X-Git-Url: https://git.argeo.org/?a=blobdiff_plain;f=security%2Fruntime%2Forg.argeo.security.mvc%2Fsrc%2Fmain%2Fjava%2Forg%2Fargeo%2Fsecurity%2Fmvc%2FUsersRolesController.java;h=f2da2be6ae4c3c6cbbca749856a3dc8e75165dbe;hb=136dab5338b5f731b285d17c804861bd5e5a9b5c;hp=cd954644aecff4ddb4e266efcf85fe2aad3173b2;hpb=43e77c157692d040ad20ea9c15d236b57ce0a9ac;p=lgpl%2Fargeo-commons.git diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java index cd954644a..f2da2be6a 100644 --- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java +++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java @@ -17,11 +17,8 @@ package org.argeo.security.mvc; import java.io.Reader; -import java.security.MessageDigest; -import java.security.NoSuchAlgorithmException; -import java.util.List; +import java.util.Set; -import org.apache.commons.codec.binary.Base64; import org.argeo.security.ArgeoSecurityService; import org.argeo.security.ArgeoUser; import org.argeo.security.SimpleArgeoUser; @@ -39,7 +36,7 @@ public class UsersRolesController implements MvcConstants { // private final static Log log = LogFactory // .getLog(UsersRolesController.class); - private String digestType = "SHA"; + // private String digestType = "SHA"; private ArgeoSecurityService securityService; @@ -59,14 +56,13 @@ public class UsersRolesController implements MvcConstants { @RequestMapping("/getUsersList.*") @ModelAttribute("users") - public List getUsersList() { - return securityService.getSecurityDao().listUsers(); + public Set getUsersList() { + return securityService.listUsers(); } @RequestMapping("/userExists.*") public BooleanAnswer userExists(@RequestParam("username") String username) { - return new BooleanAnswer(securityService.getSecurityDao().userExists( - username)); + return new BooleanAnswer(securityService.userExists(username)); } @RequestMapping("/createUser.*") @@ -76,7 +72,7 @@ public class UsersRolesController implements MvcConstants { SimpleArgeoUser.class); // cleanUserBeforeCreate(user); securityService.newUser(user); - return securityService.getSecurityDao().getUser(user.getUsername()); + return securityService.getUser(user.getUsername()); } @RequestMapping("/updateUser.*") @@ -85,7 +81,7 @@ public class UsersRolesController implements MvcConstants { ArgeoUser user = userDeserializer.deserialize(reader, SimpleArgeoUser.class); securityService.updateUser(user); - return securityService.getSecurityDao().getUser(user.getUsername()); + return securityService.getUser(user.getUsername()); } @RequestMapping("/updateUserSelf.*") @@ -97,26 +93,26 @@ public class UsersRolesController implements MvcConstants { SimpleArgeoUser.class); user.updateUserNatures(userForNatures.getUserNatures()); securityService.updateUser(user); - return securityService.getSecurityDao().getUser(user.getUsername()); + return securityService.getUser(user.getUsername()); } @RequestMapping("/deleteUser.*") public ServerAnswer deleteUser(@RequestParam("username") String username) { - securityService.getSecurityDao().delete(username); + securityService.deleteUser(username); return ServerAnswer.ok("User " + username + " deleted"); } @RequestMapping("/getUserDetails.*") @ModelAttribute("user") public ArgeoUser getUserDetails(@RequestParam("username") String username) { - return securityService.getSecurityDao().getUser(username); + return securityService.getUser(username); } /* ROLE */ @RequestMapping("/getRolesList.*") @ModelAttribute("roles") - public List getEditableRolesList() { - return securityService.getSecurityDao().listEditableRoles(); + public Set getEditableRolesList() { + return securityService.listEditableRoles(); } @RequestMapping("/createRole.*") @@ -127,7 +123,7 @@ public class UsersRolesController implements MvcConstants { @RequestMapping("/deleteRole.*") public ServerAnswer deleteRole(@RequestParam("role") String role) { - securityService.getSecurityDao().deleteRole(role); + securityService.deleteRole(role); return ServerAnswer.ok("Role " + role + " deleted"); } @@ -135,8 +131,7 @@ public class UsersRolesController implements MvcConstants { public ServerAnswer updateUserPassword( @RequestParam("username") String username, @RequestParam("password") String password) { - securityService.updateUserPassword(username, - digestIfNecessary(password)); + securityService.updateUserPassword(username, password); return ServerAnswer.ok("Password updated for user " + username); } @@ -144,29 +139,29 @@ public class UsersRolesController implements MvcConstants { public ServerAnswer updatePassword( @RequestParam("oldPassword") String oldPassword, @RequestParam("password") String password) { - securityService.updateCurrentUserPassword( - digestIfNecessary(oldPassword), digestIfNecessary(password)); + securityService.updateCurrentUserPassword(oldPassword, password); return ServerAnswer.ok("Password updated"); } - protected String digestIfNecessary(String str) { - if (!str.startsWith("{" + digestType + "}")) - return digest(str); - else - return str; - } - - protected String digest(String nonEncrypted) { - try { - MessageDigest md = MessageDigest.getInstance(digestType); - byte[] dig = md.digest(nonEncrypted.getBytes()); - return "{" + digestType + "}" - + new String(Base64.encodeBase64(dig)); - } catch (NoSuchAlgorithmException e) { - throw new RuntimeException( - "Unexpected exception while digesting password"); - } - } + // protected String digestIfNecessary(String str) { + // + // if (!str.startsWith("{" + digestType + "}")) + // return digest(str); + // else + // return str; + // } + + // protected String digest(String nonEncrypted) { + // try { + // MessageDigest md = MessageDigest.getInstance(digestType); + // byte[] dig = md.digest(nonEncrypted.getBytes()); + // return "{" + digestType + "}" + // + new String(Base64.encodeBase64(dig)); + // } catch (NoSuchAlgorithmException e) { + // throw new RuntimeException( + // "Unexpected exception while digesting password"); + // } + // } public void setUserDeserializer(Deserializer userDeserializer) { this.userDeserializer = userDeserializer;