diff --git a/src/main/java/com/commafeed/backend/StartupBean.java b/src/main/java/com/commafeed/backend/StartupBean.java index b245f264..173611d3 100644 --- a/src/main/java/com/commafeed/backend/StartupBean.java +++ b/src/main/java/com/commafeed/backend/StartupBean.java @@ -1,5 +1,7 @@ package com.commafeed.backend; +import java.util.Arrays; + import javax.annotation.PostConstruct; import javax.ejb.Singleton; import javax.ejb.Startup; @@ -16,7 +18,6 @@ import com.commafeed.backend.model.Feed; import com.commafeed.backend.model.FeedCategory; import com.commafeed.backend.model.FeedSubscription; import com.commafeed.backend.model.User; -import com.commafeed.backend.model.UserRole; import com.commafeed.backend.security.PasswordEncryptionService; import com.commafeed.backend.security.Role; @@ -47,24 +48,9 @@ public class StartupBean { if (userService.getCount() == 0) { log.info("Populating database with default values"); - User user = new User(); - byte[] salt = encryptionService.generateSalt(); - user.setName("admin"); - user.getRoles().add(new UserRole(user, Role.ADMIN)); - user.getRoles().add(new UserRole(user, Role.USER)); - user.setSalt(salt); - user.setPassword(encryptionService.getEncryptedPassword("admin", - salt)); - userService.save(user); - - User testUser = new User(); - byte[] saltTest = encryptionService.generateSalt(); - testUser.setName("test"); - testUser.getRoles().add(new UserRole(testUser, Role.USER)); - testUser.setSalt(saltTest); - testUser.setPassword(encryptionService.getEncryptedPassword("test", - saltTest)); - userService.save(testUser); + User user = userService.register("admin", "admin", + Arrays.asList(Role.ADMIN, Role.USER)); + userService.register("test", "test", Arrays.asList(Role.USER)); Feed dilbert = new Feed( "http://feed.dilbert.com/dilbert/daily_strip"); diff --git a/src/main/java/com/commafeed/backend/dao/UserRoleService.java b/src/main/java/com/commafeed/backend/dao/UserRoleService.java index 837090d2..d9966af9 100644 --- a/src/main/java/com/commafeed/backend/dao/UserRoleService.java +++ b/src/main/java/com/commafeed/backend/dao/UserRoleService.java @@ -1,5 +1,6 @@ package com.commafeed.backend.dao; +import java.util.List; import java.util.Set; import javax.ejb.Stateless; @@ -13,6 +14,10 @@ import com.google.common.collect.Sets; @Stateless public class UserRoleService extends GenericDAO { + public List findAll(User user) { + return findByField(MF.i(MF.p(UserRole.class).getUser()), user); + } + public Set getRoles(User user) { Set list = Sets.newHashSet(); for (UserRole role : findByField(MF.i(proxy().getUser()), user)) { diff --git a/src/main/java/com/commafeed/backend/dao/UserService.java b/src/main/java/com/commafeed/backend/dao/UserService.java index 20aad70f..b3c7022c 100644 --- a/src/main/java/com/commafeed/backend/dao/UserService.java +++ b/src/main/java/com/commafeed/backend/dao/UserService.java @@ -1,12 +1,15 @@ package com.commafeed.backend.dao; +import java.util.Collection; import java.util.List; import javax.ejb.Stateless; import javax.inject.Inject; import com.commafeed.backend.model.User; +import com.commafeed.backend.model.UserRole; import com.commafeed.backend.security.PasswordEncryptionService; +import com.commafeed.backend.security.Role; import com.commafeed.frontend.utils.ModelFactory.MF; import com.google.common.collect.Iterables; @@ -30,4 +33,23 @@ public class UserService extends GenericDAO { return null; } + + public User register(String name, String password, Collection roles) { + List users = findByField(MF.i(proxy().getName()), name); + if (!users.isEmpty()) { + return null; + } + User user = new User(); + byte[] salt = encryptionService.generateSalt(); + user.setName(name); + user.setSalt(salt); + user.setPassword(encryptionService.getEncryptedPassword(password, salt)); + user.getRoles().add(new UserRole(user, Role.USER)); + for (String role : roles) { + user.getRoles().add(new UserRole(user, role)); + user.getRoles().add(new UserRole(user, role)); + } + save(user); + return user; + } } diff --git a/src/main/java/com/commafeed/frontend/model/UserModel.java b/src/main/java/com/commafeed/frontend/model/UserModel.java index dc7bab5a..6070737e 100644 --- a/src/main/java/com/commafeed/frontend/model/UserModel.java +++ b/src/main/java/com/commafeed/frontend/model/UserModel.java @@ -5,10 +5,20 @@ import java.io.Serializable; @SuppressWarnings("serial") public class UserModel implements Serializable { + private Long id; private String name; + private String password; private boolean enabled; private boolean admin; + public Long getId() { + return id; + } + + public void setId(Long id) { + this.id = id; + } + public String getName() { return name; } @@ -33,4 +43,12 @@ public class UserModel implements Serializable { this.enabled = enabled; } + public String getPassword() { + return password; + } + + public void setPassword(String password) { + this.password = password; + } + } diff --git a/src/main/java/com/commafeed/frontend/rest/resources/AbstractREST.java b/src/main/java/com/commafeed/frontend/rest/resources/AbstractREST.java index 53906610..68d52378 100644 --- a/src/main/java/com/commafeed/frontend/rest/resources/AbstractREST.java +++ b/src/main/java/com/commafeed/frontend/rest/resources/AbstractREST.java @@ -33,6 +33,7 @@ import com.commafeed.backend.dao.UserService; import com.commafeed.backend.dao.UserSettingsService; import com.commafeed.backend.feeds.OPMLImporter; import com.commafeed.backend.model.User; +import com.commafeed.backend.security.PasswordEncryptionService; import com.commafeed.backend.security.Role; import com.commafeed.frontend.CommaFeedApplication; import com.commafeed.frontend.CommaFeedSession; @@ -76,6 +77,9 @@ public abstract class AbstractREST { @Inject OPMLImporter opmlImporter; + @Inject + PasswordEncryptionService encryptionService; + @PostConstruct public void init() { CommaFeedApplication app = CommaFeedApplication.get(); diff --git a/src/main/java/com/commafeed/frontend/rest/resources/AdminUsersREST.java b/src/main/java/com/commafeed/frontend/rest/resources/AdminUsersREST.java index 940befc3..6b9a09e8 100644 --- a/src/main/java/com/commafeed/frontend/rest/resources/AdminUsersREST.java +++ b/src/main/java/com/commafeed/frontend/rest/resources/AdminUsersREST.java @@ -2,23 +2,95 @@ package com.commafeed.frontend.rest.resources; import java.util.Collection; import java.util.Map; +import java.util.Set; import javax.ws.rs.GET; +import javax.ws.rs.POST; import javax.ws.rs.Path; +import javax.ws.rs.QueryParam; +import javax.ws.rs.core.Response; +import javax.ws.rs.core.Response.Status; + +import org.apache.commons.lang.StringUtils; import com.commafeed.backend.model.User; import com.commafeed.backend.model.UserRole; import com.commafeed.backend.security.Role; import com.commafeed.frontend.model.UserModel; import com.commafeed.frontend.rest.SecurityCheck; +import com.google.common.base.Preconditions; import com.google.common.collect.Maps; +import com.google.common.collect.Sets; @SecurityCheck(Role.ADMIN) @Path("admin/users") public class AdminUsersREST extends AbstractREST { + @Path("save") + @POST + public Response save(UserModel userModel) { + Preconditions.checkNotNull(userModel); + Preconditions.checkNotNull(userModel.getName()); + + Long id = userModel.getId(); + if (id == null) { + Preconditions.checkNotNull(userModel.getPassword()); + + Set roles = Sets.newHashSet(Role.USER); + if (userModel.isAdmin()) { + roles.add(Role.ADMIN); + } + + User user = userService.register(userModel.getName(), + userModel.getPassword(), roles); + if (user == null) { + return Response.status(Status.CONFLICT) + .entity("User already exists.").build(); + } + } else { + User user = userService.findById(id); + user.setName(userModel.getName()); + if (StringUtils.isNotBlank(userModel.getPassword())) { + user.setPassword(encryptionService.getEncryptedPassword( + userModel.getPassword(), user.getSalt())); + } + user.setDisabled(!userModel.isEnabled()); + userService.update(user); + + Set roles = userRoleService.getRoles(user); + if (userModel.isAdmin() && !roles.contains(Role.ADMIN)) { + userRoleService.save(new UserRole(user, Role.ADMIN)); + } else if (!userModel.isAdmin() && roles.contains(Role.ADMIN)) { + for (UserRole userRole : userRoleService.findAll(user)) { + if (Role.ADMIN.equals(userRole.getRole())) { + userRoleService.delete(userRole); + } + } + } + + } + return Response.ok(Status.OK).entity("OK").build(); + + } + @Path("get") @GET + public UserModel getUser(@QueryParam("id") Long id) { + User user = userService.findById(id); + UserModel userModel = new UserModel(); + userModel.setId(user.getId()); + userModel.setName(user.getName()); + userModel.setEnabled(!user.isDisabled()); + for (UserRole role : userRoleService.findAll(user)) { + if (Role.ADMIN.equals(role.getRole())) { + userModel.setAdmin(true); + } + } + return userModel; + } + + @Path("getAll") + @GET public Collection getUsers() { Map users = Maps.newHashMap(); for (UserRole role : userRoleService.findAll()) { @@ -27,6 +99,7 @@ public class AdminUsersREST extends AbstractREST { UserModel userModel = users.get(key); if (userModel == null) { userModel = new UserModel(); + userModel.setId(user.getId()); userModel.setName(user.getName()); userModel.setEnabled(!user.isDisabled()); users.put(key, userModel); diff --git a/src/main/webapp/js/controllers.js b/src/main/webapp/js/controllers.js index 6db9a2e4..a8137e33 100644 --- a/src/main/webapp/js/controllers.js +++ b/src/main/webapp/js/controllers.js @@ -140,7 +140,8 @@ module.controller('FeedListCtrl', function($scope, $stateParams, $http, $route, }, function(data) { for ( var i = 0; i < data.entries.length; i++) { $scope.entries.push(data.entries[i]); - }; + } + ; $scope.name = data.name; $scope.busy = false; $scope.hasMore = data.entries.length == limit @@ -249,9 +250,46 @@ module.controller('FeedListCtrl', function($scope, $stateParams, $http, $route, }); }); -module.controller('ManageUsersCtrl', function($scope, AdminUsersService) { - $scope.users = AdminUsersService.get(); - $scope.gridOptions = { - data : 'users' +module.controller('ManageUsersCtrl', + function($scope, $state, AdminUsersService) { + $scope.users = AdminUsersService.getAll(); + $scope.selection = []; + $scope.gridOptions = { + data : 'users', + selectedItems : $scope.selection, + multiSelect : false, + afterSelectionChange : function(item) { + $state.transitionTo('admin.useredit', { + _id : item.entity.id + }); + } + }; + + $scope.addUser = function() { + $state.transitionTo('admin.useradd'); + }; + }); + +module.controller('ManageUserCtrl', function($scope, $state, $stateParams, + AdminUsersService) { + $scope.user = $stateParams._id ? AdminUsersService.get({ + id : $stateParams._id + }) : {}; + $scope.alerts = []; + $scope.closeAlert = function(index) { + $scope.alerts.splice(index, 1); + }; + + $scope.cancel = function(){ + $state.transitionTo('admin.userlist'); + } + $scope.save = function() { + AdminUsersService.save($scope.user, function() { + $state.transitionTo('admin.userlist'); + }, function(data) { + $scope.alerts.push({ + msg : data.data + }); + }); }; }); \ No newline at end of file diff --git a/src/main/webapp/js/main.js b/src/main/webapp/js/main.js index ef64105e..b191cd95 100644 --- a/src/main/webapp/js/main.js +++ b/src/main/webapp/js/main.js @@ -10,7 +10,8 @@ app.config(function($routeProvider, $stateProvider, $urlRouterProvider) { }); $stateProvider.state('feeds.view', { url : '/view/:_type/:_id', - templateUrl : 'templates/feeds.view.html' + templateUrl : 'templates/feeds.view.html', + controller : 'FeedListCtrl' }); $stateProvider.state('admin', { @@ -18,13 +19,24 @@ app.config(function($routeProvider, $stateProvider, $urlRouterProvider) { url : '/admin', templateUrl : 'templates/admin.html' }); - $stateProvider.state('admin.users', { - url : '/users', - templateUrl : 'templates/admin.users.html' + $stateProvider.state('admin.userlist', { + url : '/user/list', + templateUrl : 'templates/admin.userlist.html', + controller : 'ManageUsersCtrl' + }); + $stateProvider.state('admin.useradd', { + url : '/user/add', + templateUrl : 'templates/admin.useradd.html', + controller : 'ManageUserCtrl' + }); + $stateProvider.state('admin.useredit', { + url : '/user/edit/:_id', + templateUrl : 'templates/admin.useredit.html', + controller : 'ManageUserCtrl' }); $urlRouterProvider.when('/', '/feeds/view/category/all'); - $urlRouterProvider.when('/admin', '/admin/users'); + $urlRouterProvider.when('/admin', '/admin/user/list'); $urlRouterProvider.otherwise('/'); }); \ No newline at end of file diff --git a/src/main/webapp/js/services.js b/src/main/webapp/js/services.js index e5f57935..042ff982 100644 --- a/src/main/webapp/js/services.js +++ b/src/main/webapp/js/services.js @@ -134,8 +134,20 @@ module.factory('AdminUsersService', function($resource) { method : 'GET', params : { _method : 'get' + } + }, + getAll : { + method : 'GET', + params : { + _method : 'getAll' }, - isArray: true + isArray : true + }, + save : { + method : 'POST', + params : { + _method : 'save' + } } }; var res = $resource('rest/admin/users/:_method', {}, actions); diff --git a/src/main/webapp/templates/admin.useradd.html b/src/main/webapp/templates/admin.useradd.html new file mode 100644 index 00000000..81c6ab6b --- /dev/null +++ b/src/main/webapp/templates/admin.useradd.html @@ -0,0 +1,45 @@ +
+
+

Add user

+
+ + {{alert.msg}} + +
+
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+
+ + +
+
+
+
\ No newline at end of file diff --git a/src/main/webapp/templates/admin.useredit.html b/src/main/webapp/templates/admin.useredit.html new file mode 100644 index 00000000..9eaa77a1 --- /dev/null +++ b/src/main/webapp/templates/admin.useredit.html @@ -0,0 +1,46 @@ +
+
+

Edit user

+
+ + {{alert.msg}} + +
+
+ +
+ +
+
+
+ +
+ + Leave blank if you don't want to change the password. +
+
+
+ +
+ +
+
+
+ +
+ +
+
+
+
+ + +
+
+
+
\ No newline at end of file diff --git a/src/main/webapp/templates/admin.users.html b/src/main/webapp/templates/admin.userlist.html similarity index 56% rename from src/main/webapp/templates/admin.users.html rename to src/main/webapp/templates/admin.userlist.html index 3e03037e..1425e3ca 100644 --- a/src/main/webapp/templates/admin.users.html +++ b/src/main/webapp/templates/admin.userlist.html @@ -3,7 +3,10 @@

Manage users

-
+
+
+ +
\ No newline at end of file diff --git a/src/main/webapp/templates/feeds.view.html b/src/main/webapp/templates/feeds.view.html index f8db3c7c..058d5f97 100644 --- a/src/main/webapp/templates/feeds.view.html +++ b/src/main/webapp/templates/feeds.view.html @@ -1,4 +1,4 @@ -
+

{{name}}  »