diff --git a/README.md b/README.md index 3824fc5..bbc54ea 100644 --- a/README.md +++ b/README.md @@ -1,59 +1,12 @@ -# covas-quarkus Project +# Backend COVAS -This project uses Quarkus, the Supersonic Subatomic Java Framework. +C'est la partie backend du projet COVAS généré par le générateur fourni par le framework QUARKUS (Projet semblable à Spring boot de RedHat) -If you want to learn more about Quarkus, please visit its website: https://quarkus.io/ . +## Statut de l'utilisateur -## Running the application in dev mode - -You can run your application in dev mode that enables live coding using: -```shell script -./mvnw compile quarkus:dev -``` - -> **_NOTE:_** Quarkus now ships with a Dev UI, which is available in dev mode only at http://localhost:8080/q/dev/. - -## Packaging and running the application - -The application can be packaged using: -```shell script -./mvnw package -``` -It produces the `quarkus-run.jar` file in the `target/quarkus-app/` directory. -Be aware that it’s not an _über-jar_ as the dependencies are copied into the `target/quarkus-app/lib/` directory. - -The application is now runnable using `java -jar target/quarkus-app/quarkus-run.jar`. - -If you want to build an _über-jar_, execute the following command: -```shell script -./mvnw package -Dquarkus.package.type=uber-jar -``` - -The application, packaged as an _über-jar_, is now runnable using `java -jar target/*-runner.jar`. - -## Creating a native executable - -You can create a native executable using: -```shell script -./mvnw package -Pnative -``` - -Or, if you don't have GraalVM installed, you can run the native executable build in a container using: -```shell script -./mvnw package -Pnative -Dquarkus.native.container-build=true -``` - -You can then execute your native executable with: `./target/covas-quarkus-1.0-runner` - -If you want to learn more about building native executables, please consult https://quarkus.io/guides/maven-tooling. - -## Related Guides +-1 : suppression +0 : desactivé +1 : activé +2 : en attente de confirmation -## Provided Code - -### RESTEasy JAX-RS - -Easily start your RESTful Web Services - -[Related guide section...](https://quarkus.io/guides/getting-started#the-jax-rs-resources) diff --git a/src/main/java/com/covas/ApplicationScoped/ApplicationLifeCycle.java b/src/main/java/com/covas/ApplicationScoped/ApplicationLifeCycle.java index d617bf8..f0fd3bb 100644 --- a/src/main/java/com/covas/ApplicationScoped/ApplicationLifeCycle.java +++ b/src/main/java/com/covas/ApplicationScoped/ApplicationLifeCycle.java @@ -35,7 +35,7 @@ public class ApplicationLifeCycle { LOGGER.info("Robert80 user is created"); UsersEntity.add("robert80", "robert80@gmail.com", "titi", "robert", LocalDate.of(1990, Month.JANUARY, 23), "toto", "User"); LOGGER.info("Peter93 user is created"); - UsersEntity.add("peter93", "valcze80@gmail.com", "yollo", "peter", LocalDate.of(1993, Month.FEBRUARY, 26), "toto", "Admin"); + UsersEntity.add("peter93", "valcze80@gmail.com", "yollo", "peter", LocalDate.of(1993, Month.FEBRUARY, 26), "toto", "Admin"); } else { LOGGER.info("DB init wassn't created"); } diff --git a/src/main/java/com/covas/Entity/UsersEntity.java b/src/main/java/com/covas/Entity/UsersEntity.java index 1f1d2e9..08843f7 100644 --- a/src/main/java/com/covas/Entity/UsersEntity.java +++ b/src/main/java/com/covas/Entity/UsersEntity.java @@ -8,6 +8,8 @@ import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.GeneratedValue; import javax.persistence.Id; +import javax.persistence.NamedQueries; +import javax.persistence.NamedQuery; import javax.persistence.Table; import com.covas.Classes.Hash; @@ -20,6 +22,21 @@ import io.quarkus.hibernate.orm.panache.PanacheEntityBase; @Entity @Table(name = "users") +@NamedQueries({ + @NamedQuery(name = "Users.byUUIDandRoles", query = "from UsersEntity u where u.id = :id and u.roles = :roles"), + @NamedQuery(name = "Users.byUUIDandStatus", query = "from UsersEntity u where u.id = :id and u.status = :status"), + @NamedQuery(name = "Users.byUUIDandRolesandStatus", query = "from UsersEntity u where u.id = :id and u.roles = :roles and u.status = :status"), + @NamedQuery(name = "Users.byRoles", query = "from UsersEntity u where u.roles = :roles"), + @NamedQuery(name = "Users.byStatus", query = "from UsersEntity u where u.status = :status"), + @NamedQuery(name = "Users.byRolesandStatus", query = "from UsersEntity u where u.roles = :roles and u.status = :status"), + @NamedQuery(name = "Users.byEmailandRoles", query = "from UsersEntity u where u.email = :email and u.roles = :roles"), + @NamedQuery(name = "Users.byEmailandStatus", query = "from UsersEntity u where u.email = :email and u.status = :status"), + @NamedQuery(name = "Users.byEmailandRolesandStatus", query = "from UsersEntity u where u.email = :email and u.roles = :roles and u.status = :status"), + @NamedQuery(name = "Users.bySearch", query = "from UsersEntity u where u.pseudo like :search or u.name like :search or u.firstName like :search"), + @NamedQuery(name = "Users.bySearchandRoles", query = "from UsersEntity u where (u.pseudo like :search or u.name like :search or u.firstName like :search) and u.roles = :roles"), + @NamedQuery(name = "Users.bySearchandStatus", query = "from UsersEntity u where (u.pseudo like :search or u.name like :search or u.firstName like :search) and u.status = :status"), + @NamedQuery(name = "Users.bySearchandRolesandStatus", query = "from UsersEntity u where (u.pseudo like :search or u.name like :search or u.firstName like :search) and u.roles = :roles and u.status = :status") +}) public class UsersEntity extends PanacheEntityBase { @Id @Column(name = "id") @@ -37,10 +54,8 @@ public class UsersEntity extends PanacheEntityBase { public String firstName; @Column(nullable = false) public LocalDate birth; - @ColumnDefault("false") - public Boolean status; - @ColumnDefault("false") - public Boolean active_mail; + @ColumnDefault("0") + public Short status; @Column(nullable = false) public String password; @Column(nullable = false) @@ -51,11 +66,17 @@ public class UsersEntity extends PanacheEntityBase { public LocalDateTime updated_at; @ColumnDefault("null") public LocalDateTime deleted_at; + @ColumnDefault("null") + public LocalDateTime connected_at; public static UsersEntity findByPseudo(String pseudo){ return find("pseudo", pseudo).firstResult(); } + public static UsersEntity findByEmail(String email){ + return find("email", email).firstResult(); + } + public static void add(String pseudo, String email, String name, String firstName, LocalDate birth, String password, String roles){ UsersEntity users = new UsersEntity(); @@ -64,7 +85,7 @@ public class UsersEntity extends PanacheEntityBase { users.name = name; users.firstName = firstName; users.birth = birth; - users.status = false; + users.status = 1; users.password = Hash.encryptSHA512(password); users.roles = roles; users.created_at = LocalDateTime.now(); diff --git a/src/main/java/com/covas/Json/UserExist.java b/src/main/java/com/covas/Json/UserExist.java new file mode 100644 index 0000000..da737b8 --- /dev/null +++ b/src/main/java/com/covas/Json/UserExist.java @@ -0,0 +1,16 @@ +package com.covas.Json; + +import io.quarkus.runtime.annotations.RegisterForReflection; + +@RegisterForReflection +public class UserExist { + + public final Boolean email; + public final Boolean pseudo; + + public UserExist(Boolean email, Boolean pseudo){ + this.email = email; + this.pseudo = pseudo; + } + +} diff --git a/src/main/java/com/covas/Json/UserSingle.java b/src/main/java/com/covas/Json/UserSingle.java index 22ea520..ef003d0 100644 --- a/src/main/java/com/covas/Json/UserSingle.java +++ b/src/main/java/com/covas/Json/UserSingle.java @@ -1,7 +1,5 @@ package com.covas.Json; -import java.time.LocalDate; - import io.quarkus.runtime.annotations.RegisterForReflection; @RegisterForReflection diff --git a/src/main/java/com/covas/Resources/MailRessource.java b/src/main/java/com/covas/Resources/MailRessource.java index 66731fc..a126c8a 100644 --- a/src/main/java/com/covas/Resources/MailRessource.java +++ b/src/main/java/com/covas/Resources/MailRessource.java @@ -59,11 +59,11 @@ public class MailRessource { return Response.status(Response.Status.NOT_ACCEPTABLE).build(); } redisClient.del(Arrays.asList(id)); - if(users.active_mail){ + if(users.status == 1){ return Response.status(Response.Status.NOT_MODIFIED).build(); } - users.active_mail = true; + users.status = 1; users.persist(); if(users.isPersistent()){ diff --git a/src/main/java/com/covas/Resources/TokenRessource.java b/src/main/java/com/covas/Resources/TokenRessource.java index 9daf5e3..41836ee 100644 --- a/src/main/java/com/covas/Resources/TokenRessource.java +++ b/src/main/java/com/covas/Resources/TokenRessource.java @@ -2,14 +2,19 @@ package com.covas.Resources; import java.nio.charset.StandardCharsets; import java.time.Duration; +import java.time.LocalDateTime; import javax.inject.Inject; +import javax.transaction.Transactional; import javax.ws.rs.CookieParam; +import javax.ws.rs.DELETE; import javax.ws.rs.GET; import javax.ws.rs.Path; import javax.ws.rs.Produces; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.NewCookie; +import javax.ws.rs.core.Cookie; + import javax.ws.rs.core.Response; import com.covas.Classes.Hash; @@ -37,7 +42,9 @@ public class TokenRessource { @GET @Produces(MediaType.APPLICATION_JSON) + @Transactional public Response tokenRefresh(@HeaderParam("Authorization") String auth, @CookieParam("user") String user, @CookieParam("jwt") String jwtCookie) { + final int expires = 300; String name = "anonymous"; String password = ""; if(auth == null){ @@ -56,23 +63,28 @@ public class TokenRessource { return Response.status(Response.Status.NOT_FOUND).build(); } if (jwtCookie == null) { - if((!password.equals(users.password)) && (!users.status)) { - return Response.status(Response.Status.FORBIDDEN).build(); + if(!password.equals(users.password)) { + return Response.status(Response.Status.NOT_ACCEPTABLE).build(); + } + if(users.status != 1){ + return Response.status(Response.Status.FORBIDDEN).build(); } // Create a JWT token signed using the 'HS256' algorithm - String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn(name).groups(users.roles).claim(Claims.kid, users.id.toString()).expiresIn(Duration.ofMinutes(1)).sign(); + String newJwtCookie = Jwt.issuer("https://example.com/issuer").upn(name).groups(users.roles).claim(Claims.kid, users.id.toString()).expiresIn(Duration.ofMinutes(5)).sign(); // or create a JWT token encrypted using the 'A256KW' algorithm // Jwt.upn("alice").encryptWithSecret(secret); String nameEncoded = Base64.toBase64String(name.getBytes(StandardCharsets.UTF_8)); - return Response.status(Response.Status.CREATED).cookie(new NewCookie("jwt", newJwtCookie), new NewCookie("user", nameEncoded)).build(); - } - // All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized. - try { - jwt = parser.parse(jwtCookie); - } - catch(ParseException p){ - return Response.status(Response.Status.NOT_ACCEPTABLE).build(); - } + users.connected_at = LocalDateTime.now(); + users.persist(); + return Response.status(Response.Status.CREATED).cookie(new NewCookie(new Cookie("jwt", newJwtCookie), "Token JWT", expires, false), new NewCookie(new Cookie("user", nameEncoded), "Username", expires, false)).build(); + } + // All mp.jwt and smallrye.jwt properties are still effective, only the verification key is customized. + try { + jwt = parser.parse(jwtCookie); + } + catch(ParseException p){ + return Response.status(Response.Status.GONE).build(); + } // or jwt = parser.decrypt(jwtCookie, secret); String kid = jwt.getClaim(Claims.kid).toString(); if(!kid.equals(users.id.toString())){ @@ -80,5 +92,16 @@ public class TokenRessource { } return Response.status(Response.Status.OK).build(); } + + @DELETE + public Response deleteToken(@CookieParam("jwt") String jwtCookie) { + if(jwtCookie == null){ + return Response.status(Response.Status.BAD_REQUEST).build(); + } + + return Response.ok().cookie(new NewCookie(new Cookie("jwt", null), "", 0, false)).build(); + } + + } diff --git a/src/main/java/com/covas/Resources/UsersRessources.java b/src/main/java/com/covas/Resources/UsersRessources.java index 9392a36..e2e4199 100644 --- a/src/main/java/com/covas/Resources/UsersRessources.java +++ b/src/main/java/com/covas/Resources/UsersRessources.java @@ -3,12 +3,14 @@ package com.covas.Resources; import java.nio.charset.StandardCharsets; import java.time.LocalDate; import java.time.LocalDateTime; +import java.util.List; import java.util.UUID; import javax.annotation.security.RolesAllowed; import javax.inject.Inject; import javax.transaction.Transactional; import javax.ws.rs.core.SecurityContext; +import javax.ws.rs.core.Response.Status; import javax.ws.rs.Consumes; import javax.ws.rs.CookieParam; import javax.ws.rs.DELETE; @@ -19,14 +21,19 @@ import javax.ws.rs.PUT; import javax.ws.rs.Path; import javax.ws.rs.PathParam; import javax.ws.rs.Produces; +import javax.ws.rs.QueryParam; import javax.ws.rs.core.Context; import javax.ws.rs.core.MediaType; import javax.ws.rs.core.Response; import com.covas.Classes.Hash; import com.covas.Entity.UsersEntity; +import com.covas.Json.UserExist; import com.covas.Json.UserSingle; +import io.quarkus.panache.common.Page; +import io.quarkus.panache.common.Parameters; + import org.eclipse.microprofile.jwt.Claims; import org.eclipse.microprofile.jwt.JsonWebToken; import org.jboss.logging.Logger; @@ -45,7 +52,7 @@ public class UsersRessources { return false; } String name = new String(Base64.decode(userCookie), StandardCharsets.UTF_8); - if (!name.equals(users.pseudo) && (!users.status)) { + if (!name.equals(users.pseudo) && (users.status != 1)) { return false; } return true; @@ -66,13 +73,89 @@ public class UsersRessources { /// GET @GET @RolesAllowed("Admin") - public Response getUsers(@CookieParam("user") String userCookie, @Context SecurityContext ctx) { + public Response getUsers(@CookieParam("user") String userCookie, @Context SecurityContext ctx, + @QueryParam("page") Integer page, @QueryParam("nbPages") Integer nbPages, + @QueryParam("status") Short status, @QueryParam("roles") String roles, + @QueryParam("email") String email, @QueryParam("search") String search, + @QueryParam("uuid") String uuid) { + if(nbPages == null){ + nbPages = 20; + } + if(page == null){ + page = 0; + } + UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); + UsersEntity user = UsersEntity.findById(kid); + Response.Status statusHttp = getResponseCheck(ctx, userCookie, user); + Response responseHttp = Response.status(statusHttp).build(); + if (statusHttp.equals(Response.Status.OK)) { + List listUsers = UsersEntity.findAll().page(Page.of(page, nbPages)).list(); + + if((roles != null) && (status == null)){ + listUsers = UsersEntity.find("#Users.byRoles", Parameters.with("roles",roles)).page(Page.of(page, nbPages)).list(); + } + if((roles == null) && (status != null)){ + listUsers = UsersEntity.find("#Users.byStatus", Parameters.with("status",status)).page(Page.of(page, nbPages)).list(); + } + if((roles != null) && (status != null)){ + listUsers = UsersEntity.find("#Users.byRolesandStatus", Parameters.with("roles",roles).and("status", status)).page(Page.of(page, nbPages)).list(); + } + responseHttp = Response.ok(listUsers).build(); + if(uuid != null){ + UsersEntity userSingle = UsersEntity.findById(UUID.fromString(uuid)); + if((roles != null) && (status == null)){ + userSingle = UsersEntity.find("#Users.byUUIDandRoles", Parameters.with("id", UUID.fromString(uuid)).and("roles",roles)).firstResult(); + } + if((roles == null) && (status != null)){ + userSingle = UsersEntity.find("#Users.byUUIDandStatus", Parameters.with("id", UUID.fromString(uuid)).and("status",status)).firstResult(); + } + if((roles != null) && (status != null)){ + userSingle = UsersEntity.find("#Users.byUUIDandRolesandStatus", Parameters.with("id", UUID.fromString(uuid)).and("status",status).and("roles", roles)).firstResult(); + } + responseHttp = Response.ok(userSingle).build(); + + } + if(email != null){ + UsersEntity userSingle = UsersEntity.findByEmail(email); + if((roles != null) && (status == null)){ + userSingle = UsersEntity.find("#Users.byEmailandRoles", Parameters.with("email", email).and("roles",roles)).firstResult(); + } + if((roles == null) && (status != null)){ + userSingle = UsersEntity.find("#Users.byEmailandStatus", Parameters.with("email", email).and("status",status)).firstResult(); + } + if((roles != null) && (status != null)){ + userSingle = UsersEntity.find("#Users.byEmailandRolesandStatus", Parameters.with("email", email).and("status",status).and("roles", roles)).firstResult(); + } + responseHttp = Response.ok(userSingle).build(); + } + if(search != null){ + List usersList = UsersEntity.find("#Users.bySearch", Parameters.with("search", search)).page(Page.of(page, nbPages)).list(); + if((roles != null) && (status == null)){ + usersList = UsersEntity.find("#Users.bySearchandRoles", Parameters.with("search", search).and("roles",roles)).page(Page.of(page, nbPages)).list(); + } + if((roles == null) && (status != null)){ + usersList = UsersEntity.find("#Users.bySearchandStatus", Parameters.with("search", search).and("status",status)).page(Page.of(page, nbPages)).list(); + } + if((roles != null) && (status != null)){ + usersList = UsersEntity.find("#Users.bySearchandRolesandStatus", Parameters.with("search", search).and("status",status).and("roles", roles)).page(Page.of(page, nbPages)).list(); + } + responseHttp = Response.ok(usersList).build(); + + } + } + return responseHttp; + } + + @GET + @RolesAllowed("Admin") + @Path("count") + public Response getCount(@CookieParam("user") String userCookie, @Context SecurityContext ctx){ UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); UsersEntity user = UsersEntity.findById(kid); Response.Status status = getResponseCheck(ctx, userCookie, user); Response responseHttp = Response.status(status).build(); - if (status.equals(Response.Status.OK)) { - responseHttp = Response.ok(UsersEntity.listAll()).build(); + if (status.equals(Response.Status.OK)){ + responseHttp = Response.ok(UsersEntity.count()).build(); } return responseHttp; } @@ -127,10 +210,22 @@ public class UsersRessources { @Transactional public Response createUser(UsersEntity users) { Response.Status status = Response.Status.OK; - UsersEntity usersOrig = UsersEntity.findByPseudo(users.pseudo); - if (usersOrig != null) { + UsersEntity usersPseudo = UsersEntity.findByPseudo(users.pseudo); + UsersEntity usersEmail = UsersEntity.findByEmail(users.email); + Boolean createUserBool = true; + Boolean pseudoExist = false; + Boolean emailExist = false; + if (usersPseudo != null) { + createUserBool = false; status = Response.Status.UNAUTHORIZED; - } else { + pseudoExist = true; + } + if(usersEmail != null){ + createUserBool = false; + status = Response.Status.UNAUTHORIZED; + emailExist = true; + } + if(createUserBool) { UsersEntity usersNew = new UsersEntity(); usersNew.name = users.name; usersNew.pseudo = users.pseudo; @@ -143,8 +238,7 @@ public class UsersRessources { usersNew.password = Hash .encryptSHA512(Base64.toBase64String(users.password.getBytes(StandardCharsets.UTF_8))); usersNew.roles = users.roles; - usersNew.status = false; - usersNew.active_mail = false; + usersNew.status = 2; usersNew.persist(); if (usersNew.isPersistent()) { status = Response.Status.CREATED; @@ -152,31 +246,43 @@ public class UsersRessources { status = Response.Status.NO_CONTENT; } } - return Response.status(status).build(); + return Response.status(status).entity(new UserExist(emailExist, pseudoExist)).build(); } // PUT @PUT - @Path("{pseudo}") @RolesAllowed("Admin") @Consumes(MediaType.APPLICATION_JSON) @Transactional - public Response addUser(@Context SecurityContext ctx, @CookieParam("user") String userCookie, @PathParam("pseudo") String pseudo, + public Response addUser(@Context SecurityContext ctx, @CookieParam("user") String userCookie, UsersEntity users) { UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); UsersEntity user = UsersEntity.findById(kid); Response.Status status = getResponseCheck(ctx, userCookie, user); + Boolean pseudoExist = false; + Boolean emailExist = false; if (status.equals(Response.Status.OK)) { - UsersEntity usersOrig = UsersEntity.findByPseudo(pseudo); - if (usersOrig != null) { + UsersEntity usersPseudo = UsersEntity.findByPseudo(users.pseudo); + UsersEntity usersEmail = UsersEntity.findByEmail(users.email); + Boolean createUserBool = true; + + if (usersPseudo != null) { + createUserBool = false; status = Response.Status.UNAUTHORIZED; - } else { + pseudoExist = true; + } + if(usersEmail != null){ + createUserBool = false; + status = Response.Status.UNAUTHORIZED; + emailExist = true; + } + if(createUserBool) { UsersEntity usersNew = new UsersEntity(); usersNew.name = users.name; - usersNew.pseudo = pseudo; + usersNew.pseudo = users.pseudo; usersNew.firstName = users.firstName; usersNew.email = users.email; usersNew.birth = LocalDate.of(users.birth.getYear(), users.birth.getMonth(), @@ -186,8 +292,7 @@ public class UsersRessources { usersNew.password = Hash .encryptSHA512(Base64.toBase64String(users.password.getBytes(StandardCharsets.UTF_8))); usersNew.roles = users.roles; - usersNew.status = false; - usersNew.active_mail = true; + usersNew.status = 1; usersNew.persist(); if (usersNew.isPersistent()) { status = Response.Status.CREATED; @@ -196,21 +301,21 @@ public class UsersRessources { } } } - return Response.status(status).build(); + return Response.status(status).entity(new UserExist(emailExist, pseudoExist)).build(); } // Delete @DELETE @RolesAllowed("User") @Transactional - public Response changeStatus(@Context SecurityContext ctx, @CookieParam("user") String userCookie) { + public Response changeStatusToDelete(@Context SecurityContext ctx, @CookieParam("user") String userCookie) { UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); UsersEntity user = UsersEntity.findById(kid); Response.Status status = getResponseCheck(ctx, userCookie, user); if (status.equals(Response.Status.OK)) { - user.status = false; + user.status = -1; user.updated_at = LocalDateTime.now(); user.deleted_at = LocalDateTime.now(); user.persist(); @@ -225,7 +330,7 @@ public class UsersRessources { @Path("{id}") @RolesAllowed("Admin") @Transactional - public Response changeStatusSingleUser(@Context SecurityContext ctx, @CookieParam("user") String userCookie, + public Response changeStatusSingleUserToDelete(@Context SecurityContext ctx, @CookieParam("user") String userCookie, @PathParam("id") String id) { UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); UsersEntity user = UsersEntity.findById(kid); @@ -235,7 +340,57 @@ public class UsersRessources { if (singleUser == null) { status = Response.Status.NOT_FOUND; } else { - singleUser.status = false; + singleUser.status = -1; + singleUser.updated_at = LocalDateTime.now(); + singleUser.deleted_at = LocalDateTime.now(); + singleUser.persist(); + if (!singleUser.isPersistent()) { + status = Response.Status.NOT_MODIFIED; + } + } + } + return Response.status(status).build(); + } + + + + @DELETE + @RolesAllowed("User") + @Transactional + @Path("disable") + public Response changeStatusToDisable(@Context SecurityContext ctx, @CookieParam("user") String userCookie) { + UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); + UsersEntity user = UsersEntity.findById(kid); + + Response.Status status = getResponseCheck(ctx, userCookie, user); + + if (status.equals(Response.Status.OK)) { + user.status = -1; + user.updated_at = LocalDateTime.now(); + user.deleted_at = LocalDateTime.now(); + user.persist(); + if (!user.isPersistent()) { + status = Response.Status.NOT_MODIFIED; + } + } + return Response.status(status).build(); + } + + @DELETE + @Path("/disable/{id}") + @RolesAllowed("Admin") + @Transactional + public Response changeStatusSingleUserToDisable(@Context SecurityContext ctx, @CookieParam("user") String userCookie, + @PathParam("id") String id) { + UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); + UsersEntity user = UsersEntity.findById(kid); + Response.Status status = getResponseCheck(ctx, userCookie, user); + if (status.equals(Response.Status.OK)) { + UsersEntity singleUser = UsersEntity.find("id", UUID.fromString(id)).firstResult(); + if (singleUser == null) { + status = Response.Status.NOT_FOUND; + } else { + singleUser.status = 0; singleUser.updated_at = LocalDateTime.now(); singleUser.deleted_at = LocalDateTime.now(); singleUser.persist(); @@ -252,15 +407,16 @@ public class UsersRessources { @RolesAllowed("Admin") @Consumes(MediaType.APPLICATION_JSON) @Transactional + @Path("{id}") public Response updateUserAdmin(@Context SecurityContext ctx, @CookieParam("user") String userCookie, - UsersEntity users) { + UsersEntity users, @PathParam("id") String id) { UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); UsersEntity user = UsersEntity.findById(kid); Response.Status status = getResponseCheck(ctx, userCookie, user); if (status.equals(Response.Status.OK)) { - UsersEntity usersOrig = UsersEntity.findByPseudo(users.pseudo); + UsersEntity usersOrig = UsersEntity.findById(UUID.fromString(id)); if (usersOrig == null) { status = Response.Status.NOT_FOUND; } else { @@ -270,13 +426,42 @@ public class UsersRessources { usersOrig.birth = LocalDate.of(users.birth.getYear(), users.birth.getMonth(), users.birth.getDayOfMonth()); usersOrig.updated_at = LocalDateTime.now(); - usersOrig.password = Hash + if(users.password.length() > 0){ + usersOrig.password = Hash .encryptSHA512(Base64.toBase64String(users.password.getBytes(StandardCharsets.UTF_8))); - usersOrig.roles = users.roles; - if(users.status){ - usersOrig.deleted_at = null; - usersOrig.status = true; } + usersOrig.roles = users.roles; + if(users.status == 1){ + usersOrig.deleted_at = null; + usersOrig.status = 1; + } + usersOrig.persist(); + if (!usersOrig.isPersistent()) { + status = Response.Status.NOT_MODIFIED; + } + } + } + return Response.status(status).build(); + } + + + + @PATCH + @RolesAllowed("Admin") + @Consumes(MediaType.APPLICATION_JSON) + @Transactional + @Path("enable/{id}") + public Response enableUserAdmin(@Context SecurityContext ctx, @CookieParam("user") String userCookie, @PathParam("id") String id) { + UUID kid = UUID.fromString(jwt.getClaim(Claims.kid)); + UsersEntity user = UsersEntity.findById(kid); + Response.Status status = getResponseCheck(ctx, userCookie, user); + if (status.equals(Response.Status.OK)) { + + UsersEntity usersOrig = UsersEntity.findById(UUID.fromString(id)); + if (usersOrig == null) { + status = Response.Status.NOT_FOUND; + } else { + usersOrig.status = 1; usersOrig.persist(); if (!usersOrig.isPersistent()) { status = Response.Status.NOT_MODIFIED; diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index fd57f68..8af1028 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -3,6 +3,8 @@ smallrye.jwt.sign.key.location=privateKey.pem mp.jwt.verify.publickey.location=publicKey.pem mp.jwt.verify.issuer=https://example.com/issuer +mp.jwt.token.header=Cookie +mp.jwt.token.cookie=jwt quarkus.datasource.db-kind = postgresql quarkus.datasource.username = toto @@ -23,5 +25,10 @@ quarkus.mailer.password=aohrpmqvxldwyebs quarkus.mailer.mock=false - quarkus.redis.hosts=redis://redis:6379 + +quarkus.http.cors=true +quarkus.http.origins=http://localhost:8084 +quarkus.http.cors.methods=GET,PUT,POST,DELETE,PATCH +quarkus.http.cors.headers=accept,authorization,content-type,x-requested-with,x-foobar +quarkus.http.cors.access-control-allow-credentials=true \ No newline at end of file