X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.mvc%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fmvc%2FUsersRolesController.java;h=0366096aa6fcfa35a2d90fcc06b371c6f672d4b3;hb=3a9e434fc0f80eab9568b1e5b8bb90f9fcc4310e;hp=4f9c723fb150474b827dafff097e4d233aa2a5bc;hpb=092b922842a99f6e6330305d579c119e20ceb03b;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java index 4f9c723fb..0366096aa 100644 --- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java +++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java @@ -36,20 +36,6 @@ public class UsersRolesController implements MvcConstants { return argeoUser; } - // @RequestMapping("/login.security") - // @ModelAttribute(ANSWER_MODEL_KEY) - // public ArgeoUser login(@RequestParam("username") String username, - // @RequestParam("password") String password) { - // //SecurityContextHolder.getContext().getAuthentication(). - // return securityService.getSecurityDao().getCurrentUser(); - // } - // - // @RequestMapping("/logout.security") - // @ModelAttribute(ANSWER_MODEL_KEY) - // public ServerAnswer logout() { - // return ServerAnswer.ok("Logged out"); - // } - @RequestMapping("/getUsersList.security") @ModelAttribute(ANSWER_MODEL_KEY) public List getUsersList() { @@ -66,7 +52,8 @@ public class UsersRolesController implements MvcConstants { @RequestMapping("/createUser.security") @ModelAttribute(ANSWER_MODEL_KEY) public ArgeoUser createUser(Reader reader) { - ArgeoUser user = userDeserializer.deserialize(reader, ArgeoUser.class); + ArgeoUser user = userDeserializer.deserialize(reader, + SimpleArgeoUser.class); // cleanUserBeforeCreate(user); securityService.newUser(user); return securityService.getSecurityDao().getUser(user.getUsername()); @@ -75,23 +62,23 @@ public class UsersRolesController implements MvcConstants { @RequestMapping("/updateUser.security") @ModelAttribute(ANSWER_MODEL_KEY) public ArgeoUser updateUser(Reader reader) { - ArgeoUser user = userDeserializer.deserialize(reader, ArgeoUser.class); + ArgeoUser user = userDeserializer.deserialize(reader, + SimpleArgeoUser.class); securityService.updateUser(user); return securityService.getSecurityDao().getUser(user.getUsername()); } - /* - * @RequestMapping("/createUser2.security") - * - * @ModelAttribute(ANSWER_MODEL_KEY) public ArgeoUser - * createUser(@RequestParam("body") String body) { if (log.isDebugEnabled()) - * log.debug("body:\n" + body); StringReader reader = new - * StringReader(body); ArgeoUser user = null; try { user = (ArgeoUser) - * userDeserializer.deserialize(reader); } finally { - * IOUtils.closeQuietly(reader); } cleanUserBeforeCreate(user); - * securityService.newUser(user); return - * securityService.getSecurityDao().getUser(user.getUsername()); } - */ + @RequestMapping("/updateUserSelf.security") + @ModelAttribute(ANSWER_MODEL_KEY) + /** Will only update the user natures.*/ + public ArgeoUser updateUserSelf(Reader reader) { + ArgeoUser user = securityService.getSecurityDao().getCurrentUser(); + ArgeoUser userForNatures = userDeserializer.deserialize(reader, + SimpleArgeoUser.class); + user.updateUserNatures(userForNatures.getUserNatures()); + securityService.updateUser(user); + return securityService.getSecurityDao().getUser(user.getUsername()); + } @RequestMapping("/deleteUser.security") @ModelAttribute(ANSWER_MODEL_KEY) @@ -139,16 +126,12 @@ public class UsersRolesController implements MvcConstants { @RequestMapping("/updatePassword.security") @ModelAttribute(ANSWER_MODEL_KEY) public ServerAnswer updatePassword( - @RequestParam("password") String password, - @RequestParam("oldPassword") String oldPassword) { - securityService.getSecurityDao().updatePassword(oldPassword, password); + @RequestParam("oldPassword") String oldPassword, + @RequestParam("password") String password) { + securityService.updateCurrentUserPassword(oldPassword, password); return ServerAnswer.ok("Password updated"); } - // protected void cleanUserBeforeCreate(ArgeoUser user) { - // user.getUserNatures().clear(); - // } - public void setUserDeserializer(Deserializer userDeserializer) { this.userDeserializer = userDeserializer; }