Merge remote-tracking branch 'origin/main'
This commit is contained in:
tuanvu
6
back_end/package-lock.json
generated
Normal file
6
back_end/package-lock.json
generated
Normal file
@@ -0,0 +1,6 @@
|
||||
{
|
||||
"name": "back_end",
|
||||
"lockfileVersion": 3,
|
||||
"requires": true,
|
||||
"packages": {}
|
||||
}
|
||||
@@ -6,11 +6,15 @@ import java.util.Map;
|
||||
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.http.HttpMethod;
|
||||
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
|
||||
import org.springframework.security.config.annotation.web.configuration.EnableWebSecurity;
|
||||
import org.springframework.security.core.authority.SimpleGrantedAuthority;
|
||||
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken;
|
||||
import org.springframework.security.web.SecurityFilterChain;
|
||||
import org.springframework.web.cors.CorsConfiguration;
|
||||
import org.springframework.web.cors.CorsConfigurationSource;
|
||||
import org.springframework.web.cors.UrlBasedCorsConfigurationSource;
|
||||
|
||||
@Configuration
|
||||
@EnableWebSecurity
|
||||
@@ -19,9 +23,10 @@ public class WebSecurityConfig {
|
||||
@Bean
|
||||
public SecurityFilterChain securityFilterChain(HttpSecurity http) throws Exception {
|
||||
http
|
||||
.cors(cors -> cors.configurationSource(corsConfigurationSource()))
|
||||
.csrf(csrf -> csrf.disable())
|
||||
.authorizeHttpRequests(auth -> auth
|
||||
.requestMatchers("/", "/public", "/coach/**").permitAll() // allow coach endpoints
|
||||
.requestMatchers(HttpMethod.OPTIONS, "/", "/public", "/coach/**").permitAll() // allow coach endpoints
|
||||
.requestMatchers("/admin/**").hasRole("admin")
|
||||
.requestMatchers("/user/**").hasRole("user")
|
||||
.anyRequest().authenticated())
|
||||
@@ -29,6 +34,7 @@ public class WebSecurityConfig {
|
||||
.jwt(jwt -> jwt.jwtAuthenticationConverter(jwtToken -> {
|
||||
Map<String, Collection<String>> realmAccess = jwtToken.getClaim("realm_access");
|
||||
Collection<String> roles = realmAccess.get("roles");
|
||||
System.out.println("ROLES FROM TOKEN " + roles);
|
||||
List<SimpleGrantedAuthority> authorities = roles.stream()
|
||||
.map(role -> new SimpleGrantedAuthority("ROLE_" + role))
|
||||
.toList();
|
||||
@@ -37,4 +43,18 @@ public class WebSecurityConfig {
|
||||
|
||||
return http.build();
|
||||
}
|
||||
|
||||
|
||||
@Bean
|
||||
public CorsConfigurationSource corsConfigurationSource() {
|
||||
CorsConfiguration config = new CorsConfiguration();
|
||||
config.setAllowedOrigins(List.of("http://localhost:3000"));
|
||||
config.setAllowedMethods(List.of("GET", "POST", "PUT", "DELETE", "OPTIONS"));
|
||||
config.setAllowCredentials(true);
|
||||
config.setAllowedHeaders(List.of("Authorization", "Content-Type"));
|
||||
UrlBasedCorsConfigurationSource source =
|
||||
new UrlBasedCorsConfigurationSource();
|
||||
source.registerCorsConfiguration("/**", config);
|
||||
return source;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -14,7 +14,7 @@ import jakarta.persistence.Entity;
|
||||
public class Admin extends User{
|
||||
|
||||
public Admin(String id_keycloak, String name, String prenom){
|
||||
super(name, id_keycloak, prenom, Role.ADMIN );
|
||||
super(name, id_keycloak, prenom, Role.admin );
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -28,7 +28,7 @@ public class Athlete extends User{
|
||||
private List<Session> sessions = new ArrayList<>(); // plusieurs sessions sont possibles
|
||||
|
||||
public Athlete(String name, String id_keycloak, String prenom){
|
||||
super(name, id_keycloak, prenom, Role.ATHLETE);
|
||||
super(name, id_keycloak, prenom, Role.athlete);
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -20,7 +20,7 @@ public class Coach extends User{
|
||||
private List<Session> sessions = new ArrayList<>(); // Un coach peut avoir plusieurs sessions
|
||||
|
||||
public Coach(String name, String id_keycloak, String prenom){
|
||||
super(name, id_keycloak, prenom, Role.COACH );
|
||||
super(name, id_keycloak, prenom, Role.coach );
|
||||
}
|
||||
|
||||
@Override
|
||||
|
||||
@@ -1,7 +1,7 @@
|
||||
package hackathon.FrisbYEE.jpa.metier;
|
||||
|
||||
public enum Role {
|
||||
ADMIN,
|
||||
COACH,
|
||||
ATHLETE
|
||||
admin,
|
||||
coach,
|
||||
athlete
|
||||
}
|
||||
@@ -58,7 +58,7 @@ public class Session {
|
||||
}
|
||||
|
||||
public void setCoach(Coach coach) {
|
||||
if (coach.getRole() != Role.COACH) {
|
||||
if (coach.getRole() != Role.coach) {
|
||||
throw new IllegalArgumentException("L'utilisateur n'est pas un coach");
|
||||
}
|
||||
this.coach = coach;
|
||||
@@ -66,7 +66,7 @@ public class Session {
|
||||
|
||||
public void setAthletes(List<Athlete> athletes) {
|
||||
for (Athlete athlete : athletes) {
|
||||
if (athlete.getRole() != Role.ATHLETE) {
|
||||
if (athlete.getRole() != Role.athlete) {
|
||||
throw new IllegalArgumentException("L'utilisateur n'est pas un athlète");
|
||||
}
|
||||
}
|
||||
|
||||
@@ -20,6 +20,7 @@ import org.springframework.web.bind.annotation.*;
|
||||
import java.util.List;
|
||||
import java.util.stream.Collectors;
|
||||
|
||||
|
||||
@CrossOrigin(origins = "http://localhost:3000")
|
||||
@Controller
|
||||
@RequestMapping("/activite")
|
||||
@@ -49,6 +50,7 @@ public class ActiviteResource {
|
||||
public ResponseEntity<String> create(@RequestBody ActiviteDTO dto) {
|
||||
|
||||
try {
|
||||
System.out.println("ROLE TEST " + hackathon.FrisbYEE.jpa.metier.Role.coach);
|
||||
Session session = sessionDAO.findById(dto.getSessionId()).get();
|
||||
Activite activite = mapToEntity(dto);
|
||||
activite.setSession(session);
|
||||
|
||||
Reference in New Issue
Block a user