1 package org
.argeo
.security
.mvc
;
6 import org
.argeo
.security
.ArgeoSecurityService
;
7 import org
.argeo
.security
.ArgeoUser
;
8 import org
.argeo
.server
.BooleanAnswer
;
9 import org
.argeo
.server
.ServerAnswer
;
10 import org
.argeo
.server
.ServerDeserializer
;
11 import org
.argeo
.server
.mvc
.MvcConstants
;
12 import org
.springframework
.security
.context
.SecurityContextHolder
;
13 import org
.springframework
.stereotype
.Controller
;
14 import org
.springframework
.web
.bind
.annotation
.ModelAttribute
;
15 import org
.springframework
.web
.bind
.annotation
.RequestMapping
;
16 import org
.springframework
.web
.bind
.annotation
.RequestParam
;
19 public class UsersRolesController
implements MvcConstants
{
20 // private final static Log log = LogFactory
21 // .getLog(UsersRolesController.class);
23 private ArgeoSecurityService securityService
;
25 private ServerDeserializer userDeserializer
= null;
29 @RequestMapping("/getCredentials.security")
30 @ModelAttribute(ANSWER_MODEL_KEY
)
31 public ArgeoUser
getCredentials() {
32 return securityService
.getSecurityDao().getCurrentUser();
35 @RequestMapping("/login.security")
36 @ModelAttribute(ANSWER_MODEL_KEY
)
37 public ArgeoUser
login(@RequestParam("username") String username
,
38 @RequestParam("password") String password
) {
39 //SecurityContextHolder.getContext().getAuthentication().
40 return securityService
.getSecurityDao().getCurrentUser();
43 @RequestMapping("/logout.security")
44 @ModelAttribute(ANSWER_MODEL_KEY
)
45 public ServerAnswer
logout() {
46 return ServerAnswer
.ok("Logged out");
49 @RequestMapping("/getUsersList.security")
50 @ModelAttribute(ANSWER_MODEL_KEY
)
51 public List
<ArgeoUser
> getUsersList() {
52 return securityService
.getSecurityDao().listUsers();
55 @RequestMapping("/userExists.security")
56 @ModelAttribute(ANSWER_MODEL_KEY
)
57 public BooleanAnswer
userExists(@RequestParam("username") String username
) {
58 return new BooleanAnswer(securityService
.getSecurityDao().userExists(
62 @RequestMapping("/createUser.security")
63 @ModelAttribute(ANSWER_MODEL_KEY
)
64 public ArgeoUser
createUser(Reader reader
) {
65 ArgeoUser user
= (ArgeoUser
) userDeserializer
.deserialize(reader
);
66 // cleanUserBeforeCreate(user);
67 securityService
.newUser(user
);
68 return securityService
.getSecurityDao().getUser(user
.getUsername());
71 @RequestMapping("/updateUser.security")
72 @ModelAttribute(ANSWER_MODEL_KEY
)
73 public ArgeoUser
updateUser(Reader reader
) {
74 ArgeoUser user
= (ArgeoUser
) userDeserializer
.deserialize(reader
);
75 securityService
.updateUser(user
);
76 return securityService
.getSecurityDao().getUser(user
.getUsername());
80 * @RequestMapping("/createUser2.security")
82 * @ModelAttribute(ANSWER_MODEL_KEY) public ArgeoUser
83 * createUser(@RequestParam("body") String body) { if (log.isDebugEnabled())
84 * log.debug("body:\n" + body); StringReader reader = new
85 * StringReader(body); ArgeoUser user = null; try { user = (ArgeoUser)
86 * userDeserializer.deserialize(reader); } finally {
87 * IOUtils.closeQuietly(reader); } cleanUserBeforeCreate(user);
88 * securityService.newUser(user); return
89 * securityService.getSecurityDao().getUser(user.getUsername()); }
92 @RequestMapping("/deleteUser.security")
93 @ModelAttribute(ANSWER_MODEL_KEY
)
94 public ServerAnswer
deleteUser(@RequestParam("username") String username
) {
95 securityService
.getSecurityDao().delete(username
);
96 return ServerAnswer
.ok("User " + username
+ " deleted");
99 @RequestMapping("/getUserDetails.security")
100 @ModelAttribute(ANSWER_MODEL_KEY
)
101 public ArgeoUser
getUserDetails(@RequestParam("username") String username
) {
102 return securityService
.getSecurityDao().getUser(username
);
106 @RequestMapping("/getRolesList.security")
107 @ModelAttribute(ANSWER_MODEL_KEY
)
108 public List
<String
> getEditableRolesList() {
109 return securityService
.getSecurityDao().listEditableRoles();
112 @RequestMapping("/createRole.security")
113 @ModelAttribute(ANSWER_MODEL_KEY
)
114 public ServerAnswer
createRole(@RequestParam("role") String role
) {
115 securityService
.newRole(role
);
116 return ServerAnswer
.ok("Role " + role
+ " created");
119 @RequestMapping("/deleteRole.security")
120 @ModelAttribute(ANSWER_MODEL_KEY
)
121 public ServerAnswer
deleteRole(@RequestParam("role") String role
) {
122 securityService
.getSecurityDao().deleteRole(role
);
123 return ServerAnswer
.ok("Role " + role
+ " deleted");
126 @RequestMapping("/updateUserPassword.security")
127 @ModelAttribute(ANSWER_MODEL_KEY
)
128 public ServerAnswer
updateUserPassword(
129 @RequestParam("username") String username
,
130 @RequestParam("password") String password
) {
131 securityService
.updateUserPassword(username
, password
);
132 return ServerAnswer
.ok("Password updated for user " + username
);
135 @RequestMapping("/updatePassword.security")
136 @ModelAttribute(ANSWER_MODEL_KEY
)
137 public ServerAnswer
updatePassword(
138 @RequestParam("password") String password
,
139 @RequestParam("oldPassword") String oldPassword
) {
140 securityService
.getSecurityDao().updatePassword(oldPassword
, password
);
141 return ServerAnswer
.ok("Password updated");
144 // protected void cleanUserBeforeCreate(ArgeoUser user) {
145 // user.getUserNatures().clear();
148 public void setUserDeserializer(ServerDeserializer userDeserializer
) {
149 this.userDeserializer
= userDeserializer
;
152 public void setSecurityService(ArgeoSecurityService securityService
) {
153 this.securityService
= securityService
;