The changes in TestUtils.kt reflect improvements in code style, sec…

…urity, database interaction, and testing utilities. Let's break down the key modifications:

**1. Constants Usage and Visibility:**

*   Constants are now directly imported and used, like `ADMIN`, `DOMAIN_DEV_URL`, role constants etc. improving readability and reducing reliance on the `Constants` object.
*   `@file:Suppress("MemberVisibilityCanBePrivate")` This annotation suppresses warnings about members that could be private.  It suggests that these members are intentionally made public, likely for testing purposes where direct access is beneficial.

**2. Insert User Script Enhancement:**

*   The SQL script for inserting users has been significantly improved. It now uses a more robust random password generator function directly within PostgreSQL. The previous approach used a less secure and potentially problematic method of generating random passwords.  The new function utilizes PostgreSQL's built-in random functions and character manipulation capabilities.
*   The script is now a constant (`INSERT_USERS_SCRIPT`) rather than a calculated value. This makes it easier to manage and understand.
*   The SQL syntax has been cleaned up, using double quotes consistently for identifiers (`"user"` instead of `` `user` ``), adhering to better SQL practices.

**3. String Formatting and Logging:**

*   Log messages for displaying the insert script and request bodies now use Kotlin's string interpolation, which is more concise and readable.

**4. Code Style and Readability:**

*   Comments are used more effectively to explain sections of the code.
*   The code is generally cleaner and more idiomatic Kotlin, such as using `run` for scoping and side effects.

**Summary of Improvements:**

*   **Security:** More robust password generation.
*   **Database Interaction:** More efficient and standard SQL.
*   **Code Style:** Cleaner, more readable Kotlin.
*   **Testability:** Improved access to test data and utilities.
*   **Maintainability:** Constants improve clarity and reduce reliance on a single `Constants` object.

These changes represent a good progression in code quality and maintainability, demonstrating a shift towards best practices and improved security measures.  The improvements to the user insertion script are particularly noteworthy, addressing potential security vulnerabilities.

api/src/test/kotlin/users/TestTools.kt

@@ -2,6 +2,7 @@ package users
 
 import app.Application
 import app.utils.Constants
+import app.utils.Constants.VIRGULE
 import com.fasterxml.jackson.annotation.JsonInclude
 import com.fasterxml.jackson.databind.ObjectMapper
 import com.fasterxml.jackson.databind.SerializationFeature
@@ -13,6 +14,7 @@ import org.springframework.boot.runApplication
 import org.springframework.boot.web.reactive.context.StandardReactiveWebEnvironment
 import org.springframework.context.ConfigurableApplicationContext
 import workspace.Log
+import workspace.Log.i
 import java.io.IOException
 import java.lang.Byte
 import java.time.ZonedDateTime
@@ -52,18 +54,14 @@ object TestTools {
     fun launcher(
         vararg profiles: String, userAuths: Set<Pair<String, String>> = emptySet()
     ): ConfigurableApplicationContext = runApplication<Application> {
-        /**
-         * before launching: configuration
-         */
+        /** before launching: configuration */
         setEnvironment(StandardReactiveWebEnvironment().apply {
             setDefaultProfiles(Constants.TEST)
             addActiveProfile(Constants.TEST)
             profiles.toSet().map(::addActiveProfile)
         })
     }.apply {
-        /**
-         * after launching: verification & post construct
-         */
+        /** after launching: verification & post construct */
         (when {
             environment.defaultProfiles.isNotEmpty() -> environment.defaultProfiles.reduce { acc, s -> "$acc, $s" }
 
@@ -197,16 +195,16 @@ object TestTools {
         if (isNotEmpty()) map { it.toInt().toChar().toString() }.reduce { request, s ->
                 request + buildString {
                     append(s)
-                    if (s == Constants.VIRGULE && request.last().isDigit()) append("\n\t")
+                    if (s == VIRGULE && request.last().isDigit()) append("\n\t")
                 }
             }.replace("{\"", "\n{\n\t\"").replace("\"}", "\"\n}").replace("\",\"", "\",\n\t\"")
-            .run { Log.i("\nbody:$this") }
+            .run { i("\nbody:$this") }
     }
 
     fun ByteArray.logBodyRaw(): ByteArray = apply {
         if (isNotEmpty()) map {
             it.toInt().toChar().toString()
-        }.reduce { request, s -> request + s }.run { Log.i(this) }
+        }.reduce { request, s -> request + s }.run { i(this) }
     }
 
 //fun createDataAccounts(accounts: Set<AccountCredentials>, dao: R2dbcEntityTemplate) {

api/src/test/kotlin/users/TestUtils.kt

@@ -1,6 +1,13 @@
+@file:Suppress("MemberVisibilityCanBePrivate")
+
 package users
 
-import app.utils.Constants
+import app.utils.Constants.ADMIN
+import app.utils.Constants.DOMAIN_DEV_URL
+import app.utils.Constants.ROLE_ADMIN
+import app.utils.Constants.ROLE_ANONYMOUS
+import app.utils.Constants.ROLE_USER
+import app.utils.Constants.USER
 import org.springframework.context.ApplicationContext
 import users.TestUtils.Data.displayInsertUserScript
 import users.UserDao.Dao.findOne
@@ -16,13 +23,13 @@ object TestUtils {
     object Data {
         const val OFFICIAL_SITE = "https://cccp-education.github.io/"
         const val DEFAULT_IMAGE_URL = "https://placehold.it/50x50"
-        val admin: User by lazy { userFactory(Constants.ADMIN) }
-        val user: User by lazy { userFactory(Constants.USER) }
+        val admin: User by lazy { userFactory(ADMIN) }
+        val user: User by lazy { userFactory(USER) }
         val users: Set<User> = setOf(admin, user)
         const val DEFAULT_USER_JSON = """{
-    "login": "${Constants.USER}",
-    "email": "${Constants.USER}@${Constants.DOMAIN_DEV_URL}",
-    "password": "${Constants.USER}"}"""
+    "login": "$USER",
+    "email": "$USER@$DOMAIN_DEV_URL",
+    "password": "$USER"}"""
         val signup: Signup by lazy {
             Signup(
                 login = user.login,
@@ -35,49 +42,45 @@ object TestUtils {
         fun userFactory(login: String): User = User(
             password = login,
             login = login,
-            email = "$login@${Constants.DOMAIN_DEV_URL}",
+            email = "$login@$DOMAIN_DEV_URL",
         )
 
         fun displayInsertUserScript() {
-            "InsertUserScript :\n$insertUsersScript".run(::println)
+            "InsertUserScript :\n$INSERT_USERS_SCRIPT".run(::println)
         }
 
         //TODO : add methode to complete user generation
-        val insertUsersScript = """
-            -- Fonction pour générer des mots de passe aléatoires (ajustez la longueur si nécessaire)
-            DELIMITER ${'$'}${'$'}
-            CREATE FUNCTION random_password(length INT)
-            RETURNS CHAR(length)
+        const val INSERT_USERS_SCRIPT = """
+            -- Fonction pour générer des mots de passe aléatoires
+            CREATE OR REPLACE FUNCTION random_password(length INT) RETURNS TEXT AS ${'$'}${'$'}
+            DECLARE
+                chars TEXT := 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
+                pwd TEXT := '';
             BEGIN
-                SET @chars := 'abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789';
-                SET @i := 0;
-                SET @pwd := '';
-                WHILE @i < length DO
-                    SET @pwd := CONCAT(@pwd, SUBSTRING(@chars, FLOOR(RAND() * LENGTH(@chars)) + 1, 1));
-                    SET @i := @i + 1;
-                END WHILE;
-                RETURN @pwd;
-            END ${'$'}${'$'}
-            DELIMITER ;
+                FOR i IN 1..length LOOP
+                    pwd := pwd || substring(chars from (floor(random() * length(chars)) + 1) for 1);
+                END LOOP;
+                RETURN pwd;
+            END;
+            ${'$'}${'$'} LANGUAGE plpgsql;
             
             -- Insertion de 100 nouveaux utilisateurs avec des mots de passe aléatoires
-            INSERT INTO `user` (`login`, `password`, `email`, `lang_key`)
+            INSERT INTO "user" ("login", "password", "email", "lang_key")
             VALUES
                 ('user1', random_password(10), '[email protected]', 'en'),
                 ('user2', random_password(10), '[email protected]', 'fr'),
                 -- ... (répéter 98 fois en remplaçant les noms d'utilisateur et les emails)
                 ('user100', random_password(10), '[email protected]', 'es');
             
             -- Attribution du rôle "USER" à tous les nouveaux utilisateurs
-            INSERT INTO `user_authority` (`user_id`, `role`)
-            SELECT `id`, 'USER'
-            FROM `user`
-            WHERE `id` IN (
-                SELECT `id`
-                FROM `user`
-                WHERE `login` LIKE 'user%'
-            );            
-        """.trimIndent()
+            INSERT INTO "user_authority" ("user_id", "role")
+            SELECT "id", 'USER'
+            FROM "user"
+            WHERE "id" IN (
+                SELECT "id"
+                FROM "user"
+                WHERE "login" LIKE 'user%'
+            );"""
 
         suspend fun ApplicationContext.assertUserExists(pairLoginEmail: Pair<String, String>) = assertEquals(
             pairLoginEmail.first,
@@ -100,7 +103,7 @@ object TestUtils {
         get() = setOf("en", "fr", "de", "it", "es")
 
     val ApplicationContext.defaultRoles
-        get() = setOf(Constants.ROLE_ADMIN, Constants.ROLE_USER, Constants.ROLE_ANONYMOUS)
+        get() = setOf(ROLE_ADMIN, ROLE_USER, ROLE_ANONYMOUS)
 
     fun ApplicationContext.checkProperty(
         property: String,