fix OTP + improve authentication

pom.xml

@@ -12,7 +12,7 @@
 	</parent>
 	<groupId>org.esupportail</groupId>
 	<artifactId>esup-signature</artifactId>
-	<version>1.6-SNAPSHOT</version>
+	<version>1.6.1-SNAPSHOT</version>
 	<name>esup-signature</name>
 	<properties>
 		<start-class>org.esupportail.esupsignature.EsupSignatureApplication</start-class>
@@ -135,7 +135,7 @@
 		<dependency>
 		   <groupId>org.webjars</groupId>
 		   <artifactId>popper.js</artifactId>
-		   <version>2.0.2</version>
+		   <version>2.5.4</version>
 		</dependency>
 
 		<!-- https://mvnrepository.com/artifact/org.webjars.npm/pdfjs-dist -->
@@ -205,6 +205,12 @@
 			<version>4.17.47</version>
 		</dependency>
 
+		<dependency>
+			<groupId>org.webjars.bower</groupId>
+			<artifactId>bootbox.js</artifactId>
+			<version>5.3.2</version>
+		</dependency>
+
 		<dependency>
 			<groupId>org.webjars</groupId>
 			<artifactId>summernote</artifactId>

src/main/java/org/esupportail/esupsignature/config/GlobalProperties.java

@@ -10,6 +10,9 @@
 @ConfigurationProperties(prefix="global")
 public class GlobalProperties implements Cloneable {
 
+    /**
+     * Chemin d'acces à l'application
+     */
     private String rootUrl;
     private String domain;
     private String nexuUrl;
@@ -28,6 +31,16 @@ public class GlobalProperties implements Cloneable {
     private String version = "";
     private String applicationEmail = "[email protected]";
     private int hoursBeforeRefreshNotif = 24;
+    /**
+     * Choisir le fonctionnement des délégations :
+     *  <ul>
+     *      <li>0 : système de délégation désactivé</li>
+     *      <li>1 : le délégué ne peut signer qu'avec sa propre signature</li>
+     *      <li>2 : le délégué ne peut signer qu'avec la signature du mandant</li>
+     *      <li>2 : le mandant ne peut choisir la signature du délégué</li>
+     *  </ul>
+     */
+    private int shareMode = 0;
 
     public String getRootUrl() {
         return rootUrl;
@@ -172,4 +185,12 @@ public int getHoursBeforeRefreshNotif() {
     public void setHoursBeforeRefreshNotif(int hoursBeforeRefreshNotif) {
         this.hoursBeforeRefreshNotif = hoursBeforeRefreshNotif;
     }
+
+    public int getShareMode() {
+        return shareMode;
+    }
+
+    public void setShareMode(int shareMode) {
+        this.shareMode = shareMode;
+    }
 }

src/main/java/org/esupportail/esupsignature/config/security/WebSecurityConfig.java

@@ -105,8 +105,8 @@ private void setAuthorizeRequests(HttpSecurity http) throws Exception {
 		http.authorizeRequests()
 				.antMatchers("/").permitAll()
 				.antMatchers("/admin/", "/admin/**").access("hasRole('ROLE_ADMIN')")
-				.antMatchers("/user/", "/user/**").access("hasRole('ROLE_USER')")
-				.antMatchers("/sse/", "/sse/**").access("hasRole('ROLE_USER')")
+				.antMatchers("/user/", "/user/**").access("hasAnyRole('ROLE_USER', 'ROLE_OTP')")
+				.antMatchers("/sse/", "/sse/**").access("hasAnyRole('ROLE_USER', 'ROLE_OTP')")
 				.antMatchers("/public/", "/public/**").permitAll()
 				.antMatchers("/h2-console/**").access("hasRole('ROLE_ADMIN')")
 				.antMatchers("/webjars/**").permitAll();

src/main/java/org/esupportail/esupsignature/config/security/otp/OtpAuthenticationProvider.java

@@ -15,9 +15,9 @@ public class OtpAuthenticationProvider implements AuthenticationProvider {
     public Authentication authenticate(Authentication authentication) throws AuthenticationException {
         String name = authentication.getName();
         String password = authentication.getCredentials().toString();
-        SimpleGrantedAuthority authority = new SimpleGrantedAuthority("ROLE_OTP");
         List<SimpleGrantedAuthority> simpleGrantedAuthorities = new ArrayList<>();
-        simpleGrantedAuthorities.add(authority);
+        simpleGrantedAuthorities.add(new SimpleGrantedAuthority("ROLE_OTP"));
+//        simpleGrantedAuthorities.add(new SimpleGrantedAuthority("ROLE_USER"));
         return new UsernamePasswordAuthenticationToken(name, password, simpleGrantedAuthorities);
     }
 

src/main/java/org/esupportail/esupsignature/config/sms/SmsConfig.java

@@ -1,6 +1,6 @@
 package org.esupportail.esupsignature.config.sms;
 
-import org.esupportail.esupsignature.service.utils.sms.SmsService;
+import org.esupportail.esupsignature.service.interfaces.sms.SmsService;
 import org.springframework.boot.context.properties.EnableConfigurationProperties;
 import org.springframework.context.annotation.Bean;
 import org.springframework.context.annotation.Configuration;

src/main/java/org/esupportail/esupsignature/dss/config/DSSBeanConfig.java

@@ -156,14 +156,13 @@ public OnlineOCSPSource onlineOcspSource() {
 	public KeyStoreCertificateSource ojContentKeyStore() throws IOException {
 		File keystoreFile = new File(dssProperties.getKsFilename());
 		KeyStoreCertificateSource keyStoreCertificateSource = null;
-		if(!keystoreFile.exists()) {
-			log.info("creating oj file in " + keystoreFile.getAbsolutePath());
-			if(keystoreFile.createNewFile()) {
-				keyStoreCertificateSource = new KeyStoreCertificateSource((InputStream) null, dssProperties.getKsType(), dssProperties.getKsPassword());
-			}
-		} else {
-			log.info("using exising oj file " + keystoreFile.getAbsolutePath());
-			keyStoreCertificateSource = new KeyStoreCertificateSource(keystoreFile, dssProperties.getKsType(), dssProperties.getKsPassword());
+		if(keystoreFile.exists()) {
+			log.info("delete old oj file");
+			keystoreFile.delete();
+		}
+		log.info("creating oj file in " + keystoreFile.getAbsolutePath());
+		if(keystoreFile.createNewFile()) {
+			keyStoreCertificateSource = new KeyStoreCertificateSource((InputStream) null, dssProperties.getKsType(), dssProperties.getKsPassword());
 		}
 		return keyStoreCertificateSource;
 	}

src/main/java/org/esupportail/esupsignature/entity/User.java

@@ -31,6 +31,7 @@ public class User {
     private String email;
 
     @ElementCollection
+    @JsonIgnore
     private Map<UiParams, String> uiParams = new LinkedHashMap<>();
 
     private String formMessages = "";
@@ -55,6 +56,9 @@ public class User {
     @Transient
     private String signImageBase64;
 
+    @Transient
+    private Long userShareId;
+
     @JsonIgnore
     @OneToOne(fetch = FetchType.LAZY, cascade = CascadeType.REMOVE, orphanRemoval = true)
     private Document keystore = new Document();
@@ -193,7 +197,15 @@ public void setSignImageBase64(String signImageBase64) {
         this.signImageBase64 = signImageBase64;
     }
 
-	public Document getKeystore() {
+    public Long getUserShareId() {
+        return userShareId;
+    }
+
+    public void setUserShareId(Long userShareId) {
+        this.userShareId = userShareId;
+    }
+
+    public Document getKeystore() {
         return this.keystore;
     }
 

src/main/java/org/esupportail/esupsignature/entity/UserPropertie.java

@@ -3,8 +3,7 @@
 import org.springframework.beans.factory.annotation.Configurable;
 
 import javax.persistence.*;
-import java.util.ArrayList;
-import java.util.List;
+import java.util.*;
 
 @Entity
 @Configurable
@@ -14,18 +13,11 @@ public class UserPropertie {
     @GeneratedValue(strategy = GenerationType.AUTO)
     private Long id;
 
-    private Integer score = 0;
-
     @ManyToOne(fetch = FetchType.LAZY)
     private User user;
 
-    @ManyToOne(fetch = FetchType.LAZY)
-    private WorkflowStep workflowStep;
-
-    @ManyToMany
-    private List<User> users = new ArrayList<>();
-
-    private String targetEmail;
+    @ElementCollection
+    private Map<User, Date> favorites = new HashMap<>();
 
     public Long getId() {
         return this.id;
@@ -35,14 +27,6 @@ public void setId(Long id) {
         this.id = id;
     }
 
-    public Integer getScore() {
-        return score;
-    }
-
-    public void setScore(Integer score) {
-        this.score = score;
-    }
-
     public User getUser() {
         return user;
     }
@@ -51,27 +35,11 @@ public void setUser(User user) {
         this.user = user;
     }
 
-    public WorkflowStep getWorkflowStep() {
-        return workflowStep;
-    }
-
-    public void setWorkflowStep(WorkflowStep workflowStep) {
-        this.workflowStep = workflowStep;
-    }
-
-    public List<User> getUsers() {
-        return users;
-    }
-
-    public void setUsers(List<User> users) {
-        this.users = users;
-    }
-
-    public String getTargetEmail() {
-        return targetEmail;
+    public Map<User, Date> getFavorites() {
+        return favorites;
     }
 
-    public void setTargetEmail(String targetEmail) {
-        this.targetEmail = targetEmail;
+    public void setFavorites(Map<User, Date> users) {
+        this.favorites = users;
     }
 }

src/main/java/org/esupportail/esupsignature/entity/UserShare.java

@@ -20,12 +20,16 @@ public class UserShare {
     @ManyToMany
     private List<User> toUsers = new ArrayList<>();
 
+    private Boolean signWithOwnSign = true;
+
     @ManyToOne(fetch = FetchType.LAZY)
     private Form form;
 
     @ManyToOne(fetch = FetchType.LAZY)
     private Workflow workflow;
 
+    private Boolean allSignRequests = false;
+
     @Temporal(TemporalType.TIMESTAMP)
     private Date beginDate;
 
@@ -59,6 +63,15 @@ public void setToUsers(List<User> toUsers) {
         this.toUsers = toUsers;
     }
 
+
+    public Boolean getSignWithOwnSign() {
+        return signWithOwnSign;
+    }
+
+    public void setSignWithOwnSign(Boolean signWithOwnSign) {
+        this.signWithOwnSign = signWithOwnSign;
+    }
+
     public Form getForm() {
         return form;
     }
@@ -75,6 +88,14 @@ public void setWorkflow(Workflow workflow) {
         this.workflow = workflow;
     }
 
+    public Boolean getAllSignRequests() {
+        return allSignRequests;
+    }
+
+    public void setAllSignRequests(Boolean all) {
+        this.allSignRequests = all;
+    }
+
     public Date getBeginDate() {
         return beginDate;
     }

src/main/java/org/esupportail/esupsignature/repository/SignBookRepository.java

@@ -6,13 +6,16 @@
 import org.esupportail.esupsignature.repository.custom.SignBookRepositoryCustom;
 import org.springframework.data.jpa.repository.Query;
 import org.springframework.data.repository.CrudRepository;
+import org.springframework.data.repository.query.Param;
 
 import java.util.List;
 
 public interface SignBookRepository extends CrudRepository<SignBook, Long>, SignBookRepositoryCustom {
     List<SignBook> findByName(String name);
     List<SignBook> findByCreateByEppn(String createByEppn);
     List<SignBook> findByStatus(SignRequestStatus signRequestStatus);
+    @Query("select count(s.id) from SignBook s join s.liveWorkflow.currentStep.recipients r where s.status = 'pending' and r.user.eppn = :recipientUserEppn and r.signed is false")
+    Long countByRecipientUserToSign(@Param("recipientUserEppn") String recipientUserEppn);
     @Query("select s from SignBook s where s.status = :signRequestStatus and s.liveWorkflow.documentsTargetUri is not null")
     List<SignBook> findByStatusAndDocumentsTargetUriIsNotNull(SignRequestStatus signRequestStatus);
     @Query("select s from SignBook s where s.status = :signRequestStatus and s.liveWorkflow.workflow.id = :workflowId")

src/main/java/org/esupportail/esupsignature/repository/UserPropertieRepository.java

@@ -1,16 +1,8 @@
 package org.esupportail.esupsignature.repository;
 
-import org.esupportail.esupsignature.entity.User;
 import org.esupportail.esupsignature.entity.UserPropertie;
-import org.esupportail.esupsignature.entity.WorkflowStep;
 import org.springframework.data.repository.CrudRepository;
 
-import java.util.List;
-
 public interface UserPropertieRepository extends CrudRepository<UserPropertie, Long>  {
-	List<UserPropertie> findByUserEppn(String userEppn);
-	List<UserPropertie> findByWorkflowStep(WorkflowStep workflowStep);
-	List<UserPropertie> findByUserEppnAndWorkflowStepId(String userEppn, Long workflowStepId);
-	List<UserPropertie> findByUserAndWorkflowStepAndUsersIn(User user, WorkflowStep workflowStep, List<User> users);
-	List<UserPropertie> findByUserAndTargetEmailAndWorkflowStep(User user, String targetEmail, WorkflowStep workflowStep);
+	UserPropertie findByUserEppn(String userEppn);
 }

src/main/java/org/esupportail/esupsignature/repository/UserShareRepository.java

@@ -17,6 +17,7 @@ public interface UserShareRepository extends CrudRepository<UserShare, Long>  {
 	List<UserShare> findByWorkflowId(Long workflowId);
 	List<UserShare> findByFormId(Long formId);
 	List<UserShare> findByUserEppnAndToUsersEppnInAndWorkflowAndShareTypesContains(String userEppn, List<String> toUsers, Workflow workflow, ShareType shareType);
+	List<UserShare> findByUserEppnAndToUsersEppnInAndAllSignRequestsIsTrueAndShareTypesContains(String userEppn, List<String> toUsers,ShareType shareType);
 	List<UserShare> findByUserEppnAndToUsersEppnInAndFormAndShareTypesContains(String userEppn, List<String> toUsers, Form form, ShareType shareType);
 	List<UserShare> findByToUsersEppnInAndShareTypesContains(List<String> toUsers, ShareType shareType);
 }

src/main/java/org/esupportail/esupsignature/service/DataService.java

@@ -44,9 +44,6 @@ public class DataService {
     @Resource
     private PreFillService preFillService;
 
-    @Resource
-    private UserPropertieService userPropertieService;
-
     @Resource
     private SignRequestService signRequestService;
 
@@ -89,8 +86,6 @@ public SignBook sendForSign(Data data, List<String> recipientEmails, List<String
             if (targetEmails == null || targetEmails.size() == 0) {
                 throw new EsupSignatureException("Target email empty");
             }
-            String targetUrl = String.join(",", targetEmails);
-            userPropertieService.createTargetPropertie(user, workflowService.getWorkflowByName(form.getWorkflowType()).getWorkflowSteps().get(0), targetUrl);
         }
         String name = form.getTitle().replaceAll("[\\\\/:*?\"<>|]", "-").replace("\t", "");
         Workflow modelWorkflow = workflowService.getWorkflowByName(data.getForm().getWorkflowType());
@@ -110,7 +105,6 @@ public SignBook sendForSign(Data data, List<String> recipientEmails, List<String
         }
         MultipartFile multipartFile = fileService.toMultipartFile(inputStream, name + ".pdf", "application/pdf");
         signRequestService.addDocsToSignRequest(signRequest, multipartFile);
-        workflowService.saveProperties(user, modelWorkflow, computedWorkflow);
         signBookService.nextWorkFlowStep(signBook);
         if (form.getTargetType() != null && !form.getTargetType().equals(DocumentIOType.none)) {
             signBook.getLiveWorkflow().setTargetType(form.getTargetType());

src/main/java/org/esupportail/esupsignature/service/FormService.java

@@ -142,20 +142,13 @@ public void updateForm(Long id, Form updateForm, List<String> managers, String[]
 		formRepository.save(form);
 	}
 
-
 	public void deleteForm(Long formId) {
 		Form form = formRepository.findById(formId).get();
 		List<UserShare> userShares = userShareService.getUserSharesByForm(form);
 		for(UserShare userShare : userShares) {
 			userShareService.delete(userShare);
 		}
 		dataService.nullifyForm(form);
-		for (WorkflowStep workflowStep : workflowService.getWorkflowByName(form.getWorkflowType()).getWorkflowSteps()) {
-			List<UserPropertie> userProperties = userPropertieService.getByWorkflowStep(workflowStep);
-			for(UserPropertie userPropertie : userProperties) {
-				userPropertieService.delete(userPropertie);
-			}
-		}
 		formRepository.delete(form);
 	}
 

src/main/java/org/esupportail/esupsignature/service/SignBookService.java

@@ -510,5 +510,9 @@ public List<SignBook> getByLiveWorkflowAndStatus(LiveWorkflow liveWorkflow, Sign
         return signBookRepository.findByLiveWorkflowAndStatus(liveWorkflow, signRequestStatus);
     }
 
+    public Long nbToSignSignBooks(String userEppn) {
+        return signBookRepository.countByRecipientUserToSign(userEppn);
+    }
+
 
 }