diff --git a/back/src/controllers/administrateur.controller.js b/back/src/controllers/administrateur.controller.js
index a794eb5bbd7cfb7fe49cd91070438a3a774a87be..c093eb22e38a5edbfedcb5cd843bc8042061f686 100644
--- a/back/src/controllers/administrateur.controller.js
+++ b/back/src/controllers/administrateur.controller.js
@@ -157,4 +157,13 @@ async function getUsersPerformance(req, res) {
}
}
-module.exports = { getAdministrateurs, addNewAdministrateur, updateAdministrateur, deleteAdministrateur, getAdminsLogins, getUsers }
+function isAdminMiddleware(req, res, next) {
+ const login = req.session.ids.user.login || '';
+ const admins = getAdminsLogins();
+ if (admins.includes(login)) {
+ return next();
+ }
+ res.status(403).send('You have no right to request this url');
+}
+
+module.exports = { getAdministrateurs, addNewAdministrateur, updateAdministrateur, deleteAdministrateur, getAdminsLogins, getUsers, isAdminMiddleware }
diff --git a/back/src/controllers/auth.controller.js b/back/src/controllers/auth.controller.js
index 1ec0b59ce97128ec319a7631adf92e1915017453..38e6f50bbc3ac4b577e1ab0b891029c843b64692 100644
--- a/back/src/controllers/auth.controller.js
+++ b/back/src/controllers/auth.controller.js
@@ -11,81 +11,81 @@ var redirect_uri = process.env.PROD ? "https://leaderboard.cs-campus.fr/api/fall
const scope = "default linkcs:read linkcs-user:read"
-function getRedirectURI(){
+function getRedirectURI() {
return url.format({
- pathname:"https://auth.viarezo.fr/oauth/authorize",
+ pathname: "https://auth.viarezo.fr/oauth/authorize",
query: {
- "redirect_uri": redirect_uri,
- "client_id": client_id,
- "response_type": "code",
- "state": "aaa", // Generate a random here
- "scope": scope
- }
+ "redirect_uri": redirect_uri,
+ "client_id": client_id,
+ "response_type": "code",
+ "state": "aaa", // Generate a random here
+ "scope": scope
+ }
});
}
-async function getToken(code){
- return new Promise ((resolve, reject) => {
- const data = querystring.stringify({
- grant_type: 'authorization_code',
- code: code,
- redirect_uri: redirect_uri,
- client_id: client_id,
- client_secret: client_secret
- })
-
- const options = {
- hostname: 'auth.viarezo.fr',
- port: 443,
- path: '/oauth/token',
- method: 'POST',
- headers: {
- 'Content-Type': 'application/x-www-form-urlencoded',
- 'Content-Length': data.length
- }
- }
-
- let req = https.request(options, res => {
- if(res.statusCode != 200){
- reject("Token Failed");
- }
-
- var body = '';
- res.on('data', function (chunk) {
- body += chunk;
- });
- res.on('end', function () {
- resolve(JSON.parse(body));
- });
-
- })
-
-
- console.log(data);
-
- req.on('error', err => {
- reject(err);
- });
- req.write(data);
- req.end();
+async function getToken(code) {
+ return new Promise((resolve, reject) => {
+ const data = querystring.stringify({
+ grant_type: 'authorization_code',
+ code: code,
+ redirect_uri: redirect_uri,
+ client_id: client_id,
+ client_secret: client_secret
+ })
+
+ const options = {
+ hostname: 'auth.viarezo.fr',
+ port: 443,
+ path: '/oauth/token',
+ method: 'POST',
+ headers: {
+ 'Content-Type': 'application/x-www-form-urlencoded',
+ 'Content-Length': data.length
+ }
+ }
+
+ let req = https.request(options, res => {
+ if (res.statusCode != 200) {
+ reject("Token Failed");
+ }
+
+ var body = '';
+ res.on('data', function (chunk) {
+ body += chunk;
+ });
+ res.on('end', function () {
+ resolve(JSON.parse(body));
});
+
+ })
+
+
+ console.log(data);
+
+ req.on('error', err => {
+ reject(err);
+ });
+ req.write(data);
+ req.end();
+ });
}
-async function getInfos(token){
- return new Promise ((resolve, reject) => {
- //https://auth.viarezo.fr/api/user/show/me
+async function getInfos(token) {
+ return new Promise((resolve, reject) => {
+ //https://auth.viarezo.fr/api/user/show/me
const options = {
hostname: 'auth.viarezo.fr',
port: 443,
path: '/api/user/show/me',
method: 'GET',
headers: {
- 'Authorization': 'Bearer ' + token.access_token
+ 'Authorization': 'Bearer ' + token.access_token
}
}
let req = https.request(options, res => {
- if(res.statusCode != 200){
+ if (res.statusCode != 200) {
reject("Data fetching Failed");
}
@@ -96,14 +96,14 @@ async function getInfos(token){
res.on('end', function () {
var data = JSON.parse(body);
resolve({
- id : data.id,
+ id: data.id,
login: data.login,
firstName: data.firstName,
lastName: data.lastName,
email: data.email,
promo: data.promo,
token: token,
- });
+ });
});
})
@@ -116,13 +116,13 @@ async function getInfos(token){
}
function authMiddleware(req, res, next) {
- if ('ids' in req.session){
+ if ('ids' in req.session) {
return next();
}
res.redirect('/api/login');
}
exports.getRedirectURI = getRedirectURI;
-exports.getToken = getToken;
-exports.getInfos = getInfos;
+exports.getToken = getToken;
+exports.getInfos = getInfos;
exports.authMiddleware = authMiddleware;
diff --git a/back/src/controllers/staffeurs.controller.js b/back/src/controllers/staffeurs.controller.js
index fccddb8a09de2c67bf36ea588ac751bf7be9a669..c8b29a5d6542c07a461259a649b68b149b4f2077 100644
--- a/back/src/controllers/staffeurs.controller.js
+++ b/back/src/controllers/staffeurs.controller.js
@@ -72,4 +72,13 @@ function getStaffeursLogins(req, res) {
con.end();
}
-module.exports = { getStaffeurs, addNewStaffeur, deleteStaffeur, getStaffeursLogins }
+function isStaffMiddleware(req, res, next) {
+ const login = req.session.ids.user.login || '';
+ const staffs = getStaffLogins();
+ if (staffs.includes(login)) {
+ return next();
+ }
+ res.status(403).send('You have no right to request this url');
+}
+
+module.exports = { getStaffeurs, addNewStaffeur, deleteStaffeur, getStaffeursLogins, isStaffMiddleware }
diff --git a/back/src/index.js b/back/src/index.js
index e987dcb4d51d82d2cee0758c26a0b3de0172f01f..ada4e70a983663029b5c9a05d9dab75ae2919236 100644
--- a/back/src/index.js
+++ b/back/src/index.js
@@ -4,7 +4,10 @@ var cookieParser = require('cookie-parser');
var apiRouter = require('./routes/api');
var apiAdminRouter = require('./routes/apiAdmin');
+var apiStaffRouter = require('./routes/apiStaff');
var oauth = require('./controllers/auth.controller');
+var admin = require('./controllers/administrateur.controller');
+var staff = require('./controllers/staffeurs.controller');
var app = express();
@@ -15,7 +18,8 @@ app.use(express.json());
app.use(express.urlencoded({ extended: false }));
app.use('/api', apiRouter);
-app.use('/api/admin', oauth.authMiddleware, apiAdminRouter);
+app.use('/api/staff', oauth.authMiddleware, staff.isStaffMiddleware, apiStaffRouter);
+app.use('/api/admin', oauth.authMiddleware, admin.isAdminMiddleware, apiAdminRouter);
app.get('/api/login', function (req, res) {
res.redirect(oauth.getRedirectURI());
diff --git a/back/src/routes/apiStaff.js b/back/src/routes/apiStaff.js
new file mode 100644
index 0000000000000000000000000000000000000000..dc9de2e5956d2e07fc72d42b3205a658bdd82c4a
--- /dev/null
+++ b/back/src/routes/apiStaff.js
@@ -0,0 +1,10 @@
+var express = require('express');
+var router = express.Router();
+
+var controller = require('../controller')
+
+router.post('/new_participant_with_id', controller.participant.addNewParticipantWithId);
+router.post('/new_score', controller.scores.addNewScore);
+
+
+module.exports = router;
diff --git a/front/src/app/administration/gestionScore/NouveauScore.js b/front/src/app/administration/gestionScore/NouveauScore.js
index 5c4f4a6063c2132489675c11437cf8930c519ae4..f17ecb19a944a0795e995f3db7799b9a000f7ca6 100644
--- a/front/src/app/administration/gestionScore/NouveauScore.js
+++ b/front/src/app/administration/gestionScore/NouveauScore.js
@@ -2,54 +2,54 @@ import React, { useState, useEffect } from 'react';
import axios from 'axios';
import { useForm } from 'react-hook-form';
-export function AddScoreForm(){
+export function AddScoreForm() {
const addScore = (props) => {
- axios.post('/api/admin/new_score',
- {
+ axios.post('/api/staff/new_score',
+ {
score: props.score,
equipe: props.equipe,
participant: props.participant
- })
- .then(() => {
- alert("Score ajouté");
- window.location='/admin/scores';
- }, (error) => {
- console.log(error);
- });
+ })
+ .then(() => {
+ alert("Score ajouté");
+ window.location = '/admin/scores';
+ }, (error) => {
+ console.log(error);
+ });
};
- const [equipes,setEquipes] = useState([]);
- const [participants,setParticipants] = useState([]);
+ const [equipes, setEquipes] = useState([]);
+ const [participants, setParticipants] = useState([]);
- useEffect(() => {axios.get('/api/equipes').then((response) => setEquipes(response.data))}, []);
- useEffect(() => {axios.get('/api/participants').then((response) => setParticipants(response.data))}, []);
+ useEffect(() => { axios.get('/api/equipes').then((response) => setEquipes(response.data)) }, []);
+ useEffect(() => { axios.get('/api/participants').then((response) => setParticipants(response.data)) }, []);
const { register, handleSubmit } = useForm();
- const onSubmit = data => {addScore(data)}
- return(
- <div>
- <a className="btn btn-secondary" href="/admin/scores" role="button">Retour</a>
- <form onSubmit={handleSubmit(onSubmit)}>
- <div className="form-group">
- <label htmlFor="scoreInput">Score</label>
- <input type="number" className="form-control" id="scoreInput" name="score" ref={register} placeholder="1000" required/>
- </div>
- <div className="form-group">
- <label htmlFor="participantInput">Participant</label>
- <select className="form-control" id="participantInput" name="participant" ref={register} placeholder="Gérard">
- {participants.map(item => (<option key={item.id} value={item.id}>{item.name}</option>))}
- </select>
- </div>
- <div className="form-group">
- <label htmlFor="equipeInput">Equipe</label>
- <select className="form-control" id="equipeInput" name="equipe" ref={register} placeholder="ViaRézo">
- {equipes.map(item => (<option key={item.id} value={item.id}>{item.name}</option>))}
- </select>
- </div>
- <button type="submit" className="btn btn-secondary">Ajouter</button>
- </form>
- </div>
+ const onSubmit = data => { addScore(data) }
+ return (
+ <div>
+ <a className="btn btn-secondary" href="/admin/scores" role="button">Retour</a>
+ <form onSubmit={handleSubmit(onSubmit)}>
+ <div className="form-group">
+ <label htmlFor="scoreInput">Score</label>
+ <input type="number" className="form-control" id="scoreInput" name="score" ref={register} placeholder="1000" required />
+ </div>
+ <div className="form-group">
+ <label htmlFor="participantInput">Participant</label>
+ <select className="form-control" id="participantInput" name="participant" ref={register} placeholder="Gérard">
+ {participants.map(item => (<option key={item.id} value={item.id}>{item.name}</option>))}
+ </select>
+ </div>
+ <div className="form-group">
+ <label htmlFor="equipeInput">Equipe</label>
+ <select className="form-control" id="equipeInput" name="equipe" ref={register} placeholder="ViaRézo">
+ {equipes.map(item => (<option key={item.id} value={item.id}>{item.name}</option>))}
+ </select>
+ </div>
+ <button type="submit" className="btn btn-secondary">Ajouter</button>
+ </form>
+ </div>
)
}
diff --git a/front_thomas/src/components/Login/Gestion/gestionScore/NouveauScore.js b/front_thomas/src/components/Login/Gestion/gestionScore/NouveauScore.js
index eace13c8ac0bf06642d50efd6eec51bcbf5376a3..3a4aea7916f22ed9d64d3b07e4fb94333b54bfcc 100644
--- a/front_thomas/src/components/Login/Gestion/gestionScore/NouveauScore.js
+++ b/front_thomas/src/components/Login/Gestion/gestionScore/NouveauScore.js
@@ -2,53 +2,53 @@ import React, { useState, useEffect } from 'react';
import axios from 'axios';
import { useForm } from 'react-hook-form';
-export function AddScoreForm(){
+export function AddScoreForm() {
const addScore = (props) => {
- axios.post('/api/admin/new_score',
- {
+ axios.post('/api/staff/new_score',
+ {
score: props.score,
equipe: props.equipe,
participant: props.participant
- })
- .then(() => {
- alert("Score ajouté");
- window.location='/Gestion';
- }, (error) => {
- console.log(error);
- });
+ })
+ .then(() => {
+ alert("Score ajouté");
+ window.location = '/Gestion';
+ }, (error) => {
+ console.log(error);
+ });
};
- const [equipes,setEquipes] = useState([]);
- const [participants,setParticipants] = useState([]);
+ const [equipes, setEquipes] = useState([]);
+ const [participants, setParticipants] = useState([]);
- useEffect(() => {axios.get('/api/equipes').then((response) => setEquipes(response.data))}, []);
- useEffect(() => {axios.get('/api/participants').then((response) => setParticipants(response.data))}, []);
+ useEffect(() => { axios.get('/api/equipes').then((response) => setEquipes(response.data)) }, []);
+ useEffect(() => { axios.get('/api/participants').then((response) => setParticipants(response.data)) }, []);
const { register, handleSubmit } = useForm();
- const onSubmit = data => {addScore(data)}
- return(
- <div>
- <form onSubmit={handleSubmit(onSubmit)}>
- <div className="form-group">
- <label htmlFor="scoreInput">Score</label>
- <input type="number" className="form-control" id="scoreInput" name="score" ref={register} placeholder="1000" required/>
- </div>
- <div className="form-group">
- <label htmlFor="participantInput">Participant</label>
- <select className="form-control" id="participantInput" name="participant" ref={register} placeholder="Gérard">
- {participants.map(item => (<option key={item.id} value={item.id}>{item.name}</option>))}
- </select>
- </div>
- <div className="form-group">
- <label htmlFor="equipeInput">Equipe</label>
- <select className="form-control" id="equipeInput" name="equipe" ref={register} placeholder="ViaRézo">
- {equipes.map(item => (<option key={item.id} value={item.id}>{item.name}</option>))}
- </select>
- </div>
- <button type="submit" className="btn btn-secondary">Ajouter</button>
- </form>
- </div>
+ const onSubmit = data => { addScore(data) }
+ return (
+ <div>
+ <form onSubmit={handleSubmit(onSubmit)}>
+ <div className="form-group">
+ <label htmlFor="scoreInput">Score</label>
+ <input type="number" className="form-control" id="scoreInput" name="score" ref={register} placeholder="1000" required />
+ </div>
+ <div className="form-group">
+ <label htmlFor="participantInput">Participant</label>
+ <select className="form-control" id="participantInput" name="participant" ref={register} placeholder="Gérard">
+ {participants.map(item => (<option key={item.id} value={item.id}>{item.name}</option>))}
+ </select>
+ </div>
+ <div className="form-group">
+ <label htmlFor="equipeInput">Equipe</label>
+ <select className="form-control" id="equipeInput" name="equipe" ref={register} placeholder="ViaRézo">
+ {equipes.map(item => (<option key={item.id} value={item.id}>{item.name}</option>))}
+ </select>
+ </div>
+ <button type="submit" className="btn btn-secondary">Ajouter</button>
+ </form>
+ </div>
)
}
diff --git a/front_thomas/src/components/Login/SubmitForm.js b/front_thomas/src/components/Login/SubmitForm.js
index de9b9a2b554075c540a999ea51b285c8bf33673b..389552824cadb5ad1d22c15b4f0aed183d5bdac1 100644
--- a/front_thomas/src/components/Login/SubmitForm.js
+++ b/front_thomas/src/components/Login/SubmitForm.js
@@ -1,8 +1,8 @@
-import React,{useState,useEffect} from "react";
+import React, { useState, useEffect } from "react";
import { MDBRow, MDBCol, MDBInput, MDBBtn, MDBCard, MDBCardBody, MDBModalFooter, MDBIcon, MDBContainer } from 'mdbreact';
import axios from 'axios';
-function Submit (props) {
+function Submit(props) {
/*var [participants,setParticipants] = useState([]);
useEffect(() => {
@@ -14,49 +14,50 @@ function Submit (props) {
return () => clearInterval(interval);
}, []);*/
-
- function addScore (){
+
+ function addScore() {
/*if (participants[0] === undefined) {
- axios.post('/api/admin/new_participant_with_id',
+ axios.post('/api/staff/new_participant_with_id',
{
id: props.participant.value,
name: props.participant.label
})
}*/
- axios.post('/api/admin/new_score',
- {
- score: Math.max(0,props.score),
- equipe: props.equipe.value,
- participant: props.participant.value
- })
- .then(() => {
- axios.post('/api/admin/new_participant_with_id',
+ axios.post('/api/staff/new_score',
{
- id: props.participant.value,
- name: props.participant.label
- })})
- .then(() => {
- alert("Score ajouté");
- window.location='/Input';
- }, (error) => {
- console.log(error);
- })
- };
+ score: Math.max(0, props.score),
+ equipe: props.equipe.value,
+ participant: props.participant.value
+ })
+ .then(() => {
+ axios.post('/api/staff/new_participant_with_id',
+ {
+ id: props.participant.value,
+ name: props.participant.label
+ })
+ })
+ .then(() => {
+ alert("Score ajouté");
+ window.location = '/Input';
+ }, (error) => {
+ console.log(error);
+ })
+ };
+
+
+
+
-
-
-
-
- const onSubmit = () => {addScore()};
+ const onSubmit = () => { addScore() };
return (
<MDBBtn type="submit" icon="send" gradient="blue" rounded disabled={props.unlock} className="btn-block z-depth-1a" onClick={onSubmit}><MDBIcon icon="paper-plane" className="ml-1" /> Envoyer</MDBBtn>
- )
-}
+ )
+}
export default Submit;
\ No newline at end of file