🔧 ci: add Deno lint and format check workflow

2026-01-08 17:31:45 +01:00
12 changed files with 51 additions and 68 deletions
@@ -0,0 +1,26 @@
+name: "Check Deno code"
+
+on:
+  pull_request:
+    branches:
+      - main
+
+permissions:
+  contents: read
+
+jobs:
+  check-code:
+    name: "Check Deno code"
+    runs-on: ubuntu-latest
+    steps:
+      - uses: actions/checkout@v4
+
+      - uses: denoland/setup-deno@v2
+        with:
+          deno-version: v2.x
+
+      - name: Check formatting
+        run: deno fmt --check
+
+      - name: Check linting
+        run: deno lint
@@ -3,16 +3,12 @@ import { AsyncRoute } from "$fresh/src/server/types.ts";

 export interface AuthenticatedState {
  isAuthenticated: true;
-  isFromPolytech: boolean;
-  role: "etudiant" | "professeur" | "administration" | "autre";
-  displayName: string;
-  uid: string;
+  session: CasContent;
  availablePages: Record<string, string>;
 }

 interface UnauthenticatedState {
  isAuthenticated: false;
-  isFromPolytech: false;
  session: undefined;
 }

@@ -19,7 +19,6 @@ import * as $_apps_students_partials_admin_consult from "./routes/(apps)/student
 import * as $_apps_students_partials_admin_upload from "./routes/(apps)/students/partials/(admin)/upload.tsx";
 import * as $_apps_students_partials_index from "./routes/(apps)/students/partials/index.tsx";
 import * as $_apps_students_types_d from "./routes/(apps)/students/types.d.ts";
-import * as $_403 from "./routes/_403.tsx";
 import * as $_404 from "./routes/_404.tsx";
 import * as $_app from "./routes/_app.tsx";
 import * as $_middleware from "./routes/_middleware.ts";
@@ -65,7 +64,6 @@ const manifest = {
    "./routes/(apps)/students/partials/index.tsx":
      $_apps_students_partials_index,
    "./routes/(apps)/students/types.d.ts": $_apps_students_types_d,
-    "./routes/_403.tsx": $_403,
    "./routes/_404.tsx": $_404,
    "./routes/_app.tsx": $_app,
    "./routes/_middleware.ts": $_middleware,
@@ -23,7 +23,7 @@ export const handler: MiddlewareHandler<AuthenticatedState>[] = [

    context.state.availablePages = properties.pages;
    if (
-      context.state.role == "etudiant" &&
+      context.state.session.eduPersonPrimaryAffiliation == "student" &&
      Deno.env.get("LOCAL") != "true"
    ) {
      properties.adminOnly.forEach((page) =>
@@ -7,7 +7,7 @@ import { State } from "$root/routes/_middleware.ts";

 // deno-lint-ignore require-await
 export async function Index(_request: Request, context: FreshContext<State>) {
-  return <h2>Welcome to {context.state.displayName || 'Guest'}.</h2>;
+  return <h2>Welcome to {context.state.session?.displayName}.</h2>;
 }

 export const config = getPartialsConfig();
@@ -7,7 +7,7 @@ import { State } from "$root/routes/_middleware.ts";

 // deno-lint-ignore require-await
 async function Courses(_request: Request, context: FreshContext<State>) {
-  return <h2>Welcome to {context.state.displayName || 'Guest'}.</h2>;
+  return <h2>Welcome to {context.state.session?.displayName}.</h2>;
 }

 export const config = getPartialsConfig();
@@ -7,7 +7,7 @@ import { State } from "$root/routes/_middleware.ts";

 // deno-lint-ignore require-await
 export async function Index(_request: Request, context: FreshContext<State>) {
-  return <h2>Welcome to {context.state.displayName || 'Guest'}.</h2>;
+  return <h2>Welcome to {context.state.session?.displayName}.</h2>;
 }

 export const config = getPartialsConfig();
@@ -7,7 +7,7 @@ import { State } from "$root/routes/_middleware.ts";

 // deno-lint-ignore require-await
 async function Notes(_request: Request, context: FreshContext<State>) {
-  return <h2>Welcome to {context.state.displayName || 'Guest'}.</h2>;
+  return <h2>Welcome to {context.state.session?.displayName}.</h2>;
 }

 export const config = getPartialsConfig();
@@ -60,8 +60,8 @@ function getAll(
 */
 function addStudents(database: Database, students: Student[], promoId: string) {
  const query = `
-    INSERT INTO students
-    (userId, firstName, lastName, mail, promotionId)
+    INSERT INTO students 
+    (userId, firstName, lastName, mail, promotionId) 
    VALUES (?, ?, ?, ?, ?)`;

  const statement = database.prepare(query);
@@ -92,9 +92,9 @@ export const handler: Handlers<null, AuthenticatedState> = {
    using connection = connect("students");
    const database = connection.database;

-    if (context.state.role == "etudiant") {
+    if (context.state.session.eduPersonPrimaryAffiliation == "student") {
      return new Response(
-        JSON.stringify(getItself(database, context.state.uid)),
+        JSON.stringify(getItself(database, context.state.session.uid)),
        {
          headers: {
            "content-type": "application/json",
@@ -8,7 +8,13 @@ import SelfPortrait from "$root/routes/(apps)/students/(_components)/SelfPortrai

 // deno-lint-ignore require-await
 export async function Index(_request: Request, context: FreshContext<State>) {
-  return <h2>Welcome {context.state.displayName || 'Guest'}!</h2>;
+  return (
+    <>
+      <h2>Welcome {context.state.session?.givenName}!</h2>
+      <h3>Your amU identity</h3>
+      <SelfPortrait self={context.state.session!} />
+    </>
+  );
 }

 export const config = getPartialsConfig();
@@ -1,12 +0,0 @@
-import { Head } from "$fresh/runtime.ts";
-
-export default function Error403() {
-  return (
-    <>
-      <Head>
-        <title>403 - Forbidden</title>
-      </Head>
-      <p>403</p>
-    </>
-  );
-}
@@ -44,7 +44,6 @@ export function getKey(user: string): string {
 export const handler: MiddlewareHandler<State>[] = [
  /**
   * Check if user is authenticated and add session to context accordingly.
-   * Only authenticated users who are members of Polytech are allowed.
   * @param request The HTTP incomming request.
   * @param context The Fresh context object with custom `State`.
   * @returns The response from the next middleware.
@@ -56,7 +55,6 @@ export const handler: MiddlewareHandler<State>[] = [
    const cookies = getCookies(request.headers);
    if (!cookies["sessionToken"]) {
      context.state.isAuthenticated = false;
-      context.state.isFromPolytech = false;
      return await context.next();
    }

@@ -69,27 +67,9 @@ export const handler: MiddlewareHandler<State>[] = [
    );

    if (context.state.isAuthenticated) {
-
      const session: CasContent =
        (getJwtPayload(cookies["sessionToken"]) as LoginJWT).user;
-
-      const isFromPolytech = session.amuComposante.includes("polytech");
-      context.state.isFromPolytech = isFromPolytech;
-
-      if (isFromPolytech) {
-        context.state.displayName = session.displayName;
-        context.state.uid = session.uid;
-
-        if (session.eduPersonPrimaryAffiliation == "faculty") {
-          context.state.role = "professeur"
-        } else if (session.eduPersonPrimaryAffiliation == "employee") {
-          context.state.role = "administration"
-        } else if (session.eduPersonPrimaryAffiliation == "student") {
-          context.state.role = "etudiant";
-        } else {
-          context.state.role = "autre";
-        }
-      }
+      context.state.session = session;
    }

    return await context.next();
@@ -107,24 +87,13 @@ export const handler: MiddlewareHandler<State>[] = [
  ): Promise<Response> {
    const url = new URL(request.url);

-    if (!isRoutePublic(url.pathname)) {
-      if (!context.state.isAuthenticated) {
-        return new Response(null, {
-          status: 302,
-          headers: {
-            Location: "/login",
-          },
-        });
-      }
-
-      if (!context.state.isFromPolytech) {
-        return new Response(null, {
-          status: 403,
-          headers: {
-            Location: "/403",
-          },
-        });
-      }
+    if (!isRoutePublic(url.pathname) && !context.state.isAuthenticated) {
+      return new Response(null, {
+        status: 302,
+        headers: {
+          Location: "/login",
+        },
+      });
    }

    return await context.next();