X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.mvc%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fmvc%2FUsersRolesController.java;h=185d376a679eea5624b6384c7c638238c3816c0b;hb=1d5afdce3e91054f07ddd3c98309c363b4cf1d46;hp=cd954644aecff4ddb4e266efcf85fe2aad3173b2;hpb=5bfc0d2e2e34f86b454a1ec209617a9fc0f306b1;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java index cd954644a..185d376a6 100644 --- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java +++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java @@ -1,5 +1,5 @@ /* - * Copyright (C) 2010 Mathieu Baudier + * Copyright (C) 2007-2012 Mathieu Baudier * * Licensed under the Apache License, Version 2.0 (the "License"); * you may not use this file except in compliance with the License. @@ -13,167 +13,122 @@ * See the License for the specific language governing permissions and * limitations under the License. */ - package org.argeo.security.mvc; -import java.io.Reader; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.List; - -import org.apache.commons.codec.binary.Base64; -import org.argeo.security.ArgeoSecurityService; -import org.argeo.security.ArgeoUser; -import org.argeo.security.SimpleArgeoUser; -import org.argeo.server.BooleanAnswer; -import org.argeo.server.Deserializer; -import org.argeo.server.ServerAnswer; import org.argeo.server.mvc.MvcConstants; import org.springframework.stereotype.Controller; -import org.springframework.web.bind.annotation.ModelAttribute; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestParam; @Controller public class UsersRolesController implements MvcConstants { - // private final static Log log = LogFactory - // .getLog(UsersRolesController.class); - - private String digestType = "SHA"; - - private ArgeoSecurityService securityService; - - private Deserializer userDeserializer = null; +// private ArgeoSecurityService securityService; +// private Deserializer userDeserializer = null; /* USER */ - @RequestMapping("/getCredentials.*") - @ModelAttribute("user") - public ArgeoUser getCredentials() { - ArgeoUser argeoUser = securityService.getCurrentUser(); - if (argeoUser == null) - return new SimpleArgeoUser(); - else - return argeoUser; - } - - @RequestMapping("/getUsersList.*") - @ModelAttribute("users") - public List getUsersList() { - return securityService.getSecurityDao().listUsers(); - } - - @RequestMapping("/userExists.*") - public BooleanAnswer userExists(@RequestParam("username") String username) { - return new BooleanAnswer(securityService.getSecurityDao().userExists( - username)); - } - - @RequestMapping("/createUser.*") - @ModelAttribute("user") - public ArgeoUser createUser(Reader reader) { - ArgeoUser user = userDeserializer.deserialize(reader, - SimpleArgeoUser.class); - // cleanUserBeforeCreate(user); - securityService.newUser(user); - return securityService.getSecurityDao().getUser(user.getUsername()); - } - - @RequestMapping("/updateUser.*") - @ModelAttribute("user") - public ArgeoUser updateUser(Reader reader) { - ArgeoUser user = userDeserializer.deserialize(reader, - SimpleArgeoUser.class); - securityService.updateUser(user); - return securityService.getSecurityDao().getUser(user.getUsername()); - } - - @RequestMapping("/updateUserSelf.*") - @ModelAttribute("user") - /** Will only update the user natures.*/ - public ArgeoUser updateUserSelf(Reader reader) { - ArgeoUser user = securityService.getCurrentUser(); - ArgeoUser userForNatures = userDeserializer.deserialize(reader, - SimpleArgeoUser.class); - user.updateUserNatures(userForNatures.getUserNatures()); - securityService.updateUser(user); - return securityService.getSecurityDao().getUser(user.getUsername()); - } - - @RequestMapping("/deleteUser.*") - public ServerAnswer deleteUser(@RequestParam("username") String username) { - securityService.getSecurityDao().delete(username); - return ServerAnswer.ok("User " + username + " deleted"); - } - - @RequestMapping("/getUserDetails.*") - @ModelAttribute("user") - public ArgeoUser getUserDetails(@RequestParam("username") String username) { - return securityService.getSecurityDao().getUser(username); - } +// @RequestMapping("/getCredentials.*") +// @ModelAttribute("user") +// public ArgeoUser getCredentials() { +// ArgeoUser argeoUser = securityService.getCurrentUser(); +// if (argeoUser == null) +// return new SimpleArgeoUser(); +// else +// return argeoUser; +// } +// +// @RequestMapping("/getUsersList.*") +// @ModelAttribute("users") +// public Set getUsersList() { +// return securityService.listUsers(); +// } +// +// @RequestMapping("/userExists.*") +// public BooleanAnswer userExists(@RequestParam("username") String username) { +// return new BooleanAnswer(securityService.userExists(username)); +// } +// +// @RequestMapping("/createUser.*") +// @ModelAttribute("user") +// public ArgeoUser createUser(Reader reader) { +// ArgeoUser user = userDeserializer.deserialize(reader, +// SimpleArgeoUser.class); +// securityService.newUser(user); +// return securityService.getUser(user.getUsername()); +// } +// +// @RequestMapping("/updateUser.*") +// @ModelAttribute("user") +// public ArgeoUser updateUser(Reader reader) { +// ArgeoUser user = userDeserializer.deserialize(reader, +// SimpleArgeoUser.class); +// securityService.updateUser(user); +// return securityService.getUser(user.getUsername()); +// } +// +// @RequestMapping("/updateUserSelf.*") +// @ModelAttribute("user") +// /** Will only update the user natures.*/ +// public ArgeoUser updateUserSelf(Reader reader) { +// ArgeoUser user = securityService.getCurrentUser(); +// ArgeoUser userForNatures = userDeserializer.deserialize(reader, +// SimpleArgeoUser.class); +// user.updateUserNatures(userForNatures.getUserNatures()); +// securityService.updateUser(user); +// return securityService.getUser(user.getUsername()); +// } +// +// @RequestMapping("/deleteUser.*") +// public ServerAnswer deleteUser(@RequestParam("username") String username) { +// securityService.deleteUser(username); +// return ServerAnswer.ok("User " + username + " deleted"); +// } +// +// @RequestMapping("/getUserDetails.*") +// @ModelAttribute("user") +// public ArgeoUser getUserDetails(@RequestParam("username") String username) { +// return securityService.getUser(username); +// } /* ROLE */ - @RequestMapping("/getRolesList.*") - @ModelAttribute("roles") - public List getEditableRolesList() { - return securityService.getSecurityDao().listEditableRoles(); - } - - @RequestMapping("/createRole.*") - public ServerAnswer createRole(@RequestParam("role") String role) { - securityService.newRole(role); - return ServerAnswer.ok("Role " + role + " created"); - } - - @RequestMapping("/deleteRole.*") - public ServerAnswer deleteRole(@RequestParam("role") String role) { - securityService.getSecurityDao().deleteRole(role); - return ServerAnswer.ok("Role " + role + " deleted"); - } - - @RequestMapping("/updateUserPassword.*") - public ServerAnswer updateUserPassword( - @RequestParam("username") String username, - @RequestParam("password") String password) { - securityService.updateUserPassword(username, - digestIfNecessary(password)); - return ServerAnswer.ok("Password updated for user " + username); - } - - @RequestMapping("/updatePassword.*") - public ServerAnswer updatePassword( - @RequestParam("oldPassword") String oldPassword, - @RequestParam("password") String password) { - securityService.updateCurrentUserPassword( - digestIfNecessary(oldPassword), digestIfNecessary(password)); - return ServerAnswer.ok("Password updated"); - } - - protected String digestIfNecessary(String str) { - if (!str.startsWith("{" + digestType + "}")) - return digest(str); - else - return str; - } - - protected String digest(String nonEncrypted) { - try { - MessageDigest md = MessageDigest.getInstance(digestType); - byte[] dig = md.digest(nonEncrypted.getBytes()); - return "{" + digestType + "}" - + new String(Base64.encodeBase64(dig)); - } catch (NoSuchAlgorithmException e) { - throw new RuntimeException( - "Unexpected exception while digesting password"); - } - } - - public void setUserDeserializer(Deserializer userDeserializer) { - this.userDeserializer = userDeserializer; - } - - public void setSecurityService(ArgeoSecurityService securityService) { - this.securityService = securityService; - } +// @RequestMapping("/getRolesList.*") +// @ModelAttribute("roles") +// public Set getEditableRolesList() { +// return securityService.listEditableRoles(); +// } +// +// @RequestMapping("/createRole.*") +// public ServerAnswer createRole(@RequestParam("role") String role) { +// securityService.newRole(role); +// return ServerAnswer.ok("Role " + role + " created"); +// } +// +// @RequestMapping("/deleteRole.*") +// public ServerAnswer deleteRole(@RequestParam("role") String role) { +// securityService.deleteRole(role); +// return ServerAnswer.ok("Role " + role + " deleted"); +// } +// +// @RequestMapping("/updateUserPassword.*") +// public ServerAnswer updateUserPassword( +// @RequestParam("username") String username, +// @RequestParam("password") String password) { +// securityService.updateUserPassword(username, password); +// return ServerAnswer.ok("Password updated for user " + username); +// } +// +// @RequestMapping("/updatePassword.*") +// public ServerAnswer updatePassword( +// @RequestParam("oldPassword") String oldPassword, +// @RequestParam("password") String password) { +// securityService.updateCurrentUserPassword(oldPassword, password); +// return ServerAnswer.ok("Password updated"); +// } +// +// public void setUserDeserializer(Deserializer userDeserializer) { +// this.userDeserializer = userDeserializer; +// } +// +// public void setSecurityService(ArgeoSecurityService securityService) { +// this.securityService = securityService; +// } }