Merge pull request #23 from ungdev/dev

Routes updates &  Add role to acces admin management (RespoCE & Arbitre)

Author: T1gr0uu

backend/src/controllers/auth.controller.ts

@@ -2,6 +2,7 @@ import { Request, Response } from 'express';
 import * as auth_service from '../services/auth.service';
 import * as user_service from '../services/user.service';
 import * as email_service from '../services/email.service';
+import * as role_service from '../services/role.service';
 import bigInt from 'big-integer';
 import { Error, Ok, Unauthorized } from '../utils/responses';
 import { decodeToken } from '../utils/token';
@@ -60,8 +61,17 @@ export const handlecasticket = async (req: Request, res: Response) => {
                 if (!id){ Error(res,{ msg: "Pas d'id" }); return;}
 
                 await user_service.updateUserStudent( CASuser.givenName, CASuser.sn, CASuser.email);
+
+                // Récupérer les rôles de l'utilisateur
+                  const userRoles = await role_service.getUserRoles(user.id); // [{ roleId, roleName }]
+                
+                  // Ajouter les rôles à l'objet utilisateur
+                  const enrichedUser = {
+                    ...user,
+                    roles: userRoles,
+                  };
 
-                const token = auth_service.generateToken(user);
+                const token = auth_service.generateToken(enrichedUser);
 
 
                 Ok(res, { data: { token } })

backend/src/controllers/role.controller.ts

@@ -134,7 +134,7 @@ export const getUserRoles = async (req: Request, res: Response) => {
         return;
      }
 
-      const userRoles = await role_service.getUserRoles(userId);
+      const userRoles = await role_service.getUserRoles(Number(userId));
       Ok(res,{ data: userRoles });
       return;
     } catch (error) {

backend/src/controllers/team.controller.ts

@@ -117,6 +117,21 @@ export const getTeamUsers = async (req: Request, res: Response) => {
 
 }
 
+export const getAllTeamsWithUsers = async (req: Request, res: Response) => {
+
+    try {
+        const teamUsers = await team_service.getAllTeamsWithUsers();
+        Ok(res,{ data: teamUsers });
+        return;
+        } catch (error) {
+        console.error(error);
+        Error(res,{ msg: "Erreur interne lors de la récupération des utilisateurs avec leurs rôles." });
+        return;
+    
+    }
+
+}
+
 export const getTeamFaction = async (req: Request, res: Response) => {
 
     const {teamId} = req.query;

backend/src/database/initdb/initrole.ts

@@ -5,6 +5,7 @@ import { roleSchema } from "../../schemas/Basic/role.schema";
 // Liste des rôles avec leurs descriptions
 const roles = [
     { name: "Animation", description: "Animer, divertir et motiver les CE et les nouveaux étudiants tout au long de la pré-inté et de l’inté." },
+    { name: "Arbitre", description: "Arbitrer les différents défis pendant le semaine d'intégration." },
     { name: "Bouffe", description: "Prévoir, organiser et coordonner tous les repas de l’inté. La bouffe c’est sacré !" },
     { name: "Cahier de vacances", description: "Élaborer le futur cahier de vacances des nouveaux avec des petits exercices et blagues." },
     { name: "Communication & Graphisme", description: "Préparer et gérer toute la communication de l’intégration, créer une charte graphique." },

backend/src/middlewares/auth.middleware.ts

@@ -1,7 +1,5 @@
 import { Request, Response, NextFunction } from "express";
-import jwt, { JwtPayload } from "jsonwebtoken";
 import { Unauthorized } from "../utils/responses"; // Assurez-vous que cette fonction est bien définie
-import { jwtSecret } from "../utils/secret";
 import { decodeToken } from "../utils/token";
 
 

backend/src/middlewares/user.middleware.ts

@@ -1,24 +1,41 @@
-import { Request, Response, NextFunction } from 'express';
-import { Unauthorized } from '../utils/responses';
+import { Request, Response, NextFunction } from "express";
+import { Unauthorized } from "../utils/responses"; // adapte selon ton projet
 
-// Middleware pour vérifier le rôle
-export const checkRole = (requiredRole: string) => {
+export const checkRole = (
+  requiredPermission?: string,
+  requiredRoles?: string[]
+) => {
   return (req: Request, res: Response, next: NextFunction) => {
+    const user = req.user;
 
-    if (!req.user) {
-       Unauthorized(res,{ msg: 'Accès non autorisé' });
-       return;
+    if (!user) {
+      Unauthorized(res, { msg: "Accès non autorisé" });
+      return;
     }
-    const user = req.user
+
     try {
-      if (user.userPermission !== requiredRole && user.userPermission !== 'Admin'){
-         Unauthorized(res,{ msg: 'Accès interdit, rôle insuffisant' });
-         return;
+      const isAdmin = user.userPermission === "Admin";
+      
+      const hasPermission =
+        !requiredPermission || user.userPermission === requiredPermission;
+
+      const hasRole =
+        !requiredRoles ||
+        (Array.isArray(user.userRoles) &&
+          user.userRoles.some((role: { roleName: string }) =>
+            requiredRoles.includes(role.roleName)
+          ));
+
+      if (!isAdmin && !(hasPermission || hasRole)) {
+        Unauthorized(res, {
+          msg: "Accès interdit, rôle ou permission insuffisants",
+        });
+        return;
       }
+
       next();
     } catch (err) {
-       Unauthorized(res,{ msg: 'Token invalide ou expiré' });
-       return;
+      Unauthorized(res, { msg: "Token invalide ou expiré" });
     }
   };
-};
+};

backend/src/routes/challenge.routes.ts

@@ -5,14 +5,14 @@ import { checkRole } from "../middlewares/user.middleware";
 const challengeRouter = express.Router();
 
 // Admin routes
-challengeRouter.post("/admin/challenge", checkRole("Admin"), challengeController.createChallenge);
-challengeRouter.delete("/admin/delete", checkRole("Admin"), challengeController.deleteChallenge);
-challengeRouter.put("/admin/updatechallenge", checkRole("Admin"), challengeController.updateChallenge);
-challengeRouter.post("/admin/validate", checkRole("Admin"), challengeController.validateChallenge);
-challengeRouter.post("/admin/unvalidate", checkRole("Admin"), challengeController.unvalidateChallenge);
-challengeRouter.get("/admin/challenges", checkRole("Admin"), challengeController.getAllChallenges);
-challengeRouter.get("/admin/validatedchallenges", checkRole("Admin"), challengeController.getValidatedChallenges);
-challengeRouter.post("/admin/assignpoints", checkRole("Admin"), challengeController.addPointsToFaction); 
+challengeRouter.post("/admin/challenge", checkRole("Admin", ["Arbitre"]), challengeController.createChallenge);
+challengeRouter.delete("/admin/delete", checkRole("Admin", ["Arbitre"]), challengeController.deleteChallenge);
+challengeRouter.put("/admin/updatechallenge", checkRole("Admin",["Arbitre"]), challengeController.updateChallenge);
+challengeRouter.post("/admin/validate", checkRole("Admin", ["Arbitre"]), challengeController.validateChallenge);
+challengeRouter.post("/admin/unvalidate",checkRole("Admin", ["Arbitre"]), challengeController.unvalidateChallenge);
+challengeRouter.get("/admin/challenges", checkRole("Admin", ["Arbitre"]), challengeController.getAllChallenges);
+challengeRouter.get("/admin/validatedchallenges", checkRole("Admin", ["Arbitre"]), challengeController.getValidatedChallenges);
+challengeRouter.post("/admin/assignpoints", checkRole("Admin", ["Arbitre"]), challengeController.addPointsToFaction); 
 
 
 // User routes

backend/src/routes/email.routes.ts

@@ -5,7 +5,7 @@ import { checkRole } from '../middlewares/user.middleware';
 
 const emailRouter = express.Router();
 
-emailRouter.post('/admin/sendemail', checkRole("Admin"), emailController.handleSendEmail);
-emailRouter.post('/admin/previewemail', checkRole("Admin"), emailController.handlePreviewEmail);
+emailRouter.post('/admin/sendemail', checkRole("Admin",[]), emailController.handleSendEmail);
+emailRouter.post('/admin/previewemail', checkRole("Admin",[]), emailController.handlePreviewEmail);
 
 export default emailRouter;

backend/src/routes/event.routes.ts

@@ -6,12 +6,12 @@ import { authenticateUser } from '../middlewares/auth.middleware';
 const eventRouter = express.Router();
 
 // User routes
-eventRouter.get("/user/shotgunstatus",checkRole("Student"), eventController.checkShotgunStatus);
-eventRouter.get("/user/preregisterstatus",checkRole("Student"), eventController.checkPreRegisterStatus);
-eventRouter.post("/user/shotgunattempt",checkRole("Student"), eventController.shotgunAttempt);
+eventRouter.get("/user/shotgunstatus",checkRole("Student",[]), eventController.checkShotgunStatus);
+eventRouter.get("/user/preregisterstatus",checkRole("Student",[]), eventController.checkPreRegisterStatus);
+eventRouter.post("/user/shotgunattempt",checkRole("Student",[]), eventController.shotgunAttempt);
 
 // Admin routes
-eventRouter.post("/admin/shotguntoggle",checkRole("Admin"),eventController.toggleShotgun);
-eventRouter.post("/admin/preregistrationtoggle",checkRole("Admin"), eventController.togglePreRegistration);
+eventRouter.post("/admin/shotguntoggle",checkRole("Admin",[]),eventController.toggleShotgun);
+eventRouter.post("/admin/preregistrationtoggle",checkRole("Admin",[]), eventController.togglePreRegistration);
 
 export default eventRouter;

backend/src/routes/export.routes.ts

@@ -5,7 +5,7 @@ import { checkRole } from '../middlewares/user.middleware';
 const exportRouter = express.Router();
 
 // Route d'inscription
-exportRouter.post('/admin/export',checkRole("Admin"), exportController.exportAllDataToSheets)
+exportRouter.post('/admin/export',checkRole("Admin",[]), exportController.exportAllDataToSheets)