X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.mvc%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fmvc%2FUsersRolesController.java;h=0366096aa6fcfa35a2d90fcc06b371c6f672d4b3;hb=3a9e434fc0f80eab9568b1e5b8bb90f9fcc4310e;hp=923a1864d14e9343f6dd7fa8bc385d0dfbed8f2e;hpb=2f5648fe0951f67461a319864b980777ddf24149;p=lgpl%2Fargeo-commons.git

diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
index 923a1864d..0366096aa 100644
--- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
+++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
@@ -5,9 +5,10 @@ import java.util.List;
 
 import org.argeo.security.ArgeoSecurityService;
 import org.argeo.security.ArgeoUser;
+import org.argeo.security.SimpleArgeoUser;
 import org.argeo.server.BooleanAnswer;
+import org.argeo.server.Deserializer;
 import org.argeo.server.ServerAnswer;
-import org.argeo.server.ServerDeserializer;
 import org.argeo.server.mvc.MvcConstants;
 import org.springframework.stereotype.Controller;
 import org.springframework.web.bind.annotation.ModelAttribute;
@@ -16,19 +17,23 @@ import org.springframework.web.bind.annotation.RequestParam;
 
 @Controller
 public class UsersRolesController implements MvcConstants {
-//	private final static Log log = LogFactory
-//			.getLog(UsersRolesController.class);
+	// private final static Log log = LogFactory
+	// .getLog(UsersRolesController.class);
 
 	private ArgeoSecurityService securityService;
 
-	private ServerDeserializer userDeserializer = null;
+	private Deserializer userDeserializer = null;
 
 	/* USER */
 
-	@RequestMapping("/getCredentials.security")
+	@RequestMapping("/getCredentials.ria")
 	@ModelAttribute(ANSWER_MODEL_KEY)
 	public ArgeoUser getCredentials() {
-		return securityService.getSecurityDao().getCurrentUser();
+		ArgeoUser argeoUser = securityService.getSecurityDao().getCurrentUser();
+		if (argeoUser == null)
+			return new SimpleArgeoUser();
+		else
+			return argeoUser;
 	}
 
 	@RequestMapping("/getUsersList.security")
@@ -47,8 +52,9 @@ public class UsersRolesController implements MvcConstants {
 	@RequestMapping("/createUser.security")
 	@ModelAttribute(ANSWER_MODEL_KEY)
 	public ArgeoUser createUser(Reader reader) {
-		ArgeoUser user = (ArgeoUser) userDeserializer.deserialize(reader);
-		//cleanUserBeforeCreate(user);
+		ArgeoUser user = userDeserializer.deserialize(reader,
+				SimpleArgeoUser.class);
+		// cleanUserBeforeCreate(user);
 		securityService.newUser(user);
 		return securityService.getSecurityDao().getUser(user.getUsername());
 	}
@@ -56,27 +62,23 @@ public class UsersRolesController implements MvcConstants {
 	@RequestMapping("/updateUser.security")
 	@ModelAttribute(ANSWER_MODEL_KEY)
 	public ArgeoUser updateUser(Reader reader) {
-		ArgeoUser user = (ArgeoUser) userDeserializer.deserialize(reader);
+		ArgeoUser user = userDeserializer.deserialize(reader,
+				SimpleArgeoUser.class);
 		securityService.updateUser(user);
 		return securityService.getSecurityDao().getUser(user.getUsername());
 	}
-/*
-	@RequestMapping("/createUser2.security")
+
+	@RequestMapping("/updateUserSelf.security")
 	@ModelAttribute(ANSWER_MODEL_KEY)
-	public ArgeoUser createUser(@RequestParam("body") String body) {
-		if (log.isDebugEnabled())
-			log.debug("body:\n" + body);
-		StringReader reader = new StringReader(body);
-		ArgeoUser user = null;
-		try {
-			user = (ArgeoUser) userDeserializer.deserialize(reader);
-		} finally {
-			IOUtils.closeQuietly(reader);
-		}
-		cleanUserBeforeCreate(user);
-		securityService.newUser(user);
+	/** Will only update the user natures.*/
+	public ArgeoUser updateUserSelf(Reader reader) {
+		ArgeoUser user = securityService.getSecurityDao().getCurrentUser();
+		ArgeoUser userForNatures = userDeserializer.deserialize(reader,
+				SimpleArgeoUser.class);
+		user.updateUserNatures(userForNatures.getUserNatures());
+		securityService.updateUser(user);
 		return securityService.getSecurityDao().getUser(user.getUsername());
-	}*/
+	}
 
 	@RequestMapping("/deleteUser.security")
 	@ModelAttribute(ANSWER_MODEL_KEY)
@@ -124,17 +126,13 @@ public class UsersRolesController implements MvcConstants {
 	@RequestMapping("/updatePassword.security")
 	@ModelAttribute(ANSWER_MODEL_KEY)
 	public ServerAnswer updatePassword(
-			@RequestParam("password") String password,
-			@RequestParam("oldPassword") String oldPassword) {
-		securityService.getSecurityDao().updatePassword(oldPassword, password);
+			@RequestParam("oldPassword") String oldPassword,
+			@RequestParam("password") String password) {
+		securityService.updateCurrentUserPassword(oldPassword, password);
 		return ServerAnswer.ok("Password updated");
 	}
 
-//	protected void cleanUserBeforeCreate(ArgeoUser user) {
-//		user.getUserNatures().clear();
-//	}
-
-	public void setUserDeserializer(ServerDeserializer userDeserializer) {
+	public void setUserDeserializer(Deserializer userDeserializer) {
 		this.userDeserializer = userDeserializer;
 	}