ExpressAPI/src/routes/SonarRoutes.ts

+import { Express }     from 'express-serve-static-core';
+import express         from 'express';
+import { StatusCodes } from 'http-status-codes';
+import RoutesManager   from '../express/RoutesManager';
+import SharedSonarManager from '../shared/managers/SharedSonarManager';
+import SonarManager from '../managers/SonarManager';
+import SecurityMiddleware from '../middlewares/SecurityMiddleware';
+import SecurityCheckType from '../types/SecurityCheckType';
+import * as ExpressValidator from 'express-validator';
+import DojoValidators from '../helpers/DojoValidators';
+import ParamsValidatorMiddleware from '../middlewares/ParamsValidatorMiddleware';
+
+class SonarRoutes implements RoutesManager {
+    private readonly qualitiesValidator: ExpressValidator.Schema = {
+        gate    : {
+            trim    : true,
+            notEmpty: false
+        },
+        profiles : {
+            trim           : true,
+            notEmpty       : false,
+            customSanitizer: DojoValidators.jsonSanitizer
+        }
+    };
+
+    registerOnBackend(backend: Express) {
+        backend.get('/sonar/info', this.sonar.bind(this));
+        backend.post('/sonar/testqualities', SecurityMiddleware.check(true, SecurityCheckType.TEACHING_STAFF), ParamsValidatorMiddleware.validate(this.qualitiesValidator), this.testQualities.bind(this));
+    }
+
+    private async sonar(req: express.Request, res: express.Response) {
+        const data = {
+            sonarEnabled: await SharedSonarManager.isSonarSupported(),
+            languages: await SonarManager.getLanguages()
+        };
+        return req.session.sendResponse(res, StatusCodes.OK, data);
+    }
+
+    private async testQualities(req: express.Request, res: express.Response) {
+        const params: {
+            gate: string | undefined, profiles: string[]
+        } = req.body;
+
+        console.log(params);
+
+        let gateOk = true;
+        if ((params.gate ?? "") !== "") {
+            gateOk = await SonarManager.testQualityGate(params.gate ?? "")
+        }
+
+        let profilesOk = true;
+        const badProfiles = [];
+
+        for ( const profile of params.profiles ) {
+            try {
+                const [ lang, name ] = profile.trim().split('/');
+                if ( !await SonarManager.testQualityProfile(name, lang) ) {
+                    profilesOk = false;
+                    badProfiles.push(profile);
+                }
+            } catch (e) {
+                profilesOk = false;
+                badProfiles.push(profile);
+            }
+        }
+
+        console.log(gateOk, profilesOk);
+
+        const data = {
+            valid: gateOk && profilesOk,
+            badProfiles: badProfiles,
+            badGate: (gateOk ? null : params.gate)
+        };
+
+        console.log(data);
+
+        return req.session.sendResponse(res, StatusCodes.OK, data);
+    }
+}
+
+
+export default new SonarRoutes();

ExpressAPI/src/routes/UserRoutes.ts

+import { Express }                 from 'express-serve-static-core';
+import express, { RequestHandler } from 'express';
+import { StatusCodes }             from 'http-status-codes';
+import RoutesManager               from '../express/RoutesManager.js';
+import SecurityMiddleware          from '../middlewares/SecurityMiddleware';
+import * as ExpressValidator       from 'express-validator';
+import ParamsValidatorMiddleware   from '../middlewares/ParamsValidatorMiddleware';
+import { Prisma, UserRole }        from '@prisma/client';
+import UserManager                 from '../managers/UserManager';
+
+
+class UserRoutes implements RoutesManager {
+    private readonly usersGetValidator: ExpressValidator.Schema = {
+        role: {
+            trim    : true,
+            notEmpty: false,
+            optional: true
+        }
+    };
+
+    registerOnBackend(backend: Express) {
+        backend.get('/users', SecurityMiddleware.check(true), ParamsValidatorMiddleware.validate(this.usersGetValidator), this.getUsers.bind(this) as RequestHandler);
+    }
+
+    private async getUsers(req: express.Request, res: express.Response) {
+
+        let roleFilter: Prisma.UserWhereInput | undefined = undefined;
+
+        if ( req.query.role ) {
+            if ( req.query.role === UserRole.ADMIN ) {
+                roleFilter = {
+                    role: UserRole.ADMIN
+                };
+            } else if ( req.query.role === UserRole.TEACHING_STAFF ) {
+                roleFilter = {
+                    OR: [ {
+                        role: UserRole.ADMIN
+                    }, {
+                        role: UserRole.TEACHING_STAFF
+                    } ]
+                };
+            } else if ( req.query.role === UserRole.STUDENT ) {
+                roleFilter = {
+                    role: UserRole.STUDENT
+                };
+            } else {
+                return req.session.sendResponse(res, StatusCodes.FORBIDDEN);
+            }
+        } else if ( !req.session.profile.isAdmin ) {
+            return req.session.sendResponse(res, StatusCodes.FORBIDDEN);
+        }
+
+        return req.session.sendResponse(res, StatusCodes.OK, await UserManager.getFiltered(roleFilter));
+    }
+}
+
+
+export default new UserRoutes();

shared @ 937081e6

-Subproject commit 9e3f29d2f313ef96944a199da0db39f1827c496a
+Subproject commit 937081e68f6127b669daca30e57c43e73b9c96c9

ExpressAPI/src/types/SecurityCheckType.ts

 enum SecurityCheckType {
     TEACHING_STAFF          = 'teachingStaff',
+    ADMIN                   = 'admin',
+    EXERCISE_MEMBERS        = 'exerciseMembers',
     ASSIGNMENT_STAFF        = 'assignmentStaff',
     ASSIGNMENT_IS_PUBLISHED = 'assignmentIsPublished',
     EXERCISE_SECRET         = 'exerciseSecret',
+    ASSIGNMENT_SECRET       = 'assignmentSecret',
+    USER                    = 'user',
 }
 
 

sonar-project.properties

+sonar.projectKey=DojoBackendAPI
+sonar.qualitygate.wait=true
+sonar.exclusions=ExpressAPI/prisma/seed.ts
\ No newline at end of file