From 1ea2a40a0a8da93b43325d740a5d33abbe68ad65 Mon Sep 17 00:00:00 2001 From: Valentin CZERYBA Date: Wed, 18 May 2022 23:03:13 +0200 Subject: [PATCH] add private method + refactoring code --- .../com/covas/Resources/UsersRessources.java | 195 ++++++++++-------- 1 file changed, 110 insertions(+), 85 deletions(-) diff --git a/src/main/java/com/covas/Resources/UsersRessources.java b/src/main/java/com/covas/Resources/UsersRessources.java index 057ddb1..bc2a396 100644 --- a/src/main/java/com/covas/Resources/UsersRessources.java +++ b/src/main/java/com/covas/Resources/UsersRessources.java @@ -9,6 +9,7 @@ import javax.annotation.security.RolesAllowed; import javax.inject.Inject; import javax.transaction.Transactional; import javax.ws.rs.core.SecurityContext; +import javax.ws.rs.core.Response.Status; import javax.ws.rs.Consumes; import javax.ws.rs.CookieParam; import javax.ws.rs.DELETE; @@ -36,148 +37,172 @@ public class UsersRessources { private static final Logger LOGGER = Logger.getLogger(UsersRessources.class); @Inject JsonWebToken jwt; - - ///Function - private Boolean checkUserCookie(String userCookie, UsersEntity users){ - if(userCookie == null){ + + /// Function + private Boolean checkUserCookie(String userCookie, UsersEntity users) { + if (userCookie == null) { return false; } String name = new String(Base64.decode(userCookie), StandardCharsets.UTF_8); - if(!name.equals(users.pseudo) && (!users.status)){ + if (!name.equals(users.pseudo) && (!users.status)) { return false; } return true; } + private Response.Status getResponseCheck(SecurityContext ctx, String userCookie, UsersEntity users) { + if (!ctx.getUserPrincipal().getName().equals(jwt.getName())) { + return Response.Status.INTERNAL_SERVER_ERROR; + } + if (!checkUserCookie(userCookie, users)) { + return Response.Status.FORBIDDEN; + } + return Response.Status.OK; + } + /// Appel HTTP - ///GET + /// GET @GET @RolesAllowed("Admin") - public Response getUsers(){ - return Response.ok(UsersEntity.listAll()).build(); + public Response getUsers(@CookieParam("user") String userCookie, @Context SecurityContext ctx) { + UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); + UsersEntity user = UsersEntity.findById(kid); + Response.Status status = getResponseCheck(ctx, userCookie, user); + Response responseHttp = Response.status(status).build(); + if(status.getFamily().equals(Response.Status.Family.SUCCESSFUL)){ + responseHttp = Response.ok(UsersEntity.listAll()).build(); + } + return responseHttp; } @GET @RolesAllowed("Admin") @Path("{id}") - public Response getSingleUser(@PathParam("id") String id, @CookieParam("user") String userCookie, @Context SecurityContext ctx){ - if(!ctx.getUserPrincipal().getName().equals(jwt.getName())){ - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); - } + public Response getSingleUser(@PathParam("id") String id, @CookieParam("user") String userCookie, + @Context SecurityContext ctx) { UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); UsersEntity user = UsersEntity.findById(kid); - if(!checkUserCookie(userCookie, user)){ - return Response.status(Response.Status.FORBIDDEN).build(); + Response.Status status = getResponseCheck(ctx, userCookie, user); + Response responseHttp = Response.status(status).build(); + if (status.getFamily().equals(Response.Status.Family.SUCCESSFUL)) { + UUID uid = UUID.fromString(id); + UsersEntity users = UsersEntity.findById(uid); + responseHttp = Response.status(Response.Status.NOT_FOUND).build(); + if (users != null) { + responseHttp = Response.ok(users).build(); + } + } - UUID uid = UUID.fromString(id); - UsersEntity users = UsersEntity.findById(uid); - if(users == null){ - return Response.status(Response.Status.NOT_FOUND).build(); - } - return Response.ok(users).build(); + return responseHttp; } @GET @RolesAllowed("User") @Path("info") - public Response getInfoUser(@Context SecurityContext ctx, @CookieParam("user") String userCookie){ - if(!ctx.getUserPrincipal().getName().equals(jwt.getName())){ - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); - } + public Response getInfoUser(@Context SecurityContext ctx, @CookieParam("user") String userCookie) { UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); UsersEntity user = UsersEntity.findById(kid); - if (user == null){ - return Response.status(Response.Status.NOT_FOUND).build(); + Response.Status status = getResponseCheck(ctx, userCookie, user); + if (status.getFamily().equals(Response.Status.Family.SUCCESSFUL)) { + if (user == null) { + status = Response.Status.NOT_FOUND; + } + if (!checkUserCookie(userCookie, user)) { + status = Response.Status.FORBIDDEN; + } } - if(!checkUserCookie(userCookie, user)){ - return Response.status(Response.Status.FORBIDDEN).build(); + Response responseHttp = Response.status(status).build(); + if (status.getFamily().equals(Status.Family.SUCCESSFUL)) { + responseHttp = Response.status(status).entity(new UserSingle(user.name, user.pseudo, user.firstName)) + .build(); } - return Response.ok(new UserSingle(user.name, user.pseudo, user.firstName)).build(); + return responseHttp; } - //PUT + // PUT @PUT @RolesAllowed("Admin") @Consumes(MediaType.APPLICATION_JSON) @Transactional - public Response createUser(@Context SecurityContext ctx, @CookieParam("user") String userCookie, UsersEntity users){ - if(!ctx.getUserPrincipal().getName().equals(jwt.getName())){ - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); - } + public Response createUser(@Context SecurityContext ctx, @CookieParam("user") String userCookie, + UsersEntity users) { UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); UsersEntity user = UsersEntity.findById(kid); - if(!checkUserCookie(userCookie, user)){ - return Response.status(Response.Status.FORBIDDEN).build(); - } + Response.Status status = getResponseCheck(ctx, userCookie, user); - UsersEntity usersOrig = UsersEntity.findByPseudo(users.pseudo); - if(usersOrig != null){ - return Response.status(Response.Status.UNAUTHORIZED).build(); + if (status.getFamily().equals(Response.Status.Family.SUCCESSFUL)) { + + UsersEntity usersOrig = UsersEntity.findByPseudo(users.pseudo); + if (usersOrig != null) { + status = Response.Status.UNAUTHORIZED; + } else { + UsersEntity usersNew = new UsersEntity(); + usersNew.name = users.name; + usersNew.pseudo = users.pseudo; + usersNew.firstName = users.firstName; + usersNew.email = users.email; + usersNew.birth = LocalDate.of(users.birth.getYear(), users.birth.getMonth(), + users.birth.getDayOfMonth()); + usersNew.created_at = LocalDateTime.now(); + usersNew.updated_at = LocalDateTime.now(); + usersNew.password = Hash + .encryptSHA512(Base64.toBase64String(users.password.getBytes(StandardCharsets.UTF_8))); + usersNew.roles = users.roles; + usersNew.status = false; + usersNew.persist(); + if (usersNew.isPersistent()) { + status = Response.Status.CREATED; + } else { + status = Response.Status.NO_CONTENT; + } + } } - UsersEntity usersNew = new UsersEntity(); - usersNew.name = users.name; - usersNew.pseudo = users.pseudo; - usersNew.firstName = users.firstName; - usersNew.email = users.email; - usersNew.birth = LocalDate.of(users.birth.getYear(), users.birth.getMonth(), users.birth.getDayOfMonth()); - usersNew.created_at = LocalDateTime.now(); - usersNew.updated_at = LocalDateTime.now(); - usersNew.password = Hash.encryptSHA512(Base64.toBase64String(users.password.getBytes(StandardCharsets.UTF_8))); - usersNew.roles = users.roles; - usersNew.status = false; - usersNew.persist(); - if(usersNew.isPersistent()){ - return Response.status(Response.Status.CREATED).build(); - } - return Response.status(Response.Status.NO_CONTENT).build(); + return Response.status(status).build(); } // Delete @DELETE @RolesAllowed("User") @Transactional - public Response changeStatus(@Context SecurityContext ctx, @CookieParam("user") String userCookie){ - if(!ctx.getUserPrincipal().getName().equals(jwt.getName())){ - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); - } + public Response changeStatus(@Context SecurityContext ctx, @CookieParam("user") String userCookie) { UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); UsersEntity user = UsersEntity.findById(kid); - if(!checkUserCookie(userCookie, user)){ - return Response.status(Response.Status.FORBIDDEN).build(); - } - user.status = false; - user.persist(); - if(user.isPersistent()){ - return Response.ok().build(); + Response.Status status = getResponseCheck(ctx, userCookie, user); + + if (status.getFamily().equals(Response.Status.Family.SUCCESSFUL)) { + user.status = false; + user.persist(); + if (!user.isPersistent()) { + status = Response.Status.NOT_MODIFIED; + } } - return Response.status(Response.Status.NOT_MODIFIED).build(); + return Response.status(status).build(); } @DELETE @Path("{id}") @RolesAllowed("Admin") @Transactional - public Response changeStatusSingleUser(@Context SecurityContext ctx, @CookieParam("user") String userCookie, @PathParam("id") String id){ - if(!ctx.getUserPrincipal().getName().equals(jwt.getName())){ - return Response.status(Response.Status.INTERNAL_SERVER_ERROR).build(); - } + public Response changeStatusSingleUser(@Context SecurityContext ctx, @CookieParam("user") String userCookie, + @PathParam("id") String id) { UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); UsersEntity user = UsersEntity.findById(kid); - if(!checkUserCookie(userCookie, user)){ - return Response.status(Response.Status.FORBIDDEN).build(); + Response.Status status = getResponseCheck(ctx, userCookie, user); + if (status.getFamily().equals(Response.Status.Family.SUCCESSFUL)) { + UsersEntity singleUser = UsersEntity.find("id", UUID.fromString(id)).firstResult(); + if (singleUser == null) { + status = Response.Status.NOT_FOUND; + } + if (status.getFamily().equals(Response.Status.Family.SUCCESSFUL)) { + singleUser.status = false; + singleUser.persist(); + if (!singleUser.isPersistent()) { + status = Response.Status.NOT_MODIFIED; + } + } } - - UsersEntity singleUser = UsersEntity.find("id", UUID.fromString(id)).firstResult(); - if(singleUser == null){ - return Response.status(Response.Status.NOT_FOUND).build(); - } - singleUser.status = false; - singleUser.persist(); - if(singleUser.isPersistent()){ - return Response.ok().build(); - } - return Response.status(Response.Status.NOT_MODIFIED).build(); + return Response.status(status).build(); } }