Feature/better testable code

.gitignore

@@ -35,3 +35,4 @@ out/
 
 ### VS Code ###
 .vscode/
+backend/app/data/*

backend/app/build.gradle

@@ -33,8 +33,10 @@ dependencies {
 	implementation 'com.auth0:jwks-rsa:0.18.0'
 	implementation 'javax.servlet:javax.servlet-api:4.0.1'
 	implementation 'org.springframework.boot:spring-boot-starter-data-jpa'
+	implementation 'org.apache.tika:tika-core:1.27'
 	runtimeOnly 'org.postgresql:postgresql'
 
+
 	implementation "org.springframework.boot:spring-boot-devtools"
 	testImplementation 'org.springframework.boot:spring-boot-starter-test'
 	testImplementation 'org.springframework.security:spring-security-test'

backend/app/src/main/java/com/ugent/pidgeon/config/JwtAuthenticationFilter.java → backend/app/src/main/java/com/ugent/pidgeon/auth/JwtAuthenticationFilter.java

@@ -1,4 +1,4 @@
-package com.ugent.pidgeon.config;
+package com.ugent.pidgeon.auth;
 
 import com.auth0.jwk.Jwk;
 import com.auth0.jwk.JwkException;
@@ -10,6 +10,10 @@
 import com.auth0.jwt.interfaces.DecodedJWT;
 import com.ugent.pidgeon.model.Auth;
 import com.ugent.pidgeon.model.User;
+import jakarta.servlet.FilterChain;
+import jakarta.servlet.ServletException;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
 import org.springframework.http.HttpStatus;
 import org.springframework.security.core.context.SecurityContextHolder;
 import org.springframework.util.StringUtils;
@@ -22,13 +26,20 @@
 import java.util.ArrayList;
 import java.util.List;
 
+/**
+ * This class extends OncePerRequestFilter to provide a filter that decodes and verifies JWT tokens.
+ * It uses JwkProvider to fetch the public key for verification.
+ */
 public class JwtAuthenticationFilter extends OncePerRequestFilter {
+    // JwkProvider instance to fetch the public key for JWT verification
     private JwkProvider provider;
 
-
-
-    public JwtAuthenticationFilter(String tenantId)
-    {
+    /**
+     * Constructor for JwtAuthenticationFilter.
+     * It initializes the JwkProvider with the URL of the public key.
+     * @param tenantId the tenantId used to construct the URL of the public key
+     */
+    public JwtAuthenticationFilter(String tenantId) {
         try {
             logger.info("tenantId: " + tenantId);
             provider = new UrlJwkProvider(new URL("https://login.microsoftonline.com/"+tenantId+"/discovery/v2.0/keys"));
@@ -38,17 +49,27 @@ public JwtAuthenticationFilter(String tenantId)
     }
 
 
+    /**
+     * This method is called for every request to filter requests based on JWT token.
+     * It decodes the JWT token from the Authorization header, verifies it, and sets the authentication in the SecurityContext.
+     * If the JWT token is not present or invalid, it sets the response status to UNAUTHORIZED.
+     * @param request HttpServletRequest that is being processed
+     * @param response HttpServletResponse that is being created
+     * @param filterChain FilterChain for calling the next filter
+     * @throws jakarta.servlet.ServletException in case of errors
+     * @throws IOException in case of I/O errors
+     */
     @Override
-    protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request, jakarta.servlet.http.HttpServletResponse response, jakarta.servlet.FilterChain filterChain) throws jakarta.servlet.ServletException, IOException {
+    public void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
         logger.info(request.getRequestURL().toString());
 
         String bearerToken = request.getHeader("Authorization");
         if (StringUtils.hasText(bearerToken) && bearerToken.startsWith("Bearer ")) {
             String token = bearerToken.substring(7);
 
             DecodedJWT jwt = JWT.decode(token);
-            Jwk jwk =null;
-            Algorithm algorithm=null;
+            Jwk jwk;
+            Algorithm algorithm;
 
             try {
                 jwk = provider.get(jwt.getKeyId());
@@ -60,14 +81,13 @@ protected void doFilterInternal(jakarta.servlet.http.HttpServletRequest request,
                 String firstName = jwt.getClaim("given_name").asString();
                 String lastName = jwt.getClaim("family_name").asString();
                 String email = jwt.getClaim("unique_name").asString();
-                List<String> groups = jwt.getClaim("groups").asList(String.class);
                 String oid = jwt.getClaim("oid").asString();
 
                 // print full object
-                //logger.info(jwt.getClaims());
+                // logger.info(jwt.getClaims());
 
 
-                User user = new User(displayName, firstName,lastName, email, groups, oid);
+                User user = new User(displayName, firstName,lastName, email, oid);
 
                 Auth authUser = new Auth(user, new ArrayList<>());
                 SecurityContextHolder.getContext().setAuthentication(authUser);

backend/app/src/main/java/com/ugent/pidgeon/auth/Roles.java

@@ -0,0 +1,14 @@
+package com.ugent.pidgeon.auth;
+
+import com.ugent.pidgeon.postgre.models.types.UserRole;
+
+import java.lang.annotation.ElementType;
+import java.lang.annotation.Retention;
+import java.lang.annotation.RetentionPolicy;
+import java.lang.annotation.Target;
+
+@Target(ElementType.METHOD)
+@Retention(RetentionPolicy.RUNTIME)
+public @interface Roles {
+    UserRole[] value();
+}

backend/app/src/main/java/com/ugent/pidgeon/auth/RolesInterceptor.java

@@ -0,0 +1,80 @@
+package com.ugent.pidgeon.auth;
+
+
+import com.ugent.pidgeon.model.Auth;
+import com.ugent.pidgeon.postgre.models.UserEntity;
+import com.ugent.pidgeon.postgre.models.types.UserRole;
+import com.ugent.pidgeon.postgre.repository.UserRepository;
+import jakarta.servlet.http.HttpServletRequest;
+import jakarta.servlet.http.HttpServletResponse;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.security.core.context.SecurityContextHolder;
+import org.springframework.stereotype.Component;
+import org.springframework.web.method.HandlerMethod;
+import org.springframework.web.servlet.HandlerInterceptor;
+
+import java.sql.Timestamp;
+import java.util.Arrays;
+import java.util.List;
+
+
+/**
+ * This class is a Spring component that implements the HandlerInterceptor interface.
+ * It is used to intercept HTTP requests and perform role-based access control.
+ */
+@Component
+public class RolesInterceptor implements HandlerInterceptor {
+
+    // UserRepository instance for interacting with the user data in the database
+    private final UserRepository userRepository;
+
+    /**
+     * Constructor for RolesInterceptor.
+     * @param userRepository UserRepository instance for interacting with the user data in the database
+     */
+    @Autowired
+    public RolesInterceptor(UserRepository userRepository) {
+        this.userRepository = userRepository;
+    }
+
+    /**
+     * This method is called before the actual handler is executed.
+     * It checks if the handler is a HandlerMethod and if it has a Roles annotation.
+     * If the Roles annotation is present, it checks if the authenticated user has the required role.
+     * If the user does not exist, it creates a new user with the role of 'student'.
+     * If the user does not have the required role, it sends an HTTP 403 error and returns false.
+     * @param request HttpServletRequest that is being processed
+     * @param response HttpServletResponse that is being created
+     * @param handler chosen handler to execute, for type and/or instance evaluation
+     * @return true if the execution chain should proceed with the next interceptor or the handler itself
+     * @throws Exception in case of errors
+     */
+    @Override
+    public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception {
+        if (handler instanceof HandlerMethod handlerMethod) {
+            Roles rolesAnnotation = handlerMethod.getMethodAnnotation(Roles.class);
+            if (rolesAnnotation != null) {
+                List<UserRole> requiredRoles = Arrays.asList(rolesAnnotation.value());
+                Auth auth = (Auth) SecurityContextHolder.getContext().getAuthentication();
+                UserEntity userEntity = userRepository.findUserByAzureId(auth.getOid());
+
+                if(userEntity == null) {
+                    System.out.println("User does not exist, creating new one. user_id: " + auth.getOid());
+                    userEntity = new UserEntity(auth.getUser().firstName,auth.getUser().lastName, auth.getEmail(), UserRole.student, auth.getOid());
+                    Timestamp now = new Timestamp(System.currentTimeMillis());
+                    userEntity.setCreatedAt(now);
+                    userRepository.save(userEntity);
+                    System.out.println("User created with id: " + userEntity.getId());
+
+                }
+                auth.setUserEntity(userEntity);
+
+                if (!requiredRoles.contains(userEntity.getRole()) || userEntity.getRole() == UserRole.admin) {
+                    response.sendError(HttpServletResponse.SC_FORBIDDEN, "User does not have required role");
+                    return false;
+                }
+            }
+        }
+        return true;
+    }
+}

backend/app/src/main/java/com/ugent/pidgeon/config/AuthConfig.java

@@ -1,5 +1,6 @@
 package com.ugent.pidgeon.config;
 
+import com.ugent.pidgeon.auth.JwtAuthenticationFilter;
 import org.springframework.beans.factory.annotation.Value;
 import org.springframework.boot.web.servlet.FilterRegistrationBean;
 import org.springframework.context.annotation.Bean;
@@ -22,7 +23,7 @@ public FilterRegistrationBean<JwtAuthenticationFilter> filterRegistrationBean()
 
         FilterRegistrationBean<JwtAuthenticationFilter> filter = new FilterRegistrationBean<>();
         filter.setFilter(new JwtAuthenticationFilter(tenantId));
-        filter.addUrlPatterns("/api/ietswatiknietwiltesten");
+        filter.addUrlPatterns("/api/*");
         return filter;
     }
 

backend/app/src/main/java/com/ugent/pidgeon/config/WebConfig.java

@@ -1,18 +1,34 @@
 package com.ugent.pidgeon.config;
 
+import com.ugent.pidgeon.auth.RolesInterceptor;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.context.annotation.Configuration;
 import org.springframework.web.servlet.config.annotation.CorsRegistry;
-import org.springframework.web.servlet.config.annotation.ResourceHandlerRegistry;
+import org.springframework.web.servlet.config.annotation.InterceptorRegistry;
 import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
 
 @Configuration
 public class WebConfig implements WebMvcConfigurer {
 
+
+    private final RolesInterceptor rolesInterceptor;
+
+    @Autowired
+    public WebConfig(RolesInterceptor rolesInterceptor) {
+        this.rolesInterceptor = rolesInterceptor;
+    }
+
     @Override
     public void addCorsMappings(CorsRegistry registry) {
         registry.addMapping("/**")
                 .allowedMethods("*")
                 .allowedOrigins("*")
                 .allowedHeaders("*");
     }
+
+
+    @Override
+    public void addInterceptors(InterceptorRegistry registry) {
+        registry.addInterceptor(rolesInterceptor);
+    }
 }

backend/app/src/main/java/com/ugent/pidgeon/controllers/ApiRoutes.java

@@ -0,0 +1,7 @@
+package com.ugent.pidgeon.controllers;
+
+// TODO: Change this to an enum
+public final class ApiRoutes {
+    public static final String USER_BASE_PATH = "/api/user/";
+    public static final String COURSE_BASE_PATH = "/api/course/";
+}

backend/app/src/main/java/com/ugent/pidgeon/controllers/AuthTestController.java

@@ -1,6 +1,8 @@
 package com.ugent.pidgeon.controllers;
+import com.ugent.pidgeon.auth.Roles;
 import com.ugent.pidgeon.model.Auth;
 import com.ugent.pidgeon.model.User;
+import com.ugent.pidgeon.postgre.models.types.UserRole;
 import com.ugent.pidgeon.postgre.repository.UserRepository;
 import jakarta.servlet.http.HttpServletRequest;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -13,7 +15,9 @@ public class AuthTestController {
     @Autowired
     private UserRepository userRepository;
 
+
     @GetMapping("/api/test")
+    @Roles({UserRole.student, UserRole.teacher})
     public User testApi(HttpServletRequest request, Auth auth) {
         return auth.getUser();
     }

backend/app/src/main/java/com/ugent/pidgeon/controllers/FilesubmissiontestController.java

@@ -0,0 +1,109 @@
+package com.ugent.pidgeon.controllers;
+
+import com.ugent.pidgeon.auth.Roles;
+import com.ugent.pidgeon.model.Auth;
+import com.ugent.pidgeon.postgre.models.FileEntity;
+import com.ugent.pidgeon.postgre.models.SubmissionEntity;
+import com.ugent.pidgeon.postgre.models.types.UserRole;
+import com.ugent.pidgeon.postgre.repository.FileRepository;
+import com.ugent.pidgeon.postgre.repository.GroupRepository;
+import com.ugent.pidgeon.postgre.repository.ProjectRepository;
+import com.ugent.pidgeon.postgre.repository.SubmissionRepository;
+import com.ugent.pidgeon.util.Filehandler;
+import org.springframework.beans.factory.annotation.Autowired;
+import org.springframework.core.io.Resource;
+import org.springframework.http.HttpHeaders;
+import org.springframework.http.HttpStatus;
+import org.springframework.http.MediaType;
+import org.springframework.http.ResponseEntity;
+import org.springframework.web.bind.annotation.*;
+import org.springframework.web.multipart.MultipartFile;
+
+import java.nio.file.Path;
+import java.sql.Timestamp;
+
+@RestController
+public class FilesubmissiontestController {
+
+    @Autowired
+    private GroupRepository groupRepository;
+    @Autowired
+    private FileRepository fileRepository;
+    @Autowired
+    private SubmissionRepository submissionRepository;
+    @Autowired
+    private ProjectRepository projectRepository;
+
+    @PostMapping("/project/{projectid}/submit") //Route to submit a file, it accepts a multiform with the file and submissionTime
+    @Roles({UserRole.teacher, UserRole.student})
+    public ResponseEntity<String> submitFile(@RequestParam("file") MultipartFile file, @RequestParam("submissionTime") Timestamp time, @PathVariable("projectid") long projectid,Auth auth) {
+        long userId = auth.getUserEntity().getId();
+        Long groupId = groupRepository.groupIdByProjectAndUser(projectid, userId);
+
+        if (!projectRepository.userPartOfProject(projectid, userId)) {
+            return ResponseEntity.status(HttpStatus.FORBIDDEN).body("You aren't part of this project");
+        }
+        //TODO: executes the tests onces these are implemented
+        try {
+            //Save the file entry in the database to get the id
+            FileEntity fileEntity = new FileEntity("", "", userId);
+            long fileid = fileRepository.save(fileEntity).getId();
+
+            //Save the submission in the database TODO: update the accepted parameter
+            SubmissionEntity submissionEntity = new SubmissionEntity(projectid, groupId, fileid, time, false);
+            SubmissionEntity submission = submissionRepository.save(submissionEntity);
+
+            //Save the file on the server
+            Path path = Filehandler.getSubmissionPath(projectid, groupId, submission.getId());
+            String filename = Filehandler.saveSubmission(path, file);
+
+            //Update name and path for the file entry
+            fileEntity.setName(filename);
+            fileEntity.setPath(path.toString());
+            fileRepository.save(fileEntity);
+
+            return ResponseEntity.ok("File saved");
+        } catch (Exception e) {
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body("Error while saving file: " + e.getMessage());
+        }
+
+    }
+
+    @GetMapping("submissions/{submissionid}")
+    @Roles({UserRole.teacher, UserRole.student})
+    public ResponseEntity<Resource> getSubmission(@PathVariable("submissionid") long submissionid, Auth auth) {
+        long userId = auth.getUserEntity().getId();
+        // Get the submission entry from the database
+        SubmissionEntity submission = submissionRepository.findById(submissionid).orElse(null);
+        if (submission == null) {
+            return ResponseEntity.status(HttpStatus.NOT_FOUND).body(null);
+        }
+
+        if (!groupRepository.userInGroup(submission.getGroupId(), userId)) {
+            return ResponseEntity.status(HttpStatus.FORBIDDEN).body(null);
+        }
+        // Get the file entry from the database
+        FileEntity file = fileRepository.findById(submission.getFileId()).orElse(null);
+        if (file == null) {
+            return ResponseEntity.status(HttpStatus.NOT_FOUND).body(null);
+        }
+
+
+        // Get the file from the server
+        try {
+            Resource zipFile = Filehandler.getSubmissionAsResource(Path.of(file.getPath(), file.getName()));
+
+            // Set headers for the response
+            HttpHeaders headers = new HttpHeaders();
+            headers.add(HttpHeaders.CONTENT_DISPOSITION, "attachment; filename=" + file.getName());
+            headers.add(HttpHeaders.CONTENT_TYPE, "application/zip");
+
+            return ResponseEntity.ok()
+                    .headers(headers)
+                    .contentType(MediaType.APPLICATION_OCTET_STREAM)
+                    .body(zipFile);
+        } catch (Exception e) {
+            return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).body(null);
+        }
+    }
+}