+
+ /* ROLE */
+ @RequestMapping("/getRolesList.*")
+ @ModelAttribute("roles")
+ public List<String> getEditableRolesList() {
+ return securityService.getSecurityDao().listEditableRoles();
+ }
+
+ @RequestMapping("/createRole.*")
+ public ServerAnswer createRole(@RequestParam("role") String role) {
+ securityService.newRole(role);
+ return ServerAnswer.ok("Role " + role + " created");
+ }
+
+ @RequestMapping("/deleteRole.*")
+ public ServerAnswer deleteRole(@RequestParam("role") String role) {
+ securityService.getSecurityDao().deleteRole(role);
+ return ServerAnswer.ok("Role " + role + " deleted");
+ }
+
+ @RequestMapping("/updateUserPassword.*")
+ public ServerAnswer updateUserPassword(
+ @RequestParam("username") String username,
+ @RequestParam("password") String password) {
+ securityService.updateUserPassword(username,
+ digestIfNecessary(password));
+ return ServerAnswer.ok("Password updated for user " + username);
+ }
+
+ @RequestMapping("/updatePassword.*")
+ public ServerAnswer updatePassword(
+ @RequestParam("oldPassword") String oldPassword,
+ @RequestParam("password") String password) {
+ securityService.updateCurrentUserPassword(
+ digestIfNecessary(oldPassword), digestIfNecessary(password));
+ return ServerAnswer.ok("Password updated");
+ }
+
+ protected String digestIfNecessary(String str) {
+ if (!str.startsWith("{" + digestType + "}"))
+ return digest(str);
+ else
+ return str;
+ }
+
+ protected String digest(String nonEncrypted) {
+ try {
+ MessageDigest md = MessageDigest.getInstance(digestType);
+ byte[] dig = md.digest(nonEncrypted.getBytes());
+ return "{" + digestType + "}"
+ + new String(Base64.encodeBase64(dig));
+ } catch (NoSuchAlgorithmException e) {
+ throw new RuntimeException(
+ "Unexpected exception while digesting password");
+ }
+ }
+
+ public void setUserDeserializer(Deserializer userDeserializer) {
+ this.userDeserializer = userDeserializer;
+ }
+
+ public void setSecurityService(ArgeoSecurityService securityService) {
+ this.securityService = securityService;
+ }
+