add user moved to controller

e7c359de · Piotr Gawron · 282b653c · e7c359de · e7c359de
Commit e7c359de authored Aug 11, 2021 by Piotr Gawron
--- a/rest-api/src/main/java/lcsb/mapviewer/api/users/UserController.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/users/UserController.java
@@ -22,7 +22,6 @@ import org.springframework.security.access.prepost.PreAuthorize;
 import org.springframework.security.core.Authentication;
 import org.springframework.security.core.authority.SimpleGrantedAuthority;
 import org.springframework.security.crypto.password.PasswordEncoder;
-import org.springframework.util.MultiValueMap;
 import org.springframework.web.bind.annotation.DeleteMapping;
 import org.springframework.web.bind.annotation.GetMapping;
 import org.springframework.web.bind.annotation.PatchMapping;
@@ -47,6 +46,7 @@ import lcsb.mapviewer.model.user.User;
 import lcsb.mapviewer.modelutils.serializer.CustomExceptFilter;
 import lcsb.mapviewer.modelutils.serializer.model.security.PrivilegeKeyDeserializer;
 import lcsb.mapviewer.services.InvalidTokenException;
+import lcsb.mapviewer.services.ObjectExistsException;
 import lcsb.mapviewer.services.ObjectNotFoundException;
 import lcsb.mapviewer.services.QueryException;
 import lcsb.mapviewer.services.interfaces.IConfigurationService;
@@ -152,7 +152,6 @@ public class UserController extends BaseController {
    public Boolean connectedToLdap;
    public Boolean termsOfUseConsent;
    public String email;
-
  }

  static class UpdateUserData {
@@ -207,9 +206,31 @@ public class UserController extends BaseController {
  @PreAuthorize("hasAuthority('IS_ADMIN')")
  @PostMapping(value = "/users/{login:.+}")
  public MappingJacksonValue addUser(
-      @RequestBody MultiValueMap<String, Object> formData,
+      @RequestParam(name = "name", required = false) String name,
+      @RequestParam(name = "surname", required = false) String surname,
+      @RequestParam(name = "email", required = false) String email,
+      @RequestParam(name = "password") String password,
+      @RequestParam(name = "defaultPrivileges", defaultValue = "false") boolean defaultPrivileges,
      @PathVariable(value = "login") String login) throws QueryException {
-    return createResponseWithColumns("", userRest.addUser(login, formData));
+    User user = userService.getUserByLogin(login);
+    if (user != null) {
+      throw new ObjectExistsException("user exists");
+    }
+    user = new User();
+    user.setLogin(login);
+    user.setName(name);
+    user.setSurname(surname);
+    user.setEmail(email);
+    if (password != null && !password.trim().isEmpty()) {
+      user.setCryptedPassword(passwordEncoder.encode(password));
+    } else {
+      throw new QueryException("password cannot be null");
+    }
+    userService.addUser(user);
+    if (defaultPrivileges) {
+      userService.grantDefaultPrivileges(user);
+    }
+    return getUser(login, "");
  }

  @PreAuthorize("hasAuthority('IS_ADMIN')")

--- a/rest-api/src/main/java/lcsb/mapviewer/api/users/UserRestImpl.java
+++ b/rest-api/src/main/java/lcsb/mapviewer/api/users/UserRestImpl.java
@@ -2,39 +2,28 @@ package lcsb.mapviewer.api.users;

 import java.util.ArrayList;
 import java.util.Arrays;
-import java.util.Collection;
 import java.util.LinkedHashSet;
 import java.util.List;
 import java.util.Map;
-import java.util.Objects;
 import java.util.Set;

 import org.apache.logging.log4j.LogManager;
 import org.apache.logging.log4j.Logger;
 import org.hibernate.exception.ConstraintViolationException;
-import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.security.access.AccessDeniedException;
-import org.springframework.security.core.GrantedAuthority;
-import org.springframework.security.core.authority.SimpleGrantedAuthority;
-import org.springframework.security.crypto.password.PasswordEncoder;
 import org.springframework.stereotype.Service;
 import org.springframework.transaction.annotation.Transactional;
-import org.springframework.util.MultiValueMap;

 import lcsb.mapviewer.api.BaseRestImpl;
 import lcsb.mapviewer.api.UpdateConflictException;
 import lcsb.mapviewer.model.security.Privilege;
-import lcsb.mapviewer.model.security.PrivilegeType;
 import lcsb.mapviewer.model.user.User;
 import lcsb.mapviewer.model.user.UserAnnotationSchema;
 import lcsb.mapviewer.model.user.UserClassAnnotators;
 import lcsb.mapviewer.model.user.UserClassRequiredAnnotations;
 import lcsb.mapviewer.model.user.UserClassValidAnnotations;
 import lcsb.mapviewer.model.user.UserGuiPreference;
-import lcsb.mapviewer.services.ObjectExistsException;
 import lcsb.mapviewer.services.ObjectNotFoundException;
 import lcsb.mapviewer.services.QueryException;
-import lcsb.mapviewer.services.interfaces.IProjectBackgroundService;

 @Transactional(rollbackFor = UpdateConflictException.class)
 @Service
@@ -45,13 +34,6 @@ public class UserRestImpl extends BaseRestImpl {
   */
  @SuppressWarnings("unused")
  private Logger logger = LogManager.getLogger();
-  private PasswordEncoder passwordEncoder;
-
-  @Autowired
-  public UserRestImpl(PasswordEncoder passwordEncoder,
-      IProjectBackgroundService projectBackgroundService) {
-    this.passwordEncoder = passwordEncoder;
-  }

  public UserDTO getUser(String login, String columns)
      throws ObjectNotFoundException {
@@ -245,46 +227,4 @@ public class UserRestImpl extends BaseRestImpl {
    }
  }

-  public UserDTO addUser(String login, MultiValueMap<String, Object> userData) throws QueryException {
-    User user = getUserService().getUserByLogin(login);
-    if (user != null) {
-      throw new ObjectExistsException("user exists");
-    }
-    user = new User();
-    user.setLogin(login);
-    boolean defaultPrivileges = false;
-    for (String key : userData.keySet()) {
-      String stringValue = getFirstValue(userData.get(key));
-      if (key.equalsIgnoreCase("name")) {
-        user.setName(stringValue);
-      } else if (key.equalsIgnoreCase("surname")) {
-        user.setSurname(stringValue);
-      } else if (key.equalsIgnoreCase("email")) {
-        user.setEmail(stringValue);
-      } else if (key.equalsIgnoreCase("password")) {
-        if (stringValue != null && !stringValue.trim().isEmpty()) {
-          user.setCryptedPassword(passwordEncoder.encode(stringValue));
-        }
-      } else if (key.equalsIgnoreCase("login")) {
-        if (!user.getLogin().equals(stringValue)) {
-          throw new QueryException("login must match url");
-        }
-      } else if (key.equalsIgnoreCase("defaultPrivileges")) {
-        if (stringValue != null) {
-          defaultPrivileges = "true".equalsIgnoreCase(stringValue);
-        }
-      } else {
-        throw new QueryException("Unknown parameter: " + key);
-      }
-    }
-    if (user.getCryptedPassword() == null) {
-      throw new QueryException("password cannot be null");
-    }
-    getUserService().addUser(user);
-    if (defaultPrivileges) {
-      getUserService().grantDefaultPrivileges(user);
-    }
-    return getUser(login, "");
-  }
-
 }