Add update user self service

git-svn-id: https://svn.argeo.org/commons/trunk@3394 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoUser.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoUser.java
index 44bf7f38a91205e5486ebb67e31cafa775a0dee4..f45470fa160fb77195ccee037874896231c09953 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoUser.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoUser.java
@@ -7,7 +7,10 @@ public interface ArgeoUser {
 
        public List<UserNature> getUserNatures();
 
+       /** Implementation should refuse to add new user natures via this method. */
+       public void updateUserNatures(List<UserNature> userNatures);
+
        public List<String> getRoles();
-       
+
        public String getPassword();
 }

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/SimpleArgeoUser.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/SimpleArgeoUser.java
index a84278179e83d0e5d362fc9ba29b6791f5447dfb..a11081cbd2fe58888a76233812edd7730147f1f2 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/SimpleArgeoUser.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/SimpleArgeoUser.java
@@ -27,6 +27,10 @@ public class SimpleArgeoUser implements ArgeoUser, Serializable {
                return userNatures;
        }
 
+       public void updateUserNatures(List<UserNature> userNaturesData) {
+               UserNature.updateUserNaturesWithCheck(userNatures, userNaturesData);
+       }
+
        public List<String> getRoles() {
                return roles;
        }

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserNature.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserNature.java
index f41643b9ad88be6c07539170e4882bd4f8a8e6d8..3713fdc79142b561bd960663f4dc0ec66d3b9322 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserNature.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserNature.java
@@ -1,6 +1,9 @@
 package org.argeo.security;
 
 import java.io.Serializable;
+import java.util.List;
+
+import org.argeo.ArgeoException;
 
 public class UserNature implements Serializable {
        private static final long serialVersionUID = 1L;
@@ -17,4 +20,27 @@ public class UserNature implements Serializable {
        public void setType(String type) {
                this.type = type;
        }
+
+       public final static void updateUserNaturesWithCheck(
+                       List<UserNature> userNatures, List<UserNature> userNaturesData) {
+               if (userNatures.size() != userNaturesData.size())
+                       throw new ArgeoException(
+                                       "It is forbidden to add or remove user natures via this method");
+               for (int i = 0; i < userNatures.size(); i++) {
+                       String type = userNatures.get(i).getType();
+                       boolean found = false;
+                       for (int j = 0; j < userNatures.size(); j++) {
+                               String newType = userNaturesData.get(j).getType();
+                               if (type.equals(newType))
+                                       found = true;
+                       }
+                       if (!found)
+                               throw new ArgeoException(
+                                               "Could not find a user nature of type " + type);
+               }
+
+               for (int i = 0; i < userNatures.size(); i++) {
+                       userNatures.set(i, userNaturesData.get(i));
+               }
+       }
 }

diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java
index 6793f3c1fa1a911e3f054b5550a964e8edeb280e..1a1d159aa4b4a28c35b5e3aeb2e7ad8099df243e 100644 (file)
--- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java
+++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java
@@ -42,6 +42,10 @@ public class ArgeoUserDetails extends User implements ArgeoUser {
                return userNatures;
        }
 
+       public void updateUserNatures(List<UserNature> userNaturesData) {
+               UserNature.updateUserNaturesWithCheck(userNatures, userNaturesData);
+       }
+
        public List<String> getRoles() {
                return roles;
        }

diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
index e1e66346ca6b88ed07bd67e10f0bbd57319aabc4..d553c31c3d2451e42695b9d27fdf49330a7e1d91 100644 (file)
--- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
+++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
@@ -82,18 +82,17 @@ public class UsersRolesController implements MvcConstants {
                return securityService.getSecurityDao().getUser(user.getUsername());
        }
 
-       /*
-        * @RequestMapping("/createUser2.security")
-        * 
-        * @ModelAttribute(ANSWER_MODEL_KEY) public ArgeoUser
-        * createUser(@RequestParam("body") String body) { if (log.isDebugEnabled())
-        * log.debug("body:\n" + body); StringReader reader = new
-        * StringReader(body); ArgeoUser user = null; try { user = (ArgeoUser)
-        * userDeserializer.deserialize(reader); } finally {
-        * IOUtils.closeQuietly(reader); } cleanUserBeforeCreate(user);
-        * securityService.newUser(user); return
-        * securityService.getSecurityDao().getUser(user.getUsername()); }
-        */
+       @RequestMapping("/updateUserSelf.security")
+       @ModelAttribute(ANSWER_MODEL_KEY)
+       /** Will only update the user natures.*/
+       public ArgeoUser updateUserSelf(Reader reader) {
+               ArgeoUser user = securityService.getSecurityDao().getCurrentUser();
+               ArgeoUser userForNatures = userDeserializer.deserialize(reader,
+                               SimpleArgeoUser.class);
+               user.updateUserNatures(userForNatures.getUserNatures());
+               securityService.updateUser(user);
+               return securityService.getSecurityDao().getUser(user.getUsername());
+       }
 
        @RequestMapping("/deleteUser.security")
        @ModelAttribute(ANSWER_MODEL_KEY)
@@ -147,10 +146,6 @@ public class UsersRolesController implements MvcConstants {
                return ServerAnswer.ok("Password updated");
        }
 
-       // protected void cleanUserBeforeCreate(ArgeoUser user) {
-       // user.getUserNatures().clear();
-       // }
-
        public void setUserDeserializer(Deserializer userDeserializer) {
                this.userDeserializer = userDeserializer;
        }