Planif, API, Interface base

canapGEST/API/.env.example

+APP_ENV=local
+APP_DEBUG=true
+APP_KEY=
+APP_TIMEZONE=UTC
+
+DB_CONNECTION=mysql
+DB_HOST=127.0.0.1
+DB_PORT=3306
+DB_DATABASE=homestead
+DB_USERNAME=homestead
+DB_PASSWORD=secret
+
+CACHE_DRIVER=file
+QUEUE_DRIVER=sync
+
+JWT_SECRET=
\ No newline at end of file

canapGEST/API/.gitignore

+/vendor
+/.idea
+Homestead.json
+Homestead.yaml
+.env

canapGEST/API/app/Console/Kernel.php

+<?php
+
+namespace App\Console;
+
+use Illuminate\Console\Scheduling\Schedule;
+use Laravel\Lumen\Console\Kernel as ConsoleKernel;
+
+class Kernel extends ConsoleKernel
+{
+    /**
+     * The Artisan commands provided by your application.
+     *
+     * @var array
+     */
+    protected $commands = [
+        //
+    ];
+
+    /**
+     * Define the application's command schedule.
+     *
+     * @param  \Illuminate\Console\Scheduling\Schedule  $schedule
+     * @return void
+     */
+    protected function schedule(Schedule $schedule)
+    {
+        //
+    }
+}

canapGEST/API/app/Events/Event.php

+<?php
+
+namespace App\Events;
+
+use Illuminate\Queue\SerializesModels;
+
+abstract class Event
+{
+    use SerializesModels;
+}

canapGEST/API/app/Events/ExampleEvent.php

+<?php
+
+namespace App\Events;
+
+class ExampleEvent extends Event
+{
+    /**
+     * Create a new event instance.
+     *
+     * @return void
+     */
+    public function __construct()
+    {
+        //
+    }
+}

canapGEST/API/app/Exceptions/Handler.php

+<?php
+
+namespace App\Exceptions;
+
+use Exception;
+use Illuminate\Validation\ValidationException;
+use Illuminate\Auth\Access\AuthorizationException;
+use Illuminate\Database\Eloquent\ModelNotFoundException;
+use Laravel\Lumen\Exceptions\Handler as ExceptionHandler;
+use Symfony\Component\HttpKernel\Exception\HttpException;
+
+class Handler extends ExceptionHandler
+{
+    /**
+     * A list of the exception types that should not be reported.
+     *
+     * @var array
+     */
+    protected $dontReport = [
+        AuthorizationException::class,
+        HttpException::class,
+        ModelNotFoundException::class,
+        ValidationException::class,
+    ];
+
+    /**
+     * Report or log an exception.
+     *
+     * This is a great spot to send exceptions to Sentry, Bugsnag, etc.
+     *
+     * @param  \Exception  $e
+     * @return void
+     */
+    public function report(Exception $e)
+    {
+        parent::report($e);
+    }
+
+    /**
+     * Render an exception into an HTTP response.
+     *
+     * @param  \Illuminate\Http\Request  $request
+     * @param  \Exception  $e
+     * @return \Illuminate\Http\Response
+     */
+    public function render($request, Exception $e)
+    {
+        return parent::render($request, $e);
+    }
+}

canapGEST/API/app/Helpers/AccessLevelHelper.php

+<?php
+
+namespace App\Helpers;
+
+class AccessLevelHelper
+{
+  // TODO: (TPI) en db
+  private static $default_access_groups = [
+    "responsables-apprentis" => ["full", "responsable"],
+    "canap-gest-users-dev" => ["full", "responsable"], // just for dev testing, remove line in prod
+    "enacproj-mdt-admins" => ["informaticien", "formateur"], // just for dev testing, remove line in prod
+    "formateurs-commerce" => ["employeCommerce", "formateur"],
+    "formateurs-gardiens-animaux" => ["gardienAnimaux", "formateur"],
+    "formateurs-informaticiens" => ["informaticien", "formateur"],
+    "formateurs-interactive-media-designer" => ["interactiveMediaDesigner", "formateur"],
+    "formateurs-laborantins-en-biologie" => ["laborantinBiologie", "formateur"],
+    "formateurs-laborantins-en-chimie" => ["laborantinChimie", "formateur"],
+    "formateurs-laborantins-en-physique" => ["laborantinPhysique", "formateur"],
+    "formateurs-planificateurs-electriciens" => ["planificateurElectricien", "formateur"],
+    "formateurs-logisticiens" => ["logisticien", "formateur"],
+    "formateurs-polymecaniciens" => ["polyMecanicien", "formateur"],
+  ];
+
+  public static function hasAccessToJob($job, $permissions)
+  {
+    return in_array($job, $permissions);
+  }
+
+  public static function isJobValid($job)
+  {
+    foreach (self::$default_access_groups as $key => $access) {
+      if ($access[0] == $job && $job != 'full') {
+        return true;
+      }
+    }
+    return false;
+  }
+
+  public static function hasPermittedRole($user_role, $wanted_role)
+  {
+    return $user_role == $wanted_role;
+  }
+
+  public static function getUserAccess($user_groups)
+  {
+    $user_alloweds = [];
+    $user_role = "";
+    $user_groups = explode(',', $user_groups);
+
+    foreach (self::$default_access_groups as $group => $access) {
+      $access_level = $access[0];
+      $access_role = $access[1];
+      if (in_array($group, $user_groups)) {
+        if ($access_level == 'full') {
+          // user has full access, fill with all jobs and stop
+          $user_alloweds = self::setFullAccess();
+          $user_role = $access_role;
+          break;
+        } else {
+          // user has not full access
+          $user_role = $access_role;
+          array_push($user_alloweds, $access_level);
+        }
+      }
+    }
+    return ["groups" => $user_alloweds, "role" => $user_role];
+  }
+
+  private static function setFullAccess()
+  {
+    $user_alloweds = [];
+    foreach (self::$default_access_groups as $perm) {
+      if ($perm[0] != 'full') {
+        if (!in_array($perm[0], $user_alloweds)) {
+          array_push($user_alloweds, $perm[0]);
+        }
+      }
+    }
+    return $user_alloweds;
+  }
+}
\ No newline at end of file

canapGEST/API/app/Http/Controllers/ApplicantsController.php

+<?php
+
+namespace App\Http\Controllers;
+
+use Laravel\Lumen\Routing\Controller;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+use App\Helpers\AccessLevelHelper;
+use \Illuminate\Support\Facades\Lang;
+use Illuminate\Support\Facades\File;
+
+class ApplicantsController extends Controller
+{
+  private $request;
+  private $user_sciper;
+  private $user_permissions;
+  private $user_role;
+
+  public function __construct(Request $request)
+  {
+    $this->request = $request;
+    $this->user_sciper = $this->request->get('user_sciper');
+    $this->user_permissions = $this->request->get('user_permissions');
+    $this->user_role = $this->request->get('user_role');
+  }
+
+  public function getAll()
+  {
+    $applicants = [];
+    foreach ($this->user_permissions as $job) {
+      $job_applicants = DB::table('applicant')->where('applicant_formation', $job)->get();
+      if (count($job_applicants)) {
+        array_push($applicants, $job_applicants);
+      }
+    }
+    return $applicants[0];
+  }
+
+  public function getJobApplicants($job)
+  {
+    if (AccessLevelHelper::isJobValid($job)) {
+      $has_access = AccessLevelHelper::hasAccessToJob($job, $this->user_permissions);
+      if ($has_access) {
+        return DB::table('applicant')->where('applicant_formation', $job)->get();
+      } else {
+        return abort(403, lang::get('http.unauthorized'));
+      }
+    } else {
+      return abort(404, lang::get('http.notfound'));
+    }
+  }
+
+  public function getOneById($id)
+  {
+    $applicant_job = DB::table('applicant')->where('applicant_id', $id)->pluck('applicant_formation')->first();
+    $has_access = AccessLevelHelper::hasAccessToJob($applicant_job, $this->user_permissions);
+    if ($has_access) {
+      $data = $this->getOne($id);
+      return response()->json($data, 200);
+    } else {
+      return abort(403, lang::get('http.unauthorized'));
+    }
+  }
+
+  public function updateStatus($id)
+  {
+    $applicant_job = DB::table('applicant')->where('applicant_id', $id)->pluck('applicant_formation')->first();
+    $has_access = AccessLevelHelper::hasAccessToJob($applicant_job, $this->user_permissions);
+    $has_permitted_role = AccessLevelHelper::hasPermittedRole($this->user_role, 'responsable');
+    if ($has_access && $has_permitted_role) {
+      $this->validate($this->request, [
+        'status' => 'required'
+      ], [lang::get('validation.required')]);
+
+      $new_status = $this->request->input('status');
+      return DB::table('applicant')->where('applicant_id', $id)->update(['applicant_application_status' => $new_status]);
+    } else {
+      return abort(403, lang::get('http.unauthorized'));
+    }
+  }
+
+  public function delete($id)
+  {
+    $applicant_job = DB::table('applicant')->where('applicant_id', $id)->pluck('applicant_formation')->first();
+    $has_access = AccessLevelHelper::hasAccessToJob($applicant_job, $this->user_permissions);
+
+    $has_permitted_role = AccessLevelHelper::hasPermittedRole($this->user_role, 'responsable');
+    if ($has_access && $has_permitted_role) {
+      return DB::table('applicant')->where('applicant_id', $id)->delete();
+    } else {
+      return abort(403, lang::get('http.unauthorized'));
+    }
+  }
+
+  public function export($id)
+  {
+    $applicant_job = DB::table('applicant')->where('applicant_id', $id)->pluck('applicant_formation')->first();
+    $has_access = AccessLevelHelper::hasAccessToJob($applicant_job, $this->user_permissions);
+    if ($has_access) {
+      $tmp_file_path = sys_get_temp_dir() . '\\' .$id .'-export.json';
+      $json = json_encode($this->getOne($id));
+      File::put($tmp_file_path, $json);
+      return response()->download($tmp_file_path, $id .'-export.json', ['Content-Type' => 'application/json'])->deleteFileAfterSend(true);
+    } else {
+      return abort(403, lang::get('http.unauthorized'));
+    }
+  }
+
+  private function getOne($id)
+  {
+    // get applicant
+    $applicant = DB::table('applicant')->where('applicant_id', $id)->first();
+    // get responsibles
+    $main_resp = DB::table('applicant')->where('applicant_id', $id)
+      ->select('responsible_id', 'responsible_gender', 'responsible_name', 'responsible_fsname', 'responsible_street', 'responsible_npa', 'responsible_phone')
+      ->join('responsible', 'applicant.fk_applicant_main_responsible', '=', 'responsible.responsible_id')
+      ->first();
+
+    $sec_resp = DB::table('applicant')->where('applicant_id', $id)
+      ->select('responsible_id', 'responsible_gender', 'responsible_name', 'responsible_fsname', 'responsible_street', 'responsible_npa', 'responsible_phone')
+      ->join('responsible', 'applicant.fk_applicant_sec_responsible', '=', 'responsible.responsible_id')
+      ->first();
+
+    // get scolarity
+    $scolarities = DB::table('scolarity')->where('fk_applicant_id', $id)->get();
+
+    // get pro activities
+    $pro_activities = DB::table('professional_activity')->where('fk_applicant_id', $id)->get();
+
+    // get trainings
+    $trainings = DB::table('training')->where('fk_applicant_id', $id)->get();
+
+    // get files (infos)
+    $files = DB::table('file')->select('file_id', 'file_name')->where('fk_applicant_id', $id)->get();
+
+    return [
+      "personal_data" => $applicant,
+      "responsibles" => [
+        "main" => $main_resp,
+        "secondary" => $sec_resp
+      ],
+      "scolarities" => $scolarities,
+      "pro_activities" => $pro_activities,
+      "training" => $trainings,
+      "files" => $files
+    ];
+  }
+}

canapGEST/API/app/Http/Controllers/AuthController.php

+<?php
+
+namespace App\Http\Controllers;
+
+use Laravel\Lumen\Routing\Controller;
+use Illuminate\Http\Request;
+use App\Providers\TequilaClient;
+use Firebase\JWT\JWT;
+use App\Helpers\AccessLevelHelper;
+
+class AuthController extends Controller
+{
+  private $request;
+  private $oClient;
+
+  public function __construct(Request $request)
+  {
+    $this->request = $request;
+    $this->oClient = new TequilaClient();
+  }
+
+  protected function jwt($tequilaObject)
+  {
+    $user_perms = AccessLevelHelper::getUserAccess($tequilaObject->getValue("group"));
+    $payload = [
+      'iss' => "lumen-jwt",
+      'sub' => $tequilaObject->getValue('uniqueid'),
+      "tequila_data" => [
+        "firstname" => $tequilaObject->getValue('firstname'),
+        "name" => $tequilaObject->getValue("name"),
+        "group" => $tequilaObject->getValue("group"),
+        "user" => $tequilaObject->getValue("user"),
+        "sciper" => $tequilaObject->getValue('uniqueid')
+      ],
+      'permissions' => $user_perms['groups'],
+      "role" => $user_perms['role'],
+      'iat' => time(),
+      'exp' => time() + 43200
+    ];
+
+    return JWT::encode($payload, env('JWT_SECRET'));
+  }
+
+  public function authenticate()
+  {
+    $this->oClient->SetApplicationName('Canap-Gest');
+    $this->oClient->SetWantedAttributes(array('uniqueid', 'name', 'firstname', 'unit', 'unitid', 'where', 'group'));
+    $this->oClient->SetWishedAttributes(array('email', 'title'));
+    // $this->oClient->SetApplicationURL('https://canap-gest.epfl.ch:8443');
+    // $this->oClient->SetApplicationURL('http://canap-gest-dev.local:8080');
+    $this->oClient->SetApplicationURL('http://localhost:8000/api/auth/login');
+    $this->oClient->SetCustomFilter('org=EPFL&group=canap-gest-users-dev');
+
+    $this->oClient->Authenticate();
+
+    return response()->json([
+      'token' => $this->jwt($this->oClient)
+    ], 200);
+  }
+
+  public function logout()
+  {
+    $this->oClient->Logout();
+  }
+}

canapGEST/API/app/Http/Controllers/CommentsController.php

+<?php
+
+namespace App\Http\Controllers;
+
+use Laravel\Lumen\Routing\Controller;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Http\Request;
+use App\Helpers\AccessLevelHelper;
+use \Illuminate\Support\Facades\Lang;
+
+class CommentsController extends Controller
+{
+  private $request;
+  private $user_sciper;
+  private $user_permissions;
+
+  public function __construct(Request $request)
+  {
+    $this->request = $request;
+    $this->user_sciper = $this->request->get('user_sciper');
+    $this->user_permissions = $this->request->get('user_permissions');
+  }
+
+  public function getApplicantComments($id)
+  {
+    $applicant_job = DB::table('applicant')->where('applicant_id', $id)->pluck('applicant_formation')->first();
+    $has_access = AccessLevelHelper::hasAccessToJob($applicant_job, $this->user_permissions);
+
+    if ($has_access) {
+      $public_comments = DB::table('comment')->where('fk_applicant_id', $id)->where('comment_is_private', 0)->get();
+      $private_comments = DB::table('comment')->where('fk_applicant_id', $id)->where('comment_is_private', 1)->where('comment_owner_sciper', $this->user_sciper)->get();
+      return ["public" => $public_comments, "private" => $private_comments];
+    } else {
+      return abort(403, lang::get('http.unauthorized'));
+    }
+  }
+
+  public function create()
+  {
+    $this->validate($this->request, [
+      'content' => 'required',
+      'is_private' => 'required',
+      'applicant_id' => 'required'
+    ], [lang::get('validation.required')]);
+
+    $new_content = $this->request->input('content');
+    $new_is_private = $this->request->input('is_private');
+    $new_date = date("Y-m-d H:i:s");
+    $new_applicant_id = $this->request->input('applicant_id');
+
+    $applicant_job = DB::table('applicant')->where('applicant_id', $new_applicant_id)->pluck('applicant_formation')->first();
+    $has_access = AccessLevelHelper::hasAccessToJob($applicant_job, $this->user_permissions);
+
+    if ($has_access) {
+      $inserted_id = DB::table('comment')->insertGetId([
+        "comment_owner_sciper" => $this->user_sciper,
+        "comment_content" => $new_content,
+        "comment_is_private" => $new_is_private,
+        "comment_date" => $new_date,
+        "fk_applicant_id" => $new_applicant_id
+      ]);
+      return ["message" => lang::get('http.success.created.comment'), "id" => $inserted_id];
+    } else {
+      return abort(403, lang::get('http.unauthorized'));
+    }
+  }
+
+  public function delete($id)
+  {
+    $wanted_comment_exists = DB::table('comment')->where('comment_id', $id)->where('comment_owner_sciper', $this->user_sciper)->exists();
+    if ($wanted_comment_exists) {
+      DB::table('comment')->where('comment_id', $id)->where('comment_owner_sciper', $this->user_sciper)->delete();
+      return ["message" => lang::get('http.success.deleted.comment')];
+    } else {
+      return abort(403, lang::get('http.unauthorized'));
+    }
+  }
+
+  public function update($id)
+  {
+    $this->validate($this->request, [
+      'content' => 'required',
+      'is_private' => 'required'
+    ], [lang::get('validation.required')]);
+
+    $new_content = $this->request->input('content');
+    $new_is_private = $this->request->input('is_private');
+    $new_date = date("Y-m-d H:i:s");
+
+    $wanted_comment_exists = DB::table('comment')->where('comment_id', $id)->where('comment_owner_sciper', $this->user_sciper)->exists();
+    if ($wanted_comment_exists) {
+      DB::table('comment')->where('comment_id', $id)->where('comment_owner_sciper', $this->user_sciper)->update([
+        'comment_content' => $new_content,
+        'comment_is_private' => $new_is_private,
+        'comment_date' => $new_date
+      ]);
+      return ["message" => lang::get('http.success.updated.comment'), "id" => $id];
+    } else {
+      return abort(403, lang::get('http.unauthorized'));
+    }
+  }
+
+}

canapGEST/API/app/Http/Controllers/FilesController.php

+<?php
+
+namespace App\Http\Controllers;
+
+use Laravel\Lumen\Routing\Controller;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+use App\Helpers\AccessLevelHelper;
+
+class FilesController extends Controller
+{
+  private $request;
+  private $user_permissions;
+
+  public function __construct(Request $request)
+  {
+    $this->request = $request;
+    $this->user_permissions = $this->request->get('user_permissions');
+  }
+
+  public function getFile($id)
+  {
+    // Check access to file
+    $applicant_job = DB::table('applicant')
+      ->join('file', 'file.fk_applicant_id', '=', 'applicant.applicant_id')
+      ->where('file_id', $id)->pluck('applicant_formation')->first();
+
+    $has_access = AccessLevelHelper::hasAccessToJob($applicant_job, $this->user_permissions);
+    if ($has_access) {
+      $file = DB::table('file')->where('file_id', $id)->first();
+      return response()->download($file->file_path);
+    } else {
+      return abort(403, lang::get('http.unauthorized'));
+    }
+  }
+}

canapGEST/API/app/Http/Controllers/MarkersController.php

+<?php
+
+namespace App\Http\Controllers;
+
+use Laravel\Lumen\Routing\Controller;
+use Illuminate\Support\Facades\DB;
+use Illuminate\Http\Request;
+use App\Helpers\AccessLevelHelper;
+use \Illuminate\Support\Facades\Lang;
+
+
+class MarkersController extends Controller
+{
+  private $request;
+  private $user_sciper;
+  private $user_permissions;
+
+  public function __construct(Request $request)
+  {
+    $this->request = $request;
+    $this->user_sciper = $this->request->get('user_sciper');
+    $this->user_permissions = $this->request->get('user_permissions');
+  }
+
+  public function getApplicantMarkers($id)
+  {
+    $applicant_job = DB::table('applicant')->where('applicant_id', $id)->pluck('applicant_formation')->first();
+    $has_access = AccessLevelHelper::hasAccessToJob($applicant_job, $this->user_permissions);
+    if ($has_access) {
+      return DB::table('marker')->where('fk_applicant_id', $id)->get();
+    } else {
+      return abort(403, lang::get('http.unauthorized'));
+    }
+  }
+
+  public function getUserMarkerOnApplicant($id)
+  {
+    return DB::table('marker')->where('fk_applicant_id', $id)->where('marker_owner_sciper', $this->user_sciper)->get();
+  }
+
+  public function create()
+  {
+    $this->validate($this->request, [
+      'type' => 'required',
+      'applicant_id' => 'required',
+    ], [lang::get('validation.required')]);
+
+    $new_type = $this->request->input('type');
+    $new_applicant_id = $this->request->input('applicant_id');
+
+    $applicant_job = DB::table('applicant')->where('applicant_id', $new_applicant_id)->pluck('applicant_formation')->first();
+    $has_access = AccessLevelHelper::hasAccessToJob($applicant_job, $this->user_permissions);
+
+    if ($has_access) {
+      $inserted_id = DB::table('marker')->insertGetId([
+        "marker_owner_sciper" => $this->user_sciper,
+        "marker_type" => $new_type,
+        "fk_applicant_id" => $new_applicant_id
+      ]);
+      return ["message" => lang::get('http.success.created.marker'), "id" => $inserted_id];
+    } else {
+      return abort(403, lang::get('http.unauthorized'));
+    }
+  }
+
+  public function update($id)
+  {
+    $this->validate($this->request, [
+      'type' => 'required'
+    ], [lang::get('validation.required')]);
+
+    $new_type = $this->request->input('type');
+    $wanted_marker_exists = DB::table('marker')->where('marker_id', $id)->where('marker_owner_sciper', $this->user_sciper)->exists();
+    if ($wanted_marker_exists) {
+      DB::table('marker')->where('marker_id', $id)->update(['marker_type' => $new_type]);
+      return ["message" => lang::get('http.success.updated.marker'), "id" => $id];
+    } else {
+      return abort(403, lang::get('http.unauthorized'));
+    }
+  }
+
+  public function delete($id)
+  {
+    $wanted_marker_exists = DB::table('marker')->where('marker_id', $id)->where('marker_owner_sciper', $this->user_sciper)->exists();
+    if ($wanted_marker_exists) {
+      DB::table('marker')->where('marker_id', $id)->where('marker_owner_sciper', $this->user_sciper)->delete();
+      return ["message" => lang::get('http.success.deleted.marker')];
+    } else {
+      return abort(403, lang::get('http.unauthorized'));
+    }
+  }
+
+}

canapGEST/API/app/Http/Controllers/StatsController.php

+<?php
+
+namespace App\Http\Controllers;
+
+use Laravel\Lumen\Routing\Controller;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+use App\Helpers\AccessLevelHelper;
+
+class StatsController extends Controller
+{
+  public function __construct(Request $request)
+  {
+    $this->request = $request;
+    $this->user_sciper = $this->request->get('user_sciper');
+    $this->user_permissions = $this->request->get('user_permissions');
+  }
+
+  public function getTotal()
+  {
+    return DB::table('applicant')->select(DB::raw('applicant_formation as formation, count(*) as total'))->groupBy('formation')->get();
+  }
+}
\ No newline at end of file

canapGEST/API/app/Http/Controllers/UsersController.php

+<?php
+
+namespace App\Http\Controllers;
+
+use Laravel\Lumen\Routing\Controller;
+use Illuminate\Http\Request;
+use Illuminate\Support\Facades\DB;
+
+class UsersController extends Controller
+{
+  private $request;
+  private $user_data;
+  private $user_sciper;
+  private $user_permissions;
+
+  public function __construct(Request $request)
+  {
+    $this->request = $request;
+    $this->user_data = $this->request->get('user_data');
+    $this->user_sciper = $this->request->get('user_sciper');
+    $this->user_permissions = $this->request->get('user_permissions');
+    $this->user_role = $this->request->get('user_role');
+  }
+
+  public function getData()
+  {
+    return response()->json([
+      "tequila" => $this->user_data,
+      "role" => $this->user_role,
+      "permissions" => $this->user_permissions
+    ]);
+  }
+
+  public function getPermittedJobs()
+  {
+    return $this->user_permissions;
+  }
+
+  public function getCommentedAndMarkedApplicantsByUser()
+  {
+    $commented_applicants = DB::table('applicant')
+      ->join('comment', 'applicant.applicant_id', '=', 'comment.comment_id')
+      ->where('comment_owner_sciper', $this->user_sciper)->get();
+
+    $marker_applicants = DB::table('applicant')
+      ->join('marker', 'applicant.applicant_id', '=', 'marker.marker_id')
+      ->where('marker_owner_sciper', $this->user_sciper)->get();
+
+    return ["commented" => $commented_applicants, "marked" => $marker_applicants];
+  }
+
+  public function getUserDataBySciper($sciper)
+  {
+    $ldapconn = ldap_connect("ldap.epfl.ch", 389);
+    $search = ldap_search($ldapconn, "o=epfl,c=ch", "uniqueIdentifier=".$sciper, array("displayName", "mail"));
+    $info = ldap_get_entries($ldapconn, $search);
+    return response()->json([
+      "displayname" => $info[0]['displayname'][0],
+      "mail" => $info[0]['mail'][0]
+    ]);
+  }
+}

canapGEST/API/app/Http/Middleware/CorsMiddleware.php

+<?php
+namespace App\Http\Middleware;
+
+use Closure;
+
+class CorsMiddleware
+{
+    public function handle($request, Closure $next)
+    {
+        $headers = [
+            'Access-Control-Allow-Origin'      => '*',
+            'Access-Control-Allow-Methods'     => 'GET, POST, PUT, PATCH, DELETE, OPTIONS',
+            'Access-Control-Allow-Credentials' => 'true',
+            'Access-Control-Max-Age'           => '86400',
+            'Access-Control-Allow-Headers'     => '*'
+        ];
+
+        if ($request->isMethod('OPTIONS'))
+        {
+            return response()->json('{"method":"OPTIONS"}', 200, $headers);
+        }
+
+        $response = $next($request);
+        foreach($headers as $key => $value)
+        {
+            $response->header($key, $value);
+        }
+
+        return $response;
+    }
+}
\ No newline at end of file

canapGEST/API/app/Http/Middleware/JwtMiddleware.php

+<?php
+namespace App\Http\Middleware;
+
+use Closure;
+use Exception;
+use Firebase\JWT\JWT;
+use Firebase\JWT\ExpiredException;
+
+class JwtMiddleware
+{
+  public function handle($request, Closure $next, $guard = null)
+  {
+    $token = str_replace('Bearer ', '', $request->headers->get('Authorization'));
+
+    if (!$token) {
+      return response()->json([
+        'error' => 'Token not provided.'
+      ], 401);
+    }
+    try {
+      $content = JWT::decode($token, env('JWT_SECRET'), ['HS256']);
+    } catch (ExpiredException $e) {
+      return response()->json([
+        'error' => 'Provided token is expired.'
+      ], 400);
+    } catch (Exception $e) {
+      echo $e;
+      return response()->json([
+        'error' => 'An error while decoding token.'
+      ], 400);
+    }
+
+    // Make sciper, data & permissions accessible through request
+    $request->attributes->add(['user_sciper' => $content->sub]);
+    $request->attributes->add(['user_data' => $content->tequila_data]);
+    $request->attributes->add(['user_permissions' => $content->permissions]);
+    $request->attributes->add(['user_role' => $content->role]);
+
+    return $next($request);
+  }
+}
\ No newline at end of file

canapGEST/API/app/Providers/AppServiceProvider.php

+<?php
+
+namespace App\Providers;
+
+use Illuminate\Support\ServiceProvider;
+
+class AppServiceProvider extends ServiceProvider
+{
+    /**
+     * Register any application services.
+     *
+     * @return void
+     */
+    public function register()
+    {
+        //
+    }
+}

canapGEST/API/app/Providers/AuthServiceProvider.php

+<?php
+
+namespace App\Providers;
+
+use Illuminate\Support\ServiceProvider;
+
+class AuthServiceProvider extends ServiceProvider
+{
+    public function register()
+    {
+        //
+    }
+
+    public function boot()
+    {
+        //
+    }
+}

canapGEST/API/app/Providers/EventServiceProvider.php

+<?php
+
+namespace App\Providers;
+
+use Laravel\Lumen\Providers\EventServiceProvider as ServiceProvider;
+
+class EventServiceProvider extends ServiceProvider
+{
+    /**
+     * The event listener mappings for the application.
+     *
+     * @var array
+     */
+    protected $listen = [
+        'App\Events\SomeEvent' => [
+            'App\Listeners\EventListener',
+        ],
+    ];
+}