From 32754717606427d804c5302ffbbdf6bd6c145a4d Mon Sep 17 00:00:00 2001
From: davdarras <david.darras@insee.fr>
Date: Wed, 19 Jun 2024 16:41:39 +0200
Subject: [PATCH] fix: remove useless check on user id

---
 .../api/controller/CampaignController.java    | 52 ++--------
 .../controller/ClosingCauseController.java    | 25 ++---
 .../controller/ContactOutcomeController.java  | 67 +++++--------
 .../api/controller/InterviewerController.java | 19 ----
 .../api/controller/MessageController.java     | 83 +++++-----------
 .../api/controller/PreferenceController.java  | 12 +--
 .../api/controller/StateController.java       | 99 ++++++++-----------
 .../api/controller/SurveyUnitController.java  | 48 ---------
 .../api/controller/UserController.java        | 35 +++----
 9 files changed, 127 insertions(+), 313 deletions(-)

diff --git a/src/main/java/fr/insee/pearljam/api/controller/CampaignController.java b/src/main/java/fr/insee/pearljam/api/controller/CampaignController.java
index d5666e2d..15996f73 100644
--- a/src/main/java/fr/insee/pearljam/api/controller/CampaignController.java
+++ b/src/main/java/fr/insee/pearljam/api/controller/CampaignController.java
@@ -87,14 +87,9 @@ public ResponseEntity<Object> postCampaign(@RequestBody CampaignContextDto campa
 	public ResponseEntity<List<CampaignDto>> getListCampaign() {
 		String userId = authenticatedUserService.getCurrentUserId();
 		log.info("User {} : GET related campaigns", userId);
-		if (StringUtils.isBlank(userId)) {
-			log.warn(NO_USER_ID);
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			List<CampaignDto> lstCampaigns = campaignService.getListCampaign(userId);
-			log.info("User {} -> {} related campaigns found", userId, lstCampaigns.size());
-			return new ResponseEntity<>(lstCampaigns, HttpStatus.OK);
-		}
+		List<CampaignDto> lstCampaigns = campaignService.getListCampaign(userId);
+		log.info("User {} -> {} related campaigns found", userId, lstCampaigns.size());
+		return new ResponseEntity<>(lstCampaigns, HttpStatus.OK);
 	}
 
 	/**
@@ -109,15 +104,11 @@ public ResponseEntity<List<CampaignDto>> getListCampaign() {
 	public ResponseEntity<List<CampaignDto>> getAllCampaigns() {
 		String userId = authenticatedUserService.getCurrentUserId();
 		log.info("User {} : GET all campaigns", userId);
-		if (StringUtils.isBlank(userId)) {
-			log.warn(NO_USER_ID);
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			List<CampaignDto> lstCampaigns = campaignService.getAllCampaigns();
-			log.info("User {}, GET all campaigns ({} campaigns found) resulting in 200", userId,
-					lstCampaigns.size());
-			return new ResponseEntity<>(lstCampaigns, HttpStatus.OK);
-		}
+		List<CampaignDto> lstCampaigns = campaignService.getAllCampaigns();
+		log.info("User {}, GET all campaigns ({} campaigns found) resulting in 200", userId,
+				lstCampaigns.size());
+		return new ResponseEntity<>(lstCampaigns, HttpStatus.OK);
+
 	}
 
 	/**
@@ -131,10 +122,6 @@ public ResponseEntity<List<CampaignDto>> getAllCampaigns() {
 	@GetMapping(path = Constants.API_INTERVIEWER_CAMPAIGNS)
 	public ResponseEntity<List<CampaignDto>> getInterviewerCampaigns() {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			log.warn(NO_USER_ID);
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		log.info("Interviewer {} : GET related campaigns", userId);
 		List<CampaignDto> lstCampaigns = campaignService.getInterviewerCampaigns(userId);
 		log.info("Interviewer {} : returned {} campaigns, resulting in 200", userId, lstCampaigns.size());
@@ -155,10 +142,6 @@ public ResponseEntity<List<CampaignDto>> getInterviewerCampaigns() {
 	@GetMapping(path = Constants.API_CAMPAIGN_ID_INTERVIEWERS)
 	public ResponseEntity<List<InterviewerDto>> getListInterviewers(@PathVariable(value = "id") String id) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			log.warn(NO_USER_ID);
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		log.info("{} try to get campaign[{}] interviewers ", userId, id);
 		List<InterviewerDto> lstInterviewer;
 		try {
@@ -188,10 +171,6 @@ public ResponseEntity<List<InterviewerDto>> getListInterviewers(@PathVariable(va
 	@GetMapping(path = Constants.API_CAMPAIGN_ID_VISIBILITIES)
 	public ResponseEntity<List<VisibilityContextDto>> getVisibilities(@PathVariable(value = "id") String id) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			log.warn(NO_USER_ID);
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		log.info("{} try to get campaign[{}] visibilities ", userId, id);
 		if (!campaignService.findById(id).isPresent()) {
 			log.warn("Can't find visibilities : campaign {} is missing", id);
@@ -219,10 +198,6 @@ public ResponseEntity<List<VisibilityContextDto>> getVisibilities(@PathVariable(
 	@GetMapping(path = Constants.API_CAMPAIGN_ID_SU_ABANDONED)
 	public ResponseEntity<CountDto> getNbSUAbandoned(@PathVariable(value = "id") String id) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			log.warn(NO_USER_ID);
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		log.info("{} try to get campaign[{}] abandoned survey-units ", userId, id);
 		CountDto nbSUAbandoned;
 		try {
@@ -249,10 +224,6 @@ public ResponseEntity<CountDto> getNbSUAbandoned(@PathVariable(value = "id") Str
 	@GetMapping(path = Constants.API_CAMPAIGN_ID_SU_NOTATTRIBUTED)
 	public ResponseEntity<CountDto> getNbSUNotAttributed(@PathVariable(value = "id") String id) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			log.warn(NO_USER_ID);
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		log.info("{} try to get campaign[{}] not attributed survey-units ", userId, id);
 		CountDto nbSUNotAttributed;
 		try {
@@ -280,10 +251,6 @@ public ResponseEntity<Object> putVisibilityDate(
 			@PathVariable(value = "idCampaign") String idCampaign,
 			@PathVariable(value = "idOu") String idOu) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			log.info(NO_USER_ID);
-			return new ResponseEntity<>(NO_USER_ID, HttpStatus.FORBIDDEN);
-		}
 		log.info("{} try to change OU[{}] visibility on campaign[{}] ", userId, idOu, idCampaign);
 		HttpStatus returnCode = campaignService.updateVisibility(idCampaign, idOu, visibilityUpdated);
 		log.info("PUT visibility with CampaignId {} for Organizational Unit {} resulting in {}", idCampaign,
@@ -337,9 +304,6 @@ public ResponseEntity<Object> putCampaign(@PathVariable(value = "id") String id,
 		String userId = authenticatedUserService.getCurrentUserId();
 		log.info("{} try to update campaign {} collection dates", userId, id);
 
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		HttpStatus returnCode = campaignService.updateCampaign(id, campaign);
 		log.info("PUT campaign with id {} resulting in {}", id, returnCode.value());
 		return new ResponseEntity<>(returnCode);
diff --git a/src/main/java/fr/insee/pearljam/api/controller/ClosingCauseController.java b/src/main/java/fr/insee/pearljam/api/controller/ClosingCauseController.java
index 730b73d8..28192eb5 100644
--- a/src/main/java/fr/insee/pearljam/api/controller/ClosingCauseController.java
+++ b/src/main/java/fr/insee/pearljam/api/controller/ClosingCauseController.java
@@ -50,21 +50,16 @@ public ResponseEntity<ClosingCauseCountDto> getClosingCauseCount(
 		String userId = authenticatedUserService.getCurrentUserId();
 		List<String> associatedOrgUnits = utilsService.getRelatedOrganizationUnits(userId);
 
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			ClosingCauseCountDto closingCountDto;
-			try {
-				closingCountDto = closingCauseService.getClosingCauseCount(userId, id, idep, date,
-						associatedOrgUnits);
-			} catch (NotFoundException e) {
-				log.error(e.getMessage());
-				log.info("Get ClosingCauseCount resulting in 404");
-				return new ResponseEntity<>(HttpStatus.NOT_FOUND);
-			}
-			log.info("Get ClosingCauseCount resulting in 200");
-			return new ResponseEntity<>(closingCountDto, HttpStatus.OK);
+		ClosingCauseCountDto closingCountDto;
+		try {
+			closingCountDto = closingCauseService.getClosingCauseCount(userId, id, idep, date,
+					associatedOrgUnits);
+		} catch (NotFoundException e) {
+			log.error(e.getMessage());
+			log.info("Get ClosingCauseCount resulting in 404");
+			return new ResponseEntity<>(HttpStatus.NOT_FOUND);
 		}
-
+		log.info("Get ClosingCauseCount resulting in 200");
+		return new ResponseEntity<>(closingCountDto, HttpStatus.OK);
 	}
 }
diff --git a/src/main/java/fr/insee/pearljam/api/controller/ContactOutcomeController.java b/src/main/java/fr/insee/pearljam/api/controller/ContactOutcomeController.java
index f33151c5..8f1fa132 100644
--- a/src/main/java/fr/insee/pearljam/api/controller/ContactOutcomeController.java
+++ b/src/main/java/fr/insee/pearljam/api/controller/ContactOutcomeController.java
@@ -45,20 +45,17 @@ public class ContactOutcomeController {
 	public ResponseEntity<ContactOutcomeTypeCountDto> getNbSUNotAttributedContactOutcomes(
 			@PathVariable(value = "id") String id, @RequestParam(required = false, name = "date") Long date) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			ContactOutcomeTypeCountDto contactOutcomes;
-			try {
-				contactOutcomes = contactOutcomeService.getNbSUNotAttributedContactOutcomes(userId, id, date);
-			} catch (NotFoundException e) {
-				log.error(e.getMessage());
-				log.info("Get Contact-outcomes count for non attributted SUs resulting in 404");
-				return new ResponseEntity<>(HttpStatus.NOT_FOUND);
-			}
-			log.info("Get Contact-outcomes count for non attributted SUs resulting in 200");
-			return new ResponseEntity<>(contactOutcomes, HttpStatus.OK);
+		ContactOutcomeTypeCountDto contactOutcomes;
+		try {
+			contactOutcomes = contactOutcomeService.getNbSUNotAttributedContactOutcomes(userId, id, date);
+		} catch (NotFoundException e) {
+			log.error(e.getMessage());
+			log.info("Get Contact-outcomes count for non attributted SUs resulting in 404");
+			return new ResponseEntity<>(HttpStatus.NOT_FOUND);
 		}
+		log.info("Get Contact-outcomes count for non attributted SUs resulting in 200");
+		return new ResponseEntity<>(contactOutcomes, HttpStatus.OK);
+
 	}
 
 	/**
@@ -75,18 +72,15 @@ public ResponseEntity<ContactOutcomeTypeCountDto> getNbSUNotAttributedContactOut
 	public ResponseEntity<List<ContactOutcomeTypeCountDto>> getCampaignsContactOutcomeTypeCount(
 			@RequestParam(required = false, name = "date") Long date) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			List<ContactOutcomeTypeCountDto> listContactOutcomeTypeCountDto = contactOutcomeService
-					.getContactOutcomeTypeCountByCampaign(userId, date);
-			if (listContactOutcomeTypeCountDto == null) {
-				log.info("Get contactOutcomeTypeCount resulting in 404");
-				return new ResponseEntity<>(HttpStatus.NOT_FOUND);
-			}
-			log.info("Get contactOutcomeTypeCount resulting in 200");
-			return new ResponseEntity<>(listContactOutcomeTypeCountDto, HttpStatus.OK);
+
+		List<ContactOutcomeTypeCountDto> listContactOutcomeTypeCountDto = contactOutcomeService
+				.getContactOutcomeTypeCountByCampaign(userId, date);
+		if (listContactOutcomeTypeCountDto == null) {
+			log.info("Get contactOutcomeTypeCount resulting in 404");
+			return new ResponseEntity<>(HttpStatus.NOT_FOUND);
 		}
+		log.info("Get contactOutcomeTypeCount resulting in 200");
+		return new ResponseEntity<>(listContactOutcomeTypeCountDto, HttpStatus.OK);
 	}
 
 	/**
@@ -104,20 +98,16 @@ public ResponseEntity<List<ContactOutcomeTypeCountDto>> getCampaignsContactOutco
 	public ResponseEntity<ContactOutcomeTypeCountCampaignDto> getContactOutcomeTypeCountByCampaign(
 			@PathVariable(value = "id") String id, @RequestParam(required = false, name = "date") Long date) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			ContactOutcomeTypeCountCampaignDto stateCountCampaignDto;
-			try {
-				stateCountCampaignDto = contactOutcomeService.getContactOutcomeCountTypeByCampaign(userId, id, date);
-			} catch (NotFoundException e) {
-				log.error(e.getMessage());
-				log.info("Get contact-outcome type count resulting in 404");
-				return new ResponseEntity<>(HttpStatus.NOT_FOUND);
-			}
-			log.info("Get contact-outcome type count resulting in 200");
-			return new ResponseEntity<>(stateCountCampaignDto, HttpStatus.OK);
+		ContactOutcomeTypeCountCampaignDto stateCountCampaignDto;
+		try {
+			stateCountCampaignDto = contactOutcomeService.getContactOutcomeCountTypeByCampaign(userId, id, date);
+		} catch (NotFoundException e) {
+			log.error(e.getMessage());
+			log.info("Get contact-outcome type count resulting in 404");
+			return new ResponseEntity<>(HttpStatus.NOT_FOUND);
 		}
+		log.info("Get contact-outcome type count resulting in 200");
+		return new ResponseEntity<>(stateCountCampaignDto, HttpStatus.OK);
 	}
 
 	/**
@@ -135,9 +125,6 @@ public ResponseEntity<ContactOutcomeTypeCountDto> getContactOuctomeByCampaignAnd
 			@PathVariable(value = "id") String id, @PathVariable(value = "idep") String idep,
 			@RequestParam(required = false, name = "date") Long date) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		ContactOutcomeTypeCountDto cotd;
 		try {
 			cotd = contactOutcomeService.getContactOutcomeByInterviewerAndCampaign(userId, id, idep, date);
diff --git a/src/main/java/fr/insee/pearljam/api/controller/InterviewerController.java b/src/main/java/fr/insee/pearljam/api/controller/InterviewerController.java
index 23a30b50..5ef447f1 100644
--- a/src/main/java/fr/insee/pearljam/api/controller/InterviewerController.java
+++ b/src/main/java/fr/insee/pearljam/api/controller/InterviewerController.java
@@ -68,9 +68,6 @@ public ResponseEntity<String> postInterviewers(@RequestBody List<InterviewerCont
 	@GetMapping(path = Constants.API_INTERVIEWERS)
 	public ResponseEntity<Set<InterviewerDto>> getListInterviewers() {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		Set<InterviewerDto> lstInterviewer = interviewerService.getListInterviewers(userId);
 		if (lstInterviewer == null) {
 			log.info("Get interviewers resulting in 404");
@@ -85,10 +82,6 @@ public ResponseEntity<Set<InterviewerDto>> getListInterviewers() {
 	@GetMapping(path = Constants.API_INTERVIEWER_ID)
 	public ResponseEntity<InterviewerContextDto> getInterviewer(@PathVariable(value = "id") String id) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			log.info("{} -> Get interviewer [{}] resulting in 403 : unknown user", userId, id);
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		Optional<InterviewerContextDto> interviewer = interviewerService.findDtoById(id);
 		if (interviewer.isEmpty()) {
 			log.info("{} -> Get interviewer [{}] resulting in 404", userId, id);
@@ -103,9 +96,6 @@ public ResponseEntity<InterviewerContextDto> getInterviewer(@PathVariable(value
 	@GetMapping(path = Constants.API_ADMIN_INTERVIEWERS)
 	public ResponseEntity<List<InterviewerContextDto>> getCompleteListInterviewers() {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		List<InterviewerContextDto> lstInterviewer = interviewerService.getCompleteListInterviewers();
 		if (lstInterviewer.isEmpty()) {
 			log.info("{} -> Get all interviewers resulting in 404 : no interviewers", userId);
@@ -120,9 +110,6 @@ public ResponseEntity<List<InterviewerContextDto>> getCompleteListInterviewers()
 	@GetMapping(path = Constants.API_INTERVIEWER_ID_CAMPAIGNS)
 	public ResponseEntity<List<CampaignDto>> getListCampaigns(@PathVariable(value = "id") String id) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		Optional<List<CampaignDto>> list = interviewerService.findCampaignsOfInterviewer(id);
 		if (!list.isPresent()) {
 			log.info("{} -> Get interviewer campaigns resulting in 404", userId);
@@ -139,8 +126,6 @@ public ResponseEntity<InterviewerContextDto> updateInterviewer(
 			@PathVariable(value = "id") String id, 
 			@RequestBody InterviewerContextDto interviewer) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId))
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
 
 		if (id == null)
 			return new ResponseEntity<>(HttpStatus.BAD_REQUEST);
@@ -160,10 +145,6 @@ public ResponseEntity<InterviewerContextDto> updateInterviewer(
 	@DeleteMapping(path = Constants.API_INTERVIEWER_ID)
 	public ResponseEntity<Object> deleteInterviewer(@PathVariable(value = "id") String id) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			log.warn("{} : DELETE interviewer with id {} resulting in 403.", userId, id);
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 
 		if (id == null) {
 			log.warn("{} : no interviewerId provided : resulting in 400.", userId);
diff --git a/src/main/java/fr/insee/pearljam/api/controller/MessageController.java b/src/main/java/fr/insee/pearljam/api/controller/MessageController.java
index 578a9b5e..668481db 100644
--- a/src/main/java/fr/insee/pearljam/api/controller/MessageController.java
+++ b/src/main/java/fr/insee/pearljam/api/controller/MessageController.java
@@ -47,18 +47,15 @@ public class MessageController {
 	@PostMapping(path = "/message")
 	public ResponseEntity<Object> postMessage(@RequestBody MessageDto message) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			String text = message.getText();
-			List<String> recipients = message.getRecipients();
-			log.info("POST text '{}' ", text);
-			for (String recipient : recipients) {
-				log.info("POST recipient '{}' ", recipient);
-			}
-			HttpStatus returnCode = messageService.addMessage(text, recipients, userId);
-			return new ResponseEntity<>(returnCode);
+		String text = message.getText();
+		List<String> recipients = message.getRecipients();
+		log.info("POST text '{}' ", text);
+		for (String recipient : recipients) {
+			log.info("POST recipient '{}' ", recipient);
 		}
+		HttpStatus returnCode = messageService.addMessage(text, recipients, userId);
+		return new ResponseEntity<>(returnCode);
+
 	}
 
 	/**
@@ -70,17 +67,12 @@ public ResponseEntity<Object> postMessage(@RequestBody MessageDto message) {
 	public ResponseEntity<Object> postMessage(
 			@PathVariable(value = "id") Long id,
 			@PathVariable(value = "idep") String idep) {
-		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			HttpStatus returnCode = messageService.markAsRead(id, idep);
-			if (returnCode == HttpStatus.OK) {
-				this.brokerMessagingTemplate.convertAndSend("/notifications/".concat(idep.toUpperCase()),
-						"new message");
-			}
-			return new ResponseEntity<>(returnCode);
+		HttpStatus returnCode = messageService.markAsRead(id, idep);
+		if (returnCode == HttpStatus.OK) {
+			this.brokerMessagingTemplate.convertAndSend("/notifications/".concat(idep.toUpperCase()),
+					"new message");
 		}
+		return new ResponseEntity<>(returnCode);
 	}
 
 	/**
@@ -92,17 +84,12 @@ public ResponseEntity<Object> postMessage(
 	public ResponseEntity<Object> postDeletedMessage(
 			@PathVariable(value = "id") Long id,
 			@PathVariable(value = "idep") String idep) {
-		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			HttpStatus returnCode = messageService.markAsDeleted(id, idep);
-			if (returnCode == HttpStatus.OK) {
-				this.brokerMessagingTemplate.convertAndSend("/notifications/".concat(idep.toUpperCase()),
-						"new message");
-			}
-			return new ResponseEntity<>(returnCode);
+		HttpStatus returnCode = messageService.markAsDeleted(id, idep);
+		if (returnCode == HttpStatus.OK) {
+			this.brokerMessagingTemplate.convertAndSend("/notifications/".concat(idep.toUpperCase()),
+					"new message");
 		}
+		return new ResponseEntity<>(returnCode);
 	}
 
 	/**
@@ -111,13 +98,8 @@ public ResponseEntity<Object> postDeletedMessage(
 	@Operation(summary = "Get a message")
 	@GetMapping(path = "/messages/{id}")
 	public ResponseEntity<List<MessageDto>> getMessages(@PathVariable(value = "id") String id) {
-		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			List<MessageDto> messages = messageService.getMessages(id);
-			return new ResponseEntity<>(messages, HttpStatus.OK);
-		}
+		List<MessageDto> messages = messageService.getMessages(id);
+		return new ResponseEntity<>(messages, HttpStatus.OK);
 	}
 
 	/**
@@ -127,12 +109,8 @@ public ResponseEntity<List<MessageDto>> getMessages(@PathVariable(value = "id")
 	@GetMapping(path = "/message-history")
 	public ResponseEntity<List<MessageDto>> getMessageHistory() {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			List<MessageDto> messages = messageService.getMessageHistory(userId);
-			return new ResponseEntity<>(messages, HttpStatus.OK);
-		}
+		List<MessageDto> messages = messageService.getMessageHistory(userId);
+		return new ResponseEntity<>(messages, HttpStatus.OK);
 	}
 
 	/**
@@ -142,16 +120,12 @@ public ResponseEntity<List<MessageDto>> getMessageHistory() {
 	@PostMapping(path = "/verify-name")
 	public ResponseEntity<Object> postMessage(@RequestBody WsText name) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			String text = name.getText();
-			List<VerifyNameResponseDto> resp = messageService.verifyName(text, userId);
-			if (resp != null) {
-				return new ResponseEntity<>(resp, HttpStatus.OK);
-			}
-			return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
+		String text = name.getText();
+		List<VerifyNameResponseDto> resp = messageService.verifyName(text, userId);
+		if (resp != null) {
+			return new ResponseEntity<>(resp, HttpStatus.OK);
 		}
+		return new ResponseEntity<>(HttpStatus.INTERNAL_SERVER_ERROR);
 	}
 
 	/**
@@ -161,9 +135,6 @@ public ResponseEntity<Object> postMessage(@RequestBody WsText name) {
 	@PostMapping(path = "/mail")
 	public ResponseEntity<Object> postMailMessage(@RequestBody MailDto mail) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		log.info("User {} send a mail", userId);
 		HttpStatus returnCode = sendMail.apply(mail.getContent(), mail.getSubject());
 		return new ResponseEntity<>(returnCode);
diff --git a/src/main/java/fr/insee/pearljam/api/controller/PreferenceController.java b/src/main/java/fr/insee/pearljam/api/controller/PreferenceController.java
index 9ed6a149..8c022b53 100644
--- a/src/main/java/fr/insee/pearljam/api/controller/PreferenceController.java
+++ b/src/main/java/fr/insee/pearljam/api/controller/PreferenceController.java
@@ -37,13 +37,9 @@ public class PreferenceController {
 	@PutMapping(path = "/preferences")
 	public ResponseEntity<Object> updateSurveyUnit(@RequestBody List<String> listPreference) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			HttpStatus returnCode = preferenceService.setPreferences(listPreference, userId);
-			log.info("PUT preferences '{}' for user {} resulting in {}", String.join(", ", listPreference), userId,
-					returnCode.value());
-			return new ResponseEntity<>(returnCode);
-		}
+		HttpStatus returnCode = preferenceService.setPreferences(listPreference, userId);
+		log.info("PUT preferences '{}' for user {} resulting in {}", String.join(", ", listPreference), userId,
+				returnCode.value());
+		return new ResponseEntity<>(returnCode);
 	}
 }
diff --git a/src/main/java/fr/insee/pearljam/api/controller/StateController.java b/src/main/java/fr/insee/pearljam/api/controller/StateController.java
index 7816e1e5..6f14926d 100644
--- a/src/main/java/fr/insee/pearljam/api/controller/StateController.java
+++ b/src/main/java/fr/insee/pearljam/api/controller/StateController.java
@@ -51,21 +51,16 @@ public ResponseEntity<StateCountDto> getInterviewerStateCount(
 		String userId = authenticatedUserService.getCurrentUserId();
 		List<String> associatedOrgUnits = utilsService.getRelatedOrganizationUnits(userId);
 
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			StateCountDto stateCountDto;
-			try {
-				stateCountDto = stateService.getStateCount(userId, id, idep, date, associatedOrgUnits);
-			} catch (NotFoundException e) {
-				log.error(e.getMessage());
-				log.info("Get interviewerStateCount resulting in 404");
-				return new ResponseEntity<>(HttpStatus.NOT_FOUND);
-			}
-			log.info("Get interviewerStateCount resulting in 200");
-			return new ResponseEntity<>(stateCountDto, HttpStatus.OK);
+		StateCountDto stateCountDto;
+		try {
+			stateCountDto = stateService.getStateCount(userId, id, idep, date, associatedOrgUnits);
+		} catch (NotFoundException e) {
+			log.error(e.getMessage());
+			log.info("Get interviewerStateCount resulting in 404");
+			return new ResponseEntity<>(HttpStatus.NOT_FOUND);
 		}
-
+		log.info("Get interviewerStateCount resulting in 200");
+		return new ResponseEntity<>(stateCountDto, HttpStatus.OK);
 	}
 
 	/**
@@ -82,20 +77,16 @@ public ResponseEntity<StateCountDto> getNbSUNotAttributedStateCount(
 						@PathVariable(value = "id") String id, 
 						@RequestParam(required = false, name = "date") Long date) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			StateCountDto stateCountDto;
-			try {
-				stateCountDto = stateService.getNbSUNotAttributedStateCount(userId, id, date);
-			} catch (NotFoundException e) {
-				log.error(e.getMessage());
-				log.info("Get state count for non attributted SUs resulting in 404");
-				return new ResponseEntity<>(HttpStatus.NOT_FOUND);
-			}
-			log.info("Get state count for non attributted SUs resulting in 200");
-			return new ResponseEntity<>(stateCountDto, HttpStatus.OK);
+		StateCountDto stateCountDto;
+		try {
+			stateCountDto = stateService.getNbSUNotAttributedStateCount(userId, id, date);
+		} catch (NotFoundException e) {
+			log.error(e.getMessage());
+			log.info("Get state count for non attributted SUs resulting in 404");
+			return new ResponseEntity<>(HttpStatus.NOT_FOUND);
 		}
+		log.info("Get state count for non attributted SUs resulting in 200");
+		return new ResponseEntity<>(stateCountDto, HttpStatus.OK);
 	}
 
 	/**
@@ -114,20 +105,16 @@ public ResponseEntity<StateCountCampaignDto> getCampaignStateCount(
 						@PathVariable(value = "id") String id, 
 						@RequestParam(required = false, name = "date") Long date) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			StateCountCampaignDto stateCountCampaignDto;
-			try {
-				stateCountCampaignDto = stateService.getStateCountByCampaign(userId, id, date);
-			} catch (NotFoundException e) {
-				log.error(e.getMessage());
-				log.info("Get campaignStateCount resulting in 404");
-				return new ResponseEntity<>(HttpStatus.NOT_FOUND);
-			}
-			log.info("Get campaignStateCount resulting in 200");
-			return new ResponseEntity<>(stateCountCampaignDto, HttpStatus.OK);
+		StateCountCampaignDto stateCountCampaignDto;
+		try {
+			stateCountCampaignDto = stateService.getStateCountByCampaign(userId, id, date);
+		} catch (NotFoundException e) {
+			log.error(e.getMessage());
+			log.info("Get campaignStateCount resulting in 404");
+			return new ResponseEntity<>(HttpStatus.NOT_FOUND);
 		}
+		log.info("Get campaignStateCount resulting in 200");
+		return new ResponseEntity<>(stateCountCampaignDto, HttpStatus.OK);
 	}
 
 	/**
@@ -143,17 +130,13 @@ public ResponseEntity<StateCountCampaignDto> getCampaignStateCount(
 	public ResponseEntity<List<StateCountDto>> getInterviewersStateCount(
 			@RequestParam(required = false, name = "date") Long date) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			List<StateCountDto> stateCountCampaignsDto = stateService.getStateCountByInterviewer(userId, date);
-			if (stateCountCampaignsDto == null) {
-				log.info("Get interviewersStateCount resulting in 404");
-				return new ResponseEntity<>(HttpStatus.NOT_FOUND);
-			}
-			log.info("Get interviewersStateCount resulting in 200");
-			return new ResponseEntity<>(stateCountCampaignsDto, HttpStatus.OK);
+		List<StateCountDto> stateCountCampaignsDto = stateService.getStateCountByInterviewer(userId, date);
+		if (stateCountCampaignsDto == null) {
+			log.info("Get interviewersStateCount resulting in 404");
+			return new ResponseEntity<>(HttpStatus.NOT_FOUND);
 		}
+		log.info("Get interviewersStateCount resulting in 200");
+		return new ResponseEntity<>(stateCountCampaignsDto, HttpStatus.OK);
 	}
 
 	/**
@@ -169,16 +152,12 @@ public ResponseEntity<List<StateCountDto>> getInterviewersStateCount(
 	public ResponseEntity<List<StateCountDto>> getCampaignsStateCount(
 						@RequestParam(required = false, name = "date") Long date) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			List<StateCountDto> stateCountCampaignsDto = stateService.getStateCountByCampaigns(userId, date);
-			if (stateCountCampaignsDto == null) {
-				log.info("Get campaignStateCount resulting in 404");
-				return new ResponseEntity<>(HttpStatus.NOT_FOUND);
-			}
-			log.info("Get campaignStateCount resulting in 200");
-			return new ResponseEntity<>(stateCountCampaignsDto, HttpStatus.OK);
+		List<StateCountDto> stateCountCampaignsDto = stateService.getStateCountByCampaigns(userId, date);
+		if (stateCountCampaignsDto == null) {
+			log.info("Get campaignStateCount resulting in 404");
+			return new ResponseEntity<>(HttpStatus.NOT_FOUND);
 		}
+		log.info("Get campaignStateCount resulting in 200");
+		return new ResponseEntity<>(stateCountCampaignsDto, HttpStatus.OK);
 	}
 }
diff --git a/src/main/java/fr/insee/pearljam/api/controller/SurveyUnitController.java b/src/main/java/fr/insee/pearljam/api/controller/SurveyUnitController.java
index 2711fcca..76bad7e2 100644
--- a/src/main/java/fr/insee/pearljam/api/controller/SurveyUnitController.java
+++ b/src/main/java/fr/insee/pearljam/api/controller/SurveyUnitController.java
@@ -105,9 +105,6 @@ public ResponseEntity<Object> postSurveyUnitInterviewerLinks(@RequestBody List<S
 	public ResponseEntity<List<SurveyUnitDto>> getListSurveyUnit(
 						@RequestParam(value = "extended", defaultValue = "false", required = false) Boolean extended) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		List<SurveyUnitDto> lstSurveyUnit = surveyUnitService.getSurveyUnitDto(userId, extended);
 		if (lstSurveyUnit == null) {
 			log.info("{} GET SurveyUnits resulting in 404", userId);
@@ -128,9 +125,6 @@ public ResponseEntity<List<SurveyUnitDto>> getListSurveyUnit(
 	@GetMapping(path = "/survey-unit/{id}")
 	public ResponseEntity<SurveyUnitDetailDto> getSurveyUnitById(@PathVariable(value = "id") String id) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		Optional<SurveyUnit> su = surveyUnitService.findById(id);
 		if (!su.isPresent()) {
 			log.error("{} : Survey unit with id {} was not found in database", userId, id);
@@ -173,9 +167,6 @@ public ResponseEntity<SurveyUnitDetailDto> updateSurveyUnit(
 			@RequestBody SurveyUnitDetailDto surveyUnitUpdated, 
 			@PathVariable(value = "id") String id) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		ResponseEntity<SurveyUnitDetailDto> updatedSurveyUnitResponse = surveyUnitService.updateSurveyUnitDetail(userId,
 				id, surveyUnitUpdated);
 		HttpStatusCode returnCode = updatedSurveyUnitResponse.getStatusCode();
@@ -222,10 +213,6 @@ public ResponseEntity<Object> getSurveyUnitsInTempZone() {
 	public ResponseEntity<Object> updateSurveyUnitState(
 			@PathVariable(value = "id") String surveyUnitId,
 			@PathVariable(value = "state") StateType state) {
-		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		HttpStatus returnCode = surveyUnitService.addStateToSurveyUnit(surveyUnitId, state);
 		log.info("PUT state '{}' on survey unit {} resulting in {}", state.getLabel(), surveyUnitId,
 				returnCode.value());
@@ -247,9 +234,6 @@ public ResponseEntity<Object> closeSurveyUnit(
 			@PathVariable(value = "id") String surveyUnitId,
 			@PathVariable(value = "closingCause") ClosingCauseType closingCause) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		log.info("{} : PUT close with cause '{}' on su {}", userId, closingCause, surveyUnitId);
 		HttpStatus returnCode = surveyUnitService.closeSurveyUnit(surveyUnitId, closingCause);
 		log.info("PUT close with cause '{}' on su {} resulting in {}", closingCause, surveyUnitId,
@@ -271,10 +255,6 @@ public ResponseEntity<Object> closeSurveyUnit(
 	public ResponseEntity<Object> updateClosingCause(
 			@PathVariable(value = "id") String surveyUnitId,
 			@PathVariable(value = "closingCause") ClosingCauseType closingCause) {
-		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		HttpStatus returnCode = surveyUnitService.updateClosingCause(surveyUnitId, closingCause);
 		log.info("PUT close with cause '{}' on su {} resulting in {}", closingCause, surveyUnitId,
 				returnCode.value());
@@ -295,9 +275,6 @@ public ResponseEntity<Object> updateSurveyUnitComment(
 			@RequestBody CommentDto comment, 
 			@PathVariable(value = "id") String surveyUnitId) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		HttpStatus returnCode = surveyUnitService.updateSurveyUnitComment(userId, surveyUnitId, comment);
 		log.info("PUT comment on su {} resulting in {}", surveyUnitId, returnCode.value());
 		return new ResponseEntity<>(returnCode);
@@ -307,9 +284,6 @@ public ResponseEntity<Object> updateSurveyUnitComment(
 	@PutMapping(path = "/survey-unit/{id}/viewed")
 	public ResponseEntity<Object> updateSurveyUnitViewed(@PathVariable(value = "id") String surveyUnitId) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		HttpStatus returnCode = surveyUnitService.updateSurveyUnitViewed(userId, surveyUnitId);
 		log.info("PUT viewed on su {} resulting in {}", surveyUnitId, returnCode.value());
 		return new ResponseEntity<>(returnCode);
@@ -330,9 +304,6 @@ public ResponseEntity<Set<SurveyUnitCampaignDto>> getSurveyUnitByCampaignId(
 			@PathVariable(value = "id") String id, 
 			@RequestParam(value = "state", required = false) String state) {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		Set<SurveyUnitCampaignDto> surveyUnit = surveyUnitService.getSurveyUnitByCampaign(id, userId, state);
 		if (surveyUnit == null) {
 			log.info("{} : GET SurveyUnit with id {} resulting in 404", userId, id);
@@ -398,11 +369,6 @@ public ResponseEntity<HabilitationDto> checkHabilitation(
 	public ResponseEntity<SurveyUnitStatesDto> getStatesBySurveyUnitId(
 			@PathVariable(value = "id") String id) {
 
-		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			log.info("GET states of surveyUnit {} resulting in 403", id);
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		}
 		log.info("GET states of surveyUnit {} resulting in 403", id);
 		List<StateDto> lstState = surveyUnitService.getListStatesBySurveyUnitId(id);
 		if (lstState.isEmpty()) {
@@ -426,11 +392,6 @@ public ResponseEntity<List<SurveyUnitCampaignDto>> getClosableSurveyUnits(HttpSe
 
 		String userId = authenticatedUserService.getCurrentUserId();
 		log.info("{} try to GET closable units", userId);
-
-		if (StringUtils.isBlank(userId)) {
-			log.info("GET closable survey units resulting in 401");
-			return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
-		}
 		List<SurveyUnitCampaignDto> lstSu = surveyUnitService.getClosableSurveyUnits(request, userId);
 		log.info("GET closable survey units resulting in 200");
 		return new ResponseEntity<>(lstSu, HttpStatus.OK);
@@ -468,10 +429,6 @@ public ResponseEntity<Object> deleteSurveyUnit(@PathVariable(value = "id") Strin
 	@GetMapping(path = "/admin/survey-units")
 	public ResponseEntity<List<String>> getAllSurveyUnitsId() {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			log.info("GET admin survey units resulting in 401");
-			return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
-		}
 		List<String> suIds = surveyUnitService.getAllIds();
 		log.info("{} : GET admin survey units resulting in 200", userId);
 		return new ResponseEntity<>(suIds, HttpStatus.OK);
@@ -487,11 +444,6 @@ public ResponseEntity<List<String>> getAllSurveyUnitsId() {
 	@Operation(summary = "Get survey units id by campaign")
 	@GetMapping(path = "/admin/campaign/{id}/survey-units")
 	public ResponseEntity<List<String>> getAllSurveyUnitsIdByCampaignId(@PathVariable(value = "id") String id) {
-		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			log.info("GET admin survey units for campaign {} resulting in 401", id);
-			return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
-		}
 		List<String> suIds = surveyUnitService.getAllIdsByCampaignId(id);
 		log.info("GET admin survey units for campaign {} resulting in 200", id);
 		return new ResponseEntity<>(suIds, HttpStatus.OK);
diff --git a/src/main/java/fr/insee/pearljam/api/controller/UserController.java b/src/main/java/fr/insee/pearljam/api/controller/UserController.java
index a43b66e7..118666d3 100644
--- a/src/main/java/fr/insee/pearljam/api/controller/UserController.java
+++ b/src/main/java/fr/insee/pearljam/api/controller/UserController.java
@@ -52,19 +52,13 @@ public class UserController {
 	@GetMapping(path = "/user")
 	public ResponseEntity<UserDto> getUser() {
 		String userId = authenticatedUserService.getCurrentUserId();
-		if (StringUtils.isBlank(userId)) {
-			log.info("GET User resulting in 403");
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			Optional<UserDto> user = userService.getUser(userId);
-			if (user.isEmpty()) {
-				log.info("GET User resulting in 404");
-				return new ResponseEntity<>(HttpStatus.NOT_FOUND);
-			}
-			log.info("GET User resulting in 200");
-			return new ResponseEntity<>(user.get(), HttpStatus.OK);
+		Optional<UserDto> user = userService.getUser(userId);
+		if (user.isEmpty()) {
+			log.info("GET User resulting in 404");
+			return new ResponseEntity<>(HttpStatus.NOT_FOUND);
 		}
-
+		log.info("GET User resulting in 200");
+		return new ResponseEntity<>(user.get(), HttpStatus.OK);
 	}
 
 	/**
@@ -80,18 +74,13 @@ public ResponseEntity<UserDto> getUserById(
 						@PathVariable(value = "id") String id) {
 		String userId = authenticatedUserService.getCurrentUserId();
 		log.info("{} try to GET user with id : {}", userId, id);
-		if (StringUtils.isBlank(userId)) {
-			log.info("GET User {} resulting in 403", id);
-			return new ResponseEntity<>(HttpStatus.FORBIDDEN);
-		} else {
-			Optional<UserDto> user = userService.getUser(id);
-			if (user.isEmpty()) {
-				log.info("GET User resulting in 404");
-				return new ResponseEntity<>(HttpStatus.NOT_FOUND);
-			}
-			log.info("GET User resulting in 200");
-			return new ResponseEntity<>(user.get(), HttpStatus.OK);
+		Optional<UserDto> user = userService.getUser(id);
+		if (user.isEmpty()) {
+			log.info("GET User resulting in 404");
+			return new ResponseEntity<>(HttpStatus.NOT_FOUND);
 		}
+		log.info("GET User resulting in 200");
+		return new ResponseEntity<>(user.get(), HttpStatus.OK);
 	}
 
 	/**