Commit e7c359de authored by Piotr Gawron's avatar Piotr Gawron
Browse files

add user moved to controller

parent 282b653c
......@@ -22,7 +22,6 @@ import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.util.MultiValueMap;
import org.springframework.web.bind.annotation.DeleteMapping;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PatchMapping;
......@@ -47,6 +46,7 @@ import lcsb.mapviewer.model.user.User;
import lcsb.mapviewer.modelutils.serializer.CustomExceptFilter;
import lcsb.mapviewer.modelutils.serializer.model.security.PrivilegeKeyDeserializer;
import lcsb.mapviewer.services.InvalidTokenException;
import lcsb.mapviewer.services.ObjectExistsException;
import lcsb.mapviewer.services.ObjectNotFoundException;
import lcsb.mapviewer.services.QueryException;
import lcsb.mapviewer.services.interfaces.IConfigurationService;
......@@ -152,7 +152,6 @@ public class UserController extends BaseController {
public Boolean connectedToLdap;
public Boolean termsOfUseConsent;
public String email;
}
static class UpdateUserData {
......@@ -207,9 +206,31 @@ public class UserController extends BaseController {
@PreAuthorize("hasAuthority('IS_ADMIN')")
@PostMapping(value = "/users/{login:.+}")
public MappingJacksonValue addUser(
@RequestBody MultiValueMap<String, Object> formData,
@RequestParam(name = "name", required = false) String name,
@RequestParam(name = "surname", required = false) String surname,
@RequestParam(name = "email", required = false) String email,
@RequestParam(name = "password") String password,
@RequestParam(name = "defaultPrivileges", defaultValue = "false") boolean defaultPrivileges,
@PathVariable(value = "login") String login) throws QueryException {
return createResponseWithColumns("", userRest.addUser(login, formData));
User user = userService.getUserByLogin(login);
if (user != null) {
throw new ObjectExistsException("user exists");
}
user = new User();
user.setLogin(login);
user.setName(name);
user.setSurname(surname);
user.setEmail(email);
if (password != null && !password.trim().isEmpty()) {
user.setCryptedPassword(passwordEncoder.encode(password));
} else {
throw new QueryException("password cannot be null");
}
userService.addUser(user);
if (defaultPrivileges) {
userService.grantDefaultPrivileges(user);
}
return getUser(login, "");
}
@PreAuthorize("hasAuthority('IS_ADMIN')")
......
......@@ -2,39 +2,28 @@ package lcsb.mapviewer.api.users;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.LinkedHashSet;
import java.util.List;
import java.util.Map;
import java.util.Objects;
import java.util.Set;
import org.apache.logging.log4j.LogManager;
import org.apache.logging.log4j.Logger;
import org.hibernate.exception.ConstraintViolationException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.access.AccessDeniedException;
import org.springframework.security.core.GrantedAuthority;
import org.springframework.security.core.authority.SimpleGrantedAuthority;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.stereotype.Service;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.util.MultiValueMap;
import lcsb.mapviewer.api.BaseRestImpl;
import lcsb.mapviewer.api.UpdateConflictException;
import lcsb.mapviewer.model.security.Privilege;
import lcsb.mapviewer.model.security.PrivilegeType;
import lcsb.mapviewer.model.user.User;
import lcsb.mapviewer.model.user.UserAnnotationSchema;
import lcsb.mapviewer.model.user.UserClassAnnotators;
import lcsb.mapviewer.model.user.UserClassRequiredAnnotations;
import lcsb.mapviewer.model.user.UserClassValidAnnotations;
import lcsb.mapviewer.model.user.UserGuiPreference;
import lcsb.mapviewer.services.ObjectExistsException;
import lcsb.mapviewer.services.ObjectNotFoundException;
import lcsb.mapviewer.services.QueryException;
import lcsb.mapviewer.services.interfaces.IProjectBackgroundService;
@Transactional(rollbackFor = UpdateConflictException.class)
@Service
......@@ -45,13 +34,6 @@ public class UserRestImpl extends BaseRestImpl {
*/
@SuppressWarnings("unused")
private Logger logger = LogManager.getLogger();
private PasswordEncoder passwordEncoder;
@Autowired
public UserRestImpl(PasswordEncoder passwordEncoder,
IProjectBackgroundService projectBackgroundService) {
this.passwordEncoder = passwordEncoder;
}
public UserDTO getUser(String login, String columns)
throws ObjectNotFoundException {
......@@ -245,46 +227,4 @@ public class UserRestImpl extends BaseRestImpl {
}
}
public UserDTO addUser(String login, MultiValueMap<String, Object> userData) throws QueryException {
User user = getUserService().getUserByLogin(login);
if (user != null) {
throw new ObjectExistsException("user exists");
}
user = new User();
user.setLogin(login);
boolean defaultPrivileges = false;
for (String key : userData.keySet()) {
String stringValue = getFirstValue(userData.get(key));
if (key.equalsIgnoreCase("name")) {
user.setName(stringValue);
} else if (key.equalsIgnoreCase("surname")) {
user.setSurname(stringValue);
} else if (key.equalsIgnoreCase("email")) {
user.setEmail(stringValue);
} else if (key.equalsIgnoreCase("password")) {
if (stringValue != null && !stringValue.trim().isEmpty()) {
user.setCryptedPassword(passwordEncoder.encode(stringValue));
}
} else if (key.equalsIgnoreCase("login")) {
if (!user.getLogin().equals(stringValue)) {
throw new QueryException("login must match url");
}
} else if (key.equalsIgnoreCase("defaultPrivileges")) {
if (stringValue != null) {
defaultPrivileges = "true".equalsIgnoreCase(stringValue);
}
} else {
throw new QueryException("Unknown parameter: " + key);
}
}
if (user.getCryptedPassword() == null) {
throw new QueryException("password cannot be null");
}
getUserService().addUser(user);
if (defaultPrivileges) {
getUserService().grantDefaultPrivileges(user);
}
return getUser(login, "");
}
}
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment