Role DAO

[lgpl/argeo-commons.git] / security / runtime / org.argeo.security.mvc / src / main / java / org / argeo / security / mvc / UsersRolesController.java

diff --git a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
index 505f0094f118829ef37a25aa4389f50d6785db3b..4b91075cee17e1d23fb3437ae60730cd944db0ff 100644 (file)
--- a/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
+++ b/security/runtime/org.argeo.security.mvc/src/main/java/org/argeo/security/mvc/UsersRolesController.java
@@ -8,6 +8,7 @@ import org.argeo.security.dao.RoleDao;
 import org.argeo.security.dao.UserDao;
 import org.argeo.server.BooleanAnswer;
 import org.argeo.server.ServerAnswer;
+import org.argeo.server.mvc.MvcConstants;
 import org.springframework.security.Authentication;
 import org.springframework.security.context.SecurityContextHolder;
 import org.springframework.stereotype.Controller;
@@ -16,44 +17,66 @@ import org.springframework.web.bind.annotation.RequestMapping;
 import org.springframework.web.bind.annotation.RequestParam;
 
 @Controller
-public class UsersRolesController {
+public class UsersRolesController implements MvcConstants {
        private UserDao userDao;
        private RoleDao roleDao;
 
+       /* USER */
+
        @RequestMapping("/getCredentials.security")
-       @ModelAttribute("getCredentials")
+       @ModelAttribute(ANSWER_MODEL_KEY)
        public ArgeoUser getCredentials() {
                Authentication authentication = SecurityContextHolder.getContext()
                                .getAuthentication();
-
                return ArgeoUserDetails.asArgeoUser(authentication);
        }
 
        @RequestMapping("/getUsersList.security")
-       @ModelAttribute("getUsersList")
+       @ModelAttribute(ANSWER_MODEL_KEY)
        public List<ArgeoUser> getUsersList() {
                return userDao.listUsers();
        }
 
        @RequestMapping("/userExists.security")
-       @ModelAttribute("userExists")
+       @ModelAttribute(ANSWER_MODEL_KEY)
        public BooleanAnswer userExists(@RequestParam("username") String username) {
                return new BooleanAnswer(userDao.userExists(username));
        }
 
        @RequestMapping("/deleteUser.security")
-       @ModelAttribute("deleteUser")
+       @ModelAttribute(ANSWER_MODEL_KEY)
        public ServerAnswer deleteUser(@RequestParam("username") String username) {
                userDao.delete(username);
-               return ServerAnswer.ok(username + " deleted");
+               return ServerAnswer.ok("User " + username + " deleted");
        }
 
        @RequestMapping("/getUserDetails.security")
-       @ModelAttribute("getUserDetails")
+       @ModelAttribute(ANSWER_MODEL_KEY)
        public ArgeoUser getUserDetails(@RequestParam("username") String username) {
                return userDao.getUser(username);
        }
 
+       /* ROLE */
+       @RequestMapping("/getRolesList.security")
+       @ModelAttribute(ANSWER_MODEL_KEY)
+       public List<String> getEditableRolesList() {
+               return roleDao.listEditableRoles();
+       }
+
+       @RequestMapping("/createRole.security")
+       @ModelAttribute(ANSWER_MODEL_KEY)
+       public ServerAnswer createRole(@RequestParam("role") String role) {
+               roleDao.create(role);
+               return ServerAnswer.ok("Role " + role + " created");
+       }
+
+       @RequestMapping("/deleteRole.security")
+       @ModelAttribute(ANSWER_MODEL_KEY)
+       public ServerAnswer deleteRole(@RequestParam("role") String role) {
+               roleDao.delete(role);
+               return ServerAnswer.ok("Role " + role + " created");
+       }
+
        public void setUserDao(UserDao userDao) {
                this.userDao = userDao;
        }