Archives/Athou_commafeed
1
0
Fork 1
mirror of https://github.com/Athou/commafeed.git synced 2026-03-21 21:37:29 +00:00
Code Issues Packages Projects Releases Wiki Activity

protect the admin user

Browse Source
This commit is contained in:
Athou
2013-03-30 18:18:47 +01:00
parent 3f7efa03f4
commit 06aa9c4a6f
3 changed files with 20 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
src/main/java/com/commafeed/frontend/rest/resources/AdminUsersREST.java
View File

@@ -50,6 +50,11 @@ public class AdminUsersREST extends AbstractREST {
}
} else {
User user = userService.findById(id);
if (StartupBean.ADMIN_NAME.equals(user.getName())
&& !userModel.isEnabled()) {
return Response.status(Status.FORBIDDEN)
.entity("You cannot disable the admin user.").build();
}
user.setName(userModel.getName());
if (StringUtils.isNotBlank(userModel.getPassword())) {
user.setPassword(encryptionService.getEncryptedPassword(
@@ -120,7 +125,8 @@ public class AdminUsersREST extends AbstractREST {
return Response.status(Status.NOT_FOUND).build();
}
if (StartupBean.ADMIN_NAME.equals(user.getName())) {
return Response.status(Status.FORBIDDEN).build();
return Response.status(Status.FORBIDDEN)
.entity("You cannot delete the admin user.").build();
}
feedEntryStatusService.delete(feedEntryStatusService.findAll(user));
feedSubscriptionService.delete(feedSubscriptionService.findAll(user));