add a disabled state to users

src/main/java/com/commafeed/frontend/CommaFeedSession.java

@@ -7,9 +7,9 @@ import org.apache.wicket.authroles.authentication.AuthenticatedWebSession;
 import org.apache.wicket.authroles.authorization.strategies.role.Roles;
 import org.apache.wicket.request.Request;
 
+import com.commafeed.backend.dao.UserRoleService;
 import com.commafeed.backend.dao.UserService;
 import com.commafeed.backend.model.User;
-import com.commafeed.backend.security.Role;
 
 @SuppressWarnings("serial")
 public class CommaFeedSession extends AuthenticatedWebSession {
@@ -17,7 +17,11 @@ public class CommaFeedSession extends AuthenticatedWebSession {
 	@Inject
 	UserService userService;
 
+	@Inject
+	UserRoleService userRoleService;
+
 	private User user;
+	private Roles roles = new Roles();
 
 	public CommaFeedSession(Request request) {
 		super(request);
@@ -37,15 +41,20 @@ public class CommaFeedSession extends AuthenticatedWebSession {
 
 	@Override
 	public Roles getRoles() {
-		// TODO change this
-		return isSignedIn() ? new Roles(new String[] { Role.USER, Role.ADMIN })
-				: new Roles();
+		return roles;
 	}
 
 	@Override
 	public boolean authenticate(String userName, String password) {
 		User user = userService.login(userName, password);
-		this.user = user;
+		if (user == null) {
+			this.user = null;
+			this.roles = new Roles();
+		} else {
+			this.user = user;
+			this.roles = new Roles(userRoleService.getRoles(user).toArray(
+					new String[0]));
+		}
 		return user != null;
 	}
 

src/main/java/com/commafeed/frontend/pages/BasePage.java

@@ -1,13 +1,48 @@
 package com.commafeed.frontend.pages;
 
+import javax.inject.Inject;
+
 import org.apache.wicket.markup.head.IHeaderResponse;
 import org.apache.wicket.markup.html.WebPage;
 
+import com.commafeed.backend.dao.FeedCategoryService;
+import com.commafeed.backend.dao.FeedEntryService;
+import com.commafeed.backend.dao.FeedEntryStatusService;
+import com.commafeed.backend.dao.FeedService;
+import com.commafeed.backend.dao.FeedSubscriptionService;
+import com.commafeed.backend.dao.UserRoleService;
+import com.commafeed.backend.dao.UserService;
+import com.commafeed.backend.dao.UserSettingsService;
+
 import de.agilecoders.wicket.Bootstrap;
 
 @SuppressWarnings("serial")
 public class BasePage extends WebPage {
 
+	@Inject
+	protected FeedService feedService;
+
+	@Inject
+	protected FeedSubscriptionService feedSubscriptionService;
+
+	@Inject
+	protected FeedCategoryService feedCategoryService;
+
+	@Inject
+	protected FeedEntryService feedEntryService;
+
+	@Inject
+	protected FeedEntryStatusService feedEntryStatusService;
+
+	@Inject
+	protected UserService userService;
+
+	@Inject
+	protected UserSettingsService userSettingsService;
+
+	@Inject
+	protected UserRoleService userRoleService;
+
 	@Override
 	public void renderHead(IHeaderResponse response) {
 		super.renderHead(response);

src/main/java/com/commafeed/frontend/rest/resources/AbstractREST.java

@@ -1,7 +1,7 @@
 package com.commafeed.frontend.rest.resources;
 
 import java.lang.reflect.Method;
-import java.util.List;
+import java.util.Set;
 
 import javax.annotation.PostConstruct;
 import javax.inject.Inject;
@@ -129,7 +129,7 @@ public abstract class AbstractREST {
 	}
 
 	private boolean checkRole(User user, SecurityCheck annotation) {
-		List<String> roles = userRoleService.getRoles(user);
+		Set<String> roles = userRoleService.getRoles(user);
 		for (String role : annotation.value()) {
 			if (!roles.contains(role)) {
 				return false;