X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.mvc%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fmvc%2FUsersRolesController.java;h=88dc15589b33732e071d515a2e2385a94e99e7c6;hb=e80be147bdb65aa2a0c34e848ca78851b781508d;hp=8b09b94a5d273571184cdf6fae90c88029a19a58;hpb=b00a7e9898ea2819100290cab22bf614e23a3abf;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java index 8b09b94a5..88dc15589 100644 --- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java +++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java @@ -9,18 +9,11 @@ import org.apache.commons.logging.Log; import org.apache.commons.logging.LogFactory; import org.argeo.security.ArgeoSecurityService; import org.argeo.security.ArgeoUser; -import org.argeo.security.BasicArgeoUser; -import org.argeo.security.core.ArgeoUserDetails; import org.argeo.server.BooleanAnswer; -import org.argeo.server.DeserializingEditor; import org.argeo.server.ServerAnswer; import org.argeo.server.ServerDeserializer; import org.argeo.server.mvc.MvcConstants; -import org.springframework.security.Authentication; -import org.springframework.security.context.SecurityContextHolder; import org.springframework.stereotype.Controller; -import org.springframework.web.bind.WebDataBinder; -import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; import org.springframework.web.bind.annotation.RequestParam; @@ -34,20 +27,18 @@ public class UsersRolesController implements MvcConstants { private ServerDeserializer userDeserializer = null; - @InitBinder - public void initBinder(WebDataBinder binder) { - binder.registerCustomEditor(BasicArgeoUser.class, - new DeserializingEditor(userDeserializer)); - } + // @InitBinder + // public void initBinder(WebDataBinder binder) { + // binder.registerCustomEditor(SimpleArgeoUser.class, + // new DeserializingEditor(userDeserializer)); + // } /* USER */ @RequestMapping("/getCredentials.security") @ModelAttribute(ANSWER_MODEL_KEY) public ArgeoUser getCredentials() { - Authentication authentication = SecurityContextHolder.getContext() - .getAuthentication(); - return ArgeoUserDetails.asArgeoUser(authentication); + return securityService.getSecurityDao().getCurrentUser(); } @RequestMapping("/getUsersList.security") @@ -128,7 +119,25 @@ public class UsersRolesController implements MvcConstants { @ModelAttribute(ANSWER_MODEL_KEY) public ServerAnswer deleteRole(@RequestParam("role") String role) { securityService.getSecurityDao().deleteRole(role); - return ServerAnswer.ok("Role " + role + " created"); + return ServerAnswer.ok("Role " + role + " deleted"); + } + + @RequestMapping("/updateUserPassword.security") + @ModelAttribute(ANSWER_MODEL_KEY) + public ServerAnswer updateUserPassword( + @RequestParam("username") String username, + @RequestParam("password") String password) { + securityService.updateUserPassword(username, password); + return ServerAnswer.ok("Password updated for user " + username); + } + + @RequestMapping("/updatePassword.security") + @ModelAttribute(ANSWER_MODEL_KEY) + public ServerAnswer updatePassword( + @RequestParam("password") String password, + @RequestParam("oldPassword") String oldPassword) { + securityService.getSecurityDao().updatePassword(oldPassword, password); + return ServerAnswer.ok("Password updated"); } protected void cleanUserBeforeCreate(ArgeoUser user) {