From: Mathieu Baudier Date: Wed, 24 Feb 2010 10:40:18 +0000 (+0000) Subject: Add update user self service X-Git-Tag: argeo-commons-2.1.30~1651 X-Git-Url: https://git.argeo.org/?a=commitdiff_plain;h=f516f257ad75279a2d14ab3d39e041637f10219d;p=lgpl%2Fargeo-commons.git Add update user self service git-svn-id: https://svn.argeo.org/commons/trunk@3394 4cfe0d0a-d680-48aa-b62c-e0a02a3f76cc --- diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoUser.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoUser.java index 44bf7f38a..f45470fa1 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoUser.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/ArgeoUser.java @@ -7,7 +7,10 @@ public interface ArgeoUser { public List getUserNatures(); + /** Implementation should refuse to add new user natures via this method. */ + public void updateUserNatures(List userNatures); + public List getRoles(); - + public String getPassword(); } diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/SimpleArgeoUser.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/SimpleArgeoUser.java index a84278179..a11081cbd 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/SimpleArgeoUser.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/SimpleArgeoUser.java @@ -27,6 +27,10 @@ public class SimpleArgeoUser implements ArgeoUser, Serializable { return userNatures; } + public void updateUserNatures(List userNaturesData) { + UserNature.updateUserNaturesWithCheck(userNatures, userNaturesData); + } + public List getRoles() { return roles; } diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserNature.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserNature.java index f41643b9a..3713fdc79 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserNature.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/UserNature.java @@ -1,6 +1,9 @@ package org.argeo.security; import java.io.Serializable; +import java.util.List; + +import org.argeo.ArgeoException; public class UserNature implements Serializable { private static final long serialVersionUID = 1L; @@ -17,4 +20,27 @@ public class UserNature implements Serializable { public void setType(String type) { this.type = type; } + + public final static void updateUserNaturesWithCheck( + List userNatures, List userNaturesData) { + if (userNatures.size() != userNaturesData.size()) + throw new ArgeoException( + "It is forbidden to add or remove user natures via this method"); + for (int i = 0; i < userNatures.size(); i++) { + String type = userNatures.get(i).getType(); + boolean found = false; + for (int j = 0; j < userNatures.size(); j++) { + String newType = userNaturesData.get(j).getType(); + if (type.equals(newType)) + found = true; + } + if (!found) + throw new ArgeoException( + "Could not find a user nature of type " + type); + } + + for (int i = 0; i < userNatures.size(); i++) { + userNatures.set(i, userNaturesData.get(i)); + } + } } diff --git a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java index 6793f3c1f..1a1d159aa 100644 --- a/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java +++ b/security/runtime/org.argeo.security.core/src/main/java/org/argeo/security/core/ArgeoUserDetails.java @@ -42,6 +42,10 @@ public class ArgeoUserDetails extends User implements ArgeoUser { return userNatures; } + public void updateUserNatures(List userNaturesData) { + UserNature.updateUserNaturesWithCheck(userNatures, userNaturesData); + } + public List getRoles() { return roles; } diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java index e1e66346c..d553c31c3 100644 --- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java +++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java @@ -82,18 +82,17 @@ public class UsersRolesController implements MvcConstants { return securityService.getSecurityDao().getUser(user.getUsername()); } - /* - * @RequestMapping("/createUser2.security") - * - * @ModelAttribute(ANSWER_MODEL_KEY) public ArgeoUser - * createUser(@RequestParam("body") String body) { if (log.isDebugEnabled()) - * log.debug("body:\n" + body); StringReader reader = new - * StringReader(body); ArgeoUser user = null; try { user = (ArgeoUser) - * userDeserializer.deserialize(reader); } finally { - * IOUtils.closeQuietly(reader); } cleanUserBeforeCreate(user); - * securityService.newUser(user); return - * securityService.getSecurityDao().getUser(user.getUsername()); } - */ + @RequestMapping("/updateUserSelf.security") + @ModelAttribute(ANSWER_MODEL_KEY) + /** Will only update the user natures.*/ + public ArgeoUser updateUserSelf(Reader reader) { + ArgeoUser user = securityService.getSecurityDao().getCurrentUser(); + ArgeoUser userForNatures = userDeserializer.deserialize(reader, + SimpleArgeoUser.class); + user.updateUserNatures(userForNatures.getUserNatures()); + securityService.updateUser(user); + return securityService.getSecurityDao().getUser(user.getUsername()); + } @RequestMapping("/deleteUser.security") @ModelAttribute(ANSWER_MODEL_KEY) @@ -147,10 +146,6 @@ public class UsersRolesController implements MvcConstants { return ServerAnswer.ok("Password updated"); } - // protected void cleanUserBeforeCreate(ArgeoUser user) { - // user.getUserNatures().clear(); - // } - public void setUserDeserializer(Deserializer userDeserializer) { this.userDeserializer = userDeserializer; }