1 package org
.argeo
.security
.mvc
;
6 import org
.argeo
.security
.ArgeoSecurityService
;
7 import org
.argeo
.security
.ArgeoUser
;
8 import org
.argeo
.security
.SimpleArgeoUser
;
9 import org
.argeo
.server
.BooleanAnswer
;
10 import org
.argeo
.server
.Deserializer
;
11 import org
.argeo
.server
.ServerAnswer
;
12 import org
.argeo
.server
.mvc
.MvcConstants
;
13 import org
.springframework
.stereotype
.Controller
;
14 import org
.springframework
.web
.bind
.annotation
.ModelAttribute
;
15 import org
.springframework
.web
.bind
.annotation
.RequestMapping
;
16 import org
.springframework
.web
.bind
.annotation
.RequestParam
;
19 public class UsersRolesController
implements MvcConstants
{
20 // private final static Log log = LogFactory
21 // .getLog(UsersRolesController.class);
23 private ArgeoSecurityService securityService
;
25 private Deserializer userDeserializer
= null;
29 @RequestMapping("/getCredentials.ria")
30 @ModelAttribute(ANSWER_MODEL_KEY
)
31 public ArgeoUser
getCredentials() {
32 ArgeoUser argeoUser
= securityService
.getSecurityDao().getCurrentUser();
33 if (argeoUser
== null)
34 return new SimpleArgeoUser();
39 // @RequestMapping("/login.security")
40 // @ModelAttribute(ANSWER_MODEL_KEY)
41 // public ArgeoUser login(@RequestParam("username") String username,
42 // @RequestParam("password") String password) {
43 // //SecurityContextHolder.getContext().getAuthentication().
44 // return securityService.getSecurityDao().getCurrentUser();
47 // @RequestMapping("/logout.security")
48 // @ModelAttribute(ANSWER_MODEL_KEY)
49 // public ServerAnswer logout() {
50 // return ServerAnswer.ok("Logged out");
53 @RequestMapping("/getUsersList.security")
54 @ModelAttribute(ANSWER_MODEL_KEY
)
55 public List
<ArgeoUser
> getUsersList() {
56 return securityService
.getSecurityDao().listUsers();
59 @RequestMapping("/userExists.security")
60 @ModelAttribute(ANSWER_MODEL_KEY
)
61 public BooleanAnswer
userExists(@RequestParam("username") String username
) {
62 return new BooleanAnswer(securityService
.getSecurityDao().userExists(
66 @RequestMapping("/createUser.security")
67 @ModelAttribute(ANSWER_MODEL_KEY
)
68 public ArgeoUser
createUser(Reader reader
) {
69 ArgeoUser user
= userDeserializer
.deserialize(reader
,
70 SimpleArgeoUser
.class);
71 // cleanUserBeforeCreate(user);
72 securityService
.newUser(user
);
73 return securityService
.getSecurityDao().getUser(user
.getUsername());
76 @RequestMapping("/updateUser.security")
77 @ModelAttribute(ANSWER_MODEL_KEY
)
78 public ArgeoUser
updateUser(Reader reader
) {
79 ArgeoUser user
= userDeserializer
.deserialize(reader
,
80 SimpleArgeoUser
.class);
81 securityService
.updateUser(user
);
82 return securityService
.getSecurityDao().getUser(user
.getUsername());
85 @RequestMapping("/updateUserSelf.security")
86 @ModelAttribute(ANSWER_MODEL_KEY
)
87 /** Will only update the user natures.*/
88 public ArgeoUser
updateUserSelf(Reader reader
) {
89 ArgeoUser user
= securityService
.getSecurityDao().getCurrentUser();
90 ArgeoUser userForNatures
= userDeserializer
.deserialize(reader
,
91 SimpleArgeoUser
.class);
92 user
.updateUserNatures(userForNatures
.getUserNatures());
93 securityService
.updateUser(user
);
94 return securityService
.getSecurityDao().getUser(user
.getUsername());
97 @RequestMapping("/deleteUser.security")
98 @ModelAttribute(ANSWER_MODEL_KEY
)
99 public ServerAnswer
deleteUser(@RequestParam("username") String username
) {
100 securityService
.getSecurityDao().delete(username
);
101 return ServerAnswer
.ok("User " + username
+ " deleted");
104 @RequestMapping("/getUserDetails.security")
105 @ModelAttribute(ANSWER_MODEL_KEY
)
106 public ArgeoUser
getUserDetails(@RequestParam("username") String username
) {
107 return securityService
.getSecurityDao().getUser(username
);
111 @RequestMapping("/getRolesList.security")
112 @ModelAttribute(ANSWER_MODEL_KEY
)
113 public List
<String
> getEditableRolesList() {
114 return securityService
.getSecurityDao().listEditableRoles();
117 @RequestMapping("/createRole.security")
118 @ModelAttribute(ANSWER_MODEL_KEY
)
119 public ServerAnswer
createRole(@RequestParam("role") String role
) {
120 securityService
.newRole(role
);
121 return ServerAnswer
.ok("Role " + role
+ " created");
124 @RequestMapping("/deleteRole.security")
125 @ModelAttribute(ANSWER_MODEL_KEY
)
126 public ServerAnswer
deleteRole(@RequestParam("role") String role
) {
127 securityService
.getSecurityDao().deleteRole(role
);
128 return ServerAnswer
.ok("Role " + role
+ " deleted");
131 @RequestMapping("/updateUserPassword.security")
132 @ModelAttribute(ANSWER_MODEL_KEY
)
133 public ServerAnswer
updateUserPassword(
134 @RequestParam("username") String username
,
135 @RequestParam("password") String password
) {
136 securityService
.updateUserPassword(username
, password
);
137 return ServerAnswer
.ok("Password updated for user " + username
);
140 @RequestMapping("/updatePassword.security")
141 @ModelAttribute(ANSWER_MODEL_KEY
)
142 public ServerAnswer
updatePassword(
143 @RequestParam("password") String password
,
144 @RequestParam("oldPassword") String oldPassword
) {
145 securityService
.getSecurityDao().updatePassword(oldPassword
, password
);
146 return ServerAnswer
.ok("Password updated");
149 public void setUserDeserializer(Deserializer userDeserializer
) {
150 this.userDeserializer
= userDeserializer
;
153 public void setSecurityService(ArgeoSecurityService securityService
) {
154 this.securityService
= securityService
;