+/*
+ * Copyright (C) 2010 Mathieu Baudier <mbaudier@argeo.org>
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
package org.argeo.security.mvc;
import java.io.Reader;
import org.argeo.security.ArgeoSecurityService;
import org.argeo.security.ArgeoUser;
+import org.argeo.security.SimpleArgeoUser;
import org.argeo.server.BooleanAnswer;
+import org.argeo.server.Deserializer;
import org.argeo.server.ServerAnswer;
-import org.argeo.server.ServerDeserializer;
import org.argeo.server.mvc.MvcConstants;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.ModelAttribute;
@Controller
public class UsersRolesController implements MvcConstants {
-// private final static Log log = LogFactory
-// .getLog(UsersRolesController.class);
+ // private final static Log log = LogFactory
+ // .getLog(UsersRolesController.class);
private ArgeoSecurityService securityService;
- private ServerDeserializer userDeserializer = null;
+ private Deserializer userDeserializer = null;
/* USER */
- @RequestMapping("/getCredentials.security")
+ @RequestMapping("/getCredentials.ria")
@ModelAttribute(ANSWER_MODEL_KEY)
public ArgeoUser getCredentials() {
- return securityService.getSecurityDao().getCurrentUser();
+ ArgeoUser argeoUser = securityService.getSecurityDao().getCurrentUser();
+ if (argeoUser == null)
+ return new SimpleArgeoUser();
+ else
+ return argeoUser;
}
@RequestMapping("/getUsersList.security")
@RequestMapping("/createUser.security")
@ModelAttribute(ANSWER_MODEL_KEY)
public ArgeoUser createUser(Reader reader) {
- ArgeoUser user = (ArgeoUser) userDeserializer.deserialize(reader);
- //cleanUserBeforeCreate(user);
+ ArgeoUser user = userDeserializer.deserialize(reader,
+ SimpleArgeoUser.class);
+ // cleanUserBeforeCreate(user);
securityService.newUser(user);
return securityService.getSecurityDao().getUser(user.getUsername());
}
@RequestMapping("/updateUser.security")
@ModelAttribute(ANSWER_MODEL_KEY)
public ArgeoUser updateUser(Reader reader) {
- ArgeoUser user = (ArgeoUser) userDeserializer.deserialize(reader);
+ ArgeoUser user = userDeserializer.deserialize(reader,
+ SimpleArgeoUser.class);
securityService.updateUser(user);
return securityService.getSecurityDao().getUser(user.getUsername());
}
-/*
- @RequestMapping("/createUser2.security")
+
+ @RequestMapping("/updateUserSelf.security")
@ModelAttribute(ANSWER_MODEL_KEY)
- public ArgeoUser createUser(@RequestParam("body") String body) {
- if (log.isDebugEnabled())
- log.debug("body:\n" + body);
- StringReader reader = new StringReader(body);
- ArgeoUser user = null;
- try {
- user = (ArgeoUser) userDeserializer.deserialize(reader);
- } finally {
- IOUtils.closeQuietly(reader);
- }
- cleanUserBeforeCreate(user);
- securityService.newUser(user);
+ /** Will only update the user natures.*/
+ public ArgeoUser updateUserSelf(Reader reader) {
+ ArgeoUser user = securityService.getSecurityDao().getCurrentUser();
+ ArgeoUser userForNatures = userDeserializer.deserialize(reader,
+ SimpleArgeoUser.class);
+ user.updateUserNatures(userForNatures.getUserNatures());
+ securityService.updateUser(user);
return securityService.getSecurityDao().getUser(user.getUsername());
- }*/
+ }
@RequestMapping("/deleteUser.security")
@ModelAttribute(ANSWER_MODEL_KEY)
@RequestMapping("/updatePassword.security")
@ModelAttribute(ANSWER_MODEL_KEY)
public ServerAnswer updatePassword(
- @RequestParam("password") String password,
- @RequestParam("oldPassword") String oldPassword) {
- securityService.getSecurityDao().updatePassword(oldPassword, password);
+ @RequestParam("oldPassword") String oldPassword,
+ @RequestParam("password") String password) {
+ securityService.updateCurrentUserPassword(oldPassword, password);
return ServerAnswer.ok("Password updated");
}
-// protected void cleanUserBeforeCreate(ArgeoUser user) {
-// user.getUserNatures().clear();
-// }
-
- public void setUserDeserializer(ServerDeserializer userDeserializer) {
+ public void setUserDeserializer(Deserializer userDeserializer) {
this.userDeserializer = userDeserializer;
}