Skip to content

Commit

Permalink
Fix : Fusion des controllers récupérant l'ensemble des demandes en fo…
Browse files Browse the repository at this point in the history 
…nction du role et du paramètre d'archive
  • Loading branch information
@pierre-maraval
pierre-maraval committed May 30, 2024
1 parent c6ef879 commit 1c019d3
Show file tree
Hide file tree
Showing 4 changed files with 86 additions and 99 deletions.
1 change: 1 addition & 0 deletions web/src/main/java/fr/abes/item/security/CustomAuthenticationManager.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -65,6 +65,7 @@ public Authentication authenticate(Authentication authentication)
} else {
authorities = Collections.emptyList();
}
u.setAuthorities(authorities);
UsernamePasswordAuthenticationToken auth = new UsernamePasswordAuthenticationToken(u, null, authorities);
SecurityContextHolder.getContext().setAuthentication(auth);
authenticationEventPublisher.publishAuthenticationSuccess(auth);
Expand Down
102 changes: 49 additions & 53 deletions web/src/main/java/fr/abes/item/security/User.java
View file
Original file line number Diff line number Diff line change
@@ -1,76 +1,57 @@
package fr.abes.item.security;

public class User
{
import lombok.Getter;
import lombok.NoArgsConstructor;
import lombok.Setter;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.userdetails.UserDetails;

import java.util.Collection;

@NoArgsConstructor
public class User implements UserDetails {
@Getter @Setter
private Collection<? extends GrantedAuthority> authorities;

@Getter @Setter
private String userNum;

@Getter @Setter
private String userKey;

@Getter @Setter
private String userGroup;

@Setter
private String role;

@Getter @Setter
private String library;

@Getter @Setter
private String shortName;

@Getter @Setter
private String loginAllowed;

@Getter @Setter
private String iln;

@Getter @Setter
private String libRcr;

@Getter @Setter
private String mail;

public void setUserNum(String userNum){
this.userNum = userNum;
}
@Getter @Setter
private String password;

public String getUserNum(){
return this.userNum;
}
public void setUserKey(String userKey){
public User(String userNum, String userKey, String userGroup) {
this.userNum = userNum;
this.userKey = userKey;
}
public String getUserKey(){
return this.userKey;
}
public void setUserGroup(String userGroup){
this.userGroup = userGroup;
}
public String getUserGroup(){
return this.userGroup;
}
public void setLibrary(String library){
this.library = library;
}
public String getLibrary(){
return this.library;
}
public void setShortName(String shortName){
this.shortName = shortName;
}
public String getShortName(){
return this.shortName;
}
public void setLoginAllowed(String loginAllowed){
this.loginAllowed = loginAllowed;
}
public String getLoginAllowed(){
return this.loginAllowed;
}
public void setIln(String iln){
this.iln = iln;
}
public String getIln(){
return this.iln;
}
public void setLibRcr(String libRcr){
this.libRcr = libRcr;
}
public String getLibRcr(){
return this.libRcr;
}

public String getRole() {
if (role == null || role.isEmpty()) {
if (this.userGroup.toLowerCase().trim().equals("coordinateur"))
Expand All @@ -80,15 +61,30 @@ public String getRole() {
}
return this.role;
}
public void setRole(String role) {
this.role = role;

@Override
public String getUsername() {
return this.userKey;
}

@Override
public boolean isAccountNonExpired() {
return false;
}
public String getMail() {
return mail;

@Override
public boolean isAccountNonLocked() {
return false;
}

@Override
public boolean isCredentialsNonExpired() {
return false;
}

public void setMail(String mail) {
this.mail = mail;
@Override
public boolean isEnabled() {
return false;
}
}

54 changes: 19 additions & 35 deletions web/src/main/java/fr/abes/item/web/DemandeRestService.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -18,6 +18,9 @@
import jakarta.servlet.http.HttpServletRequest;
import lombok.extern.slf4j.Slf4j;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;

Expand Down Expand Up @@ -50,44 +53,25 @@ public DemandeRestService(DemandeExempService demandeExempService, CheckAccessTo
* @return Une liste de demandes
*/
@GetMapping(value = "/demandes")
@PreAuthorize("hasAuthority('ADMIN')")
@Operation(summary = "renvoie les demandes pour les administrateurs",
description = "renvoie les demande terminées et en erreur de tout le monde et toutes les demandeModifs créées par cet iln")
public List<DemandeWebDto> getAllActiveDemandes(@RequestParam("type") TYPE_DEMANDE type, @RequestParam("extension") boolean extension, HttpServletRequest request) {
@PreAuthorize("hasAnyAuthority('USER','ADMIN')")
@Operation(summary = "renvoie les demandes en fonction du rôle de l'utilisateur",
description = "renvoie les demande terminées et en erreur de tout le monde et toutes les demande créées par cet iln")
public List<DemandeWebDto> getAllActiveDemandes(@RequestParam("type") TYPE_DEMANDE type, @RequestParam("archive") boolean archive, @RequestParam("extension") boolean extension, HttpServletRequest request) {
String iln = request.getAttribute("iln").toString();
IDemandeService service = strategy.getStrategy(IDemandeService.class, type);
return (!extension) ? service.getAllActiveDemandesForAdmin(iln).stream().map(element -> builder.buildDto(element, type)).collect(Collectors.toList()) : service.getAllActiveDemandesForAdminExtended().stream().map(element -> builder.buildDto(element, type)).collect(Collectors.toList());
}
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
String role = ((UserDetails)authentication.getPrincipal()).getAuthorities().stream().findFirst().get().toString();

/**
* Webservice : retour de l'ensemble des demandes pour un utilisateur
*
* @return liste des demandeModifs non archivées de l'utilisateur
*/
@GetMapping(value = "/chercherDemandes")
@PreAuthorize("hasAuthority('USER')")
@Operation(summary = "renvoie les demandes de modif pour ce usernum",
description = "renvoie toutes les demandes créées par cet iln")
public List<DemandeWebDto> chercher(@RequestParam("type") TYPE_DEMANDE type, HttpServletRequest request) {
String iln = request.getAttribute("iln").toString();
IDemandeService service = strategy.getStrategy(IDemandeService.class, type);
return service.getActiveDemandesForUser(iln).stream().map(element -> builder.buildDto(element, type)).collect(Collectors.toList());
}

/**
* Webservices : retour des demandes archivées
*
* @param type type de demande concernée par le webservice
* @return liste des demandes archivées de l'utilisateur
*/
@GetMapping(value = "/chercherArchives")
@PreAuthorize("hasAnyAuthority('USER', 'ADMIN')")
@Operation(summary = "renvoie les demandes archivées pour cet iln",
description = "renvoie les demandeModifs archivées créées par cet iln")
public List<DemandeWebDto> getAllArchivedDemandes(@RequestParam("type") TYPE_DEMANDE type, @RequestParam("extension") boolean extension, HttpServletRequest request) {
String iln = request.getAttribute("iln").toString();
IDemandeService service = strategy.getStrategy(IDemandeService.class, type);
return (!extension) ? service.getAllArchivedDemandes(iln).stream().map(element -> builder.buildDto(element, type)).collect(Collectors.toList()) : service.getAllArchivedDemandesAllIln().stream().map(element -> builder.buildDto(element, type)).collect(Collectors.toList());
if (role.equals("ADMIN")) {
if (archive) {
return (!extension) ? service.getAllArchivedDemandes(iln).stream().map(element -> builder.buildDto(element, type)).collect(Collectors.toList()) : service.getAllArchivedDemandesAllIln().stream().map(element -> builder.buildDto(element, type)).collect(Collectors.toList());
}
else {
return (!extension) ? service.getAllActiveDemandesForAdmin(iln).stream().map(element -> builder.buildDto(element, type)).collect(Collectors.toList()) : service.getAllActiveDemandesForAdminExtended().stream().map(element -> builder.buildDto(element, type)).collect(Collectors.toList());
}
}
//role USER
return (archive) ? service.getAllArchivedDemandes(iln).stream().map(element -> builder.buildDto(element, type)).collect(Collectors.toList()) : service.getActiveDemandesForUser(iln).stream().map(element -> builder.buildDto(element, type)).collect(Collectors.toList());
}

/**
Expand Down
28 changes: 17 additions & 11 deletions web/src/test/java/fr/abes/item/web/impl/DemandeRestServiceTest.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -13,15 +13,13 @@
import fr.abes.item.web.DemandeRestService;
import org.junit.jupiter.api.BeforeEach;
import org.junit.jupiter.api.Test;
import org.junit.jupiter.api.extension.ExtendWith;
import org.mockito.InjectMocks;
import org.mockito.Mockito;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.test.context.SpringBootTest;
import org.springframework.boot.test.mock.mockito.MockBean;
import org.springframework.mock.web.MockMultipartFile;
import org.springframework.security.test.context.support.WithMockUser;
import org.springframework.test.context.junit.jupiter.SpringExtension;
import org.springframework.test.web.servlet.MockMvc;
import org.springframework.test.web.servlet.setup.MockMvcBuilders;
import org.springframework.web.context.WebApplicationContext;
Expand All @@ -35,7 +33,6 @@
import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;

@SpringBootTest(classes = {DemandeRestService.class, StrategyFactory.class, DtoBuilder.class, ObjectMapper.class})
@ExtendWith({SpringExtension.class})
class DemandeRestServiceTest {
@Autowired
WebApplicationContext context;
Expand All @@ -55,6 +52,7 @@ class DemandeRestServiceTest {
ObjectMapper mapper;

List<Demande> demandeExemps = new ArrayList<>();

MockMvc mockMvc;

@BeforeEach
Expand All @@ -80,9 +78,9 @@ void init() {

@Test
@WithMockUser(authorities = {"ADMIN"})
void testGetAllActiveDemandes() throws Exception {
void testGetAllActiveDemandesForAdmin() throws Exception {
Mockito.when(demandeExempService.getAllActiveDemandesForAdminExtended()).thenReturn(this.demandeExemps);
this.mockMvc.perform(get("/api/v1/demandes?type=EXEMP&extension=true").requestAttr("iln", "1"))
this.mockMvc.perform(get("/api/v1/demandes?type=EXEMP&archive=false&extension=true").requestAttr("iln", "1"))
.andExpect(status().isOk())
.andExpect(jsonPath("$[0].id").value("1"))
.andExpect(jsonPath("$[0].rcr").value("111111111"))
Expand All @@ -91,9 +89,13 @@ void testGetAllActiveDemandes() throws Exception {
.andExpect(jsonPath("$[1].rcr").value("222222222"))
.andExpect(jsonPath("$[1].typeExemp").value("Monographies"));

}

@Test
@WithMockUser(authorities = {"ADMIN"})
void testGetAllActiveDemandesForAdminExtender() throws Exception {
Mockito.when(demandeExempService.getAllActiveDemandesForAdmin("1")).thenReturn(this.demandeExemps);
this.mockMvc.perform(get("/api/v1/demandes?type=EXEMP&extension=false").requestAttr("iln", "1"))
this.mockMvc.perform(get("/api/v1/demandes?type=EXEMP&archive=false&extension=false").requestAttr("iln", "1"))
.andExpect(status().isOk())
.andExpect(jsonPath("$[0].id").value("1"))
.andExpect(jsonPath("$[0].rcr").value("111111111"))
Expand All @@ -105,7 +107,7 @@ void testGetAllActiveDemandes() throws Exception {
@WithMockUser(authorities = {"USER"})
void testChercher() throws Exception {
Mockito.when(demandeExempService.getActiveDemandesForUser("1")).thenReturn(this.demandeExemps);
this.mockMvc.perform(get("/api/v1/chercherDemandes?type=EXEMP&extension=true").requestAttr("iln", "1"))
this.mockMvc.perform(get("/api/v1/demandes?type=EXEMP&archive=false&extension=true").requestAttr("iln", "1"))
.andExpect(status().isOk())
.andExpect(jsonPath("$[0].id").value("1"))
.andExpect(jsonPath("$[0].rcr").value("111111111"))
Expand All @@ -115,17 +117,21 @@ void testChercher() throws Exception {

@Test
@WithMockUser(authorities = {"USER"})
void testGetAllArchivedDemandes() throws Exception {
Mockito.when(demandeExempService.getAllArchivedDemandesAllIln()).thenReturn(this.demandeExemps);
this.mockMvc.perform(get("/api/v1/chercherArchives?type=EXEMP&extension=true").requestAttr("iln", "1"))
void testGetAllArtiveDemandes() throws Exception {
Mockito.when(demandeExempService.getActiveDemandesForUser("1")).thenReturn(this.demandeExemps);
this.mockMvc.perform(get("/api/v1/demandes?type=EXEMP&archive=false&extension=true").requestAttr("iln", "1"))
.andExpect(status().isOk())
.andExpect(jsonPath("$[0].id").value("1"))
.andExpect(jsonPath("$[0].rcr").value("111111111"))
.andExpect(jsonPath("$[1].id").value("2"))
.andExpect(jsonPath("$[1].rcr").value("222222222"));
}

@Test
@WithMockUser(authorities = {"USER"})
void testGetAllArchivedDemandes() throws Exception {
Mockito.when(demandeExempService.getAllArchivedDemandes("1")).thenReturn(this.demandeExemps);
this.mockMvc.perform(get("/api/v1/chercherArchives?type=EXEMP&extension=false").requestAttr("iln", "1"))
this.mockMvc.perform(get("/api/v1/demandes?type=EXEMP&archive=true&extension=false").requestAttr("iln", "1"))
.andExpect(status().isOk())
.andExpect(jsonPath("$[0].id").value("1"))
.andExpect(jsonPath("$[0].rcr").value("111111111"))
Expand Down

0 comments on commit 1c019d3

Please sign in to comment.