X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.mvc%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fmvc%2FUsersRolesController.java;h=ce6054645a084af0d875335c075972532230132a;hb=f3ff1f46c8a04c4a60bbccd44e16d5880b386229;hp=7f5334564fe931ed00637a87cc82deadb2faed77;hpb=e241a5585404c07bea8351c4112be64512ad7fb9;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java index 7f5334564..ce6054645 100644 --- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java +++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java @@ -1,22 +1,145 @@ package org.argeo.security.mvc; +import java.io.Reader; +import java.io.StringReader; +import java.util.List; + +import org.apache.commons.io.IOUtils; +import org.apache.commons.logging.Log; +import org.apache.commons.logging.LogFactory; import org.argeo.security.ArgeoUser; +import org.argeo.security.BasicArgeoUser; import org.argeo.security.core.ArgeoUserDetails; +import org.argeo.security.dao.RoleDao; +import org.argeo.security.dao.UserDao; +import org.argeo.server.BooleanAnswer; +import org.argeo.server.DeserializingEditor; +import org.argeo.server.ServerAnswer; +import org.argeo.server.ServerDeserializer; +import org.argeo.server.mvc.MvcConstants; import org.springframework.security.Authentication; import org.springframework.security.context.SecurityContextHolder; import org.springframework.stereotype.Controller; +import org.springframework.web.bind.WebDataBinder; +import org.springframework.web.bind.annotation.InitBinder; import org.springframework.web.bind.annotation.ModelAttribute; import org.springframework.web.bind.annotation.RequestMapping; +import org.springframework.web.bind.annotation.RequestParam; @Controller -public class UsersRolesController { +public class UsersRolesController implements MvcConstants { + private final static Log log = LogFactory + .getLog(UsersRolesController.class); + + private UserDao userDao; + private RoleDao roleDao; + + private ServerDeserializer userDeserializer = null; + + @InitBinder + public void initBinder(WebDataBinder binder) { + binder.registerCustomEditor(BasicArgeoUser.class, + new DeserializingEditor(userDeserializer)); + } + + /* USER */ @RequestMapping("/getCredentials.security") - @ModelAttribute("getCredentials") + @ModelAttribute(ANSWER_MODEL_KEY) public ArgeoUser getCredentials() { Authentication authentication = SecurityContextHolder.getContext() .getAuthentication(); + return ArgeoUserDetails.asArgeoUser(authentication); + } + + @RequestMapping("/getUsersList.security") + @ModelAttribute(ANSWER_MODEL_KEY) + public List getUsersList() { + return userDao.listUsers(); + } + + @RequestMapping("/userExists.security") + @ModelAttribute(ANSWER_MODEL_KEY) + public BooleanAnswer userExists(@RequestParam("username") String username) { + return new BooleanAnswer(userDao.userExists(username)); + } + + @RequestMapping("/createUser.security") + @ModelAttribute(ANSWER_MODEL_KEY) + public ArgeoUser createUser(Reader reader) { + ArgeoUser user = (ArgeoUser) userDeserializer.deserialize(reader); + userDao.create(user); + return userDao.getUser(user.getUsername()); + } + + @RequestMapping("/updateUser.security") + @ModelAttribute(ANSWER_MODEL_KEY) + public ArgeoUser updateUser(Reader reader) { + ArgeoUser user = (ArgeoUser) userDeserializer.deserialize(reader); + userDao.update(user); + return userDao.getUser(user.getUsername()); + } + + @RequestMapping("/createUser2.security") + @ModelAttribute(ANSWER_MODEL_KEY) + public ArgeoUser createUser(@RequestParam("body") String body) { + if (log.isDebugEnabled()) + log.debug("body:\n" + body); + StringReader reader = new StringReader(body); + ArgeoUser user = null; + try { + user = (ArgeoUser) userDeserializer.deserialize(reader); + } finally { + IOUtils.closeQuietly(reader); + } + userDao.create(user); + return userDao.getUser(user.getUsername()); + } + + @RequestMapping("/deleteUser.security") + @ModelAttribute(ANSWER_MODEL_KEY) + public ServerAnswer deleteUser(@RequestParam("username") String username) { + userDao.delete(username); + return ServerAnswer.ok("User " + username + " deleted"); + } + + @RequestMapping("/getUserDetails.security") + @ModelAttribute(ANSWER_MODEL_KEY) + public ArgeoUser getUserDetails(@RequestParam("username") String username) { + return userDao.getUser(username); + } + + /* ROLE */ + @RequestMapping("/getRolesList.security") + @ModelAttribute(ANSWER_MODEL_KEY) + public List getEditableRolesList() { + return roleDao.listEditableRoles(); + } + + @RequestMapping("/createRole.security") + @ModelAttribute(ANSWER_MODEL_KEY) + public ServerAnswer createRole(@RequestParam("role") String role) { + roleDao.create(role); + return ServerAnswer.ok("Role " + role + " created"); + } + + @RequestMapping("/deleteRole.security") + @ModelAttribute(ANSWER_MODEL_KEY) + public ServerAnswer deleteRole(@RequestParam("role") String role) { + roleDao.delete(role); + return ServerAnswer.ok("Role " + role + " created"); + } + + public void setUserDao(UserDao userDao) { + this.userDao = userDao; + } + + public void setRoleDao(RoleDao roleDao) { + this.roleDao = roleDao; + } - return ArgeoUserDetails.createBasicArgeoUser(authentication); + public void setUserDeserializer(ServerDeserializer userDeserializer) { + this.userDeserializer = userDeserializer; } + }