Test

pom.xml

@@ -12,7 +12,7 @@
 	</parent>
 	<groupId>org.esupportail</groupId>
 	<artifactId>esup-signature</artifactId>
-	<version>1.31.1</version>
+	<version>1.31.2</version>
 	<name>esup-signature</name>
 	<properties>
 		<startClass>org.esupportail.esupsignature.EsupSignatureApplication</startClass>
@@ -847,6 +847,7 @@
 					<composeFile>${project.basedir}/src/test/resources/docker-compose.yml</composeFile>
 					<removeOrphans>true</removeOrphans>
 					<detachedMode>true</detachedMode>
+					<removeVolumes>true</removeVolumes>
 					<skip>${skipDockerCompose}</skip>
 				</configuration>
 				<executions>

src/main/java/org/esupportail/esupsignature/entity/Workflow.java

@@ -70,6 +70,9 @@ public class Workflow {
     @ElementCollection(targetClass = String.class, fetch = FetchType.EAGER)
     private Set<String> managers = new HashSet<>();
 
+    @ManyToMany(mappedBy = "workflows")
+    private Set<WsAccessToken> wsAccessTokens = new HashSet<>();
+
     @OrderColumn
     @OneToMany(fetch = FetchType.LAZY, cascade = {CascadeType.REMOVE, CascadeType.DETACH})
     private List<WorkflowStep> workflowSteps = new ArrayList<>();

src/main/java/org/esupportail/esupsignature/entity/WsAccessToken.java

@@ -19,6 +19,11 @@ public class WsAccessToken {
     private String token;
 
     @ManyToMany(fetch = FetchType.EAGER)
+    @JoinTable(
+            name = "ws_access_token_workflows",
+            joinColumns = @JoinColumn(name = "ws_access_token_id"),
+            inverseJoinColumns = @JoinColumn(name = "workflows_id")
+    )
     private Set<Workflow> workflows = new HashSet<>();
 
     private Boolean createSignrequest = true;

src/main/java/org/esupportail/esupsignature/repository/SignRequestRepository.java

@@ -3,6 +3,7 @@
 import org.esupportail.esupsignature.dto.json.SignRequestWsDto;
 import org.esupportail.esupsignature.entity.Comment;
 import org.esupportail.esupsignature.entity.SignRequest;
+import org.esupportail.esupsignature.entity.WsAccessToken;
 import org.esupportail.esupsignature.entity.enums.SignRequestStatus;
 import org.springframework.data.domain.Page;
 import org.springframework.data.domain.Pageable;
@@ -19,8 +20,19 @@ public interface SignRequestRepository extends CrudRepository<SignRequest, Long>
 
     Optional<SignRequest> findByToken(String token);
 
+    @Query("""
+            select s.id as id, s.title as title, s.status as status, s.createDate as createDate, s.createBy.eppn as createByEppn, sb.endDate as endDate 
+            from SignRequest s 
+            join SignBook as sb on sb.id = s.parentSignBook.id
+            join sb.liveWorkflow as lw
+            join lw.workflow as w
+            join w.wsAccessTokens as t
+            where :token in (t) 
+            """)
+    List<SignRequestWsDto> findAllByToken(WsAccessToken token);
+
     @Query("select s.id as id, s.title as title, s.status as status, s.createDate as createDate, s.createBy.eppn as createByEppn, sb.endDate as endDate from SignRequest s join SignBook as sb on sb.id = s.parentSignBook.id")
-    List<SignRequestWsDto> findAllByForWs();
+    List<SignRequestWsDto> findAllForWs();
 
     List<SignRequest> findByCreateByEppnAndStatus(String createByEppn, SignRequestStatus status);
 

src/main/java/org/esupportail/esupsignature/repository/WsAccessTokenRepository.java

@@ -11,4 +11,5 @@ public interface WsAccessTokenRepository extends CrudRepository<WsAccessToken, L
     List<WsAccessToken> findByTokenAndWorkflowsEmpty(String token);
     List<WsAccessToken> findByTokenAndWorkflowsContains(String token, Workflow workflow);
     List<WsAccessToken> findByTokenIsNullAndWorkflowsEmpty();
+    WsAccessToken findByToken(String token);
 }

src/main/java/org/esupportail/esupsignature/service/SignRequestService.java

@@ -12,19 +12,19 @@
 import org.apache.commons.lang3.BooleanUtils;
 import org.esupportail.esupsignature.config.GlobalProperties;
 import org.esupportail.esupsignature.dss.service.FOPService;
-import org.esupportail.esupsignature.dto.json.RecipientWsDto;
 import org.esupportail.esupsignature.dto.js.JsMessage;
+import org.esupportail.esupsignature.dto.json.RecipientWsDto;
 import org.esupportail.esupsignature.entity.*;
 import org.esupportail.esupsignature.entity.enums.*;
 import org.esupportail.esupsignature.exception.*;
 import org.esupportail.esupsignature.repository.SignBookRepository;
 import org.esupportail.esupsignature.repository.SignRequestRepository;
+import org.esupportail.esupsignature.repository.WsAccessTokenRepository;
 import org.esupportail.esupsignature.service.interfaces.fs.FsAccessFactoryService;
 import org.esupportail.esupsignature.service.interfaces.fs.FsAccessService;
 import org.esupportail.esupsignature.service.interfaces.fs.FsFile;
 import org.esupportail.esupsignature.service.interfaces.prefill.PreFillService;
 import org.esupportail.esupsignature.service.mail.MailService;
-import org.esupportail.esupsignature.service.security.otp.OtpService;
 import org.esupportail.esupsignature.service.utils.StepStatus;
 import org.esupportail.esupsignature.service.utils.WebUtilsService;
 import org.esupportail.esupsignature.service.utils.file.FileService;
@@ -97,7 +97,7 @@ public class SignRequestService {
 
 	private final FsAccessFactoryService fsAccessFactoryService;
 
-	private final OtpService otpService;
+	private final WsAccessTokenRepository wsAccessTokenRepository;
 
 	private final FileService fileService;
 
@@ -117,7 +117,7 @@ public class SignRequestService {
 
 	private final LiveWorkflowStepService liveWorkflowStepService;
 
-	public SignRequestService(GlobalProperties globalProperties, TargetService targetService, NexuService nexuService, WebUtilsService webUtilsService, SignRequestRepository signRequestRepository, ActionService actionService, PdfService pdfService, DocumentService documentService, CustomMetricsService customMetricsService, SignService signService, SignTypeService signTypeService, UserService userService, DataService dataService, CommentService commentService, MailService mailService, AuditTrailService auditTrailService, UserShareService userShareService, RecipientService recipientService, FsAccessFactoryService fsAccessFactoryService, OtpService otpService, FileService fileService, PreFillService preFillService, LogService logService, SignRequestParamsService signRequestParamsService, ValidationService validationService, FOPService fopService, ObjectMapper objectMapper, SignBookRepository signBookRepository, LiveWorkflowStepService liveWorkflowStepService) {
+	public SignRequestService(GlobalProperties globalProperties, TargetService targetService, NexuService nexuService, WebUtilsService webUtilsService, SignRequestRepository signRequestRepository, ActionService actionService, PdfService pdfService, DocumentService documentService, CustomMetricsService customMetricsService, SignService signService, SignTypeService signTypeService, UserService userService, DataService dataService, CommentService commentService, MailService mailService, AuditTrailService auditTrailService, UserShareService userShareService, RecipientService recipientService, FsAccessFactoryService fsAccessFactoryService, WsAccessTokenRepository wsAccessTokenRepository, FileService fileService, PreFillService preFillService, LogService logService, SignRequestParamsService signRequestParamsService, ValidationService validationService, FOPService fopService, ObjectMapper objectMapper, SignBookRepository signBookRepository, LiveWorkflowStepService liveWorkflowStepService) {
         this.globalProperties = globalProperties;
         this.targetService = targetService;
         this.nexuService = nexuService;
@@ -137,7 +137,7 @@ public SignRequestService(GlobalProperties globalProperties, TargetService targe
         this.userShareService = userShareService;
         this.recipientService = recipientService;
         this.fsAccessFactoryService = fsAccessFactoryService;
-        this.otpService = otpService;
+        this.wsAccessTokenRepository = wsAccessTokenRepository;
         this.fileService = fileService;
         this.preFillService = preFillService;
         this.logService = logService;
@@ -1124,8 +1124,12 @@ public InputStream getToValidateFile(long id) throws IOException {
 	}
 
 	@Transactional
-	public String getAllToJSon() throws JsonProcessingException {
-		return objectMapper.writeValueAsString(signRequestRepository.findAllByForWs());
+	public String getAllToJSon(String xApikey) throws JsonProcessingException {
+		WsAccessToken wsAccessToken = wsAccessTokenRepository.findByToken(xApikey);
+		if(wsAccessToken == null || wsAccessToken.getWorkflows().isEmpty()) {
+			return objectMapper.writeValueAsString(signRequestRepository.findAllForWs());
+		}
+		return objectMapper.writeValueAsString(signRequestRepository.findAllByToken(wsAccessToken));
 	}
 
 	public boolean isAttachmentAlert(SignRequest signRequest) {

src/main/java/org/esupportail/esupsignature/service/WsAccessTokenService.java

@@ -35,6 +35,16 @@ public boolean isAllAccess(String token) {
         return allAccess(token);
     }
 
+    @Transactional(readOnly = true)
+    public boolean isTokenExist(String token) {
+        return allAccess(token) || wsAccessTokenRepository.findByToken(token) != null;
+    }
+
+    @Transactional(readOnly = true)
+    public WsAccessToken getByToken(String token) {
+        return wsAccessTokenRepository.findByToken(token);
+    }
+
     @Transactional
     public boolean createWorkflowAccess(Long id, String token) {
         if(allAccess(token)) return true;

src/main/java/org/esupportail/esupsignature/service/scheduler/ScheduledTaskService.java

@@ -63,7 +63,6 @@ public ScheduledTaskService(GlobalProperties globalProperties, SignBookRepositor
 	}
 
 	@Scheduled(initialDelay = 12000, fixedRate = 300000)
-	@Transactional
 	public void scanAllWorkflowsSources() {
 		logger.debug("scan workflows sources");
 		Iterable<Workflow> workflows = workflowService.getAllWorkflows();

src/main/java/org/esupportail/esupsignature/service/utils/sign/ValidationService.java

@@ -104,7 +104,9 @@ public void checkRevocation(AbstractSignatureForm signatureDocumentForm, Certifi
                 throw new EsupSignatureRuntimeException("Impossible de signer avec ce certificat. Détails : " + e.getMessage());
             }
         }
-        if(containsBadSignature || revocationToken != null && !certificateVerifier.getRevocationDataVerifier().isAcceptable(revocationToken)
+        if(containsBadSignature
+            || revocationToken == null
+            || !certificateVerifier.getRevocationDataVerifier().isAcceptable(revocationToken)
             || (!certificateToken.isValidOn(new Date()) && parameters.isSignWithExpiredCertificate())) {
             logger.warn("LT or LTA signature level not supported, switching to T level");
             if(parameters.getSignatureLevel().name().contains("_LT") || parameters.getSignatureLevel().name().contains("_LTA")) {

src/main/java/org/esupportail/esupsignature/web/ws/SignRequestWsController.java

@@ -272,9 +272,9 @@ public ResponseEntity<Void> printWithCode(@PathVariable("id") Long id,
     @GetMapping(value = "/all", produces = MediaType.APPLICATION_JSON_VALUE)
     @ResponseBody
     @Operation(security = @SecurityRequirement(name = "x-api-key"), description = "Récupérer toutes les demandes", responses = @ApiResponse(responseCode = "200", content = @Content(schema = @Schema(implementation = List.class), mediaType = MediaType.APPLICATION_JSON_VALUE)))
-    @PreAuthorize("@wsAccessTokenService.isAllAccess(#xApiKey)")
+    @PreAuthorize("@wsAccessTokenService.isTokenExist(#xApiKey)")
     public ResponseEntity<String> getAllSignRequests(@ModelAttribute("xApiKey") @Parameter(hidden = true) String xApiKey) throws JsonProcessingException {
-        return ResponseEntity.ok(signRequestService.getAllToJSon());
+        return ResponseEntity.ok(signRequestService.getAllToJSon(xApiKey));
     }
 
     @GetMapping(value = "/return-test")

src/main/resources/templates/user/signbooks/includes/list-elem.html

@@ -85,8 +85,7 @@
             <span th:if="${signBook.endDate != null}" th:text="${#dates.format(signBook.endDate, 'dd/MM/yyyy HH:mm')}"></span>
             <br>
             <span th:if="${signBook.deleted}" th:text="'Supprimé le : ' + ${#dates.format(signBook.updateDate, 'dd/MM/yyyy HH:mm')}"></span>
-            <span th:unless="${(signBook.deleted || signBook.endDate != null) && signBook.signRequests.size() == 1 && (signBook.signRequests.get(0).lastSignedDocument == null || signBook.signRequests.get(0).lastSignedDocument.createDate == null)}"
-                th:text="${#dates.format(signBook.signRequests.get(0).lastSignedDocument.createDate, 'dd/MM/yyyy HH:mm')}"></span>
+            <span th:if="${signBook.signRequests.size() > 0 && signBook.signRequests.get(0).lastSignedDocument != null}" th:text="${#dates.format(signBook.signRequests.get(0).lastSignedDocument.createDate, 'dd/MM/yyyy HH:mm')}"></span>
         </td>
         <td class="clickable-td d-none d-xxl-table-cell">
             <div th:replace="~{user/signbooks/includes/status :: status(signBook=${signRequest.parentSignBook})}"></div>

src/main/resources/templates/user/signrequests/show.html

@@ -102,11 +102,16 @@
                             th:href="'/ws-secure/global/get-last-file/' + ${id}" target="_blank"
                             title="Télécharger le document"><i class="fa-solid fa-file-download fa-2xl"></i></a>
                     </li>
-                    <li th:if="${signRequest.status != T(org.esupportail.esupsignature.entity.enums.SignRequestStatus).pending}">
+                    <li th:if="${signRequest.parentSignBook.signRequests.size() == 1 && signRequest.status != T(org.esupportail.esupsignature.entity.enums.SignRequestStatus).pending}">
                         <a class="btn-lg btn-floating bg-primary"
                             th:href="'/ws-secure/global/get-last-file/' + ${id}" target="_blank"
                             title="Télécharger la dernière version du document"><i class="fa-solid fa-file-download fa-2xl"></i></a>
                     </li>
+                    <li th:if="${signRequest.parentSignBook.signRequests.size() > 1 && signRequest.status != T(org.esupportail.esupsignature.entity.enums.SignRequestStatus).pending}">
+                        <a class="btn-lg btn-floating bg-primary"
+                           th:href="'/ws-secure/global/get-last-files/' + ${signRequest.parentSignBook.id}" target="_blank"
+                           title="Télécharger la dernière version des documents"><i class="fa-solid fa-file-download fa-2xl"></i></a>
+                    </li>
                     <li th:if="${signRequest.status == T(org.esupportail.esupsignature.entity.enums.SignRequestStatus).completed || signRequest.status == T(org.esupportail.esupsignature.entity.enums.SignRequestStatus).exported || signRequest.status == T(org.esupportail.esupsignature.entity.enums.SignRequestStatus).archived || signRequest.status == T(org.esupportail.esupsignature.entity.enums.SignRequestStatus).cleaned}">
                         <a class="btn-lg btn-floating bg-primary"
                             onclick='alert("Le document ainsi téléchargé est destiné exclusivement à l`impression. Les signatures éléctroniques ne sont présentes que dans la version numérique")'
@@ -201,9 +206,7 @@
                 <div th:replace="~{user/signrequests/includes/workspace :: workspace}"></div>
             </th:block>
             <th:block th:if="${signRequest.parentSignBook.status == T(org.esupportail.esupsignature.entity.enums.SignRequestStatus).cleaned}">
-                <div class="alert alert-success">
-                    Le document contenu dans cette demande de signature a été archivé. Vous avez la possibilité de le télécharger à l’aide du bouton en bas à droite.
-                </div>
+                <div class="alert alert-success">Les documents contenus dans cette demande de signature ont été archivés. Vous avez la possibilité de les télécharger à l’aide du bouton en bas à droite.</div>
             </th:block>
             <div th:if="${signable && (toSignDocument == null || toSignDocument.contentType != 'application/pdf') && signRequest.originalDocuments.size() > 0}" id="workspace"
                 class="workspace alert alert-secondary row">