chore (migration) migration jhipster 7

ef6d5c45 · François-Xavier Lebastard · 4dc1bfa8 · df427f6a · ef6d5c45 · ef6d5c45
Commit ef6d5c45 authored Apr 06, 2021 by François-Xavier Lebastard
--- a/package-lock.json
+++ b/package-lock.json
--- a/package.json
+++ b/package.json
@@ -71,12 +71,7 @@
    "not ie <= 8"
  ],
  "dependencies": {
-    "@fortawesome/fontawesome-svg-core": "1.2.35",
-    "@fortawesome/free-solid-svg-icons": "5.15.3",
-    "@fortawesome/vue-fontawesome": "2.0.2",
    "axios": "0.21.1",
-    "bootstrap": "4.6.0",
-    "bootstrap-vue": "2.21.2",
    "dayjs": "1.10.4",
    "swagger-ui-dist": "3.45.0",
    "vue": "2.6.12",
@@ -92,6 +87,7 @@
    "vuex": "3.6.2"
  },
  "devDependencies": {
+    "@tailwindcss/line-clamp": "^0.2.0",
    "@tailwindcss/postcss7-compat": "^2.0.3",
    "@types/jest": "26.0.20",
    "@types/node": "14.14.35",
@@ -112,6 +108,7 @@
    "concurrently": "6.0.0",
    "copy-webpack-plugin": "8.0.0",
    "css-loader": "5.1.3",
+    "csso": "^4.2.0",
    "eslint": "7.22.0",
    "eslint-plugin-prettier": "3.3.1",
    "eslint-plugin-vue": "7.7.0",
@@ -135,6 +132,7 @@
    "optimize-css-assets-webpack-plugin": "5.0.4",
    "portfinder": "1.0.28",
    "postcss": "8.2.8",
+    "postcss-csso": "^4.0.0",
    "postcss-import": "14.0.0",
    "postcss-loader": "5.2.0",
    "postcss-url": "10.1.1",
@@ -142,10 +140,10 @@
    "prettier-plugin-java": "1.0.2",
    "prettier-plugin-packagejson": "2.2.10",
    "rimraf": "3.0.2",
-    "sass": "1.32.8",
-    "sass-loader": "11.0.1",
    "sinon": "9.2.4",
+    "style-loader": "^1.1.4",
    "tailwindcss": "npm:@tailwindcss/postcss7-compat@^2.0.3",
+    "tailwindcss-cli": "^0.1.2",
    "terser-webpack-plugin": "5.1.1",
    "ts-jest": "26.5.4",
    "ts-loader": "8.0.18",

--- a/.postcssrc.js
+++ b/.postcssrc.js
@@ -7,7 +7,9 @@ module.exports = {
    'postcss-import': {},
    'postcss-url': {},
    tailwindcss,
-    // to edit target browsers: use "browserslist" field in package.json
-    autoprefixer: {},
+    autoprefixer,
+    'postcss-csso': {
+      comments: false,
+    },
  },
 };
--- a/src/main/java/com/unantes/orientactive/repository/UserRepository.java
+++ b/src/main/java/com/unantes/orientactive/repository/UserRepository.java
@@ -9,6 +9,8 @@ import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
 import org.springframework.data.jpa.repository.EntityGraph;
 import org.springframework.data.jpa.repository.JpaRepository;
+import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;

 /**
@@ -39,4 +41,10 @@ public interface UserRepository extends JpaRepository<User, Long> {
    Optional<User> findOneWithAuthoritiesByEmailIgnoreCase(String email);

    Page<User> findAllByIdNotNullAndActivatedIsTrue(Pageable pageable);
+
+    @Query(
+        nativeQuery = true,
+        value = "select distinct id_jhi_authority from role r join role_jhi_authority rj on rj.id_role = r.id join scope s on s.id_role = r.id where id_user = :idUser"
+    )
+    List<String> findAllAuthorities(@Param("idUser") Long idUser);
 }
--- a/src/main/java/com/unantes/orientactive/security/AuthoritiesConstants.java
+++ b/src/main/java/com/unantes/orientactive/security/AuthoritiesConstants.java
@@ -5,11 +5,17 @@ package com.unantes.orientactive.security;
 */
 public final class AuthoritiesConstants {

-    public static final String ADMIN = "ROLE_ADMIN";
-
    public static final String USER = "ROLE_USER";
-
    public static final String ANONYMOUS = "ROLE_ANONYMOUS";
+    public static final String ADMIN = "ADMIN_SAAS";
+    public static final String VIEW_ORGANIZATION = "VIEW_ORGANIZATION";
+    public static final String EDIT_ORGANIZATION = "EDIT_ORGANIZATION";
+    public static final String VIEW_WORKSPACE = "VIEW_WORKSPACE";
+    public static final String EDIT_WORKSPACE = "EDIT_WORKSPACE";
+    public static final String VIEW_FORMS = "VIEW_FORMS";
+    public static final String VIEW_FORM = "VIEW_FORM";
+    public static final String EDIT_FORM = "EDIT_FORM";
+    public static final String VIEW_RESULT = "VIEW_RESULT";

    private AuthoritiesConstants() {}
 }
--- a/src/main/java/com/unantes/orientactive/security/DomainUserDetailsService.java
+++ b/src/main/java/com/unantes/orientactive/security/DomainUserDetailsService.java
@@ -52,11 +52,8 @@ public class DomainUserDetailsService implements UserDetailsService {
        if (!user.isActivated()) {
            throw new UserNotActivatedException("User " + lowercaseLogin + " was not activated");
        }
-        List<GrantedAuthority> grantedAuthorities = user
-            .getAuthorities()
-            .stream()
-            .map(authority -> new SimpleGrantedAuthority(authority.getName()))
-            .collect(Collectors.toList());
+        List<String> authorities = userRepository.findAllAuthorities(user.getId());
+        List<GrantedAuthority> grantedAuthorities = authorities.stream().map(SimpleGrantedAuthority::new).collect(Collectors.toList());
        return new org.springframework.security.core.userdetails.User(user.getLogin(), user.getPassword(), grantedAuthorities);
    }
 }
--- a/src/main/java/com/unantes/orientactive/security/permissions/PermissionService.java
+++ b/src/main/java/com/unantes/orientactive/security/permissions/PermissionService.java
 package com.unantes.orientactive.security.permissions;

 import com.unantes.orientactive.domain.User;
-
 import java.util.List;
+import java.util.Optional;

 /**
 * Abstraction des services comprenant la gestion des permissions.
@@ -96,6 +96,13 @@ public abstract class PermissionService<T extends PermissionEntity> {
     */
    public abstract <U extends PermissionEntity> List<T> findAllByParent(U parent);

+    /**
+     * Permet la récupération d'une entité en particulier via son identifiant.
+     *
+     * @return L'entité.
+     */
+    public abstract Optional<T> findOne(Long idElement);
+
    /**
     * Méthode interne permettant de récupérer les entités que l'utilisateur a la permission d'administer.
     *
@@ -122,5 +129,4 @@ public abstract class PermissionService<T extends PermissionEntity> {
     * @return Présence ou non du wildcard.
     */
    protected abstract boolean hasWildcard(User user);
-
 }
--- a/src/main/java/com/unantes/orientactive/security/permissions/web/FormPermissionController.java
+++ b/src/main/java/com/unantes/orientactive/security/permissions/web/FormPermissionController.java
+package com.unantes.orientactive.security.permissions.web;
+
+import com.unantes.orientactive.service.FormService;
+import com.unantes.orientactive.service.UserService;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * Déclaration de l'API de gestion des droits sur les formulaires.
+ */
+@RestController
+@RequestMapping("/api/forms")
+public class FormPermissionController extends PermissionController {
+
+    /**
+     * Constructeur.
+     *
+     * @param formService Le service des formulaire.
+     * @param userService Le service des utilisateurs.
+     */
+    public FormPermissionController(final FormService formService, final UserService userService) {
+        super(formService, userService);
+    }
+}
--- a/src/main/java/com/unantes/orientactive/security/permissions/web/PermissionController.java
+++ b/src/main/java/com/unantes/orientactive/security/permissions/web/PermissionController.java
+package com.unantes.orientactive.security.permissions.web;
+
+import com.unantes.orientactive.domain.User;
+import com.unantes.orientactive.security.permissions.PermissionEntity;
+import com.unantes.orientactive.security.permissions.PermissionService;
+import com.unantes.orientactive.service.UserService;
+import java.util.Collections;
+import java.util.List;
+import java.util.Optional;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PathVariable;
+
+/**
+ * Mutualisation de la mise en place de l'API des permissions.
+ */
+public abstract class PermissionController {
+
+    /**
+     * Le service des permissions.
+     */
+    protected final PermissionService permissionService;
+
+    /**
+     * Le service des utilisateurs.
+     */
+    protected final UserService userService;
+
+    /**
+     * Constructeur complet.
+     *
+     * @param permissionService Service des permissions
+     * @param userService       Service des utilisateurs.
+     */
+    public PermissionController(final PermissionService permissionService, final UserService userService) {
+        super();
+        this.permissionService = permissionService;
+        this.userService = userService;
+    }
+
+    /**
+     * Ajout d'un rôle à l'utilisateur.
+     *
+     * @param loginUser Login de l'utilisateur.
+     */
+    @GetMapping("/addRole/{loginUser}")
+    public void addRole(@PathVariable final String loginUser) {
+        userService
+            .getUserWithAuthoritiesByLogin(loginUser)
+            .ifPresentOrElse(
+                permissionService::addRole,
+                () -> {
+                    final String message = String.format("Erreur lors de l'ajout du rôle pour l'utilisateur '%s'.", loginUser);
+                    throw new PermissionException(message);
+                }
+            );
+    }
+
+    /**
+     * Ajout d'un rôle à l'utilisateur et ajout d'une permission sur l'entité.
+     *
+     * @param loginUser Login de l'utilisateur.
+     * @param idEntity  Identifiant de l'entité.
+     */
+    @GetMapping("/addRoleWithPermission/{loginUser}/{idEntity}")
+    public void addRoleWithPermission(@PathVariable final String loginUser, @PathVariable final long idEntity) {
+        final Optional<User> userOptional = userService.getUserWithAuthoritiesByLogin(loginUser);
+        final Optional<PermissionEntity> entityOptional = permissionService.findOne(idEntity);
+        if (userOptional.isPresent() && entityOptional.isPresent()) {
+            permissionService.addRoleWithPermission(userOptional.get(), entityOptional.get());
+        } else {
+            final String message = String.format(
+                "Erreur lors de l'ajout du rôle et des permissions pour l'utilisateur '%s' sur l'entité '%s'.",
+                loginUser,
+                idEntity
+            );
+            throw new PermissionException(message);
+        }
+    }
+
+    /**
+     * Suppression du rôle pour l'utilisateur.
+     *
+     * @param loginUser Login de l'utilisateur.
+     */
+    @GetMapping("/removeRole/{loginUser}")
+    public void removeRole(@PathVariable final String loginUser) {
+        userService
+            .getUserWithAuthoritiesByLogin(loginUser)
+            .ifPresentOrElse(
+                permissionService::removeRole,
+                () -> {
+                    final String message = String.format("Erreur lors de la suppression du rôle pour l'utilisateur '%s'.", loginUser);
+                    throw new PermissionException(message);
+                }
+            );
+    }
+
+    /**
+     * Ajout d'une permission.
+     *
+     * @param loginUser Login de l'utilisateur.
+     * @param idEntity  Identifiant de l'entité.
+     */
+    @GetMapping("/addPermission/{loginUser}/{idEntity}")
+    public void addPermission(@PathVariable final String loginUser, @PathVariable final long idEntity) {
+        final Optional<User> userOptional = userService.getUserWithAuthoritiesByLogin(loginUser);
+        final Optional<PermissionEntity> entityOptional = permissionService.findOne(idEntity);
+        if (userOptional.isPresent() && entityOptional.isPresent()) {
+            permissionService.addPermission(userOptional.get(), entityOptional.get());
+        } else {
+            final String message = String.format(
+                "Erreur lors de l'ajout des permissions pour l'utilisateur '%s' sur l'entité '%s'.",
+                loginUser,
+                idEntity
+            );
+            throw new PermissionException(message);
+        }
+    }
+
+    /**
+     * @param loginUser Login de l'utilisateur.
+     * @param idEntity  Identifiant de l'entité.
+     */
+    @GetMapping("/removePermission/{loginUser}/{idEntity}")
+    public void removePermission(@PathVariable final String loginUser, @PathVariable final long idEntity) {
+        final Optional<User> userOptional = userService.getUserWithAuthoritiesByLogin(loginUser);
+        final Optional<PermissionEntity> entityOptional = permissionService.findOne(idEntity);
+        if (userOptional.isPresent() && entityOptional.isPresent()) {
+            permissionService.removePermission(userOptional.get(), entityOptional.get());
+        } else {
+            final String message = String.format(
+                "Erreur lors de la suppression des permissions pour l'utilisateur '%s' sur l'entité '%s'.",
+                loginUser,
+                idEntity
+            );
+            throw new PermissionException(message);
+        }
+    }
+
+    /**
+     * récupérer les entités que l'utilisateur a la permission d'administer.
+     *
+     * @param loginUser     Login de l'utilisateur.
+     * @param idParentEtity Identifiant de l'entité.
+     * @return La liste des entités administrables par l'utilisateur.
+     */
+    @GetMapping("/find/{loginUser}/{idParentEtity}")
+    public List<PermissionEntity> find(@PathVariable final String loginUser, @PathVariable final long idParentEtity) {
+        final Optional<User> userOptional = userService.getUserWithAuthoritiesByLogin(loginUser);
+        final Optional<PermissionEntity> entityOptional = permissionService.findOne(idParentEtity);
+        if (userOptional.isPresent() && entityOptional.isPresent()) {
+            return permissionService.find(userOptional.get(), entityOptional.get());
+        }
+        return Collections.emptyList();
+    }
+
+    /**
+     * Vérification des permissions de l'utilisateur sur l'entité.
+     *
+     * @param loginUser Login de l'utilisateur.
+     * @param idEntity  Identifiant de l'entité.
+     * @return Vrai si l'utilisateur à les permissions, sinon faux.
+     */
+    @GetMapping("/hasPermission/{loginUser}/{idEntity}")
+    public boolean hasPermission(@PathVariable final String loginUser, @PathVariable final long idEntity) {
+        final Optional<User> userOptional = userService.getUserWithAuthoritiesByLogin(loginUser);
+        final Optional<PermissionEntity> entityOptional = permissionService.findOne(idEntity);
+        if (userOptional.isPresent() && entityOptional.isPresent()) {
+            return permissionService.hasPermission(userOptional.get(), entityOptional.get());
+        }
+        return false;
+    }
+}
--- a/src/main/java/com/unantes/orientactive/security/permissions/web/PermissionException.java
+++ b/src/main/java/com/unantes/orientactive/security/permissions/web/PermissionException.java
+package com.unantes.orientactive.security.permissions.web;
+
+/**
+ * Erreur générale lors de l'administration des droits.
+ */
+public class PermissionException extends RuntimeException {
+
+    /**
+     * Constructeur.
+     *
+     * @param message Le message.
+     */
+    public PermissionException(final String message) {
+        super(message);
+    }
+}
--- a/src/main/java/com/unantes/orientactive/security/permissions/web/WorkspaceController.java
+++ b/src/main/java/com/unantes/orientactive/security/permissions/web/WorkspaceController.java
+package com.unantes.orientactive.security.permissions.web;
+
+import com.unantes.orientactive.domain.User;
+import com.unantes.orientactive.security.permissions.PermissionEntity;
+import com.unantes.orientactive.service.UserService;
+import com.unantes.orientactive.service.WorkspaceService;
+import java.util.List;
+import java.util.Optional;
+import org.springframework.web.bind.annotation.RequestMapping;
+import org.springframework.web.bind.annotation.RestController;
+
+/**
+ * Déclaration de l'API de gestion des droits sur les workspaces.
+ */
+@RestController
+@RequestMapping("/api/workspaces")
+public class WorkspaceController extends PermissionController {
+
+    /**
+     * Constructeur.
+     *
+     * @param workspaceService Service des workspaces.
+     * @param userService      Service des utilisateurs.
+     */
+    public WorkspaceController(final WorkspaceService workspaceService, final UserService userService) {
+        super(workspaceService, userService);
+    }
+
+    /**
+     * Surcharge de la méthode classique pour supprimer la récupération du parent.
+     * En effet, un workspace n'a pas d'entité parente.
+     *
+     * @param loginUser     Login de l'utilisateur.
+     * @param idParentEtity Identifiant de l'entité.
+     * @return La liste des entités administrables par l'utilisateur.
+     */
+    @Override
+    public List<PermissionEntity> find(String loginUser, long idParentEtity) {
+        final Optional<User> userOptional = userService.getUserWithAuthoritiesByLogin(loginUser);
+        return permissionService.find(userOptional.get(), null);
+    }
+}
--- a/src/main/java/com/unantes/orientactive/service/FormService.java
+++ b/src/main/java/com/unantes/orientactive/service/FormService.java
@@ -14,6 +14,7 @@ import java.util.Optional;
 import java.util.stream.Collectors;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;

@@ -132,36 +133,43 @@ public class FormService extends PermissionService<FormDTO> {
        return formRepository.getFormAnswersSessionIds(id);
    }

+    @PreAuthorize("hasAuthority('EDIT_FORM')")
    @Override
    public void addRole(User user) {
        formRepository.addRole(user.getId(), Role.CONTRIBUTEUR.getId(), false);
    }

+    @PreAuthorize("hasAuthority('EDIT_FORM')")
    @Override
    public void addRoleWithWildcard(User user) {
        formRepository.addRole(user.getId(), Role.CONTRIBUTEUR.getId(), true);
    }

+    @PreAuthorize("hasAuthority('EDIT_FORM')")
    @Override
    public void addRoleWithPermission(User user, FormDTO element) {
        formRepository.addRoleWithPermission(user.getId(), Role.CONTRIBUTEUR.getId(), element.getId());
    }

+    @PreAuthorize("hasAuthority('EDIT_FORM')")
    @Override
    public void removeRole(User user) {
        formRepository.removeRole(user.getId(), Role.CONTRIBUTEUR.getId());
    }

+    @PreAuthorize("hasAuthority('EDIT_FORM')")
    @Override
    public void addPermission(User user, FormDTO element) {
        formRepository.addPermission(user.getId(), element.getId(), Role.CONTRIBUTEUR.getId());
    }

+    @PreAuthorize("hasAuthority('EDIT_FORM')")
    @Override
    public void removePermission(User user, FormDTO element) {
        formRepository.removePermission(user.getId(), element.getId());
    }

+    @PreAuthorize("hasAuthority('VIEW_FORMS')")
    @Override
    protected <U extends PermissionEntity> List<FormDTO> findWithPermission(User user, U parentElement) {
        return formRepository
@@ -171,6 +179,7 @@ public class FormService extends PermissionService<FormDTO> {
            .collect(Collectors.toList());
    }

+    @PreAuthorize("hasAuthority('VIEW_FORMS')")
    @Override
    public <U extends PermissionEntity> List<FormDTO> findAllByParent(U parentElement) {
        return formRepository
@@ -180,11 +189,13 @@ public class FormService extends PermissionService<FormDTO> {
            .collect(Collectors.toCollection(LinkedList::new));
    }

+    @PreAuthorize("hasAuthority('VIEW_FORMS')")
    @Override
    protected boolean hasWildcard(User user) {
        return formRepository.hasWildcard(user.getId(), Role.CONTRIBUTEUR.getId());
    }

+    @PreAuthorize("hasAuthority('VIEW_FORMS')")
    @Override
    protected boolean existPermission(User user, FormDTO element) {
        return formRepository.existPermission(user.getId(), element.getId());

--- a/src/main/java/com/unantes/orientactive/service/UserService.java
+++ b/src/main/java/com/unantes/orientactive/service/UserService.java
@@ -301,12 +301,38 @@ public class UserService {

    @Transactional(readOnly = true)
    public Optional<User> getUserWithAuthoritiesByLogin(String login) {
-        return userRepository.findOneWithAuthoritiesByLogin(login);
+        Optional<User> user = userRepository.findOneWithAuthoritiesByLogin(login);
+        extractUserAuthority(user);
+        return user;
    }

    @Transactional(readOnly = true)
    public Optional<User> getUserWithAuthorities() {
-        return SecurityUtils.getCurrentUserLogin().flatMap(userRepository::findOneWithAuthoritiesByLogin);
+        Optional<User> user = SecurityUtils.getCurrentUserLogin().flatMap(userRepository::findOneWithAuthoritiesByLogin);
+        extractUserAuthority(user);
+        return user;
+    }
+
+    /**
+     * Récupération des authority en fonction des scope.
+     *
+     * @param user L'utilisateur.
+     */
+    private void extractUserAuthority(Optional<User> user) {
+        if (user.isPresent()) {
+            List<String> authorities = findAllAuthorities(user.get().getId());
+            Set<Authority> grantedAuthorities = authorities
+                .stream()
+                .map(
+                    s -> {
+                        Authority authority = new Authority();
+                        authority.setName(s);
+                        return authority;
+                    }
+                )
+                .collect(Collectors.toSet());
+            user.get().setAuthorities(grantedAuthorities);
+        }
    }

    /**
@@ -329,6 +355,7 @@ public class UserService {

    /**
     * Gets a list of all the authorities.
+     *
     * @return a list of all the authorities.
     */
    @Transactional(readOnly = true)
@@ -342,4 +369,8 @@ public class UserService {
            Objects.requireNonNull(cacheManager.getCache(UserRepository.USERS_BY_EMAIL_CACHE)).evict(user.getEmail());
        }
    }
+
+    public List<String> findAllAuthorities(Long idUser) {
+        return userRepository.findAllAuthorities(idUser);
+    }
 }
--- a/src/main/java/com/unantes/orientactive/service/WorkspaceService.java
+++ b/src/main/java/com/unantes/orientactive/service/WorkspaceService.java
@@ -14,6 +14,7 @@ import java.util.Optional;
 import java.util.stream.Collectors;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
+import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;

@@ -102,53 +103,63 @@ public class WorkspaceService extends PermissionService<WorkspaceDTO> {
        workspaceRepository.deleteById(id);
    }

+    @PreAuthorize("hasAuthority('EDIT_WORKSPACE')")
    @Override
    public void addRole(User user) {
        workspaceRepository.addRole(user.getId(), Role.RESPONSABLE_ESPACE.getId(), false);
    }

+    @PreAuthorize("hasAuthority('EDIT_WORKSPACE')")
    @Override
    public void addRoleWithWildcard(User user) {
        workspaceRepository.addRole(user.getId(), Role.RESPONSABLE_ESPACE.getId(), true);
    }

+    @PreAuthorize("hasAuthority('EDIT_WORKSPACE')")
    @Override
    public void addRoleWithPermission(User user, WorkspaceDTO element) {
        workspaceRepository.addRoleWithPermission(user.getId(), Role.RESPONSABLE_ESPACE.getId(), element.getId());
    }

+    @PreAuthorize("hasAuthority('EDIT_WORKSPACE')")
    @Override