;
 
+  
+  @Bean
 
+  AuthenticationManager authenticationManager(AuthenticationConfiguration authConfig) throws Exception { return authConfig.getAuthenticationManager(); }
 
+
 
+  
+  @Bean
 
+  SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception 
+  {
 
+    http.csrf((csrf) -> csrf.disable());
 
+    
+    http.authorizeHttpRequests((authorizeHttpRequests) -> authorizeHttpRequests
 
+      .requestMatchers("/auth/**").permitAll()
 
+      .requestMatchers("/divers/**").permitAll()
 
+      .requestMatchers("/account/**").hasAuthority("Participant")
 
+      .requestMatchers("/preference/**").hasAuthority("Participant")
 
+      .requestMatchers("/message/**").hasAuthority("Participant")
 
+      .requestMatchers("/urne/**").hasAuthority("Participant")
 
+      .requestMatchers("/resultats/**").hasAuthority("Participant")
 
+      .requestMatchers("/variable/**").hasAuthority("Administrateur")
 
+      .requestMatchers("/categorie/**").hasAuthority("Administrateur")
 
+      .requestMatchers("/participant/**").hasAnyAuthority("Administrateur", "Organisateur")
 
+      .requestMatchers("/production/**").hasAuthority("Administrateur")
 
+      .requestMatchers("/presentation/**").hasAuthority("Administrateur")
 
+      .anyRequest().authenticated()
 
+    );
 
+
 
+    http.sessionManagement((sessionManagement) -> sessionManagement.maximumSessions(2).sessionRegistry(sessionRegistry()));
 
+
 
+    http.rememberMe((remember) -> remember.rememberMeServices(rememberMeServices()));
 
+
 
+    return http.build();
 
+  }
 
+
 
+  @Bean
 
+  MyRememberMeServices rememberMeServices() 
+  {
 
+    MyRememberMeServices rememberMeServices = new MyRememberMeServices("Alr34dy", userDetailsService, new InMemoryTokenRepositoryImpl());
 
+    return rememberMeServices;
 
+  }
 
+
 
+  @Bean
 
+  SessionRegistry sessionRegistry() { return new SessionRegistryImpl(); }
 
+
 
+  @Bean
 
+  PasswordEncoder passwordEncoder() { return new BCryptPasswordEncoder(11); }
 
+
 
+}

+ 22 - 0
src/main/java/fr/triplea/demovote/web/controller/AccountController.java
Dosyayı Görüntüle 

@@ -0,0 +1,22 @@
 
+package fr.triplea.demovote.web.controller;
 
+
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.web.bind.annotation.CrossOrigin;
 
+import org.springframework.web.bind.annotation.RequestMapping;
 
+import org.springframework.web.bind.annotation.RestController;
 
+
 
+import fr.triplea.demovote.persistence.dao.ParticipantRepository;
 
+
 
+
 
+@CrossOrigin(origins = "http://localhost:4200")
 
+@RestController
 
+@RequestMapping("/account")
 
+public class AccountController 
+{
 
+
 
+  @Autowired
 
+  private ParticipantRepository participantRepository;
 
+
 
+  // TODO 
+ 
+}

+ 72 - 0
src/main/java/fr/triplea/demovote/web/controller/AuthController.java
Dosyayı Görüntüle 

@@ -0,0 +1,72 @@
 
+package fr.triplea.demovote.web.controller;
 
+
 
+import java.util.List;
 
+
 
+import org.springframework.beans.factory.annotation.Autowired;
 
+import org.springframework.http.ResponseEntity;
 
+import org.springframework.security.authentication.AuthenticationManager;
 
+import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
 
+import org.springframework.security.core.Authentication;
 
+import org.springframework.security.core.context.SecurityContextHolder;
 
+import org.springframework.web.bind.annotation.CrossOrigin;
 
+import org.springframework.web.bind.annotation.PostMapping;
 
+import org.springframework.web.bind.annotation.RequestBody;
 
+import org.springframework.web.bind.annotation.RequestMapping;
 
+import org.springframework.web.bind.annotation.RestController;
 
+
 
+import fr.triplea.demovote.persistence.dao.ParticipantRepository;
 
+import fr.triplea.demovote.persistence.dto.LoginTransfer;
 
+import fr.triplea.demovote.persistence.model.Participant;
 
+import fr.triplea.demovote.persistence.model.Role;
 
+
 
+
 
+@CrossOrigin(origins = "http://localhost:4200")
 
+@RestController
 
+@RequestMapping("/auth")
 
+public class AuthController 
+{
 
+
 
+  @Autowired
 
+  private AuthenticationManager authenticationManager;
 
+
 
+  @Autowired
 
+  private ParticipantRepository participantRepository;
 
+  
+  @PostMapping("/signin")
 
+  public ResponseEntity<LoginTransfer> authenticateUser(@RequestBody LoginTransfer loginTransfer)
 
+  {
 
+    Participant found = participantRepository.findByPseudonyme(loginTransfer.getUsername());
 
+    
+    if (found != null)
 
+    {      
+      UsernamePasswordAuthenticationToken token = new UsernamePasswordAuthenticationToken(loginTransfer.getUsername(), loginTransfer.getPassword());
 
+      
+      Authentication authentication = authenticationManager.authenticate(token);
 
+     
+      SecurityContextHolder.getContext().setAuthentication(authentication);
 
+      
+      loginTransfer.setPassword("xxx");
 
+      loginTransfer.setToken(token.toString());
 
+      loginTransfer.setId(found.getNumeroParticipant());
 
+      loginTransfer.setNom(found.getNom());
 
+      loginTransfer.setPrenom(found.getPrenom());
 
+
 
+      List<Role> roles = found.getRoles();
 
+      
+      loginTransfer.setRole("Participant");
 
+      
+      for (Role role : roles) 
+      {  
+        if (role.getLibelle().equals("Administrateur")) { loginTransfer.setRole("Administrateur"); break; }
 
+        else 
+        if (role.getLibelle().equals("Organisateur")) { loginTransfer.setRole("Organisateur"); break; }
 
+      }
 
+       
+      return ResponseEntity.ok(loginTransfer);
 
+    }
 
+    
+    return ResponseEntity.notFound().build();
 
+  }
 
+
 
+  
+}

+ 4 - 4
src/main/java/fr/triplea/demovote/web/controller/BulletinController.java
Dosyayı Görüntüle 

@@ -6,7 +6,7 @@ import java.util.Map;
 
 import org.springframework.beans.factory.annotation.Autowired;
 
 import org.springframework.http.HttpStatus;
 
 import org.springframework.http.ResponseEntity;
 
-//import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
 import org.springframework.web.bind.annotation.CrossOrigin;
 
 import org.springframework.web.bind.annotation.DeleteMapping;
 
 import org.springframework.web.bind.annotation.PathVariable;
 
@@ -26,7 +26,7 @@ import fr.triplea.demovote.persistence.model.Production;
 
 
 @CrossOrigin(origins = "http://localhost:4200")
 
 @RestController
 
-@RequestMapping("/demovote-api/v1/urne")
 
+@RequestMapping("/urne")
 
 public class BulletinController 
 {
 
 
@@ -43,7 +43,7 @@ public class BulletinController
 
   private ProductionRepository productionRepository;
 
 
   @PostMapping(value = "/create")
 
-  //@PreAuthorize("hasRole('PAGE_VOTER')")
 
+  @PreAuthorize("hasAuthority('Participant')")
 
   public ResponseEntity<Object> add(@RequestParam(required = true) int cat_id, @RequestParam(required = true) int part_id, @RequestParam(required = true) int prod_id) 
   { 
     Bulletin bul = bulletinRepository.findByCategorieAndParticipant(cat_id, part_id);
 
@@ -127,7 +127,7 @@ public class BulletinController
 
   }
 
 
   @DeleteMapping(value = "/delete/{id}")
 
-  //@PreAuthorize("hasRole('PAGE_VOTER')")
 
+  @PreAuthorize("hasAuthority('Participant')")
 
   public ResponseEntity<Map<String, Boolean>> remove(@PathVariable int id) 
   { 
     if (id > 0) { bulletinRepository.deleteById(id); }

+ 7 - 7
src/main/java/fr/triplea/demovote/web/controller/CategorieController.java
Dosyayı Görüntüle 

@@ -6,7 +6,7 @@ import java.util.Map;
 
 
 import org.springframework.beans.factory.annotation.Autowired;
 
 import org.springframework.http.ResponseEntity;
 
-//import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
 import org.springframework.web.bind.annotation.CrossOrigin;
 
 import org.springframework.web.bind.annotation.DeleteMapping;
 
 import org.springframework.web.bind.annotation.GetMapping;
 
@@ -22,7 +22,7 @@ import fr.triplea.demovote.persistence.model.Categorie;
 
 
 @CrossOrigin(origins = "http://localhost:4200")
 
 @RestController
 
-@RequestMapping("/demovote-api/v1/categorie")
 
+@RequestMapping("/categorie")
 
 public class CategorieController 
 {
 
 
@@ -31,14 +31,14 @@ public class CategorieController
 
 
 
   @GetMapping(value = "/list")
 
-  //@PreAuthorize("hasRole('LISTE_CATEGORIES')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public List<Categorie> getList() 
   { 
     return categorieRepository.findAll(); 
   }
 
 
   @GetMapping(value = "/form/{id}")
 
-  //@PreAuthorize("hasRole('LISTE_CATEGORIES')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public ResponseEntity<Categorie> getForm(@PathVariable int id)
 
   { 
     Categorie c = categorieRepository.findById(id);
 
@@ -49,7 +49,7 @@ public class CategorieController
 
   }
 
 
   @PostMapping(value = "/create")
 
-  //@PreAuthorize("hasRole('LISTE_CATEGORIES')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public Categorie create(@RequestBody(required = true) Categorie categorie) 
   { 
     Categorie found = categorieRepository.findById(0);
 
@@ -62,7 +62,7 @@ public class CategorieController
 
   }
 
 
   @PutMapping(value = "/update/{id}")
 
-  //@PreAuthorize("hasRole('LISTE_CATEGORIES')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public ResponseEntity<Object> update(@PathVariable int id, @RequestBody(required = true) Categorie categorie) 
   { 
     Categorie found = categorieRepository.findById(id);
 
@@ -88,7 +88,7 @@ public class CategorieController
 
   }
 
 
   @DeleteMapping(value = "/delete/{id}")
 
-  //@PreAuthorize("hasRole('LISTE_CATEGORIES')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public ResponseEntity<Map<String, Boolean>> disableCategorie(@PathVariable int id) 
   { 
     Categorie c = categorieRepository.getReferenceById(id);

+ 1 - 2
src/main/java/fr/triplea/demovote/web/controller/DiversController.java
Dosyayı Görüntüle 

@@ -14,7 +14,7 @@ import fr.triplea.demovote.persistence.dto.MessagesTransfer;
 
 
 @CrossOrigin(origins = "http://localhost:4200")
 
 @RestController
 
-@RequestMapping("/demovote-api/v1/divers")
 
+@RequestMapping("/divers")
 
 public class DiversController 
 {
 
 
@@ -22,7 +22,6 @@ public class DiversController
 
   private VariableRepository variableRepository;
 
  
   @GetMapping(value = "/welcome")
 
-  //@PreAuthorize("hasRole('LISTE_VARIABLES')")
 
   public ResponseEntity<MessagesTransfer> getWelcomeMessage() 
   { 
     MessagesTransfer mt = new MessagesTransfer();

+ 3 - 3
src/main/java/fr/triplea/demovote/web/controller/MessageController.java
Dosyayı Görüntüle 

@@ -3,7 +3,7 @@ package fr.triplea.demovote.web.controller;
 
 import java.util.List;
 
 
 import org.springframework.beans.factory.annotation.Autowired;
 
-//import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
 import org.springframework.web.bind.annotation.CrossOrigin;
 
 import org.springframework.web.bind.annotation.GetMapping;
 
 import org.springframework.web.bind.annotation.PathVariable;
 
@@ -15,7 +15,7 @@ import fr.triplea.demovote.persistence.model.Message;
 
 
 @CrossOrigin(origins = "http://localhost:4200")
 
 @RestController
 
-@RequestMapping("/demovote-api/v1/message")
 
+@RequestMapping("/message")
 
 public class MessageController 
 {
 
 
@@ -24,7 +24,7 @@ public class MessageController
 
   
   
   @GetMapping(value = "/list/{id}")
 
-  //@PreAuthorize("hasRole('PAGE_MESSAGERIE')")
 
+  @PreAuthorize("hasAuthority('Participant')")
 
   public List<Message> getList(@PathVariable int id)
 
   { 
     return messageRepository.findAll(id, id);

+ 8 - 8
src/main/java/fr/triplea/demovote/web/controller/ParticipantController.java
Dosyayı Görüntüle 

@@ -9,7 +9,7 @@ import java.util.UUID;
 
 
 import org.springframework.beans.factory.annotation.Autowired;
 
 import org.springframework.http.ResponseEntity;
 
-//import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
 import org.springframework.web.bind.annotation.CrossOrigin;
 
 import org.springframework.web.bind.annotation.DeleteMapping;
 
 import org.springframework.web.bind.annotation.GetMapping;
 
@@ -31,7 +31,7 @@ import fr.triplea.demovote.persistence.model.ParticipantStatut;
 
 
 @CrossOrigin(origins = "http://localhost:4200")
 
 @RestController
 
-@RequestMapping("/demovote-api/v1/participant")
 
+@RequestMapping("/participant")
 
 public class ParticipantController 
 {
 
 
@@ -41,7 +41,7 @@ public class ParticipantController
 
   
 
   @GetMapping(value = "/list")
 
-  //@PreAuthorize("hasRole('LISTE_PARTICIPANTS')")
 
+  @PreAuthorize("hasAnyAuthority('Participant', 'Organisateur')")
 
   public List<ParticipantList> getList() 
   { 
     return participantRepository.getList(); 
@@ -49,14 +49,14 @@ public class ParticipantController
 
 
   
   @GetMapping(value = "/option-list")
 
-  //@PreAuthorize("hasRole('LISTE_PARTICIPANTS')")
 
+  @PreAuthorize("hasAnyAuthority('Participant', 'Organisateur')")
 
   public List<ParticipantOptionList> getOptionList() 
   { 
     return participantRepository.getOptionList(); 
   }
 
 
   @GetMapping(value = "/form/{id}")
 
-  //@PreAuthorize("hasRole('LISTE_PARTICIPANTS')")
 
+  @PreAuthorize("hasAnyAuthority('Participant', 'Organisateur')")
 
   public ResponseEntity<ParticipantTransfer> getForm(@PathVariable int id) 
   { 
     ParticipantTransfer p = participantRepository.searchById(id);
 
@@ -67,7 +67,7 @@ public class ParticipantController
 
   }
 
 
   @PostMapping(value = "/create")
 
-  //@PreAuthorize("hasRole('LISTE_PARTICIPANTS')")
 
+  @PreAuthorize("hasAnyAuthority('Participant', 'Organisateur')")
 
   public ResponseEntity<Object> create(@RequestBody(required = true) ParticipantTransfer participant) 
   { 
     Participant found = participantRepository.findById(0);
 
@@ -133,7 +133,7 @@ public class ParticipantController
 
   }
 
 
   @PutMapping(value = "/update/{id}")
 
-  //@PreAuthorize("hasRole('LISTE_PARTICIPANTS')")
 
+  @PreAuthorize("hasAnyAuthority('Participant', 'Organisateur')")
 
   public ResponseEntity<Object> update(@PathVariable int id, @RequestBody(required = true) ParticipantTransfer participant) 
   { 
     Participant found = participantRepository.findById(id);
 
@@ -189,7 +189,7 @@ public class ParticipantController
 
   }
 
 
   @DeleteMapping(value = "/delete/{id}")
 
-  //@PreAuthorize("hasRole('LISTE_PARTICIPANTS')")
 
+  @PreAuthorize("hasAnyAuthority('Participant', 'Organisateur')")
 
   public ResponseEntity<Map<String, Boolean>> disableParticipant(@PathVariable int id) 
   { 
     Participant found = participantRepository.getReferenceById(id);

+ 5 - 5
src/main/java/fr/triplea/demovote/web/controller/PreferenceController.java
Dosyayı Görüntüle 

@@ -4,7 +4,7 @@ import java.util.List;
 
 
 import org.springframework.beans.factory.annotation.Autowired;
 
 import org.springframework.http.ResponseEntity;
 
-//import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
 import org.springframework.web.bind.annotation.CrossOrigin;
 
 import org.springframework.web.bind.annotation.PathVariable;
 
 import org.springframework.web.bind.annotation.PostMapping;
 
@@ -20,7 +20,7 @@ import fr.triplea.demovote.persistence.model.Preference;
 
 
 @CrossOrigin(origins = "http://localhost:4200")
 
 @RestController
 
-@RequestMapping("/demovote-api/v1/preference")
 
+@RequestMapping("/preference")
 
 public class PreferenceController 
 {
 
 
@@ -29,14 +29,14 @@ public class PreferenceController
 
 
   
   @PostMapping(value = "/list")
 
-  //@PreAuthorize("hasRole('LISTE_PREFERENCES')")
 
+  @PreAuthorize("hasAuthority('Participant')")
 
   public List<Preference> get(@RequestParam(required = true) Participant numParticipant, @RequestParam(required = false) int numTraitement) 
   { 
     return preferenceRepository.findByParticipantAndTraitement(numParticipant, numTraitement); 
   }
 
 
   @PostMapping(value = "/create")
 
-  //@PreAuthorize("hasRole('LISTE_PREFERENCES')")
 
+  @PreAuthorize("hasAuthority('Participant')")
 
   public Preference create(@RequestBody(required = true) Preference preference) 
   { 
     Preference found = preferenceRepository.findById(0);
 
@@ -47,7 +47,7 @@ public class PreferenceController
 
   }
 
 
   @PutMapping(value = "/update/{id}")
 
-  //@PreAuthorize("hasRole('LISTE_PREFERENCES')")
 
+  @PreAuthorize("hasAuthority('Participant')")
 
   public ResponseEntity<Preference> update(@PathVariable int id, @RequestBody(required = true) Preference preference) 
   { 
     Preference found = preferenceRepository.findById(id);

+ 3 - 3
src/main/java/fr/triplea/demovote/web/controller/PresentationController.java
Dosyayı Görüntüle 

@@ -4,7 +4,7 @@ package fr.triplea.demovote.web.controller;
 
 import java.util.List;
 
 
 import org.springframework.beans.factory.annotation.Autowired;
 
-//import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
 import org.springframework.web.bind.annotation.CrossOrigin;
 
 import org.springframework.web.bind.annotation.GetMapping;
 
 import org.springframework.web.bind.annotation.RequestMapping;
 
@@ -15,7 +15,7 @@ import fr.triplea.demovote.persistence.model.Presentation;
 
 
 @CrossOrigin(origins = "http://localhost:4200")
 
 @RestController
 
-@RequestMapping("/demovote-api/v1/presentation")
 
+@RequestMapping("/presentation")
 
 public class PresentationController 
 {
 
 
@@ -23,7 +23,7 @@ public class PresentationController
 
   private PresentationRepository presentationRepository;
 
  
   @GetMapping(value = "/list")
 
-  //@PreAuthorize("hasRole('LISTE_PRESENTATIONS')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public List<Presentation> getList() 
   {
 
     return presentationRepository.findAll();

+ 10 - 9
src/main/java/fr/triplea/demovote/web/controller/ProductionController.java
Dosyayı Görüntüle 

@@ -11,7 +11,7 @@ import org.springframework.core.io.ByteArrayResource;
 
 import org.springframework.core.io.Resource;
 
 import org.springframework.http.HttpHeaders;
 
 import org.springframework.http.ResponseEntity;
 
-//import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
 import org.springframework.web.bind.annotation.CrossOrigin;
 
 import org.springframework.web.bind.annotation.DeleteMapping;
 
 import org.springframework.web.bind.annotation.GetMapping;
 
@@ -38,7 +38,7 @@ import jakarta.servlet.http.HttpServletRequest;
 
 
 @CrossOrigin(origins = "http://localhost:4200")
 
 @RestController
 
-@RequestMapping("/demovote-api/v1/production")
 
+@RequestMapping("/production")
 
 public class ProductionController 
 {
 
 
@@ -53,7 +53,7 @@ public class ProductionController
 
 
   
   @GetMapping(value = "/list")
 
-  //@PreAuthorize("hasAnyRole('LISTE_PRODUCTIONS_ADMIN', 'LISTE_PRODUCTIONS_USER')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public List<Production> getList(@RequestParam(required = false) String type) 
   { 
     List<ProductionShort> prods = productionRepository.findAllWithoutArchive();
 
@@ -66,6 +66,7 @@ public class ProductionController
 
   }
 
 
   @GetMapping(value = "/file/{id}")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   @ResponseBody
 
   public ResponseEntity<Resource> getFile(@PathVariable int id) 
   {
 
@@ -86,7 +87,7 @@ public class ProductionController
 
   }
 
 
   @GetMapping(value = "/form/{id}")
 
-  //@PreAuthorize("hasAnyRole('LISTE_PRODUCTIONS_ADMIN', 'LISTE_PRODUCTIONS_USER')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public ResponseEntity<Production> getForm(@PathVariable int id)
 
   { 
     ProductionShort p = productionRepository.findByIdWithoutArchive(id);
 
@@ -97,7 +98,7 @@ public class ProductionController
 
   }
 
 
   @GetMapping(value = "/formfile/{id}")
 
-  //@PreAuthorize("hasAnyRole('LISTE_PRODUCTIONS_ADMIN', 'LISTE_PRODUCTIONS_USER')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public ResponseEntity<ProductionFile> getFormFile(@PathVariable int id)
 
   { 
     ProductionFile p = productionRepository.findByIdForUpload(id);
 
@@ -108,7 +109,7 @@ public class ProductionController
 
   }
 
 
   @PostMapping(value = "/create")
 
-  //@PreAuthorize("hasAnyRole('LISTE_PRODUCTIONS_ADMIN', 'LISTE_PRODUCTIONS_USER')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public ResponseEntity<Map<String, Boolean>> create(@RequestBody(required = true) ProductionTransfer production, HttpServletRequest request) 
   { 
     Participant participant = participantRepository.findById(production.numeroParticipant());
 
@@ -152,7 +153,7 @@ public class ProductionController
 
   }
 
  
   @PutMapping(value = "/update/{id}")
 
-  //@PreAuthorize("hasAnyRole('LISTE_PRODUCTIONS_ADMIN', 'LISTE_PRODUCTIONS_USER')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public ResponseEntity<Map<String, Boolean>> update(@PathVariable int id, @RequestBody(required = true) ProductionUpdate production) 
   { 
     Production found = productionRepository.findById(id);
 
@@ -197,7 +198,7 @@ public class ProductionController
 
   }
 
   
   @PutMapping(value = "/upload/{id}")
 
-  //@PreAuthorize("hasAnyRole('LISTE_PRODUCTIONS_ADMIN', 'LISTE_PRODUCTIONS_USER')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public ResponseEntity<Map<String, Boolean>> update(@PathVariable int id, @RequestBody(required = true) ProductionFile production) 
   { 
     Production found = productionRepository.findById(id);
 
@@ -234,7 +235,7 @@ public class ProductionController
 
   }
 
 
   @DeleteMapping(value = "/delete/{id}")
 
-  //@PreAuthorize("hasAnyRole('LISTE_PRODUCTIONS_ADMIN', 'LISTE_PRODUCTIONS_USER')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public ResponseEntity<Map<String, Boolean>> disableProduction(@PathVariable int id) 
   { 
     Production found = productionRepository.getReferenceById(id);

+ 8 - 8
src/main/java/fr/triplea/demovote/web/controller/VariableController.java
Dosyayı Görüntüle 

@@ -7,7 +7,7 @@ import java.util.Map;
 
 
 import org.springframework.beans.factory.annotation.Autowired;
 
 import org.springframework.http.ResponseEntity;
 
-//import org.springframework.security.access.prepost.PreAuthorize;
 
+import org.springframework.security.access.prepost.PreAuthorize;
 
 import org.springframework.web.bind.annotation.CrossOrigin;
 
 import org.springframework.web.bind.annotation.DeleteMapping;
 
 import org.springframework.web.bind.annotation.GetMapping;
 
@@ -25,7 +25,7 @@ import fr.triplea.demovote.persistence.model.Variable;
 
 
 @CrossOrigin(origins = "http://localhost:4200")
 
 @RestController
 
-@RequestMapping("/demovote-api/v1/variable")
 
+@RequestMapping("/variable")
 
 public class VariableController 
 {
 
 
@@ -34,7 +34,7 @@ public class VariableController
 
 
 
   @GetMapping(value = "/list")
 
-  //@PreAuthorize("hasRole('LISTE_VARIABLES')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public List<Variable> getList(@RequestParam(required = false) String type) 
   { 
     if (type == null) { return variableRepository.findAll(); }
 
@@ -45,14 +45,14 @@ public class VariableController
 
   }
 
   
   @GetMapping(value = "/option-list")
 
-  //@PreAuthorize("hasRole('LISTE_VARIABLES')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public List<VariableTypeOptionList> getOptionList() 
   { 
     return variableRepository.getTypes(); 
   }
 
  
   @GetMapping(value = "/form/{id}")
 
-  //@PreAuthorize("hasRole('LISTE_VARIABLES')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public ResponseEntity<Variable> getForm(@PathVariable int id) 
   { 
     Variable v = variableRepository.findById(id);
 
@@ -63,7 +63,7 @@ public class VariableController
 
   }
 
 
   @PostMapping(value = "/create")
 
-  //@PreAuthorize("hasRole('LISTE_VARIABLES')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public Variable create(@RequestBody(required = true) Variable variable) 
   { 
     Variable found = variableRepository.findById(0);
 
@@ -76,7 +76,7 @@ public class VariableController
 
   }
 
  
   @PutMapping(value = "/update/{id}")
 
-  //@PreAuthorize("hasRole('LISTE_VARIABLES')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public ResponseEntity<Variable> update(@PathVariable int id, @RequestBody(required = true) Variable variable) 
   { 
     Variable found = variableRepository.findById(id);
 
@@ -97,7 +97,7 @@ public class VariableController
 
   }
 
 
   @DeleteMapping(value = "/delete/{id}")
 
-  //@PreAuthorize("hasRole('LISTE_VARIABLES')")
 
+  @PreAuthorize("hasAuthority('Administrateur')")
 
   public ResponseEntity<Map<String, Boolean>> deleteVariable(@PathVariable int id) 
   { 
     Variable found = variableRepository.findById(id);

+ 1 - 1
src/main/resources/application.properties
Dosyayı Görüntüle 

@@ -10,4 +10,4 @@ spring.jpa.properties.hibernate.dialect=org.hibernate.dialect.PostgreSQLDialect
 
 
 logging.level.org.springframework=INFO
 
 
-server.servlet.context-path=/
 
+server.servlet.context-path=/demovote-api/v1