Merge branch '315-admin-panel-removing-self-throws-error-500-and-keeps-session-alive' into 'master'

Resolve "Admin panel: Removing self throws Error 500 and keeps session alive" Closes #315 See merge request piotr.gawron/minerva!234

Merge branch '315-admin-panel-removing-self-throws-error-500-and-keeps-session-alive' into 'master'
Resolve "Admin panel: Removing self throws Error 500 and keeps session alive" Closes #315 See merge request piotr.gawron/minerva!234
059fd451 · Piotr Gawron · 0d589d4f · 4f70a146 · 059fd451
Commit 059fd451 authored 6 years ago by Piotr Gawron
--- a/rest-api/src/main/java/lcsb/mapviewer/api/users/UserController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/users/UserController.java
 package lcsb.mapviewer.api.users;

 import java.io.IOException;
-import java.util.TreeMap;
 import java.util.List;
 import java.util.Map;
+import java.util.TreeMap;

 import javax.servlet.http.Cookie;
 import javax.servlet.http.HttpServletRequest;
@@ -124,18 +124,16 @@ public class UserController extends BaseController {

  @RequestMapping(value = "/doLogout", method = { RequestMethod.GET, RequestMethod.POST }, produces = {
      MediaType.APPLICATION_JSON_VALUE })
-  public Map<String, String> logout(@CookieValue(value = Configuration.AUTH_TOKEN) String token,
+  public Map<String, Object> logout(@CookieValue(value = Configuration.AUTH_TOKEN) String token,
      HttpServletRequest request, HttpServletResponse response //
  ) throws SecurityException, IOException {
    // spring logout
    Authentication auth = SecurityContextHolder.getContext().getAuthentication();
-    logger.debug("LOGOUT");
-    logger.debug(auth);
    if (auth != null) {
      new SecurityContextLogoutHandler().logout(request, response, auth);
    }

-    Map<String, String> result = new TreeMap<>();
+    Map<String, Object> result = new TreeMap<>();
    result.put("status", "OK");

    final Boolean useSecureCookie = false;
@@ -177,12 +175,17 @@ public class UserController extends BaseController {

  @RequestMapping(value = "/users/{login:.+}", method = { RequestMethod.DELETE }, produces = {
      MediaType.APPLICATION_JSON_VALUE })
-  public Map<String, Object> removeProject(//
+  public Map<String, Object> removeUser(//
      @PathVariable(value = "login") String login, //
-      @CookieValue(value = Configuration.AUTH_TOKEN) String token //
+      @CookieValue(value = Configuration.AUTH_TOKEN) String token, //
+      HttpServletRequest request, HttpServletResponse response //
  ) throws SecurityException, IOException, QueryException {
-    return userRest.removeUser(token, login);
-
+    String currentUserLogin = getUserService().getUserByToken(token).getLogin();
+    Map<String, Object> result = userRest.removeUser(token, login);
+    if (login.equals(currentUserLogin)) {
+      return logout(token, request, response);
+    }
+    return result;
  }

  /**