🔧 ci: add Deno lint and format check workflow

2026-01-08 17:31:45 +01:00
12 changed files with 51 additions and 68 deletions
@@ -0,0 +1,26 @@
 name: "Check Deno code"
 on:
  pull_request:
    branches:
      - main
 permissions:
  contents: read
 jobs:
  check-code:
    name: "Check Deno code"
    runs-on: ubuntu-latest
    steps:
      - uses: actions/checkout@v4
      - uses: denoland/setup-deno@v2
        with:
          deno-version: v2.x
      - name: Check formatting
        run: deno fmt --check
      - name: Check linting
        run: deno lint
@@ -3,16 +3,12 @@ import { AsyncRoute } from "$fresh/src/server/types.ts";
 export interface AuthenticatedState {
  isAuthenticated: true;
-  isFromPolytech: boolean;
+  session: CasContent;
  role: "etudiant" | "professeur" | "administration" | "autre";
  displayName: string;
  uid: string;
  availablePages: Record<string, string>;
 }
 interface UnauthenticatedState {
  isAuthenticated: false;
  isFromPolytech: false;
  session: undefined;
 }
@@ -19,7 +19,6 @@ import * as $_apps_students_partials_admin_consult from "./routes/(apps)/student
 import * as $_apps_students_partials_admin_upload from "./routes/(apps)/students/partials/(admin)/upload.tsx";
 import * as $_apps_students_partials_index from "./routes/(apps)/students/partials/index.tsx";
 import * as $_apps_students_types_d from "./routes/(apps)/students/types.d.ts";
 import * as $_403 from "./routes/_403.tsx";
 import * as $_404 from "./routes/_404.tsx";
 import * as $_app from "./routes/_app.tsx";
 import * as $_middleware from "./routes/_middleware.ts";
@@ -65,7 +64,6 @@ const manifest = {
    "./routes/(apps)/students/partials/index.tsx":
      $_apps_students_partials_index,
    "./routes/(apps)/students/types.d.ts": $_apps_students_types_d,
    "./routes/_403.tsx": $_403,
    "./routes/_404.tsx": $_404,
    "./routes/_app.tsx": $_app,
    "./routes/_middleware.ts": $_middleware,
@@ -23,7 +23,7 @@ export const handler: MiddlewareHandler<AuthenticatedState>[] = [
    context.state.availablePages = properties.pages;
    if (
-      context.state.role == "etudiant" &&
+      context.state.session.eduPersonPrimaryAffiliation == "student" &&
      Deno.env.get("LOCAL") != "true"
    ) {
      properties.adminOnly.forEach((page) =>
@@ -7,7 +7,7 @@ import { State } from "$root/routes/_middleware.ts";
 // deno-lint-ignore require-await
 export async function Index(_request: Request, context: FreshContext<State>) {
-  return <h2>Welcome to {context.state.displayName || 'Guest'}.</h2>;
+  return <h2>Welcome to {context.state.session?.displayName}.</h2>;
 }
 export const config = getPartialsConfig();
@@ -7,7 +7,7 @@ import { State } from "$root/routes/_middleware.ts";
 // deno-lint-ignore require-await
 async function Courses(_request: Request, context: FreshContext<State>) {
-  return <h2>Welcome to {context.state.displayName || 'Guest'}.</h2>;
+  return <h2>Welcome to {context.state.session?.displayName}.</h2>;
 }
 export const config = getPartialsConfig();
@@ -7,7 +7,7 @@ import { State } from "$root/routes/_middleware.ts";
 // deno-lint-ignore require-await
 export async function Index(_request: Request, context: FreshContext<State>) {
-  return <h2>Welcome to {context.state.displayName || 'Guest'}.</h2>;
+  return <h2>Welcome to {context.state.session?.displayName}.</h2>;
 }
 export const config = getPartialsConfig();
@@ -7,7 +7,7 @@ import { State } from "$root/routes/_middleware.ts";
 // deno-lint-ignore require-await
 async function Notes(_request: Request, context: FreshContext<State>) {
-  return <h2>Welcome to {context.state.displayName || 'Guest'}.</h2>;
+  return <h2>Welcome to {context.state.session?.displayName}.</h2>;
 }
 export const config = getPartialsConfig();
@@ -60,8 +60,8 @@ function getAll(
 */
 function addStudents(database: Database, students: Student[], promoId: string) {
  const query = `
-    INSERT INTO students
+    INSERT INTO students 
-    (userId, firstName, lastName, mail, promotionId)
+    (userId, firstName, lastName, mail, promotionId) 
    VALUES (?, ?, ?, ?, ?)`;
  const statement = database.prepare(query);
@@ -92,9 +92,9 @@ export const handler: Handlers<null, AuthenticatedState> = {
    using connection = connect("students");
    const database = connection.database;
-    if (context.state.role == "etudiant") {
+    if (context.state.session.eduPersonPrimaryAffiliation == "student") {
      return new Response(
-        JSON.stringify(getItself(database, context.state.uid)),
+        JSON.stringify(getItself(database, context.state.session.uid)),
        {
          headers: {
            "content-type": "application/json",
@@ -8,7 +8,13 @@ import SelfPortrait from "$root/routes/(apps)/students/(_components)/SelfPortrai
 // deno-lint-ignore require-await
 export async function Index(_request: Request, context: FreshContext<State>) {
-  return <h2>Welcome {context.state.displayName || 'Guest'}!</h2>;
+  return (
    <>
      <h2>Welcome {context.state.session?.givenName}!</h2>
      <h3>Your amU identity</h3>
      <SelfPortrait self={context.state.session!} />
    </>
  );
 }
 export const config = getPartialsConfig();
@@ -1,12 +0,0 @@
 import { Head } from "$fresh/runtime.ts";
 export default function Error403() {
  return (
    <>
      <Head>
        <title>403 - Forbidden</title>
      </Head>
      <p>403</p>
    </>
  );
 }
@@ -44,7 +44,6 @@ export function getKey(user: string): string {
 export const handler: MiddlewareHandler<State>[] = [
  /**
   * Check if user is authenticated and add session to context accordingly.
   * Only authenticated users who are members of Polytech are allowed.
   * @param request The HTTP incomming request.
   * @param context The Fresh context object with custom `State`.
   * @returns The response from the next middleware.
@@ -56,7 +55,6 @@ export const handler: MiddlewareHandler<State>[] = [
    const cookies = getCookies(request.headers);
    if (!cookies["sessionToken"]) {
      context.state.isAuthenticated = false;
      context.state.isFromPolytech = false;
      return await context.next();
    }
@@ -69,27 +67,9 @@ export const handler: MiddlewareHandler<State>[] = [
    );
    if (context.state.isAuthenticated) {
      const session: CasContent =
        (getJwtPayload(cookies["sessionToken"]) as LoginJWT).user;
-
+      context.state.session = session;
      const isFromPolytech = session.amuComposante.includes("polytech");
      context.state.isFromPolytech = isFromPolytech;
      if (isFromPolytech) {
        context.state.displayName = session.displayName;
        context.state.uid = session.uid;
        if (session.eduPersonPrimaryAffiliation == "faculty") {
          context.state.role = "professeur"
        } else if (session.eduPersonPrimaryAffiliation == "employee") {
          context.state.role = "administration"
        } else if (session.eduPersonPrimaryAffiliation == "student") {
          context.state.role = "etudiant";
        } else {
          context.state.role = "autre";
        }
      }
    }
    return await context.next();
@@ -107,24 +87,13 @@ export const handler: MiddlewareHandler<State>[] = [
  ): Promise<Response> {
    const url = new URL(request.url);
-    if (!isRoutePublic(url.pathname)) {
+    if (!isRoutePublic(url.pathname) && !context.state.isAuthenticated) {
-      if (!context.state.isAuthenticated) {
+      return new Response(null, {
-        return new Response(null, {
+        status: 302,
-          status: 302,
+        headers: {
-          headers: {
+          Location: "/login",
-            Location: "/login",
+        },
-          },
+      });
        });
      }
      if (!context.state.isFromPolytech) {
        return new Response(null, {
          status: 403,
          headers: {
            Location: "/403",
          },
        });
      }
    }
    return await context.next();