MyINPulse-back/src/main/java/enseirb/myinpulse/controller/SharedApi.java

@@ -54,10 +54,10 @@ public class SharedApi {
     /**
      * Endpoint used to get the administrator of a project.
      *
-     * @return a list of all project managed by the current admin user
+     * @return the admin of a project
      */
     @GetMapping("/shared/projects/admin/{projectId}")
-    public Iterable<Administrator> getAdminByProjectId(
+    public Administrator getAdminByProjectId(
             @PathVariable int projectId, @AuthenticationPrincipal Jwt principal) {
         return sharedApiService.getAdminByProjectId(projectId, principal.getClaimAsString("email"));
     }

MyINPulse-back/src/main/java/enseirb/myinpulse/model/Entrepreneur.java

@@ -75,4 +75,8 @@ public class Entrepreneur extends User {
     public void setSneeStatus(boolean statusSnee) {
         this.sneeStatus = sneeStatus;
     }
+
+    public Project getProjectParticipation() {
+        return projectParticipation;
+    }
 }

MyINPulse-back/src/main/java/enseirb/myinpulse/model/Project.java

@@ -93,6 +93,10 @@ public class Project {
         this.projectStatus = projectStatus;
     }
 
+    public Administrator getAdministrator() {
+        return this.projectAdministrator;
+    }
+
     public void setAdministrator(Administrator administrator) {
         this.projectAdministrator = administrator;
     }

MyINPulse-back/src/main/java/enseirb/myinpulse/repository/AdministratorRepository.java

@@ -8,6 +8,8 @@ import org.springframework.data.rest.core.annotation.RepositoryRestResource;
 @RepositoryRestResource
 public interface AdministratorRepository extends JpaRepository<Administrator, Long> {
 
+    //public Administrator findByListProjectIsContaining(Project project);
+
     /* @Query("SELECT a from Administrators a")
     Administrator findAllAdministrator(); */
 

MyINPulse-back/src/main/java/enseirb/myinpulse/repository/EntrepreneurRepository.java

@@ -1,6 +1,7 @@
 package enseirb.myinpulse.repository;
 
 import enseirb.myinpulse.model.Entrepreneur;
+import enseirb.myinpulse.model.Project;
 
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.rest.core.annotation.RepositoryRestResource;
@@ -8,6 +9,8 @@ import org.springframework.data.rest.core.annotation.RepositoryRestResource;
 @RepositoryRestResource
 public interface EntrepreneurRepository extends JpaRepository<Entrepreneur, Long> {
 
+    Iterable<Entrepreneur> getEntrepreneurByProjectParticipation(Project project);
+
     /* @Query("SELECT e from Entrepreneur e")
     Entrepreneur findAllEntrepreneurl(); */
 

MyINPulse-back/src/main/java/enseirb/myinpulse/service/AdminApiService.java

@@ -31,7 +31,7 @@ public class AdminApiService {
     public Iterable<Project> getProjectsOfAdmin(String email) {
         return projectService.getProjectsByAdminId(
                 administratorService.getAdministratorById(
-                        this.userService.getIdUserByEmail(email)));
+                        this.userService.getUserByEmail(email).getIdUser()));
     }
 
     // TODO
@@ -57,7 +57,7 @@ public class AdminApiService {
 
     // TODO: solve todo + test
     public void addNewProject(Project project) {
-        projectService.addNewProject(project); // TODO: how can the user know the ID ?
+        projectService.addNewProject(project); // TODO: how can the front know the ID ?
     }
 
     // TODO

MyINPulse-back/src/main/java/enseirb/myinpulse/service/SharedApiService.java

@@ -1,7 +1,14 @@
 package enseirb.myinpulse.service;
 
 import enseirb.myinpulse.model.*;
+import enseirb.myinpulse.service.database.AdministratorService;
+import enseirb.myinpulse.service.database.EntrepreneurService;
+import enseirb.myinpulse.service.database.ProjectService;
+import enseirb.myinpulse.service.database.UserService;
 
+import org.apache.logging.log4j.LogManager;
+import org.apache.logging.log4j.Logger;
+import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
 import org.springframework.stereotype.Service;
 import org.springframework.web.server.ResponseStatusException;
@@ -9,17 +16,80 @@ import org.springframework.web.server.ResponseStatusException;
 @Service
 public class SharedApiService {
 
+    protected static final Logger logger = LogManager.getLogger();
+
+    private final AdministratorService administratorService;
+    private final UserService userService;
+    private final ProjectService projectService;
+    private final EntrepreneurService entrepreneurService;
+
+    @Autowired
+    SharedApiService(
+            AdministratorService administratorService,
+            UserService userService,
+            ProjectService projectService,
+            EntrepreneurService entrepreneurService) {
+        this.administratorService = administratorService;
+        this.userService = userService;
+        this.projectService = projectService;
+        this.entrepreneurService = entrepreneurService;
+    }
+
+    // TODO: test
+    Boolean isAnAdmin(String mail) {
+        try {
+            long userId = this.userService.getUserByEmail(mail).getIdUser();
+            Administrator a = this.administratorService.getAdministratorById(userId);
+            return true;
+        } catch (ResponseStatusException e) {
+            logger.info(e);
+            return false;
+        }
+    }
+
+    // TODO: test
+    Boolean isAllowedToCheckProject(String mail, long projectId) {
+        if (isAnAdmin(mail)) {
+            return true;
+        }
+        User user = this.userService.getUserByEmail(mail);
+        Entrepreneur entrepreneur = this.entrepreneurService.getEntrepreneurById(user.getIdUser());
+        Project project = this.projectService.getProjectById(projectId);
+        return entrepreneur.getProjectParticipation() == project;
+    }
+
+    // TODO
     public Iterable<SectionCell> getLCSection(
             String projectId, String title, String date, String mail) {
         throw new ResponseStatusException(HttpStatus.NOT_IMPLEMENTED, "Not implemented yet");
     }
 
-    public Iterable<Entrepreneur> getEntrepreneursByProjectId(int projectId, String mail) {
+    // TODO: test, protect via email
-        throw new ResponseStatusException(HttpStatus.NOT_IMPLEMENTED, "Not implemented yet");
+    public Iterable<Entrepreneur> getEntrepreneursByProjectId(long projectId, String mail) {
+        if (!isAllowedToCheckProject(mail, projectId)) {
+            logger.warn(
+                    "User {} tried to check the member of the project {} but is not allowed to.",
+                    mail,
+                    projectId);
+            throw new ResponseStatusException(
+                    HttpStatus.UNAUTHORIZED, "You're not allowed to check this project");
+        }
+        Project project = this.projectService.getProjectById(projectId);
+        return this.entrepreneurService.GetEntrepreneurByProject(project);
     }
 
-    public Iterable<Administrator> getAdminByProjectId(int projectId, String mail) {
+    // TODO: test, protect via email
-        throw new ResponseStatusException(HttpStatus.NOT_IMPLEMENTED, "Not implemented yet");
+    public Administrator getAdminByProjectId(long projectId, String mail) {
+        if (!isAllowedToCheckProject(mail, projectId)) {
+            logger.warn(
+                    "User {} tried to check the admin of the project {} but is not allowed to.",
+                    mail,
+                    projectId);
+            throw new ResponseStatusException(
+                    HttpStatus.UNAUTHORIZED, "You're not allowed to check this project");
+        }
+        Project project = this.projectService.getProjectById(projectId);
+        return project.getAdministrator();
     }
 
     public Iterable<Appointment> getAppointmentsByProjectId(int projectId, String mail) {

MyINPulse-back/src/main/java/enseirb/myinpulse/service/database/AdministratorService.java

@@ -40,4 +40,10 @@ public class AdministratorService {
     public Administrator addAdministrator(Administrator administrator) {
         return this.administratorRepository.save(administrator);
     }
+
+    /*
+    public Administrator getAdministratorByProject(Project project) {
+        r
+    }
+     */
 }

MyINPulse-back/src/main/java/enseirb/myinpulse/service/database/EntrepreneurService.java

@@ -1,28 +1,30 @@
-package enseirb.myinpulse.service.database.old_controllers_to_convert_to_services;
+package enseirb.myinpulse.service.database;
 
 import enseirb.myinpulse.model.Entrepreneur;
+import enseirb.myinpulse.model.Project;
 import enseirb.myinpulse.repository.EntrepreneurRepository;
 
-import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.HttpStatus;
+import org.springframework.stereotype.Service;
 import org.springframework.web.bind.annotation.*;
 import org.springframework.web.server.ResponseStatusException;
 
 import java.util.Optional;
 
-@RestController
+@Service
-public class EntrepreneurController {
+public class EntrepreneurService {
 
-    @Autowired EntrepreneurRepository entrepreneurRepository;
+    private final EntrepreneurRepository entrepreneurRepository;
 
-    @GetMapping("/Entrepreneur")
+    EntrepreneurService(EntrepreneurRepository entrepreneurRepository) {
-    @ResponseBody
+        this.entrepreneurRepository = entrepreneurRepository;
-    public Iterable<Entrepreneur> allEntrepreneurs() {
+    }
+
+    public Iterable<Entrepreneur> getAllEntrepreneurs() {
         return this.entrepreneurRepository.findAll();
     }
 
-    @GetMapping("/Entrepreneur/{id}")
+    public Entrepreneur getEntrepreneurById(Long id) {
-    public Entrepreneur getEntrepreneurById(@PathVariable Long id) {
         Optional<Entrepreneur> entrepreneur = entrepreneurRepository.findById(id);
         if (entrepreneur.isEmpty()) {
             throw new ResponseStatusException(
@@ -31,14 +33,12 @@ public class EntrepreneurController {
         return entrepreneur.get();
     }
 
-    @PostMapping("/Entrepreneur")
+    public Entrepreneur addEntrepreneur(Entrepreneur entrepreneur) {
-    public Entrepreneur addEntrepreneur(@RequestBody Entrepreneur entrepreneur) {
         return this.entrepreneurRepository.save(entrepreneur);
     }
 
-    @PostMapping("/Entrepreneur/{id}")
     public Entrepreneur updateEntrepreneur(
-            @PathVariable Long id, String school, String course, Boolean sneeStatus) {
+            Long id, String school, String course, Boolean sneeStatus) {
         Optional<Entrepreneur> entrepreneur = entrepreneurRepository.findById(id);
         if (entrepreneur.isEmpty()) {
             throw new ResponseStatusException(
@@ -55,4 +55,8 @@ public class EntrepreneurController {
         }
         return this.entrepreneurRepository.save(entrepreneur.get());
     }
+
+    public Iterable<Entrepreneur> GetEntrepreneurByProject(Project project) {
+        return this.entrepreneurRepository.getEntrepreneurByProjectParticipation(project);
+    }
 }

MyINPulse-back/src/main/java/enseirb/myinpulse/service/database/UserService.java

@@ -26,15 +26,14 @@ public class UserService {
     }
 
     // TODO
-    public long getIdUserByEmail(String email) {
+    public User getUserByEmail(String email) {
         Optional<User> opt_user = this.userRepository.findByPrimaryMail(email);
 
         if (opt_user.isEmpty()) {
             System.err.println("Couldn't find user with email " + email);
             throw new ResponseStatusException(HttpStatus.NOT_FOUND);
         }
-        User user = opt_user.get();
+        return opt_user.get();
-        return user.getIdUser();
     }
 
     public Iterable<User> allUsers() {