security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java

   1 package org.argeo.security.mvc;
   2
   3 import java.io.Reader;
   4 import java.util.List;
   5
   6 import org.argeo.security.ArgeoSecurityService;
   7 import org.argeo.security.ArgeoUser;
   8 import org.argeo.server.BooleanAnswer;
   9 import org.argeo.server.ServerAnswer;
  10 import org.argeo.server.ServerDeserializer;
  11 import org.argeo.server.mvc.MvcConstants;
  12 import org.springframework.security.context.SecurityContextHolder;
  13 import org.springframework.stereotype.Controller;
  14 import org.springframework.web.bind.annotation.ModelAttribute;
  15 import org.springframework.web.bind.annotation.RequestMapping;
  16 import org.springframework.web.bind.annotation.RequestParam;
  17
  18 @Controller
  19 public class UsersRolesController implements MvcConstants {
  20         // private final static Log log = LogFactory
  21         // .getLog(UsersRolesController.class);
  22
  23         private ArgeoSecurityService securityService;
  24
  25         private ServerDeserializer userDeserializer = null;
  26
  27         /* USER */
  28
  29         @RequestMapping("/getCredentials.security")
  30         @ModelAttribute(ANSWER_MODEL_KEY)
  31         public ArgeoUser getCredentials() {
  32                 return securityService.getSecurityDao().getCurrentUser();
  33         }
  34
  35         @RequestMapping("/login.security")
  36         @ModelAttribute(ANSWER_MODEL_KEY)
  37         public ArgeoUser login(@RequestParam("username") String username,
  38                         @RequestParam("password") String password) {
  39                 //SecurityContextHolder.getContext().getAuthentication().
  40                 return securityService.getSecurityDao().getCurrentUser();
  41         }
  42
  43         @RequestMapping("/logout.security")
  44         @ModelAttribute(ANSWER_MODEL_KEY)
  45         public ServerAnswer logout() {
  46                 return ServerAnswer.ok("Logged out");
  47         }
  48
  49         @RequestMapping("/getUsersList.security")
  50         @ModelAttribute(ANSWER_MODEL_KEY)
  51         public List<ArgeoUser> getUsersList() {
  52                 return securityService.getSecurityDao().listUsers();
  53         }
  54
  55         @RequestMapping("/userExists.security")
  56         @ModelAttribute(ANSWER_MODEL_KEY)
  57         public BooleanAnswer userExists(@RequestParam("username") String username) {
  58                 return new BooleanAnswer(securityService.getSecurityDao().userExists(
  59                                 username));
  60         }
  61
  62         @RequestMapping("/createUser.security")
  63         @ModelAttribute(ANSWER_MODEL_KEY)
  64         public ArgeoUser createUser(Reader reader) {
  65                 ArgeoUser user = (ArgeoUser) userDeserializer.deserialize(reader);
  66                 // cleanUserBeforeCreate(user);
  67                 securityService.newUser(user);
  68                 return securityService.getSecurityDao().getUser(user.getUsername());
  69         }
  70
  71         @RequestMapping("/updateUser.security")
  72         @ModelAttribute(ANSWER_MODEL_KEY)
  73         public ArgeoUser updateUser(Reader reader) {
  74                 ArgeoUser user = (ArgeoUser) userDeserializer.deserialize(reader);
  75                 securityService.updateUser(user);
  76                 return securityService.getSecurityDao().getUser(user.getUsername());
  77         }
  78
  79         /*
  80          * @RequestMapping("/createUser2.security")
  81          *
  82          * @ModelAttribute(ANSWER_MODEL_KEY) public ArgeoUser
  83          * createUser(@RequestParam("body") String body) { if (log.isDebugEnabled())
  84          * log.debug("body:\n" + body); StringReader reader = new
  85          * StringReader(body); ArgeoUser user = null; try { user = (ArgeoUser)
  86          * userDeserializer.deserialize(reader); } finally {
  87          * IOUtils.closeQuietly(reader); } cleanUserBeforeCreate(user);
  88          * securityService.newUser(user); return
  89          * securityService.getSecurityDao().getUser(user.getUsername()); }
  90          */
  91
  92         @RequestMapping("/deleteUser.security")
  93         @ModelAttribute(ANSWER_MODEL_KEY)
  94         public ServerAnswer deleteUser(@RequestParam("username") String username) {
  95                 securityService.getSecurityDao().delete(username);
  96                 return ServerAnswer.ok("User " + username + " deleted");
  97         }
  98
  99         @RequestMapping("/getUserDetails.security")
 100         @ModelAttribute(ANSWER_MODEL_KEY)
 101         public ArgeoUser getUserDetails(@RequestParam("username") String username) {
 102                 return securityService.getSecurityDao().getUser(username);
 103         }
 104
 105         /* ROLE */
 106         @RequestMapping("/getRolesList.security")
 107         @ModelAttribute(ANSWER_MODEL_KEY)
 108         public List<String> getEditableRolesList() {
 109                 return securityService.getSecurityDao().listEditableRoles();
 110         }
 111
 112         @RequestMapping("/createRole.security")
 113         @ModelAttribute(ANSWER_MODEL_KEY)
 114         public ServerAnswer createRole(@RequestParam("role") String role) {
 115                 securityService.newRole(role);
 116                 return ServerAnswer.ok("Role " + role + " created");
 117         }
 118
 119         @RequestMapping("/deleteRole.security")
 120         @ModelAttribute(ANSWER_MODEL_KEY)
 121         public ServerAnswer deleteRole(@RequestParam("role") String role) {
 122                 securityService.getSecurityDao().deleteRole(role);
 123                 return ServerAnswer.ok("Role " + role + " deleted");
 124         }
 125
 126         @RequestMapping("/updateUserPassword.security")
 127         @ModelAttribute(ANSWER_MODEL_KEY)
 128         public ServerAnswer updateUserPassword(
 129                         @RequestParam("username") String username,
 130                         @RequestParam("password") String password) {
 131                 securityService.updateUserPassword(username, password);
 132                 return ServerAnswer.ok("Password updated for user " + username);
 133         }
 134
 135         @RequestMapping("/updatePassword.security")
 136         @ModelAttribute(ANSWER_MODEL_KEY)
 137         public ServerAnswer updatePassword(
 138                         @RequestParam("password") String password,
 139                         @RequestParam("oldPassword") String oldPassword) {
 140                 securityService.getSecurityDao().updatePassword(oldPassword, password);
 141                 return ServerAnswer.ok("Password updated");
 142         }
 143
 144         // protected void cleanUserBeforeCreate(ArgeoUser user) {
 145         // user.getUserNatures().clear();
 146         // }
 147
 148         public void setUserDeserializer(ServerDeserializer userDeserializer) {
 149                 this.userDeserializer = userDeserializer;
 150         }
 151
 152         public void setSecurityService(ArgeoSecurityService securityService) {
 153                 this.securityService = securityService;
 154         }
 155
 156 }