kangaroo-and-rabbit/karso
1
0
Fork 0
Code Issues Pull Requests Packages Projects 1 Releases Activity

[DEV] udpate to the new interfaces and generic JPA

Browse Source
This commit is contained in:
Edouard DUPIN 2023-10-15 23:36:57 +02:00
parent 4f8a34590e
commit 00295b94d1
15 changed files with 181 additions and 143 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
back/.classpath
View File

@ -27,7 +27,6 @@
</classpathentry>
<classpathentry kind="con" path="org.eclipse.jdt.launching.JRE_CONTAINER">
<attributes>
<attribute name="module" value="true"/>
<attribute name="maven.pomderived" value="true"/>
</attributes>
</classpathentry>

33
back/src/org/kar/karso/WebLauncher.java
View File

@ -8,6 +8,8 @@ import org.glassfish.jersey.grizzly2.httpserver.GrizzlyHttpServerFactory;
import org.glassfish.jersey.jackson.JacksonFeature;
import org.glassfish.jersey.server.ResourceConfig;
import org.kar.archidata.GlobalConfiguration;
import org.kar.archidata.backup.BackupEngine;
import org.kar.archidata.backup.BackupEngine.StoreMode;
//import org.kar.archidata.model.Migration;
import org.kar.archidata.catcher.ExceptionCatcher;
import org.kar.archidata.catcher.FailException404API;
@ -17,7 +19,7 @@ import org.kar.archidata.catcher.SystemExceptionCatcher;
import org.kar.archidata.filter.CORSFilter;
import org.kar.archidata.filter.OptionFilter;
import org.kar.archidata.migration.MigrationEngine;
import org.kar.archidata.sqlWrapper.GenericAddOn;
import org.kar.archidata.migration.MigrationModel;
import org.kar.archidata.util.ConfigBaseVariable;
import org.kar.archidata.util.JWTWrapper;
import org.kar.karso.api.ApplicationResource;
@ -30,6 +32,13 @@ import org.kar.karso.api.SystemConfigResource;
import org.kar.karso.api.UserResource;
import org.kar.karso.filter.KarsoAuthenticationFilter;
import org.kar.karso.migration.Initialization;
import org.kar.karso.migration.Migration20231015;
import org.kar.karso.model.Application;
import org.kar.karso.model.ApplicationToken;
import org.kar.karso.model.Right;
import org.kar.karso.model.RightDescription;
import org.kar.karso.model.Settings;
import org.kar.karso.model.UserAuth;
import org.kar.karso.util.ConfigVariable;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
@ -40,16 +49,25 @@ public class WebLauncher {
private final static Logger LOGGER = LoggerFactory.getLogger(WebLauncher.class);
protected ResourceConfig rc = null;
HttpServer server = null;
protected BackupEngine backupEngine = new BackupEngine("./backup", StoreMode.JSON);
public WebLauncher() {
ConfigBaseVariable.bdDatabase = "karso";
GenericAddOn.addGenericAddOn();
backupEngine.addClass(MigrationModel.class);
backupEngine.addClass(Settings.class);
backupEngine.addClass(UserAuth.class);
backupEngine.addClass(Application.class);
backupEngine.addClass(ApplicationToken.class);
backupEngine.addClass(RightDescription.class);
backupEngine.addClass(Right.class);
}
private static URI getBaseURI() {
return UriBuilder.fromUri(ConfigBaseVariable.getlocalAddress()).build();
}
public static void main(final String[] args) throws Exception {
WebLauncher.LOGGER.info("[START] application wake UP");
final WebLauncher launcher = new WebLauncher();
@ -66,6 +84,7 @@ public class WebLauncher {
final MigrationEngine migrationEngine = new MigrationEngine();
WebLauncher.LOGGER.info("Add initialization");
migrationEngine.setInit(new Initialization());
migrationEngine.add(new Migration20231015());
WebLauncher.LOGGER.info("Add migration since last version");
// NOTHING for now
WebLauncher.LOGGER.info("Migrate the DB [START]");
@ -111,7 +130,7 @@ public class WebLauncher {
this.rc.register(JacksonFeature.class);
// enable this to show low level request
//rc.property(LoggingFeature.LOGGING_FEATURE_LOGGER_LEVEL_SERVER, Level.WARNING.getName());
this.server = GrizzlyHttpServerFactory.createHttpServer(getBaseURI(), this.rc);
Runtime.getRuntime().addShutdownHook(new Thread(new Runnable() {
@Override
@ -120,7 +139,7 @@ public class WebLauncher {
WebLauncher.this.server.shutdownNow();
}
}, "shutdownHook"));
// ===================================================================
// run JERSEY
// ===================================================================

80
back/src/org/kar/karso/api/ApplicationResource.java
View File

@ -11,7 +11,7 @@ import org.kar.archidata.filter.GenericContext;
import org.kar.archidata.sqlWrapper.QuerryAnd;
import org.kar.archidata.sqlWrapper.QuerryCondition;
import org.kar.archidata.sqlWrapper.SqlWrapper;
import org.kar.archidata.sqlWrapper.addOn.AddOnSQLTableExternalLink;
import org.kar.archidata.sqlWrapper.addOn.AddOnManyToMany;
import org.kar.archidata.util.JWTWrapper;
import org.kar.karso.model.Application;
import org.kar.karso.model.ApplicationSmall;
@ -39,14 +39,14 @@ import jakarta.ws.rs.core.SecurityContext;
@Produces(MediaType.APPLICATION_JSON)
public class ApplicationResource {
final Logger logger = LoggerFactory.getLogger(ApplicationResource.class);
public ApplicationResource() {}
public List<Long> getUserListOfApplication(final Long userId) {
final List<Long> out = new ArrayList<>();
List<UserLinkApplication> links = null;
try {
links = SqlWrapper.getsWhere(UserLinkApplication.class, new QuerryAnd(new QuerryCondition("user_id", "=", userId), new QuerryCondition("deleted", "=", 0)), false);
links = SqlWrapper.getsWhere(UserLinkApplication.class, new QuerryCondition("user_id", "=", userId));
} catch (final Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
@ -59,12 +59,12 @@ public class ApplicationResource {
}
return out;
}
public List<Long> getListOfUsers(final Long applicationId) {
final List<Long> out = new ArrayList<>();
List<UserLinkApplication> links = null;
try {
links = SqlWrapper.getsWhere(UserLinkApplication.class, new QuerryAnd(new QuerryCondition("application_id", "=", applicationId), new QuerryCondition("deleted", "=", 0)), false);
links = SqlWrapper.getsWhere(UserLinkApplication.class, new QuerryCondition("application_id", "=", applicationId));
} catch (final Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
@ -83,14 +83,14 @@ public class ApplicationResource {
// Generic /application/
//
////////////////////////////////////////////////////////////////////////////////////////
@GET
@RolesAllowed(value = { "USER", "ADMIN" })
public List<Application> getApplications(@Context final SecurityContext sc) throws Exception {
final GenericContext gc = (GenericContext) sc.getUserPrincipal();
this.logger.debug("getApplications");
// TODO filter with the list of element available in his authorizations ...
final List<Application> tmp = SqlWrapper.gets(Application.class, false);
final List<Application> tmp = SqlWrapper.gets(Application.class);
if (gc.userByToken.hasRight("ADMIN", true)) {
return tmp;
}
@ -103,7 +103,7 @@ public class ApplicationResource {
}
return out;
}
@POST
@RolesAllowed("ADMIN")
public Application create(final Application application) throws Exception {
@ -116,25 +116,25 @@ public class ApplicationResource {
throw new InputException("redirect", "create application (redirect too small: '" + application.redirect + "')");
}
application.id = null;
application.create_date = null;
application.createdAt = null;
application.deleted = null;
application.modify_date = null;
application.updatedAt = null;
return SqlWrapper.insert(application);
}
////////////////////////////////////////////////////////////////////////////////////////
//
// Generic /application/{id}
//
////////////////////////////////////////////////////////////////////////////////////////
@GET
@Path("{id}")
@RolesAllowed("ADMIN")
public Application get(@PathParam("id") final Long id) throws Exception {
return SqlWrapper.get(Application.class, id);
}
@PUT
@Path("{id}")
@RolesAllowed("ADMIN")
@ -143,44 +143,44 @@ public class ApplicationResource {
SqlWrapper.update(Application.class, id, jsonRequest);
return SqlWrapper.get(Application.class, id);
}
@DELETE
@Path("{id}")
@RolesAllowed("ADMIN")
@Produces(value = MediaType.TEXT_PLAIN)
public void remove(@Context final SecurityContext sc, @PathParam("id") final long applicationId) throws Exception {
SqlWrapper.setDelete(Application.class, applicationId);
SqlWrapper.delete(Application.class, applicationId);
}
////////////////////////////////////////////////////////////////////////////////////////
//
// Generic /{id}/*
//
////////////////////////////////////////////////////////////////////////////////////////
@GET
@Path("{id}/users")
@RolesAllowed(value = { "ADMIN" })
public List<Long> getApplicationUsers(@PathParam("id") final Long applicationId) throws Exception {
// special case for SSO: (all user have access on the SSO...).
this.logger.debug("Request list of user for an applciation: {}", applicationId);
return getListOfUsers(applicationId);
}
////////////////////////////////////////////////////////////////////////////////////////
//
// Generic /application/*
//
////////////////////////////////////////////////////////////////////////////////////////
@GET
@Path("small")
@RolesAllowed(value = { "USER", "ADMIN" })
public List<ApplicationSmall> getApplicationsSmall(@Context final SecurityContext sc) throws Exception {
final GenericContext gc = (GenericContext) sc.getUserPrincipal();
this.logger.debug("getApplications");
final List<Application> tmp = SqlWrapper.gets(Application.class, false);
final List<Application> tmp = SqlWrapper.gets(Application.class);
final List<Long> regular = getUserListOfApplication(gc.userByToken.id);
final List<ApplicationSmall> out = new ArrayList<>();
for (final Application app : tmp) {
@ -190,39 +190,39 @@ public class ApplicationResource {
}
return out;
}
public record AddUserData(
long userId) {};
// TODO : review the function to correct admin only access...
@POST
@Path("{id}/users")
@RolesAllowed(value = { "ADMIN" })
public boolean addUser(@PathParam("id") final Long applicationId, final AddUserData data) throws Exception {
this.logger.debug("getApplications");
AddOnSQLTableExternalLink.addLink(UserAuth.class, data.userId, "application", applicationId);
AddOnManyToMany.addLink(UserAuth.class, data.userId, "application", applicationId);
return true;
}
// TODO : review the function to correct admin only access...
@DELETE
@Path("{id}/users")
@RolesAllowed(value = { "ADMIN" })
public boolean rmUser(@PathParam("id") final Long applicationId, final AddUserData data) throws Exception {
this.logger.debug("getApplications");
AddOnSQLTableExternalLink.removeLink(UserAuth.class, data.userId, "application", applicationId);
AddOnManyToMany.removeLink(UserAuth.class, data.userId, "application", applicationId);
return true;
}
// TODO : review the function to correct admin only access...
@GET
@Path("{id}/rights")
@RolesAllowed(value = { "ADMIN" })
public List<RightDescription> getRightsDescription(@PathParam("id") final Long applicationId) throws Exception {
this.logger.debug("getApplications rights");
return SqlWrapper.getsWhere(RightDescription.class, new QuerryCondition("applicationId", "=", applicationId), false);
return SqlWrapper.getsWhere(RightDescription.class, new QuerryCondition("applicationId", "=", applicationId));
}
@GET
@Path("get_token")
@RolesAllowed(value = { "USER", "ADMIN" })
@ -230,7 +230,7 @@ public class ApplicationResource {
final GenericContext gc = (GenericContext) sc.getUserPrincipal();
this.logger.info("get application TOKEN application name='{}'", application);
this.logger.debug("== USER ? {}", gc.userByToken.name);
if (application == null) {
final String result = "Input error missing parameter: 'application'";
this.logger.debug(" result: {}", result);
@ -243,10 +243,10 @@ public class ApplicationResource {
isDev = true;
}
this.logger.debug("Search for '{}' base of '{}'", applicationName, application);
Application appl = null;
try {
appl = SqlWrapper.getWhere(Application.class, new QuerryCondition("name", "=", applicationName), false);
appl = SqlWrapper.getWhere(Application.class, new QuerryCondition("name", "=", applicationName));
} catch (final Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
@ -254,7 +254,7 @@ public class ApplicationResource {
this.logger.debug(" result: {}", result);
return Response.status(500).entity(result).build();
}
if (appl == null) {
final String result = "Authentiocate-wrong email/login '" + applicationName + "')";
this.logger.error(" result: {}", result);
@ -263,7 +263,7 @@ public class ApplicationResource {
UserLinkApplication links = null;
try {
links = SqlWrapper.getWhere(UserLinkApplication.class,
new QuerryAnd(new QuerryCondition("user_id", "=", gc.userByToken.id), new QuerryCondition("deleted", "=", 0), new QuerryCondition("application_id", "=", appl.id)), false);
new QuerryAnd(new QuerryCondition("user_id", "=", gc.userByToken.id), new QuerryCondition("deleted", "=", 0), new QuerryCondition("application_id", "=", appl.id)));
} catch (final Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
@ -293,7 +293,7 @@ public class ApplicationResource {
}
return Response.status(201).entity("{ \"url\":\"" + returnAdress + "\", \"jwt\":\"" + ret + "\"}").build();
}
@GET
@Path("return")
@RolesAllowed(value = { "USER", "ADMIN" })
@ -303,7 +303,7 @@ public class ApplicationResource {
this.logger.debug("=====================================");
final GenericContext gc = (GenericContext) sc.getUserPrincipal();
this.logger.debug("== USER ? {}", gc.userByToken);
if (application == null) {
final String result = "Input error missing parameter: 'application'";
this.logger.error(" result: {}", result);
@ -316,7 +316,7 @@ public class ApplicationResource {
isDev = true;
}
this.logger.debug("Search for '{}' base of '{}'", applicationName, application);
Application appl = null;
try {
appl = SqlWrapper.getWhere(Application.class, new QuerryCondition("name", "=", applicationName));
@ -327,7 +327,7 @@ public class ApplicationResource {
this.logger.error(" result: {}", result);
return Response.status(500).entity(result).build();
}
if (appl == null) {
final String result = "Authentiocate-wrong email/login '" + applicationName + "')";
this.logger.error(" result: {}", result);
@ -339,5 +339,5 @@ public class ApplicationResource {
}
return Response.status(201).entity("{ \"url\":\"" + returnAdress + "\"}").build();
}
}

20
back/src/org/kar/karso/api/ApplicationTokenResource.java
View File

@ -29,27 +29,27 @@ import jakarta.ws.rs.core.SecurityContext;
@Produces(MediaType.APPLICATION_JSON)
public class ApplicationTokenResource {
final Logger logger = LoggerFactory.getLogger(ApplicationTokenResource.class);
public ApplicationTokenResource() {}
////////////////////////////////////////////////////////////////////////////////////////
//
// Generic /application_token/{applicationId}
//
////////////////////////////////////////////////////////////////////////////////////////
@GET
@Path("{applicationId}")
@RolesAllowed(value = { "ADMIN" })
public List<ApplicationToken> gets(@Context final SecurityContext sc, @PathParam("applicationId") final Long applicationId) throws Exception {
final List<ApplicationToken> values = SqlWrapper.getsWhere(ApplicationToken.class, new QuerryCondition("parentId", "=", applicationId), false);
final List<ApplicationToken> values = SqlWrapper.getsWhere(ApplicationToken.class, new QuerryCondition("parentId", "=", applicationId));
// clean all tokens this is a secret:
for (final ApplicationToken elem : values) {
elem.token = null;
}
return values;
}
@DELETE
@Path("{applicationId}/{tokenId}")
@RolesAllowed(value = { "ADMIN" })
@ -63,7 +63,7 @@ public class ApplicationTokenResource {
}
return Response.ok("{}").build();
}
private String multipartCorrection(final String data) {
if (data == null) {
return null;
@ -76,7 +76,7 @@ public class ApplicationTokenResource {
}
return data;
}
static String randomToken() {
final int len = 48;
final String valid_element = "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvxyz0123456789#_@-~*!?";
@ -91,11 +91,11 @@ public class ApplicationTokenResource {
}
return out.toString();
}
public record CreateRequest(
String name,
Integer validity) {};
@POST
@Path("/{applicationId}/create")
@RolesAllowed("ADMIN")
@ -124,7 +124,7 @@ public class ApplicationTokenResource {
this.logger.warn("Check Timestamp now = {}", now);
token.endValidityTime = Timestamp.from(now.plusDays(validity).toInstant());
this.logger.warn("token.endValidityTime = {}", token.endValidityTime);
// insert in the BDD
token = SqlWrapper.insert(token);
// here we return the token to permit to the user to see it to set it in the application.

13
back/src/org/kar/karso/api/RightResource.java
View File

@ -29,14 +29,13 @@ import jakarta.ws.rs.core.Response;
@Produces({ MediaType.APPLICATION_JSON })
public class RightResource {
final static Logger logger = LoggerFactory.getLogger(RightResource.class);
public static List<RightDescription> getApplicationRightDecription(final long applicationId) throws Exception {
return SqlWrapper.getsWhere(RightDescription.class, new QuerryAnd(new QuerryCondition("applicationId", "=", applicationId), new QuerryCondition("deleted", "=", 0)));
return SqlWrapper.getsWhere(RightDescription.class, new QuerryCondition("applicationId", "=", applicationId));
}
public static List<Right> getRawUserRight(final long userId, final long applicationId) throws Exception {
return SqlWrapper.getsWhere(Right.class,
new QuerryAnd(new QuerryCondition("applicationId", "=", applicationId), new QuerryCondition("userId", "=", userId), new QuerryCondition("deleted", "=", 0)));
return SqlWrapper.getsWhere(Right.class, new QuerryAnd(new QuerryCondition("applicationId", "=", applicationId), new QuerryCondition("userId", "=", userId)));
}
public static Map<String, Object> getUserRight(final long userId, final long applicationId) throws Exception {
@ -111,7 +110,7 @@ public class RightResource {
@GET
@RolesAllowed("ADMIN")
public List<Right> get() throws Exception {
return SqlWrapper.gets(Right.class, false);
return SqlWrapper.gets(Right.class);
}
@POST
@ -141,7 +140,7 @@ public class RightResource {
@Path("{id}")
@RolesAllowed("ADMIN")
public Response delete(@PathParam("id") final Long id) throws Exception {
SqlWrapper.setDelete(Right.class, id);
SqlWrapper.delete(Right.class, id);
return Response.ok().build();
}

20
back/src/org/kar/karso/api/SystemConfigResource.java
View File

@ -32,11 +32,11 @@ public class SystemConfigResource {
public static class GetSignUpAvaillable {
public boolean signup;
public GetSignUpAvaillable(final boolean availlable) {
this.signup = availlable;
}
public GetSignUpAvaillable() {
this.signup = false;
}
@ -44,12 +44,12 @@ public class SystemConfigResource {
}
public SystemConfigResource() {}
@GET
@Path("is_sign_up_availlable")
@PermitAll
public GetSignUpAvaillable isSignUpAvaillable() throws Exception {
final Settings set = SqlWrapper.getWhere(Settings.class, new QuerryCondition("key", "=", "SIGN_UP_ENABLE"), false);
final Settings set = SqlWrapper.getWhere(Settings.class, new QuerryCondition("key", "=", "SIGN_UP_ENABLE"));
if (set == null) {
throw new NotFoundException("Value does not exist");
}
@ -58,12 +58,12 @@ public class SystemConfigResource {
this.logger.debug("mlkmlk {}", tmp.signup);
return tmp;
}
@GET
@Path("key/{key}")
@RolesAllowed(value = { "USER", "ADMIN" })
public Response getKey(@Context final SecurityContext sc, @PathParam("key") final String key) throws Exception {
final Settings set = SqlWrapper.getWhere(Settings.class, new QuerryCondition("key", "=", key), false);
final Settings set = SqlWrapper.getWhere(Settings.class, new QuerryCondition("key", "=", key));
if (set == null) {
throw new NotFoundException("Value does not exist");
}
@ -77,7 +77,7 @@ public class SystemConfigResource {
}
return Response.status(200).entity("{ \"value\":\"" + set.value + "\"}").build();
}
@PUT
@Path("key/{key}")
@RolesAllowed(value = { "ADMIN" })
@ -85,7 +85,7 @@ public class SystemConfigResource {
public Response setKey(@Context final SecurityContext sc, @PathParam("key") final String key, final String jsonRequest) throws Exception {
Settings res = null;
try {
res = SqlWrapper.getWhere(Settings.class, new QuerryCondition("key", "=", key), false);
res = SqlWrapper.getWhere(Settings.class, new QuerryCondition("key", "=", key));
} catch (final Exception e) {
// TODO Auto-generated catch block
e.printStackTrace();
@ -96,11 +96,11 @@ public class SystemConfigResource {
// Read the tree to filter injection of data:
final JsonNode root = mapper.readTree(jsonRequest);
final JsonNode value = root.findPath("value");
res.value = value.asText();
this.logger.debug("Update value : {}", res.value);
SqlWrapper.update(res, res.id, List.of("value"));
return Response.status(201).entity("{ \"value\":\"" + res.value + "\"}").build();
}
}

72
back/src/org/kar/karso/api/UserResource.java
View File

@ -18,7 +18,7 @@ import org.kar.archidata.filter.GenericContext;
import org.kar.archidata.model.GetToken;
import org.kar.archidata.sqlWrapper.QuerryCondition;
import org.kar.archidata.sqlWrapper.SqlWrapper;
import org.kar.archidata.sqlWrapper.addOn.AddOnSQLTableExternalLink;
import org.kar.archidata.sqlWrapper.addOn.AddOnManyToMany;
import org.kar.archidata.util.JWTWrapper;
import org.kar.karso.migration.Initialization;
import org.kar.karso.model.ChangePassword;
@ -50,27 +50,27 @@ import jakarta.ws.rs.core.SecurityContext;
@Produces(MediaType.APPLICATION_JSON)
public class UserResource {
final Logger logger = LoggerFactory.getLogger(UserResource.class);
@JsonInclude(JsonInclude.Include.NON_NULL)
public class UserOut {
public long id;
public String login;
public UserOut(final long id, final String login) {
this.id = id;
this.login = login;
}
}
public UserResource() {}
@GET
@RolesAllowed("ADMIN")
public List<UserAuthGet> getUsers() throws Exception {
return SqlWrapper.gets(UserAuthGet.class, false);
return SqlWrapper.gets(UserAuthGet.class);
}
@GET
@Path("{id}")
@RolesAllowed("ADMIN")
@ -78,7 +78,7 @@ public class UserResource {
//GenericContext gc = (GenericContext) sc.getUserPrincipal();
return SqlWrapper.get(UserAuthGet.class, userId);
}
@POST
@Path("{userId}/application/{applicationId}/link")
@RolesAllowed("ADMIN")
@ -86,13 +86,13 @@ public class UserResource {
throws Exception {
this.logger.debug("Find typeNode");
if (data) {
AddOnSQLTableExternalLink.addLink(UserAuth.class, userId, "application", applicationId);
AddOnManyToMany.addLink(UserAuth.class, userId, "application", applicationId);
} else {
AddOnSQLTableExternalLink.removeLink(UserAuth.class, userId, "application", applicationId);
AddOnManyToMany.removeLink(UserAuth.class, userId, "application", applicationId);
}
return SqlWrapper.get(UserAuth.class, userId);
}
@GET
@Path("{userId}/application/{applicationId}/rights")
@RolesAllowed("ADMIN")
@ -109,7 +109,7 @@ public class UserResource {
RightResource.updateUserRight(userId, applicationId, data);
return RightResource.getUserRight(userId, applicationId);
}
// TODO: check this it might be deprecated ...
@POST
@Path("{id}/set_admin")
@ -152,23 +152,23 @@ public class UserResource {
throw new InputException("email", "Authentiocate-method-error (email too small: '" + user.email + "')");
}
// TODO: check email format
if (user.password == null || user.password.length() != 128) {
throw new InputException("password", "null password, or wrong hash size");
}
// TODO: verify if the data are a hash ...
// Check login does not exist
List<UserAuth> out = SqlWrapper.getsWhere(UserAuth.class, new QuerryCondition("login", "=", user.login), false);
List<UserAuth> out = SqlWrapper.getsWhere(UserAuth.class, new QuerryCondition("login", "=", user.login));
if (out.size() >= 1) {
throw new FailException(Response.Status.BAD_REQUEST, "Login already used !!!");
}
// Check email does not exist
out = SqlWrapper.getsWhere(UserAuth.class, new QuerryCondition("email", "=", user.email), false);
out = SqlWrapper.getsWhere(UserAuth.class, new QuerryCondition("email", "=", user.email));
if (out.size() >= 1) {
throw new FailException(Response.Status.BAD_REQUEST, "e-mail already used !!!");
}
// Add new user and return formated dat.
final UserAuth newUser = new UserAuth();
newUser.admin = false;
@ -183,7 +183,7 @@ public class UserResource {
this.logger.debug("create new user done with id=={}", tmp.id);
return SqlWrapper.get(UserAuthGet.class, tmp.id);
}
@GET
@Path("me")
@RolesAllowed("USER")
@ -193,7 +193,7 @@ public class UserResource {
this.logger.debug("== USER ? {}", gc.userByToken);
return new UserOut(gc.userByToken.id, gc.userByToken.name);
}
@POST
@Path("password")
@RolesAllowed("USER")
@ -201,7 +201,7 @@ public class UserResource {
this.logger.debug("ChangePassword()");
final GenericContext gc = (GenericContext) sc.getUserPrincipal();
this.logger.debug("== USER ? {}", gc.userByToken);
if (data == null) {
throw new InputException("data", "No data set...");
}
@ -217,30 +217,30 @@ public class UserResource {
SqlWrapper.update(user, user.id, List.of("password"));
return Response.status(Response.Status.OK).build();
}
/*
@GET
@Path("validipass")
@PermitAll
public Response validatePasswordFromEMail(@QueryParam("uuid") String uuid, @QueryParam("securityId") String securityId) {
// Validate new password if OK
// clear the passwordChange, passwordValidation fields
// send an e-mail to confirm the new password has been set.
return Response.status(500).build();
}
*/
@GET
@Path("/check_login")
@PermitAll
public Response checkLogin(@QueryParam("login") final String login) throws Exception {
this.logger.debug("checkLogin: '{}'", login);
final List<UserAuth> out = SqlWrapper.getsWhere(UserAuth.class, new QuerryCondition("login", "=", login), false);
final List<UserAuth> out = SqlWrapper.getsWhere(UserAuth.class, new QuerryCondition("login", "=", login));
if (out.size() >= 1) {
return Response.ok().build();
}
@ -253,13 +253,13 @@ public class UserResource {
@PermitAll
public Response checkEmail(@QueryParam("email") final String email) throws Exception {
this.logger.debug("checkEmail: {}", email);
final List<UserAuth> out = SqlWrapper.getsWhere(UserAuth.class, new QuerryCondition("email", "=", email), false);
final List<UserAuth> out = SqlWrapper.getsWhere(UserAuth.class, new QuerryCondition("email", "=", email));
if (out.size() >= 1) {
return Response.ok().build();
}
throw new NotFoundException("emain does not exist: '" + email + "'");
}
private UserAuth checkAuthUser(final String method, final String login, final String time, final String password) throws Exception {
// check good version:
if (!"v1".contentEquals(method)) {
@ -277,8 +277,8 @@ public class UserResource {
if (login.contains("@")) {
query = "email";
}
final UserAuth user = SqlWrapper.getWhere(UserAuth.class, new QuerryCondition(query, "=", login), false);
final UserAuth user = SqlWrapper.getWhere(UserAuth.class, new QuerryCondition(query, "=", login));
if (user == null) {
throw new FailException(Response.Status.PRECONDITION_FAILED, "FAIL Authentiocate-wrong email/login '" + login + "')");
}
@ -304,7 +304,7 @@ public class UserResource {
// at the point the user has been not deleted and not blocked.
// this authentication is valid only for Karso ==> not for the application
final int expirationTimeInMinutes = ConfigVariable.getAuthExpirationTime();
// Get the USER Right (Note: by construction KARSO have application ID = KARSO_INITIALISATION_ID
final Map<String, Object> ssoRight = RightResource.getUserRight(user.id, Initialization.KARSO_INITIALISATION_ID);
if (!ssoRight.containsKey("USER")) {
@ -327,7 +327,7 @@ public class UserResource {
//logger.debug(" ==> generate token: {}", ret);
return new GetToken(ret);
}
public static String bytesToHex(final byte[] bytes) {
final StringBuilder sb = new StringBuilder();
for (final byte b : bytes) {
@ -335,7 +335,7 @@ public class UserResource {
}
return sb.toString();
}
public String getSHA512(final String passwordToHash) {
try {
final MessageDigest md = MessageDigest.getInstance("SHA-512");
@ -346,5 +346,5 @@ public class UserResource {
}
return null;
}
}

30
back/src/org/kar/karso/migration/Migration20231015.java Normal file
View File

@ -0,0 +1,30 @@
package org.kar.karso.migration;
import java.util.List;
import org.kar.archidata.migration.MigrationSqlStep;
public class Migration20231015 extends MigrationSqlStep {
public static final int KARSO_INITIALISATION_ID = 1;
@Override
public String getName() {
return "refactor creation and update time";
}
public Migration20231015() throws Exception {
for (String elem : List.of("application", "applicationToken", "right", "rightDescription", "settings", "user", "user_link_application", "user_link_cover")) {
addAction("""
ALTER TABLE `""" + elem + """
`
RENAME COLUMN `create_date` TO `createdAt`,
RENAME COLUMN `modify_date` TO `updatedAt`;
""");
}
display();
}
}

28
back/src/org/kar/karso/model/ApplicationSmall.java
View File

@ -1,29 +1,17 @@
package org.kar.karso.model;
/*
CREATE TABLE `application` (
`id` bigint NOT NULL COMMENT 'Unique ID of the application' AUTO_INCREMENT PRIMARY KEY,
`description` text COMMENT 'description of the application',
`token` varchar(128) COLLATE 'latin1_bin' NOT NULL COMMENT 'Token (can be not unique)'
) AUTO_INCREMENT=10;
*/
public class ApplicationSmall{
public String name;
public String description;
public String redirect;
public ApplicationSmall() {
}
public class ApplicationSmall {
public String name;
public String description;
public String redirect;
public ApplicationSmall() {}
public ApplicationSmall(String name, String description, String redirect) {
super();
this.name = name;
this.description = description;
this.redirect = redirect;
}
}

9
back/src/org/kar/karso/model/Right.java
View File

@ -1,13 +1,14 @@
package org.kar.karso.model;
import org.kar.archidata.annotation.SQLComment;
import org.kar.archidata.annotation.SQLForeignKey;
import org.kar.archidata.annotation.SQLIfNotExists;
import org.kar.archidata.model.GenericTable;
import com.fasterxml.jackson.annotation.JsonInclude;
import jakarta.persistence.Column;
import jakarta.persistence.FetchType;
import jakarta.persistence.ManyToOne;
import jakarta.persistence.Table;
@Table(name = "right")
@ -17,15 +18,15 @@ public class Right extends GenericTable {
@Column(nullable = false)
@SQLComment("application-ID that have the reference of the right")
@SQLForeignKey("application")
@ManyToOne(fetch = FetchType.LAZY, targetEntity = Application.class)
public long applicationId;
@Column(nullable = false)
@SQLComment("user-ID ")
@SQLForeignKey("user")
@ManyToOne(fetch = FetchType.LAZY, targetEntity = UserAuth.class)
public long userId;
@Column(nullable = false)
@SQLComment("rightDescription-ID of the right description")
@SQLForeignKey("rightDescription")
@ManyToOne(fetch = FetchType.LAZY, targetEntity = RightDescription.class)
public long rightDescriptionId;
@Column(length = 1024, nullable = false)
@SQLComment("Value of the right")

5
back/src/org/kar/karso/model/RightDescription.java
View File

@ -2,13 +2,14 @@ package org.kar.karso.model;
import org.kar.archidata.annotation.SQLComment;
import org.kar.archidata.annotation.SQLDefault;
import org.kar.archidata.annotation.SQLForeignKey;
import org.kar.archidata.annotation.SQLIfNotExists;
import org.kar.archidata.model.GenericTable;
import com.fasterxml.jackson.annotation.JsonInclude;
import jakarta.persistence.Column;
import jakarta.persistence.FetchType;
import jakarta.persistence.ManyToOne;
import jakarta.persistence.Table;
@Table(name = "rightDescription")
@ -17,7 +18,7 @@ import jakarta.persistence.Table;
public class RightDescription extends GenericTable {
@Column(nullable = false)
@SQLComment("Application id that have the reference of the right")
@SQLForeignKey("application")
@ManyToOne(fetch = FetchType.LAZY, targetEntity = Application.class)
public long applicationId;
@Column(length = 64, nullable = false)
@SQLComment("Key of the property")

6
back/src/org/kar/karso/model/UserAuth.java
View File

@ -6,12 +6,12 @@ import java.util.List;
import org.kar.archidata.annotation.SQLComment;
import org.kar.archidata.annotation.SQLDefault;
import org.kar.archidata.annotation.SQLIfNotExists;
import org.kar.archidata.annotation.addOn.SQLTableExternalLink;
import org.kar.archidata.model.User;
import com.fasterxml.jackson.annotation.JsonInclude;
import jakarta.persistence.Column;
import jakarta.persistence.ManyToMany;
import jakarta.persistence.Table;
@Table(name = "user")
@ -35,7 +35,7 @@ public class UserAuth extends User {
@Column(nullable = false)
public boolean avatar = false;
@SQLComment("List of accessible application (if not set the application is not available)")
@SQLTableExternalLink
@ManyToMany(targetEntity = Application.class)
public List<Long> applications = null;
}

1
back/src/org/kar/karso/model/UserLinkApplication.java
View File

@ -17,6 +17,7 @@ import com.fasterxml.jackson.annotation.JsonInclude;
import jakarta.persistence.Table;
// TODO: reùmove this, it must be generated instead of manually create ///
@Table(name = "user_link_application")
@SQLIfNotExists
@JsonInclude(JsonInclude.Include.NON_NULL)

4
front/package.json
View File

@ -5,8 +5,8 @@
"scripts": {
"all": "npm run build && npm run test",
"ng": "ng",
"start": "ng serve karso --configuration=develop --watch --port 4200",
"start_edge": "ng serve karso-edge --configuration=develop --watch --port 4199",
"dev": "ng serve karso --configuration=develop --watch --port 4200",
"dev_edge": "ng serve karso-edge --configuration=develop --watch --port 4199",
"build": "ng build karso --prod",
"test": "ng test karso",
"test-coverage": "ng test karso --code-coverage",

2
front/src/common

@ -1 +1 @@
Subproject commit 9fc25b4feaeba509ff39f70b24d97be47f4b30e1
Subproject commit ea5a4f6b7537eb707916f4610bf79fbe86c6296f