Revert "implement security"

This reverts commit 32367009549e879fa0adf9d4498e78ef7ab6a622.

src/main/java/fr/jaquin/bdlg/planner/controller/ApiController.java → src/main/java/fr/jaquin/bdlg/planner/ApiController.java

@@ -1,4 +1,4 @@
-package fr.jaquin.bdlg.planner.controller;
+package fr.jaquin.bdlg.planner;
 
 import java.time.LocalDateTime;
 import java.util.List;
@@ -16,7 +16,7 @@ import fr.jaquin.bdlg.planner.persistence.EvenementLob;
 import fr.jaquin.bdlg.planner.persistence.EvenementLobRepository;
 import fr.jaquin.bdlg.planner.persistence.EvenementNotFoundException;
 import fr.jaquin.bdlg.planner.persistence.EvenementRepository;
-import fr.jaquin.bdlg.planner.persistence.CustomUser;
+import fr.jaquin.bdlg.planner.persistence.Users;
 
 @RestController("/api")
 public class ApiController {
@@ -48,8 +48,8 @@ public class ApiController {
         lastVersion = evenement;
       }
     }
-    return repositoryLob.findById(lastVersion.getId()).orElseThrow(() -> new EvenementNotFoundException(uuid))
-        .getJsonContent();
+    return repositoryLob.findById(lastVersion.getId())
+        .orElseThrow(() -> new EvenementNotFoundException(uuid)).getJsonContent();
   }
 
   @GetMapping("/evenements/history/{uuid}")
@@ -58,7 +58,8 @@ public class ApiController {
   }
 
   @PostMapping("/evenements")
-  Evenement newEvenement(@AuthenticationPrincipal CustomUser customUser, @RequestBody EvenementData evt) {
+  Evenement newEvenement(@AuthenticationPrincipal Users customUser,
+      @RequestBody EvenementData evt) {
     if (repository.findByUuid(evt.getUuid()).size() > 0) {
       throw new EvenementAlreadyExistException(evt.getUuid());
     }
@@ -66,7 +67,7 @@ public class ApiController {
   }
 
   @PutMapping("/evenements/{uuid}")
-  Evenement newEvenement(@AuthenticationPrincipal CustomUser customUser, @RequestBody EvenementData evt,
+  Evenement newEvenement(@AuthenticationPrincipal Users customUser, @RequestBody EvenementData evt,
       @PathVariable String id) {
     if (repository.findByUuid(evt.getUuid()).size() == 0) {
       throw new EvenementNotFoundException(evt.getUuid());
@@ -74,7 +75,7 @@ public class ApiController {
     return saveEvenementData(evt, customUser);
   }
 
-  private Evenement saveEvenementData(EvenementData evt, CustomUser customUser) {
+  private Evenement saveEvenementData(EvenementData evt, Users customUser) {
     Evenement newEvenement = new Evenement();
     newEvenement.setName(evt.getName());
     newEvenement.setUuid(evt.getUuid());

src/main/java/fr/jaquin/bdlg/planner/controller/SolverController.java → src/main/java/fr/jaquin/bdlg/planner/SolverController.java

@@ -1,4 +1,4 @@
-package fr.jaquin.bdlg.planner.controller;
+package fr.jaquin.bdlg.planner;
 
 import java.util.UUID;
 import java.util.concurrent.ExecutionException;
@@ -50,7 +50,8 @@ public class SolverController {
       throw new IllegalStateException("Solving failed.", e);
     }
 
-    ScoreExplanation<Planning, HardMediumSoftScore> explanation = scoreManager.explainScore(solution);
+    ScoreExplanation<Planning, HardMediumSoftScore> explanation =
+        scoreManager.explainScore(solution);
     PlanningSolution output = PlanningSolution.from(solution);
     output.setExplanation(stringifyExplanation(explanation));
     System.out.println(explanation.getSummary());
@@ -66,8 +67,9 @@ public class SolverController {
         // Populate the value with an array of justification objects
             + constraint.getConstraintMatchSet().stream()
                 // Filter pair that have a negative impact on the score
-                .filter(matchElt -> matchElt.getScore().getHardScore() < 0).map(match -> match.getJustificationList()
-                    .stream().map(elt -> stringifyConstraint(elt)).collect(listCollector))
+                .filter(matchElt -> matchElt.getScore().getHardScore() < 0)
+                .map(match -> match.getJustificationList().stream()
+                    .map(elt -> stringifyConstraint(elt)).collect(listCollector))
                 .collect(listCollector))
         .collect(Collectors.joining(",", "{", "}"));
   }
@@ -75,13 +77,13 @@ public class SolverController {
   private String stringifyConstraint(Object val) {
     if (val instanceof Assignement) {
       Assignement casted = (Assignement) val;
-      return "{\"type\":\"Assignement\",\"slotId\":\"" + casted.getSlot().getId() + "\",\"volonteerId\":"
-          + casted.getVolonteer().getId().toString() + "}";
+      return "{\"type\":\"Assignement\",\"slotId\":\"" + casted.getSlot().getId()
+          + "\",\"volonteerId\":" + casted.getVolonteer().getId().toString() + "}";
     }
     if (val instanceof MealAssignement) {
       MealAssignement casted = (MealAssignement) val;
-      return "{\"type\":\"MealAssignement\",\"slotId\":\"" + casted.getMealSlot().getId() + "\",\"volonteerId\":"
-          + casted.getVolonteer().getId().toString() + "}";
+      return "{\"type\":\"MealAssignement\",\"slotId\":\"" + casted.getMealSlot().getId()
+          + "\",\"volonteerId\":" + casted.getVolonteer().getId().toString() + "}";
     }
     if (val instanceof MealSlot) {
       MealSlot casted = (MealSlot) val;

src/main/java/fr/jaquin/bdlg/planner/controller/PageController.java

@@ -1,13 +0,0 @@
-package fr.jaquin.bdlg.planner.controller;
-
-import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.annotation.GetMapping;
-
-@Controller
-class PageController {
-
-  @GetMapping(value = "/{path:[^\\.]*}")
-  public String redirect() {
-    return "forward:/";
-  }
-}

src/main/java/fr/jaquin/bdlg/planner/persistence/CustomUserRepository.java

@@ -1,7 +0,0 @@
-package fr.jaquin.bdlg.planner.persistence;
-
-import org.springframework.data.repository.CrudRepository;
-
-public interface CustomUserRepository extends CrudRepository<CustomUser, Long> {
-  CustomUser findByUsername(String username);
-}

src/main/java/fr/jaquin/bdlg/planner/persistence/Evenement.java

@@ -4,7 +4,7 @@ import java.time.LocalDateTime;
 import java.util.Objects;
 import javax.persistence.Entity;
 import javax.persistence.Id;
-import javax.persistence.ManyToOne;
+import javax.persistence.OneToMany;
 
 @Entity
 public class Evenement {
@@ -13,8 +13,8 @@ public class Evenement {
   private String uuid;
   private String name;
   private LocalDateTime lastModified;
-  @ManyToOne
-  private CustomUser lastEditor;
+  @OneToMany
+  private Users lastEditor;
 
   public Long getId() {
     return this.id;
@@ -48,11 +48,11 @@ public class Evenement {
     this.lastModified = lastModified;
   }
 
-  public CustomUser getLastEditor() {
+  public Users getLastEditor() {
     return this.lastEditor;
   }
 
-  public void setLastEditor(CustomUser lastEditor) {
+  public void setLastEditor(Users lastEditor) {
     this.lastEditor = lastEditor;
   }
 
@@ -72,4 +72,5 @@ public class Evenement {
     return Objects.hash(id, uuid);
   }
 
+
 }

src/main/java/fr/jaquin/bdlg/planner/persistence/EvenementRepository.java

@@ -9,4 +9,6 @@ public interface EvenementRepository extends CrudRepository<Evenement, Long> {
 
   Optional<Evenement> findById(Long id);
 
+  Evenement lastVersionByUuid(String uuid);
+
 }

src/main/java/fr/jaquin/bdlg/planner/persistence/UserRepository.java

@@ -0,0 +1,7 @@
+package fr.jaquin.bdlg.planner.persistence;
+
+import org.springframework.data.repository.CrudRepository;
+
+public interface UserRepository extends CrudRepository<Users, Long> {
+  Users findByName(String name);
+}

src/main/java/fr/jaquin/bdlg/planner/persistence/CustomUser.java → src/main/java/fr/jaquin/bdlg/planner/persistence/Users.java

@@ -7,27 +7,18 @@ import javax.persistence.GeneratedValue;
 import javax.persistence.GenerationType;
 import javax.persistence.Id;
 
-import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
-
 @Entity
-public class CustomUser {
+public class Users {
 
   @Id
   @GeneratedValue(strategy = GenerationType.AUTO)
   private Long id;
   @Column(unique = true, nullable = false)
-  private String username;
-
+  private String name;
   private String email;
   private String password;
 
-  public CustomUser() {
-  }
-
-  public CustomUser(String username, String password) {
-    this.username = username;
-    this.setPassword(password);
-  }
+  public Users() {}
 
   public Long getId() {
     return this.id;
@@ -37,12 +28,12 @@ public class CustomUser {
     this.id = id;
   }
 
-  public String getUsername() {
-    return this.username;
+  public String getName() {
+    return this.name;
   }
 
-  public void setUsername(String username) {
-    this.username = username;
+  public void setName(String name) {
+    this.name = name;
   }
 
   public String getEmail() {
@@ -58,28 +49,23 @@ public class CustomUser {
   }
 
   public void setPassword(String password) {
-    this.password = new BCryptPasswordEncoder().encode(password);
+    this.password = password;
   }
 
   @Override
   public boolean equals(Object o) {
     if (o == this)
       return true;
-    if (!(o instanceof CustomUser)) {
+    if (!(o instanceof Users)) {
       return false;
     }
-    CustomUser users = (CustomUser) o;
+    Users users = (Users) o;
     return id == users.id;
   }
 
   @Override
   public int hashCode() {
-    return Objects.hash(id, username);
-  }
-
-  @Override
-  public String toString() {
-    return "User<name=" + username + ">";
+    return Objects.hash(id, name);
   }
 
 }

src/main/java/fr/jaquin/bdlg/planner/security/CustomUserDetailService.java

@@ -6,23 +6,23 @@ import org.springframework.security.core.userdetails.UserDetails;
 import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.core.userdetails.UsernameNotFoundException;
 import org.springframework.stereotype.Service;
-import fr.jaquin.bdlg.planner.persistence.CustomUserRepository;
-import fr.jaquin.bdlg.planner.persistence.CustomUser;
+import fr.jaquin.bdlg.planner.persistence.UserRepository;
+import fr.jaquin.bdlg.planner.persistence.Users;
 
 @Service
 public class CustomUserDetailService implements UserDetailsService {
 
   @Autowired
-  private CustomUserRepository userRepository;
+  private UserRepository userRepository;
 
   @Override
   public UserDetails loadUserByUsername(String login) throws UsernameNotFoundException {
-    final CustomUser customUser = userRepository.findByUsername(login);
+    final Users customUser = userRepository.findByName(login);
     if (customUser == null) {
       throw new UsernameNotFoundException(login);
     }
     UserDetails user = User.withUsername(customUser.getEmail()).password(customUser.getPassword())
-        .authorities("ROLE_USER").build();
+        .authorities("USER").build();
     return user;
   }
 }

src/main/java/fr/jaquin/bdlg/planner/security/LoadFixedUser.java

@@ -1,23 +0,0 @@
-package fr.jaquin.bdlg.planner.security;
-
-import org.slf4j.Logger;
-import org.slf4j.LoggerFactory;
-import org.springframework.boot.CommandLineRunner;
-import org.springframework.context.annotation.Bean;
-import org.springframework.context.annotation.Configuration;
-
-import fr.jaquin.bdlg.planner.persistence.CustomUser;
-import fr.jaquin.bdlg.planner.persistence.CustomUserRepository;
-
-@Configuration
-public class LoadFixedUser {
-  private static final Logger log = LoggerFactory.getLogger(LoadFixedUser.class);
-
-  @Bean
-  CommandLineRunner initDatabase(CustomUserRepository repository) {
-    return args -> {
-      log.info("Preloading " + repository.save(new CustomUser("admin", "notAnAdmin")));
-      log.info("Preloading " + repository.save(new CustomUser("clovis", "M1m2pBP.")));
-    };
-  }
-}

src/main/java/fr/jaquin/bdlg/planner/security/WebSecurityConfig.java

@@ -26,20 +26,19 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
     // @formatter:off
       http
         .authorizeRequests()
-          .antMatchers(HttpMethod.POST, "/api/evenements").hasRole("USER")
-          .antMatchers(HttpMethod.PUT, "/api/evenements/**").hasRole("USER")
-          .antMatchers(HttpMethod.GET,"/**").permitAll()
-          .antMatchers(HttpMethod.POST, "/planning/solve").permitAll()
+          .antMatchers(HttpMethod.GET,"/**").permitAll() // (3)
+          .antMatchers(HttpMethod.POST, "/api/evenements").authenticated()
+          .antMatchers(HttpMethod.PUT, "/api/evenements/**").authenticated() // (4)
           .and()
        .formLogin() 
          .loginPage("/login") 
          .permitAll()
          .and()
-      .logout() 
+      .logout() // (6)
         .permitAll()
         .and()
-      .httpBasic(); 
-    // @formatter:on
+      .httpBasic(); // (7)
+      // @formatter:on
   }
 
   @Bean

src/main/java/fr/jaquin/bdlg/planner/solver/PlanningConstraintProvider.java

@@ -13,7 +13,8 @@ import org.optaplanner.core.api.score.stream.uni.UniConstraintStream;
 
 public class PlanningConstraintProvider implements ConstraintProvider {
 
-  private static UniConstraintStream<Assignement> getAssignedSlotStream(ConstraintFactory constraintFactory) {
+  private static UniConstraintStream<Assignement> getAssignedSlotStream(
+      ConstraintFactory constraintFactory) {
     return constraintFactory.fromUnfiltered(Assignement.class) // To match DRL
         .filter(shift -> shift.getVolonteer() != null);
   }
@@ -28,16 +29,18 @@ public class PlanningConstraintProvider implements ConstraintProvider {
         // Soft constraints are only implemented in the "complete"
         // implementation
         volunteerMinRestTime(constraintFactory), competencyTeachingEffort(constraintFactory),
-        preferenceApplication(constraintFactory), balanceLoad(constraintFactory) };
+        preferenceApplication(constraintFactory), balanceLoad(constraintFactory)};
   }
 
   private Constraint completeAllTimeslot(ConstraintFactory constraintFactory) {
-    return constraintFactory.from(Assignement.class).filter((assignment) -> assignment.getVolonteer() == null)
+    return constraintFactory.from(Assignement.class)
+        .filter((assignment) -> assignment.getVolonteer() == null)
         .penalize("Timeslot not initialized", HardMediumSoftScore.ONE_HARD);
   }
 
   private Constraint feedAllVolunteer(ConstraintFactory constraintFactory) {
-    return constraintFactory.from(MealAssignement.class).filter((assignment) -> assignment.getMealSlot() == null)
+    return constraintFactory.from(MealAssignement.class)
+        .filter((assignment) -> assignment.getMealSlot() == null)
         .penalize("Meal not initialized", HardMediumSoftScore.ONE_HARD);
   }
 
@@ -94,22 +97,22 @@ public class PlanningConstraintProvider implements ConstraintProvider {
 
   private Constraint competencyConflict(ConstraintFactory constraintFactory) {
     // a volonteer must match required competencies.
-    return getAssignedSlotStream(constraintFactory).penalize("Competence conflict", HardMediumSoftScore.ONE_HARD,
-        Assignement::getCompetenceLackScore);
+    return getAssignedSlotStream(constraintFactory).penalize("Competence conflict",
+        HardMediumSoftScore.ONE_HARD, Assignement::getCompetenceLackScore);
   }
 
   private Constraint competencyTeachingEffort(ConstraintFactory constraintFactory) {
     // We favor volonteer that already have required competencies.
-    // TODO: Idealy you should group by per volonteer and computed missing teachable
-    // competencies
-    return getAssignedSlotStream(constraintFactory).penalize("Avoid teaching competences to volunteer",
-        HardMediumSoftScore.ONE_SOFT, Assignement::getSoftCompetenceLackScore);
+    // TODO: Idealy you should group by per volonteer and computed missing teachable competencies
+    return getAssignedSlotStream(constraintFactory).penalize(
+        "Avoid teaching competences to volunteer", HardMediumSoftScore.ONE_SOFT,
+        Assignement::getSoftCompetenceLackScore);
   }
 
   private Constraint preferenceApplication(ConstraintFactory constraintFactory) {
     // The system should favor timeslots selected by user.
-    return getAssignedSlotStream(constraintFactory).reward("Preference application", HardMediumSoftScore.ONE_SOFT,
-        Assignement::getPreferenceScore);
+    return getAssignedSlotStream(constraintFactory).reward("Preference application",
+        HardMediumSoftScore.ONE_SOFT, Assignement::getPreferenceScore);
   }
 
   private Constraint balanceLoad(ConstraintFactory constraintFactory) {
@@ -125,11 +128,13 @@ public class PlanningConstraintProvider implements ConstraintProvider {
 
   private Constraint mealMaxAttendee(ConstraintFactory constraintFactory) {
     // Each Meal slot can only accomodate a maximum of attendee
-    return constraintFactory.from(MealAssignement.class).filter(assignement -> assignement.getMealSlot() != null)
+    return constraintFactory.from(MealAssignement.class)
+        .filter(assignement -> assignement.getMealSlot() != null)
         .groupBy(MealAssignement::getMealSlot, ConstraintCollectors.count())
         .filter((slot, volonteerCount) -> slot.getMaxAttendee() < volonteerCount)
         // then penalize each pair with a hard weight.
-        .penalize("Meal max attendee", HardMediumSoftScore.ONE_HARD, (slot,
-            volonteerCount) -> (slot.getMaxAttendee() - volonteerCount) * (slot.getMaxAttendee() - volonteerCount));
+        .penalize("Meal max attendee", HardMediumSoftScore.ONE_HARD,
+            (slot, volonteerCount) -> (slot.getMaxAttendee() - volonteerCount)
+                * (slot.getMaxAttendee() - volonteerCount));
   }
 }