]> git.argeo.org Git - lgpl/argeo-commons.git/blob - security/mvc/UsersRolesController.java
projects / lgpl / argeo-commons.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Prepare next development cycle
[lgpl/argeo-commons.git] / security / mvc / UsersRolesController.java
1 package org.argeo.security.mvc;
2
3 import java.io.Reader;
4 import java.util.List;
5
6 import org.argeo.security.ArgeoSecurityService;
7 import org.argeo.security.ArgeoUser;
8 import org.argeo.security.SimpleArgeoUser;
9 import org.argeo.server.BooleanAnswer;
10 import org.argeo.server.Deserializer;
11 import org.argeo.server.ServerAnswer;
12 import org.argeo.server.mvc.MvcConstants;
13 import org.springframework.stereotype.Controller;
14 import org.springframework.web.bind.annotation.ModelAttribute;
15 import org.springframework.web.bind.annotation.RequestMapping;
16 import org.springframework.web.bind.annotation.RequestParam;
17
18 @Controller
19 public class UsersRolesController implements MvcConstants {
20 // private final static Log log = LogFactory
21 // .getLog(UsersRolesController.class);
22
23 private ArgeoSecurityService securityService;
24
25 private Deserializer userDeserializer = null;
26
27 /* USER */
28
29 @RequestMapping("/getCredentials.ria")
30 @ModelAttribute(ANSWER_MODEL_KEY)
31 public ArgeoUser getCredentials() {
32 ArgeoUser argeoUser = securityService.getSecurityDao().getCurrentUser();
33 if (argeoUser == null)
34 return new SimpleArgeoUser();
35 else
36 return argeoUser;
37 }
38
39 // @RequestMapping("/login.security")
40 // @ModelAttribute(ANSWER_MODEL_KEY)
41 // public ArgeoUser login(@RequestParam("username") String username,
42 // @RequestParam("password") String password) {
43 // //SecurityContextHolder.getContext().getAuthentication().
44 // return securityService.getSecurityDao().getCurrentUser();
45 // }
46 //
47 // @RequestMapping("/logout.security")
48 // @ModelAttribute(ANSWER_MODEL_KEY)
49 // public ServerAnswer logout() {
50 // return ServerAnswer.ok("Logged out");
51 // }
52
53 @RequestMapping("/getUsersList.security")
54 @ModelAttribute(ANSWER_MODEL_KEY)
55 public List<ArgeoUser> getUsersList() {
56 return securityService.getSecurityDao().listUsers();
57 }
58
59 @RequestMapping("/userExists.security")
60 @ModelAttribute(ANSWER_MODEL_KEY)
61 public BooleanAnswer userExists(@RequestParam("username") String username) {
62 return new BooleanAnswer(securityService.getSecurityDao().userExists(
63 username));
64 }
65
66 @RequestMapping("/createUser.security")
67 @ModelAttribute(ANSWER_MODEL_KEY)
68 public ArgeoUser createUser(Reader reader) {
69 ArgeoUser user = userDeserializer.deserialize(reader,
70 SimpleArgeoUser.class);
71 // cleanUserBeforeCreate(user);
72 securityService.newUser(user);
73 return securityService.getSecurityDao().getUser(user.getUsername());
74 }
75
76 @RequestMapping("/updateUser.security")
77 @ModelAttribute(ANSWER_MODEL_KEY)
78 public ArgeoUser updateUser(Reader reader) {
79 ArgeoUser user = userDeserializer.deserialize(reader,
80 SimpleArgeoUser.class);
81 securityService.updateUser(user);
82 return securityService.getSecurityDao().getUser(user.getUsername());
83 }
84
85 @RequestMapping("/updateUserSelf.security")
86 @ModelAttribute(ANSWER_MODEL_KEY)
87 /** Will only update the user natures.*/
88 public ArgeoUser updateUserSelf(Reader reader) {
89 ArgeoUser user = securityService.getSecurityDao().getCurrentUser();
90 ArgeoUser userForNatures = userDeserializer.deserialize(reader,
91 SimpleArgeoUser.class);
92 user.updateUserNatures(userForNatures.getUserNatures());
93 securityService.updateUser(user);
94 return securityService.getSecurityDao().getUser(user.getUsername());
95 }
96
97 @RequestMapping("/deleteUser.security")
98 @ModelAttribute(ANSWER_MODEL_KEY)
99 public ServerAnswer deleteUser(@RequestParam("username") String username) {
100 securityService.getSecurityDao().delete(username);
101 return ServerAnswer.ok("User " + username + " deleted");
102 }
103
104 @RequestMapping("/getUserDetails.security")
105 @ModelAttribute(ANSWER_MODEL_KEY)
106 public ArgeoUser getUserDetails(@RequestParam("username") String username) {
107 return securityService.getSecurityDao().getUser(username);
108 }
109
110 /* ROLE */
111 @RequestMapping("/getRolesList.security")
112 @ModelAttribute(ANSWER_MODEL_KEY)
113 public List<String> getEditableRolesList() {
114 return securityService.getSecurityDao().listEditableRoles();
115 }
116
117 @RequestMapping("/createRole.security")
118 @ModelAttribute(ANSWER_MODEL_KEY)
119 public ServerAnswer createRole(@RequestParam("role") String role) {
120 securityService.newRole(role);
121 return ServerAnswer.ok("Role " + role + " created");
122 }
123
124 @RequestMapping("/deleteRole.security")
125 @ModelAttribute(ANSWER_MODEL_KEY)
126 public ServerAnswer deleteRole(@RequestParam("role") String role) {
127 securityService.getSecurityDao().deleteRole(role);
128 return ServerAnswer.ok("Role " + role + " deleted");
129 }
130
131 @RequestMapping("/updateUserPassword.security")
132 @ModelAttribute(ANSWER_MODEL_KEY)
133 public ServerAnswer updateUserPassword(
134 @RequestParam("username") String username,
135 @RequestParam("password") String password) {
136 securityService.updateUserPassword(username, password);
137 return ServerAnswer.ok("Password updated for user " + username);
138 }
139
140 @RequestMapping("/updatePassword.security")
141 @ModelAttribute(ANSWER_MODEL_KEY)
142 public ServerAnswer updatePassword(
143 @RequestParam("password") String password,
144 @RequestParam("oldPassword") String oldPassword) {
145 securityService.getSecurityDao().updatePassword(oldPassword, password);
146 return ServerAnswer.ok("Password updated");
147 }
148
149 public void setUserDeserializer(Deserializer userDeserializer) {
150 this.userDeserializer = userDeserializer;
151 }
152
153 public void setSecurityService(ArgeoSecurityService securityService) {
154 this.securityService = securityService;
155 }
156
157 }
Argeo Commons - Lightweight integration framework in pure Java/OSGi