SELab-2 · LGDTimtou · May 23, 2024 · May 9, 2024 · May 16, 2024 · May 19, 2024
diff --git a/.github/workflows/django.yml b/.github/workflows/django.yml
@@ -2,14 +2,12 @@ name: Django CI
 
 on:
   push:
-    branches: [ "develop", "tests", "main" ]
+    branches: ["develop", "tests", "main"]
   pull_request:
-    branches: [ "develop", "tests", "main" ]
-
+    branches: ["develop", "tests", "main"]
 
 jobs:
   build:
-
     runs-on: self-hosted
 
     services:
@@ -25,37 +23,36 @@ jobs:
 
         options: --health-cmd pg_isready --health-interval 10s --health-timeout 5s --health-retries 5
 
-
     steps:
-    - uses: actions/checkout@v3
-    - name: Set up Python 3.10
-      uses: actions/setup-python@v3
-      with:
-        python-version: '3.10'
-    - name: Install Dependencies
-      run: |
-        python3 -m pip install --upgrade pip
-        pip install -r requirements.txt
-    - name: Linting API
-      run: |
-        cd api
-        flake8 .
-        cd ..
-    - name: Run Tests
-      env:
-        CLIENT_ID: ${{ secrets.CLIENT_ID }}
-        CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
-        TENANT_ID: ${{ secrets.TENANT_ID }}
-        AD_URL: ${{ secrets.AD_URL }}
-        SECRET_KEY: ${{ secrets.SECRET_KEY }}
-        DB_NAME: ${{ secrets.DB_NAME }}
-        DB_USER: ${{ secrets.DB_USER }}
-        DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
-        DB_HOST: ${{ secrets.DB_HOST }}
-        DB_PORT: ${{ secrets.DB_PORT }}
-        DB_ENGINE: ${{secrets.DB_ENGINE}}
-    
-      run: |
-        python manage.py makemigrations api
-        python manage.py migrate api
-        python manage.py test
+      - uses: actions/checkout@v3
+      - name: Set up Python 3.10
+        uses: actions/setup-python@v3
+        with:
+          python-version: "3.10"
+      - name: Install Dependencies
+        run: |
+          python3 -m pip install --upgrade pip
+          pip install -r requirements.txt
+      - name: Linting API
+        run: |
+          cd api
+          flake8 .
+          cd ..
+      - name: Run Tests
+        env:
+          CLIENT_ID: ${{ secrets.CLIENT_ID }}
+          CLIENT_SECRET: ${{ secrets.CLIENT_SECRET }}
+          TENANT_ID: ${{ secrets.TENANT_ID }}
+          AD_URL: ${{ secrets.AD_URL }}
+          SECRET_KEY: ${{ secrets.SECRET_KEY }}
+          DB_NAME: ${{ secrets.DB_NAME }}
+          DB_USER: ${{ secrets.DB_USER }}
+          DB_PASSWORD: ${{ secrets.DB_PASSWORD }}
+          DB_HOST: ${{ secrets.DB_HOST }}
+          DB_PORT: ${{ secrets.DB_PORT }}
+          DB_ENGINE: ${{secrets.DB_ENGINE}}
+
+        run: |
+          python manage.py makemigrations api
+          python manage.py migrate api
+          python manage.py test
diff --git a/api/middleware.py → api/middleware/middleware.py b/api/middleware.py → api/middleware/middleware.py
@@ -3,10 +3,7 @@
 from django.contrib.auth.models import User
 from api.models.gebruiker import Gebruiker
 from api.serializers.gebruiker import GebruikerSerializer
-from api.serializers.template import TemplateSerializer
-from django.core.files import File
 import requests
-import os
 
 URL = "https://graph.microsoft.com/v1.0/me"
 
@@ -62,16 +59,6 @@ def __call__(self, request):
         try:
             Gebruiker.objects.get(pk=request.user.id)
         except Gebruiker.DoesNotExist:
-            directory_path = "api/base_templates"
-            for filename in os.listdir(directory_path):
-                file_path = os.path.join(directory_path, filename)
-                with open(file_path, "rb") as f:
-                    django_file = File(f)
-                    template_data = {"user": request.user.id, "bestand": django_file}
-                    serializer = TemplateSerializer(data=template_data)
-                    if serializer.is_valid():
-                        serializer.save()
-
             gebruiker_post_data = {
                 "user": request.user.id,
                 "subjects": [],
@@ -85,6 +72,7 @@ def __call__(self, request):
 
 
 class DisableCSRFMiddleware(object):
+
     def __init__(self, get_response):
         self.get_response = get_response
 

diff --git a/api/middleware/middleware_lesgever_test.py b/api/middleware/middleware_lesgever_test.py
@@ -0,0 +1,62 @@
+from django.contrib.auth.models import User
+from api.models.gebruiker import Gebruiker
+from api.serializers.gebruiker import GebruikerSerializer
+
+
+
+class AuthenticationUserMiddleware:
+    """
+    Middleware voor authenticatie van gebruikers en het aanmaken van gebruikersindeling.
+
+    Args:
+        get_response (callable): De volgende middleware in de keten.
+
+    Returns:
+        HttpResponse: Een HTTP-response-object.
+
+    Raises:
+        Redirect: Redirect naar de inlog-URL als er geen autorisatiegegevens zijn.
+    """
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+
+        mail = "[email protected]"
+        try:
+            user = User.objects.get(username=mail)
+        except User.DoesNotExist:
+            user = User.objects.create_user(
+                username=mail,
+                email=mail,
+                first_name="Lesgever",
+                last_name="Testing",
+            )
+
+        request.user = user
+
+        try:
+            Gebruiker.objects.get(pk=request.user.id)
+        except Gebruiker.DoesNotExist:
+            gebruiker_post_data = {
+                "user": request.user.id,
+                "subjects": [],
+                "is_lesgever": True,
+            }
+            serializer = GebruikerSerializer(data=gebruiker_post_data)
+            if serializer.is_valid():
+                serializer.save()
+
+        return self.get_response(request)
+
+
+class DisableCSRFMiddleware(object):
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        setattr(request, "_dont_enforce_csrf_checks", True)
+        response = self.get_response(request)
+        return response
diff --git a/api/middleware/middleware_original.py b/api/middleware/middleware_original.py
@@ -0,0 +1,82 @@
+from django.conf import settings
+from django.shortcuts import redirect
+from django.contrib.auth.models import User
+from api.models.gebruiker import Gebruiker
+from api.serializers.gebruiker import GebruikerSerializer
+import requests
+
+URL = "https://graph.microsoft.com/v1.0/me"
+
+
+class AuthenticationUserMiddleware:
+    """
+    Middleware voor authenticatie van gebruikers en het aanmaken van gebruikersindeling.
+
+    Args:
+        get_response (callable): De volgende middleware in de keten.
+
+    Returns:
+        HttpResponse: Een HTTP-response-object.
+
+    Raises:
+        Redirect: Redirect naar de inlog-URL als er geen autorisatiegegevens zijn.
+    """
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        if request.path in ["/oauth2/login", "/oauth2/callback"]:
+            return self.get_response(request)
+
+        if request.user.is_anonymous:
+            authorization = request.headers.get("Authorization")
+            if authorization:
+                headers = {
+                    "Authorization": authorization,
+                    "Content-Type": "application/json",
+                }
+
+                response = requests.get(url=URL, headers=headers)
+                json_data = response.json()
+                mail = json_data.get("mail")
+                first_name = json_data.get("givenName")
+                last_name = json_data.get("surname")
+                try:
+                    user = User.objects.get(username=mail)
+                except User.DoesNotExist:
+                    user = User.objects.create_user(
+                        username=mail,
+                        email=mail,
+                        first_name=first_name,
+                        last_name=last_name,
+                    )
+
+                request.user = user
+            else:
+                return redirect(settings.LOGIN_URL)
+
+        try:
+            Gebruiker.objects.get(pk=request.user.id)
+        except Gebruiker.DoesNotExist:
+            gebruiker_post_data = {
+                "user": request.user.id,
+                "subjects": [],
+                "is_lesgever": False,
+            }
+            serializer = GebruikerSerializer(data=gebruiker_post_data)
+            if serializer.is_valid():
+                serializer.save()
+
+        return self.get_response(request)
+
+
+class DisableCSRFMiddleware(object):
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        setattr(request, "_dont_enforce_csrf_checks", True)
+        response = self.get_response(request)
+        return response
diff --git a/api/middleware/middleware_student_test.py b/api/middleware/middleware_student_test.py
@@ -0,0 +1,62 @@
+from django.contrib.auth.models import User
+from api.models.gebruiker import Gebruiker
+from api.serializers.gebruiker import GebruikerSerializer
+
+
+
+class AuthenticationUserMiddleware:
+    """
+    Middleware voor authenticatie van gebruikers en het aanmaken van gebruikersindeling.
+
+    Args:
+        get_response (callable): De volgende middleware in de keten.
+
+    Returns:
+        HttpResponse: Een HTTP-response-object.
+
+    Raises:
+        Redirect: Redirect naar de inlog-URL als er geen autorisatiegegevens zijn.
+    """
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+
+        mail = "[email protected]"
+        try:
+            user = User.objects.get(username=mail)
+        except User.DoesNotExist:
+            user = User.objects.create_user(
+                username=mail,
+                email=mail,
+                first_name="Student",
+                last_name="Testing",
+            )
+
+        request.user = user
+
+        try:
+            Gebruiker.objects.get(pk=request.user.id)
+        except Gebruiker.DoesNotExist:
+            gebruiker_post_data = {
+                "user": request.user.id,
+                "subjects": [],
+                "is_lesgever": False,
+            }
+            serializer = GebruikerSerializer(data=gebruiker_post_data)
+            if serializer.is_valid():
+                serializer.save()
+
+        return self.get_response(request)
+
+
+class DisableCSRFMiddleware(object):
+
+    def __init__(self, get_response):
+        self.get_response = get_response
+
+    def __call__(self, request):
+        setattr(request, "_dont_enforce_csrf_checks", True)
+        response = self.get_response(request)
+        return response
diff --git a/api/settings.py b/api/settings.py
@@ -52,12 +52,11 @@
     "django.contrib.sessions.middleware.SessionMiddleware",
     "corsheaders.middleware.CorsMiddleware",
     "django.middleware.common.CommonMiddleware",
-    #    "django.middleware.csrf.CsrfViewMiddleware",
-    "api.middleware.DisableCSRFMiddleware",
+    "api.middleware.middleware.DisableCSRFMiddleware",
     "django.contrib.auth.middleware.AuthenticationMiddleware",
     "django.contrib.messages.middleware.MessageMiddleware",
     "django.middleware.clickjacking.XFrameOptionsMiddleware",
-    "api.middleware.AuthenticationUserMiddleware",
+    "api.middleware.middleware.AuthenticationUserMiddleware",
 ]
 
 ROOT_URLCONF = "api.urls"

diff --git a/frontend/frontend/.gitignore b/frontend/frontend/.gitignore
@@ -26,3 +26,4 @@ package-lock.json
 *.sw?
 ./src/authConfig/authSecrets.ts
 ./package-lock.json
+package-lock.json
diff --git a/frontend/frontend/cypress.env.json.example b/frontend/frontend/cypress.env.json.example
@@ -0,0 +1,5 @@
+{
+  "aad_username": "AAD_USERNAME",
+  "aad_password": "AAD_PASSWORD",
+  "aad_name": "AAD_NAME"
+}