package org.argeo.security;
import java.io.Serializable;
+import java.util.List;
+
+import org.argeo.ArgeoException;
public class UserNature implements Serializable {
private static final long serialVersionUID = 1L;
public void setType(String type) {
this.type = type;
}
+
+ public final static void updateUserNaturesWithCheck(
+ List<UserNature> userNatures, List<UserNature> userNaturesData) {
+ if (userNatures.size() != userNaturesData.size())
+ throw new ArgeoException(
+ "It is forbidden to add or remove user natures via this method");
+ for (int i = 0; i < userNatures.size(); i++) {
+ String type = userNatures.get(i).getType();
+ boolean found = false;
+ for (int j = 0; j < userNatures.size(); j++) {
+ String newType = userNaturesData.get(j).getType();
+ if (type.equals(newType))
+ found = true;
+ }
+ if (!found)
+ throw new ArgeoException(
+ "Could not find a user nature of type " + type);
+ }
+
+ for (int i = 0; i < userNatures.size(); i++) {
+ userNatures.set(i, userNaturesData.get(i));
+ }
+ }
}
return securityService.getSecurityDao().getUser(user.getUsername());
}
- /*
- * @RequestMapping("/createUser2.security")
- *
- * @ModelAttribute(ANSWER_MODEL_KEY) public ArgeoUser
- * createUser(@RequestParam("body") String body) { if (log.isDebugEnabled())
- * log.debug("body:\n" + body); StringReader reader = new
- * StringReader(body); ArgeoUser user = null; try { user = (ArgeoUser)
- * userDeserializer.deserialize(reader); } finally {
- * IOUtils.closeQuietly(reader); } cleanUserBeforeCreate(user);
- * securityService.newUser(user); return
- * securityService.getSecurityDao().getUser(user.getUsername()); }
- */
+ @RequestMapping("/updateUserSelf.security")
+ @ModelAttribute(ANSWER_MODEL_KEY)
+ /** Will only update the user natures.*/
+ public ArgeoUser updateUserSelf(Reader reader) {
+ ArgeoUser user = securityService.getSecurityDao().getCurrentUser();
+ ArgeoUser userForNatures = userDeserializer.deserialize(reader,
+ SimpleArgeoUser.class);
+ user.updateUserNatures(userForNatures.getUserNatures());
+ securityService.updateUser(user);
+ return securityService.getSecurityDao().getUser(user.getUsername());
+ }
@RequestMapping("/deleteUser.security")
@ModelAttribute(ANSWER_MODEL_KEY)
return ServerAnswer.ok("Password updated");
}
- // protected void cleanUserBeforeCreate(ArgeoUser user) {
- // user.getUserNatures().clear();
- // }
-
public void setUserDeserializer(Deserializer userDeserializer) {
this.userDeserializer = userDeserializer;
}