import org.apache.commons.logging.LogFactory;
import org.argeo.security.ArgeoSecurityService;
import org.argeo.security.ArgeoUser;
-import org.argeo.security.BasicArgeoUser;
-import org.argeo.security.core.ArgeoUserDetails;
import org.argeo.server.BooleanAnswer;
-import org.argeo.server.DeserializingEditor;
import org.argeo.server.ServerAnswer;
import org.argeo.server.ServerDeserializer;
import org.argeo.server.mvc.MvcConstants;
-import org.springframework.security.Authentication;
-import org.springframework.security.context.SecurityContextHolder;
import org.springframework.stereotype.Controller;
-import org.springframework.web.bind.WebDataBinder;
-import org.springframework.web.bind.annotation.InitBinder;
import org.springframework.web.bind.annotation.ModelAttribute;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
private ServerDeserializer userDeserializer = null;
- @InitBinder
- public void initBinder(WebDataBinder binder) {
- binder.registerCustomEditor(BasicArgeoUser.class,
- new DeserializingEditor(userDeserializer));
- }
+ // @InitBinder
+ // public void initBinder(WebDataBinder binder) {
+ // binder.registerCustomEditor(SimpleArgeoUser.class,
+ // new DeserializingEditor(userDeserializer));
+ // }
/* USER */
@RequestMapping("/getCredentials.security")
@ModelAttribute(ANSWER_MODEL_KEY)
public ArgeoUser getCredentials() {
- Authentication authentication = SecurityContextHolder.getContext()
- .getAuthentication();
- return ArgeoUserDetails.asArgeoUser(authentication);
+ return securityService.getSecurityDao().getCurrentUser();
}
@RequestMapping("/getUsersList.security")
@ModelAttribute(ANSWER_MODEL_KEY)
public ServerAnswer deleteRole(@RequestParam("role") String role) {
securityService.getSecurityDao().deleteRole(role);
- return ServerAnswer.ok("Role " + role + " created");
+ return ServerAnswer.ok("Role " + role + " deleted");
+ }
+
+ @RequestMapping("/updateUserPassword.security")
+ @ModelAttribute(ANSWER_MODEL_KEY)
+ public ServerAnswer updateUserPassword(
+ @RequestParam("username") String username,
+ @RequestParam("password") String password) {
+ securityService.updateUserPassword(username, password);
+ return ServerAnswer.ok("Password updated for user " + username);
+ }
+
+ @RequestMapping("/updatePassword.security")
+ @ModelAttribute(ANSWER_MODEL_KEY)
+ public ServerAnswer updatePassword(
+ @RequestParam("password") String password,
+ @RequestParam("oldPassword") String oldPassword) {
+ securityService.getSecurityDao().updatePassword(oldPassword, password);
+ return ServerAnswer.ok("Password updated");
}
protected void cleanUserBeforeCreate(ArgeoUser user) {