X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.mvc%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fmvc%2FUsersRolesController.java;h=2ce770c46de5b6dc05e8b9c55ee724cfe7e6ade1;hb=149023e5969377045847bbecf24b0898b18a67a9;hp=c95d909841ced8b24d83a6828c3efe949303a317;hpb=00ae7654c948e62c35ef88e7d8d528965d5e0371;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java index c95d90984..2ce770c46 100644 --- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java +++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java @@ -1,145 +1,135 @@ -package org.argeo.security.mvc; +/* + * Copyright (C) 2010 Mathieu Baudier + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ -import java.io.Reader; -import java.io.StringReader; -import java.util.List; +package org.argeo.security.mvc; -import org.apache.commons.io.IOUtils; -import org.apache.commons.logging.Log; -import org.apache.commons.logging.LogFactory; -import org.argeo.security.ArgeoUser; -import org.argeo.security.BasicArgeoUser; -import org.argeo.security.core.ArgeoUserDetails; -import org.argeo.security.dao.RoleDao; -import org.argeo.security.dao.UserDao; -import org.argeo.server.BooleanAnswer; -import org.argeo.server.DeserializingEditor; -import org.argeo.server.ServerAnswer; -import org.argeo.server.ServerDeserializer; import org.argeo.server.mvc.MvcConstants; -import org.springframework.security.Authentication; -import org.springframework.security.context.SecurityContextHolder; import org.springframework.stereotype.Controller; -import org.springframework.web.bind.WebDataBinder; -import org.springframework.web.bind.annotation.InitBinder; -import org.springframework.web.bind.annotation.ModelAttribute; -import org.springframework.web.bind.annotation.RequestMapping; -import org.springframework.web.bind.annotation.RequestParam; @Controller public class UsersRolesController implements MvcConstants { - private final static Log log = LogFactory - .getLog(UsersRolesController.class); - - private UserDao userDao; - private RoleDao roleDao; - - private ServerDeserializer userDeserializer = null; - - @InitBinder - public void initBinder(WebDataBinder binder) { - binder.registerCustomEditor(BasicArgeoUser.class, - new DeserializingEditor(userDeserializer)); - } +// private ArgeoSecurityService securityService; +// private Deserializer userDeserializer = null; /* USER */ - @RequestMapping("/getCredentials.security") - @ModelAttribute(ANSWER_MODEL_KEY) - public ArgeoUser getCredentials() { - Authentication authentication = SecurityContextHolder.getContext() - .getAuthentication(); - return ArgeoUserDetails.asArgeoUser(authentication); - } - - @RequestMapping("/getUsersList.security") - @ModelAttribute(ANSWER_MODEL_KEY) - public List getUsersList() { - return userDao.listUsers(); - } - - @RequestMapping("/userExists.security") - @ModelAttribute(ANSWER_MODEL_KEY) - public BooleanAnswer userExists(@RequestParam("username") String username) { - return new BooleanAnswer(userDao.userExists(username)); - } - - @RequestMapping("/createUser.security") - @ModelAttribute(ANSWER_MODEL_KEY) - public ServerAnswer createUser(Reader reader) { - ArgeoUser user = (ArgeoUser) userDeserializer.deserialize(reader); - userDao.create(user); - return ServerAnswer.ok("User " + user.getUsername() + " created"); - } - - @RequestMapping("/updateUser.security") - @ModelAttribute(ANSWER_MODEL_KEY) - public ServerAnswer updateUser(Reader reader) { - ArgeoUser user = (ArgeoUser) userDeserializer.deserialize(reader); - userDao.update(user); - return ServerAnswer.ok("User " + user.getUsername() + " updated"); - } - - @RequestMapping("/createUser2.security") - @ModelAttribute(ANSWER_MODEL_KEY) - public ServerAnswer createUser(@RequestParam("body") String body) { - if (log.isDebugEnabled()) - log.debug("body:\n" + body); - StringReader reader = new StringReader(body); - ArgeoUser user = null; - try { - user = (ArgeoUser) userDeserializer.deserialize(reader); - } finally { - IOUtils.closeQuietly(reader); - } - userDao.create(user); - return ServerAnswer.ok("User " + user.getUsername() + " created"); - } - - @RequestMapping("/deleteUser.security") - @ModelAttribute(ANSWER_MODEL_KEY) - public ServerAnswer deleteUser(@RequestParam("username") String username) { - userDao.delete(username); - return ServerAnswer.ok("User " + username + " deleted"); - } - - @RequestMapping("/getUserDetails.security") - @ModelAttribute(ANSWER_MODEL_KEY) - public ArgeoUser getUserDetails(@RequestParam("username") String username) { - return userDao.getUser(username); - } +// @RequestMapping("/getCredentials.*") +// @ModelAttribute("user") +// public ArgeoUser getCredentials() { +// ArgeoUser argeoUser = securityService.getCurrentUser(); +// if (argeoUser == null) +// return new SimpleArgeoUser(); +// else +// return argeoUser; +// } +// +// @RequestMapping("/getUsersList.*") +// @ModelAttribute("users") +// public Set getUsersList() { +// return securityService.listUsers(); +// } +// +// @RequestMapping("/userExists.*") +// public BooleanAnswer userExists(@RequestParam("username") String username) { +// return new BooleanAnswer(securityService.userExists(username)); +// } +// +// @RequestMapping("/createUser.*") +// @ModelAttribute("user") +// public ArgeoUser createUser(Reader reader) { +// ArgeoUser user = userDeserializer.deserialize(reader, +// SimpleArgeoUser.class); +// securityService.newUser(user); +// return securityService.getUser(user.getUsername()); +// } +// +// @RequestMapping("/updateUser.*") +// @ModelAttribute("user") +// public ArgeoUser updateUser(Reader reader) { +// ArgeoUser user = userDeserializer.deserialize(reader, +// SimpleArgeoUser.class); +// securityService.updateUser(user); +// return securityService.getUser(user.getUsername()); +// } +// +// @RequestMapping("/updateUserSelf.*") +// @ModelAttribute("user") +// /** Will only update the user natures.*/ +// public ArgeoUser updateUserSelf(Reader reader) { +// ArgeoUser user = securityService.getCurrentUser(); +// ArgeoUser userForNatures = userDeserializer.deserialize(reader, +// SimpleArgeoUser.class); +// user.updateUserNatures(userForNatures.getUserNatures()); +// securityService.updateUser(user); +// return securityService.getUser(user.getUsername()); +// } +// +// @RequestMapping("/deleteUser.*") +// public ServerAnswer deleteUser(@RequestParam("username") String username) { +// securityService.deleteUser(username); +// return ServerAnswer.ok("User " + username + " deleted"); +// } +// +// @RequestMapping("/getUserDetails.*") +// @ModelAttribute("user") +// public ArgeoUser getUserDetails(@RequestParam("username") String username) { +// return securityService.getUser(username); +// } /* ROLE */ - @RequestMapping("/getRolesList.security") - @ModelAttribute(ANSWER_MODEL_KEY) - public List getEditableRolesList() { - return roleDao.listEditableRoles(); - } - - @RequestMapping("/createRole.security") - @ModelAttribute(ANSWER_MODEL_KEY) - public ServerAnswer createRole(@RequestParam("role") String role) { - roleDao.create(role); - return ServerAnswer.ok("Role " + role + " created"); - } - - @RequestMapping("/deleteRole.security") - @ModelAttribute(ANSWER_MODEL_KEY) - public ServerAnswer deleteRole(@RequestParam("role") String role) { - roleDao.delete(role); - return ServerAnswer.ok("Role " + role + " created"); - } - - public void setUserDao(UserDao userDao) { - this.userDao = userDao; - } - - public void setRoleDao(RoleDao roleDao) { - this.roleDao = roleDao; - } - - public void setUserDeserializer(ServerDeserializer userDeserializer) { - this.userDeserializer = userDeserializer; - } +// @RequestMapping("/getRolesList.*") +// @ModelAttribute("roles") +// public Set getEditableRolesList() { +// return securityService.listEditableRoles(); +// } +// +// @RequestMapping("/createRole.*") +// public ServerAnswer createRole(@RequestParam("role") String role) { +// securityService.newRole(role); +// return ServerAnswer.ok("Role " + role + " created"); +// } +// +// @RequestMapping("/deleteRole.*") +// public ServerAnswer deleteRole(@RequestParam("role") String role) { +// securityService.deleteRole(role); +// return ServerAnswer.ok("Role " + role + " deleted"); +// } +// +// @RequestMapping("/updateUserPassword.*") +// public ServerAnswer updateUserPassword( +// @RequestParam("username") String username, +// @RequestParam("password") String password) { +// securityService.updateUserPassword(username, password); +// return ServerAnswer.ok("Password updated for user " + username); +// } +// +// @RequestMapping("/updatePassword.*") +// public ServerAnswer updatePassword( +// @RequestParam("oldPassword") String oldPassword, +// @RequestParam("password") String password) { +// securityService.updateCurrentUserPassword(oldPassword, password); +// return ServerAnswer.ok("Password updated"); +// } +// +// public void setUserDeserializer(Deserializer userDeserializer) { +// this.userDeserializer = userDeserializer; +// } +// +// public void setSecurityService(ArgeoSecurityService securityService) { +// this.securityService = securityService; +// } }