Routes updates & Add role to acces admin management (RespoCE & Arbitre)

backend/src/controllers/auth.controller.ts

@@ -2,6 +2,7 @@ import { Request, Response } from 'express';
 import * as auth_service from '../services/auth.service';
 import * as user_service from '../services/user.service';
 import * as email_service from '../services/email.service';
+import * as role_service from '../services/role.service';
 import bigInt from 'big-integer';
 import { Error, Ok, Unauthorized } from '../utils/responses';
 import { decodeToken } from '../utils/token';
@@ -60,8 +61,17 @@ export const handlecasticket = async (req: Request, res: Response) => {
                 if (!id){ Error(res,{ msg: "Pas d'id" }); return;}
 
                 await user_service.updateUserStudent( CASuser.givenName, CASuser.sn, CASuser.email);
+
+                // Récupérer les rôles de l'utilisateur
+                  const userRoles = await role_service.getUserRoles(user.id); // [{ roleId, roleName }]
+
+                  // Ajouter les rôles à l'objet utilisateur
+                  const enrichedUser = {
+                    ...user,
+                    roles: userRoles,
+                  };
 
-                const token = auth_service.generateToken(user);
+                const token = auth_service.generateToken(enrichedUser);
 
 
                 Ok(res, { data: { token } })

backend/src/controllers/role.controller.ts

@@ -134,7 +134,7 @@ export const getUserRoles = async (req: Request, res: Response) => {
         return;
      }
 
-      const userRoles = await role_service.getUserRoles(userId);
+      const userRoles = await role_service.getUserRoles(Number(userId));
       Ok(res,{ data: userRoles });
       return;
     } catch (error) {

backend/src/controllers/team.controller.ts

@@ -117,6 +117,21 @@ export const getTeamUsers = async (req: Request, res: Response) => {
 
 }
 
+export const getAllTeamsWithUsers = async (req: Request, res: Response) => {
+
+    try {
+        const teamUsers = await team_service.getAllTeamsWithUsers();
+        Ok(res,{ data: teamUsers });
+        return;
+        } catch (error) {
+        console.error(error);
+        Error(res,{ msg: "Erreur interne lors de la récupération des utilisateurs avec leurs rôles." });
+        return;
+
+    }
+
+}
+
 export const getTeamFaction = async (req: Request, res: Response) => {
 
     const {teamId} = req.query;

backend/src/database/initdb/initrole.ts

@@ -5,6 +5,7 @@ import { roleSchema } from "../../schemas/Basic/role.schema";
 // Liste des rôles avec leurs descriptions
 const roles = [
     { name: "Animation", description: "Animer, divertir et motiver les CE et les nouveaux étudiants tout au long de la pré-inté et de l’inté." },
+    { name: "Arbitre", description: "Arbitrer les différents défis pendant le semaine d'intégration." },
     { name: "Bouffe", description: "Prévoir, organiser et coordonner tous les repas de l’inté. La bouffe c’est sacré !" },
     { name: "Cahier de vacances", description: "Élaborer le futur cahier de vacances des nouveaux avec des petits exercices et blagues." },
     { name: "Communication & Graphisme", description: "Préparer et gérer toute la communication de l’intégration, créer une charte graphique." },

backend/src/middlewares/auth.middleware.ts

@@ -1,7 +1,5 @@
 import { Request, Response, NextFunction } from "express";
-import jwt, { JwtPayload } from "jsonwebtoken";
 import { Unauthorized } from "../utils/responses"; // Assurez-vous que cette fonction est bien définie
-import { jwtSecret } from "../utils/secret";
 import { decodeToken } from "../utils/token";
 
 

backend/src/middlewares/user.middleware.ts

@@ -1,24 +1,41 @@
-import { Request, Response, NextFunction } from 'express';
-import { Unauthorized } from '../utils/responses';
+import { Request, Response, NextFunction } from "express";
+import { Unauthorized } from "../utils/responses"; // adapte selon ton projet
 
-// Middleware pour vérifier le rôle
-export const checkRole = (requiredRole: string) => {
+export const checkRole = (
+  requiredPermission?: string,
+  requiredRoles?: string[]
+) => {
   return (req: Request, res: Response, next: NextFunction) => {
+    const user = req.user;
 
-    if (!req.user) {
-       Unauthorized(res,{ msg: 'Accès non autorisé' });
-       return;
+    if (!user) {
+      Unauthorized(res, { msg: "Accès non autorisé" });
+      return;
     }
-    const user = req.user
+
     try {
-      if (user.userPermission !== requiredRole && user.userPermission !== 'Admin'){
-         Unauthorized(res,{ msg: 'Accès interdit, rôle insuffisant' });
-         return;
+      const isAdmin = user.userPermission === "Admin";
+
+      const hasPermission =
+        !requiredPermission || user.userPermission === requiredPermission;
+
+      const hasRole =
+        !requiredRoles ||
+        (Array.isArray(user.userRoles) &&
+          user.userRoles.some((role: { roleName: string }) =>
+            requiredRoles.includes(role.roleName)
+          ));
+
+      if (!isAdmin && !(hasPermission || hasRole)) {
+        Unauthorized(res, {
+          msg: "Accès interdit, rôle ou permission insuffisants",
+        });
+        return;
       }
+
       next();
     } catch (err) {
-       Unauthorized(res,{ msg: 'Token invalide ou expiré' });
-       return;
+      Unauthorized(res, { msg: "Token invalide ou expiré" });
     }
   };
-};
+};

backend/src/routes/challenge.routes.ts

@@ -5,14 +5,14 @@ import { checkRole } from "../middlewares/user.middleware";
 const challengeRouter = express.Router();
 
 // Admin routes
-challengeRouter.post("/admin/challenge", checkRole("Admin"), challengeController.createChallenge);
-challengeRouter.delete("/admin/delete", checkRole("Admin"), challengeController.deleteChallenge);
-challengeRouter.put("/admin/updatechallenge", checkRole("Admin"), challengeController.updateChallenge);
-challengeRouter.post("/admin/validate", checkRole("Admin"), challengeController.validateChallenge);
-challengeRouter.post("/admin/unvalidate", checkRole("Admin"), challengeController.unvalidateChallenge);
-challengeRouter.get("/admin/challenges", checkRole("Admin"), challengeController.getAllChallenges);
-challengeRouter.get("/admin/validatedchallenges", checkRole("Admin"), challengeController.getValidatedChallenges);
-challengeRouter.post("/admin/assignpoints", checkRole("Admin"), challengeController.addPointsToFaction); 
+challengeRouter.post("/admin/challenge", checkRole("Admin", ["Arbitre"]), challengeController.createChallenge);
+challengeRouter.delete("/admin/delete", checkRole("Admin", ["Arbitre"]), challengeController.deleteChallenge);
+challengeRouter.put("/admin/updatechallenge", checkRole("Admin",["Arbitre"]), challengeController.updateChallenge);
+challengeRouter.post("/admin/validate", checkRole("Admin", ["Arbitre"]), challengeController.validateChallenge);
+challengeRouter.post("/admin/unvalidate",checkRole("Admin", ["Arbitre"]), challengeController.unvalidateChallenge);
+challengeRouter.get("/admin/challenges", checkRole("Admin", ["Arbitre"]), challengeController.getAllChallenges);
+challengeRouter.get("/admin/validatedchallenges", checkRole("Admin", ["Arbitre"]), challengeController.getValidatedChallenges);
+challengeRouter.post("/admin/assignpoints", checkRole("Admin", ["Arbitre"]), challengeController.addPointsToFaction); 
 
 
 // User routes

backend/src/routes/email.routes.ts

@@ -5,7 +5,7 @@ import { checkRole } from '../middlewares/user.middleware';
 
 const emailRouter = express.Router();
 
-emailRouter.post('/admin/sendemail', checkRole("Admin"), emailController.handleSendEmail);
-emailRouter.post('/admin/previewemail', checkRole("Admin"), emailController.handlePreviewEmail);
+emailRouter.post('/admin/sendemail', checkRole("Admin",[]), emailController.handleSendEmail);
+emailRouter.post('/admin/previewemail', checkRole("Admin",[]), emailController.handlePreviewEmail);
 
 export default emailRouter;

backend/src/routes/event.routes.ts

@@ -6,12 +6,12 @@ import { authenticateUser } from '../middlewares/auth.middleware';
 const eventRouter = express.Router();
 
 // User routes
-eventRouter.get("/user/shotgunstatus",checkRole("Student"), eventController.checkShotgunStatus);
-eventRouter.get("/user/preregisterstatus",checkRole("Student"), eventController.checkPreRegisterStatus);
-eventRouter.post("/user/shotgunattempt",checkRole("Student"), eventController.shotgunAttempt);
+eventRouter.get("/user/shotgunstatus",checkRole("Student",[]), eventController.checkShotgunStatus);
+eventRouter.get("/user/preregisterstatus",checkRole("Student",[]), eventController.checkPreRegisterStatus);
+eventRouter.post("/user/shotgunattempt",checkRole("Student",[]), eventController.shotgunAttempt);
 
 // Admin routes
-eventRouter.post("/admin/shotguntoggle",checkRole("Admin"),eventController.toggleShotgun);
-eventRouter.post("/admin/preregistrationtoggle",checkRole("Admin"), eventController.togglePreRegistration);
+eventRouter.post("/admin/shotguntoggle",checkRole("Admin",[]),eventController.toggleShotgun);
+eventRouter.post("/admin/preregistrationtoggle",checkRole("Admin",[]), eventController.togglePreRegistration);
 
 export default eventRouter;

backend/src/routes/export.routes.ts

@@ -5,7 +5,7 @@ import { checkRole } from '../middlewares/user.middleware';
 const exportRouter = express.Router();
 
 // Route d'inscription
-exportRouter.post('/admin/export',checkRole("Admin"), exportController.exportAllDataToSheets)
+exportRouter.post('/admin/export',checkRole("Admin",[]), exportController.exportAllDataToSheets)
 
 
 

backend/src/routes/faction.routes.ts

@@ -6,10 +6,10 @@ const factionRouter = express.Router();
 
 
 // Admin routes
-factionRouter.get("/admin/factions",checkRole("Admin") ,factionController.getFactions);
-factionRouter.get("/admin/faction",checkRole("Admin") ,factionController.getFaction);
-factionRouter.post("/admin/createfaction",checkRole("Admin") ,factionController.createFaction);
-factionRouter.delete("/admin/deletefaction",checkRole("Admin") ,factionController.deleteFaction);
+factionRouter.get("/admin/factions",checkRole("Admin", ["Respo CE", "Arbitre"]) ,factionController.getFactions);
+factionRouter.get("/admin/faction",checkRole("Admin", ["Respo CE"]) ,factionController.getFaction);
+factionRouter.post("/admin/createfaction",checkRole("Admin", ["Respo CE"]) ,factionController.createFaction);
+factionRouter.delete("/admin/deletefaction",checkRole("Admin", ["Respo CE"]) ,factionController.deleteFaction);
 
 //Student Routes
 factionRouter.get("/user/factions",factionController.getFactions);

backend/src/routes/news.routes.ts

@@ -5,11 +5,11 @@ import { checkRole } from "../middlewares/user.middleware";
 const newsRouter = express.Router();
 
 //Admin routes
-newsRouter.post("/admin/createnews",checkRole("Admin"),  newsController.createNews);
-newsRouter.get("/admin/all",checkRole("Admin"), newsController.listAllNews);
-newsRouter.post("/admin/publish",checkRole("Admin") , newsController.publishNews);
-newsRouter.delete("/admin/deletenews",checkRole("Admin") ,newsController.deleteNews);
-newsRouter.put("/admin/updatenews", checkRole("Admin"), newsController.updateNews);
+newsRouter.post("/admin/createnews",checkRole("Admin",[]),  newsController.createNews);
+newsRouter.get("/admin/all",checkRole("Admin",[]), newsController.listAllNews);
+newsRouter.post("/admin/publish",checkRole("Admin",[]) , newsController.publishNews);
+newsRouter.delete("/admin/deletenews",checkRole("Admin",[]) ,newsController.deleteNews);
+newsRouter.put("/admin/updatenews", checkRole("Admin",[]), newsController.updateNews);
 
 //User routes
 newsRouter.get("/user/published", newsController.listPublishedNews);

backend/src/routes/permanences.routes.ts

@@ -7,22 +7,22 @@ const permanenceRouter = express.Router();
 const upload = multer({ dest: "uploads/" });
 
 // Admin routes
-permanenceRouter.post("/admin/permanence", checkRole("Admin"), permanenceController.createPermanence);
-permanenceRouter.delete("/admin/permanence", checkRole("Admin"), permanenceController.deletePermanence);
-permanenceRouter.post("/admin/updatepermanence", checkRole("Admin"), permanenceController.updatePermanence);
-permanenceRouter.post("/admin/open", checkRole("Admin"), permanenceController.openPermanence);
-permanenceRouter.post("/admin/close", checkRole("Admin"), permanenceController.closePermanence);
-permanenceRouter.get("/admin/permanences", checkRole("Admin"), permanenceController.getAllPermanences);
-permanenceRouter.get("/admin/users", checkRole("Admin"), permanenceController.getUsersInPermanence);
-permanenceRouter.post("/admin/add", checkRole("Admin"), permanenceController.addUserToPermanence);
-permanenceRouter.post("/admin/remove", checkRole("Admin"), permanenceController.removeUserToPermanence);
-permanenceRouter.post("/admin/importpermanences",checkRole("Admin"), upload.single("file"), permanenceController.uploadPermanencesCSV);
+permanenceRouter.post("/admin/permanence", checkRole("Admin",[]), permanenceController.createPermanence);
+permanenceRouter.delete("/admin/permanence", checkRole("Admin",[]), permanenceController.deletePermanence);
+permanenceRouter.post("/admin/updatepermanence", checkRole("Admin",[]), permanenceController.updatePermanence);
+permanenceRouter.post("/admin/open", checkRole("Admin",[]), permanenceController.openPermanence);
+permanenceRouter.post("/admin/close", checkRole("Admin",[]), permanenceController.closePermanence);
+permanenceRouter.get("/admin/permanences", checkRole("Admin",[]), permanenceController.getAllPermanences);
+permanenceRouter.get("/admin/users", checkRole("Admin",[]), permanenceController.getUsersInPermanence);
+permanenceRouter.post("/admin/add", checkRole("Admin",[]), permanenceController.addUserToPermanence);
+permanenceRouter.post("/admin/remove", checkRole("Admin",[]), permanenceController.removeUserToPermanence);
+permanenceRouter.post("/admin/importpermanences",checkRole("Admin",[]), upload.single("file"), permanenceController.uploadPermanencesCSV);
 
 
 // Student routes
-permanenceRouter.get("/user/permanences", checkRole("Student"), permanenceController.getOpenPermanences);
-permanenceRouter.post("/user/apply", checkRole("Student"), permanenceController.applyToPermanence);
-permanenceRouter.post("/user/leave", checkRole("Student"), permanenceController.leavePermanence);
-permanenceRouter.get("/user/me", checkRole("Student"), permanenceController.getMyPermanences );
+permanenceRouter.get("/user/permanences", checkRole("Student",[]), permanenceController.getOpenPermanences);
+permanenceRouter.post("/user/apply", checkRole("Student",[]), permanenceController.applyToPermanence);
+permanenceRouter.post("/user/leave", checkRole("Student",[]), permanenceController.leavePermanence);
+permanenceRouter.get("/user/me", checkRole("Student",[]), permanenceController.getMyPermanences );
 
 export default permanenceRouter;

backend/src/routes/role.routes.ts

@@ -11,12 +11,12 @@ roleRouter.get("/user/userpreferences",roleController.getUserPreferences)
 
 
 //Admin routes
-roleRouter.get("/admin/getroles", checkRole("Admin"), roleController.getRoles)
-roleRouter.get("/admin/userbyrolehandler/:roleName", checkRole("Admin"), roleController.getUsersByRoleHandler)
-roleRouter.get("/admin/userswithroles", checkRole("Admin"), roleController.getUsersWithRoles)
-roleRouter.get("/admin/getusersroles", checkRole("Admin"), roleController.getUserRoles)
-roleRouter.post("/admin/addroletouser", checkRole("Admin"), roleController.addRoleToUser)
-roleRouter.delete("/admin/deleteroletouser", checkRole("Admin"), roleController.deleteRoleToUser)
+roleRouter.get("/admin/getroles", checkRole("Admin",[]), roleController.getRoles)
+roleRouter.get("/admin/userbyrolehandler/:roleName", checkRole("Admin",[]), roleController.getUsersByRoleHandler)
+roleRouter.get("/admin/userswithroles", checkRole("Admin",[]), roleController.getUsersWithRoles)
+roleRouter.get("/admin/getusersroles", checkRole("Admin",[]), roleController.getUserRoles)
+roleRouter.post("/admin/addroletouser", checkRole("Admin",[]), roleController.addRoleToUser)
+roleRouter.delete("/admin/deleteroletouser", checkRole("Admin",[]), roleController.deleteRoleToUser)
 
 
 export default roleRouter;

backend/src/routes/team.routes.ts

@@ -7,17 +7,18 @@ const teamRouter = express.Router();
 
 
 //User routes
-teamRouter.post("/user/create",checkRole("Student") ,teamController.createNewTeam);
+teamRouter.post("/user/create",checkRole("Student", []) ,teamController.createNewTeam);
 
 //Admin Routes
-teamRouter.post("/admin/createlight",checkRole("Admin") ,teamController.createNewTeamLight);
-teamRouter.get("/admin/teams",checkRole("Admin") ,teamController.getTeams);
-teamRouter.get("/admin/teamswithfactions",checkRole("Admin") ,teamController.getTeamsWithfactions);
-teamRouter.get("/admin/teamfaction",checkRole("Admin") ,teamController.getTeamFaction);
-teamRouter.put("/admin/modify",checkRole("Admin") ,teamController.modifyTeam);
-teamRouter.get("/admin/teamusers",checkRole("Admin") ,teamController.getTeamUsers);
-teamRouter.delete("/admin/delete",checkRole("Admin") ,teamController.deleteTeam);
-teamRouter.post('/admin/distributeteam',checkRole("Admin"), teamController.teamDistribution);
+teamRouter.post("/admin/createlight",checkRole("Admin", ["Respo CE"]) ,teamController.createNewTeamLight);
+teamRouter.get("/admin/teams",checkRole("Admin", ["Respo CE", "Arbitre"]) ,teamController.getTeams);
+teamRouter.get("/admin/teamswithfactions",checkRole("Admin", ["Respo CE"]) ,teamController.getTeamsWithfactions);
+teamRouter.get("/admin/teamfaction",checkRole("Admin", ["Respo CE"]) ,teamController.getTeamFaction);
+teamRouter.get("/admin/teamswithusers",checkRole("Admin", ["Respo CE"]) ,teamController.getAllTeamsWithUsers);
+teamRouter.put("/admin/modify",checkRole("Admin", ["Respo CE"]) ,teamController.modifyTeam);
+teamRouter.get("/admin/teamusers",checkRole("Admin", ["Respo CE"]) ,teamController.getTeamUsers);
+teamRouter.delete("/admin/delete",checkRole("Admin", ["Respo CE"]) ,teamController.deleteTeam);
+teamRouter.post('/admin/distributeteam',checkRole("Admin", []), teamController.teamDistribution);
 
 
 export default teamRouter;

backend/src/routes/user.routes.ts

@@ -6,17 +6,17 @@ import { checkRole } from '../middlewares/user.middleware';
 const userRouter = express.Router();
 
 // Admin routes
-userRouter.get('/admin/getusersbypermission', checkRole("Admin"), userController.getUsersByPermission);
-userRouter.patch('/admin/user/:userId', checkRole("Admin"), userController.adminUpdateUser);
-userRouter.delete('/admin/user/:userId', checkRole("Admin"), userController.adminDeleteUser);
-userRouter.get('/admin/getusers', checkRole("Admin"), userController.getUsers);
-userRouter.post('/admin/syncnewstudent', checkRole("Admin"), userController.syncNewstudent);
+userRouter.get('/admin/getusersbypermission', checkRole("Admin",[]), userController.getUsersByPermission);
+userRouter.patch('/admin/user/:userId', checkRole("Admin",[]), userController.adminUpdateUser);
+userRouter.delete('/admin/user/:userId', checkRole("Admin",[]), userController.adminDeleteUser);
+userRouter.get('/admin/getusers', checkRole("Admin",[]), userController.getUsersAdmin);
+userRouter.post('/admin/syncnewstudent', checkRole("Admin",[]), userController.syncNewstudent);
 
 
 // User routes
 userRouter.patch('/user/me', authenticateUser, userController.updateProfile);
 userRouter.get('/user/me', authenticateUser, userController.getCurrentUser);
-userRouter.get('/user/getusers', checkRole("Student"), userController.getUsers);
+userRouter.get('/user/getusers', checkRole("Student",[]), userController.getUsers);