mirror of
https://github.com/Athou/commafeed.git
synced 2026-03-21 21:37:29 +00:00
partial user administration
This commit is contained in:
Athou
@@ -1,5 +1,7 @@
|
||||
package com.commafeed.backend;
|
||||
|
||||
import java.util.Arrays;
|
||||
|
||||
import javax.annotation.PostConstruct;
|
||||
import javax.ejb.Singleton;
|
||||
import javax.ejb.Startup;
|
||||
@@ -16,7 +18,6 @@ import com.commafeed.backend.model.Feed;
|
||||
import com.commafeed.backend.model.FeedCategory;
|
||||
import com.commafeed.backend.model.FeedSubscription;
|
||||
import com.commafeed.backend.model.User;
|
||||
import com.commafeed.backend.model.UserRole;
|
||||
import com.commafeed.backend.security.PasswordEncryptionService;
|
||||
import com.commafeed.backend.security.Role;
|
||||
|
||||
@@ -47,24 +48,9 @@ public class StartupBean {
|
||||
if (userService.getCount() == 0) {
|
||||
log.info("Populating database with default values");
|
||||
|
||||
User user = new User();
|
||||
byte[] salt = encryptionService.generateSalt();
|
||||
user.setName("admin");
|
||||
user.getRoles().add(new UserRole(user, Role.ADMIN));
|
||||
user.getRoles().add(new UserRole(user, Role.USER));
|
||||
user.setSalt(salt);
|
||||
user.setPassword(encryptionService.getEncryptedPassword("admin",
|
||||
salt));
|
||||
userService.save(user);
|
||||
|
||||
User testUser = new User();
|
||||
byte[] saltTest = encryptionService.generateSalt();
|
||||
testUser.setName("test");
|
||||
testUser.getRoles().add(new UserRole(testUser, Role.USER));
|
||||
testUser.setSalt(saltTest);
|
||||
testUser.setPassword(encryptionService.getEncryptedPassword("test",
|
||||
saltTest));
|
||||
userService.save(testUser);
|
||||
User user = userService.register("admin", "admin",
|
||||
Arrays.asList(Role.ADMIN, Role.USER));
|
||||
userService.register("test", "test", Arrays.asList(Role.USER));
|
||||
|
||||
Feed dilbert = new Feed(
|
||||
"http://feed.dilbert.com/dilbert/daily_strip");
|
||||
|
||||
@@ -1,5 +1,6 @@
|
||||
package com.commafeed.backend.dao;
|
||||
|
||||
import java.util.List;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.ejb.Stateless;
|
||||
@@ -13,6 +14,10 @@ import com.google.common.collect.Sets;
|
||||
@Stateless
|
||||
public class UserRoleService extends GenericDAO<UserRole, Long> {
|
||||
|
||||
public List<UserRole> findAll(User user) {
|
||||
return findByField(MF.i(MF.p(UserRole.class).getUser()), user);
|
||||
}
|
||||
|
||||
public Set<String> getRoles(User user) {
|
||||
Set<String> list = Sets.newHashSet();
|
||||
for (UserRole role : findByField(MF.i(proxy().getUser()), user)) {
|
||||
|
||||
@@ -1,12 +1,15 @@
|
||||
package com.commafeed.backend.dao;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.List;
|
||||
|
||||
import javax.ejb.Stateless;
|
||||
import javax.inject.Inject;
|
||||
|
||||
import com.commafeed.backend.model.User;
|
||||
import com.commafeed.backend.model.UserRole;
|
||||
import com.commafeed.backend.security.PasswordEncryptionService;
|
||||
import com.commafeed.backend.security.Role;
|
||||
import com.commafeed.frontend.utils.ModelFactory.MF;
|
||||
import com.google.common.collect.Iterables;
|
||||
|
||||
@@ -30,4 +33,23 @@ public class UserService extends GenericDAO<User, Long> {
|
||||
|
||||
return null;
|
||||
}
|
||||
|
||||
public User register(String name, String password, Collection<String> roles) {
|
||||
List<User> users = findByField(MF.i(proxy().getName()), name);
|
||||
if (!users.isEmpty()) {
|
||||
return null;
|
||||
}
|
||||
User user = new User();
|
||||
byte[] salt = encryptionService.generateSalt();
|
||||
user.setName(name);
|
||||
user.setSalt(salt);
|
||||
user.setPassword(encryptionService.getEncryptedPassword(password, salt));
|
||||
user.getRoles().add(new UserRole(user, Role.USER));
|
||||
for (String role : roles) {
|
||||
user.getRoles().add(new UserRole(user, role));
|
||||
user.getRoles().add(new UserRole(user, role));
|
||||
}
|
||||
save(user);
|
||||
return user;
|
||||
}
|
||||
}
|
||||
|
||||
@@ -5,10 +5,20 @@ import java.io.Serializable;
|
||||
@SuppressWarnings("serial")
|
||||
public class UserModel implements Serializable {
|
||||
|
||||
private Long id;
|
||||
private String name;
|
||||
private String password;
|
||||
private boolean enabled;
|
||||
private boolean admin;
|
||||
|
||||
public Long getId() {
|
||||
return id;
|
||||
}
|
||||
|
||||
public void setId(Long id) {
|
||||
this.id = id;
|
||||
}
|
||||
|
||||
public String getName() {
|
||||
return name;
|
||||
}
|
||||
@@ -33,4 +43,12 @@ public class UserModel implements Serializable {
|
||||
this.enabled = enabled;
|
||||
}
|
||||
|
||||
public String getPassword() {
|
||||
return password;
|
||||
}
|
||||
|
||||
public void setPassword(String password) {
|
||||
this.password = password;
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
@@ -33,6 +33,7 @@ import com.commafeed.backend.dao.UserService;
|
||||
import com.commafeed.backend.dao.UserSettingsService;
|
||||
import com.commafeed.backend.feeds.OPMLImporter;
|
||||
import com.commafeed.backend.model.User;
|
||||
import com.commafeed.backend.security.PasswordEncryptionService;
|
||||
import com.commafeed.backend.security.Role;
|
||||
import com.commafeed.frontend.CommaFeedApplication;
|
||||
import com.commafeed.frontend.CommaFeedSession;
|
||||
@@ -76,6 +77,9 @@ public abstract class AbstractREST {
|
||||
@Inject
|
||||
OPMLImporter opmlImporter;
|
||||
|
||||
@Inject
|
||||
PasswordEncryptionService encryptionService;
|
||||
|
||||
@PostConstruct
|
||||
public void init() {
|
||||
CommaFeedApplication app = CommaFeedApplication.get();
|
||||
|
||||
@@ -2,23 +2,95 @@ package com.commafeed.frontend.rest.resources;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Map;
|
||||
import java.util.Set;
|
||||
|
||||
import javax.ws.rs.GET;
|
||||
import javax.ws.rs.POST;
|
||||
import javax.ws.rs.Path;
|
||||
import javax.ws.rs.QueryParam;
|
||||
import javax.ws.rs.core.Response;
|
||||
import javax.ws.rs.core.Response.Status;
|
||||
|
||||
import org.apache.commons.lang.StringUtils;
|
||||
|
||||
import com.commafeed.backend.model.User;
|
||||
import com.commafeed.backend.model.UserRole;
|
||||
import com.commafeed.backend.security.Role;
|
||||
import com.commafeed.frontend.model.UserModel;
|
||||
import com.commafeed.frontend.rest.SecurityCheck;
|
||||
import com.google.common.base.Preconditions;
|
||||
import com.google.common.collect.Maps;
|
||||
import com.google.common.collect.Sets;
|
||||
|
||||
@SecurityCheck(Role.ADMIN)
|
||||
@Path("admin/users")
|
||||
public class AdminUsersREST extends AbstractREST {
|
||||
|
||||
@Path("save")
|
||||
@POST
|
||||
public Response save(UserModel userModel) {
|
||||
Preconditions.checkNotNull(userModel);
|
||||
Preconditions.checkNotNull(userModel.getName());
|
||||
|
||||
Long id = userModel.getId();
|
||||
if (id == null) {
|
||||
Preconditions.checkNotNull(userModel.getPassword());
|
||||
|
||||
Set<String> roles = Sets.newHashSet(Role.USER);
|
||||
if (userModel.isAdmin()) {
|
||||
roles.add(Role.ADMIN);
|
||||
}
|
||||
|
||||
User user = userService.register(userModel.getName(),
|
||||
userModel.getPassword(), roles);
|
||||
if (user == null) {
|
||||
return Response.status(Status.CONFLICT)
|
||||
.entity("User already exists.").build();
|
||||
}
|
||||
} else {
|
||||
User user = userService.findById(id);
|
||||
user.setName(userModel.getName());
|
||||
if (StringUtils.isNotBlank(userModel.getPassword())) {
|
||||
user.setPassword(encryptionService.getEncryptedPassword(
|
||||
userModel.getPassword(), user.getSalt()));
|
||||
}
|
||||
user.setDisabled(!userModel.isEnabled());
|
||||
userService.update(user);
|
||||
|
||||
Set<String> roles = userRoleService.getRoles(user);
|
||||
if (userModel.isAdmin() && !roles.contains(Role.ADMIN)) {
|
||||
userRoleService.save(new UserRole(user, Role.ADMIN));
|
||||
} else if (!userModel.isAdmin() && roles.contains(Role.ADMIN)) {
|
||||
for (UserRole userRole : userRoleService.findAll(user)) {
|
||||
if (Role.ADMIN.equals(userRole.getRole())) {
|
||||
userRoleService.delete(userRole);
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
}
|
||||
return Response.ok(Status.OK).entity("OK").build();
|
||||
|
||||
}
|
||||
|
||||
@Path("get")
|
||||
@GET
|
||||
public UserModel getUser(@QueryParam("id") Long id) {
|
||||
User user = userService.findById(id);
|
||||
UserModel userModel = new UserModel();
|
||||
userModel.setId(user.getId());
|
||||
userModel.setName(user.getName());
|
||||
userModel.setEnabled(!user.isDisabled());
|
||||
for (UserRole role : userRoleService.findAll(user)) {
|
||||
if (Role.ADMIN.equals(role.getRole())) {
|
||||
userModel.setAdmin(true);
|
||||
}
|
||||
}
|
||||
return userModel;
|
||||
}
|
||||
|
||||
@Path("getAll")
|
||||
@GET
|
||||
public Collection<UserModel> getUsers() {
|
||||
Map<Long, UserModel> users = Maps.newHashMap();
|
||||
for (UserRole role : userRoleService.findAll()) {
|
||||
@@ -27,6 +99,7 @@ public class AdminUsersREST extends AbstractREST {
|
||||
UserModel userModel = users.get(key);
|
||||
if (userModel == null) {
|
||||
userModel = new UserModel();
|
||||
userModel.setId(user.getId());
|
||||
userModel.setName(user.getName());
|
||||
userModel.setEnabled(!user.isDisabled());
|
||||
users.put(key, userModel);
|
||||
|
||||
Reference in New Issue
Block a user