garrettmills/commafeed
1
0
Fork 0
forked from Archives/Athou_commafeed
Code Pull Requests Activity

eslint update

Browse Source
This commit is contained in:
Athou
2023-12-28 19:54:51 +01:00
parent f4e48383cc
commit 97781d5551
65 changed files with 1258 additions and 3103 deletions
Download Patch File Download Diff File Expand all files Collapse all files

31
commafeed-server/src/main/java/com/commafeed/frontend/model/request/AdminSaveUserRequest.java Normal file
View File

@@ -0,0 +1,31 @@
package com.commafeed.frontend.model.request;
import java.io.Serializable;
import io.swagger.v3.oas.annotations.media.Schema;
import io.swagger.v3.oas.annotations.media.Schema.RequiredMode;
import lombok.Data;
@SuppressWarnings("serial")
@Schema(description = "Save User information")
@Data
public class AdminSaveUserRequest implements Serializable {
@Schema(description = "user id")
private Long id;
@Schema(description = "user name", requiredMode = RequiredMode.REQUIRED)
private String name;
@Schema(description = "user email, if any")
private String email;
@Schema(description = "user password")
private String password;
@Schema(description = "account status", requiredMode = RequiredMode.REQUIRED)
private boolean enabled;
@Schema(description = "user is admin", requiredMode = RequiredMode.REQUIRED)
private boolean admin;
}

31
commafeed-server/src/main/java/com/commafeed/frontend/resource/AdminREST.java
View File

@@ -20,6 +20,7 @@ import com.commafeed.backend.service.PasswordEncryptionService;
import com.commafeed.backend.service.UserService;
import com.commafeed.frontend.auth.SecurityCheck;
import com.commafeed.frontend.model.UserModel;
import com.commafeed.frontend.model.request.AdminSaveUserRequest;
import com.commafeed.frontend.model.request.IDRequest;
import com.google.common.base.Preconditions;
import com.google.common.collect.Sets;
@@ -66,41 +67,41 @@ public class AdminREST {
description = "Save or update a user. If the id is not specified, a new user will be created")
@Timed
public Response adminSaveUser(@Parameter(hidden = true) @SecurityCheck(Role.ADMIN) User user,
@Parameter(required = true) UserModel userModel) {
Preconditions.checkNotNull(userModel);
Preconditions.checkNotNull(userModel.getName());
@Parameter(required = true) AdminSaveUserRequest req) {
Preconditions.checkNotNull(req);
Preconditions.checkNotNull(req.getName());
Long id = userModel.getId();
Long id = req.getId();
if (id == null) {
Preconditions.checkNotNull(userModel.getPassword());
Preconditions.checkNotNull(req.getPassword());
Set<Role> roles = Sets.newHashSet(Role.USER);
if (userModel.isAdmin()) {
if (req.isAdmin()) {
roles.add(Role.ADMIN);
}
try {
userService.register(userModel.getName(), userModel.getPassword(), userModel.getEmail(), roles, true);
userService.register(req.getName(), req.getPassword(), req.getEmail(), roles, true);
} catch (Exception e) {
return Response.status(Status.CONFLICT).entity(e.getMessage()).build();
}
} else {
if (userModel.getId().equals(user.getId()) && !userModel.isEnabled()) {
if (req.getId().equals(user.getId()) && !req.isEnabled()) {
return Response.status(Status.FORBIDDEN).entity("You cannot disable your own account.").build();
}
User u = userDAO.findById(id);
u.setName(userModel.getName());
if (StringUtils.isNotBlank(userModel.getPassword())) {
u.setPassword(encryptionService.getEncryptedPassword(userModel.getPassword(), u.getSalt()));
u.setName(req.getName());
if (StringUtils.isNotBlank(req.getPassword())) {
u.setPassword(encryptionService.getEncryptedPassword(req.getPassword(), u.getSalt()));
}
u.setEmail(userModel.getEmail());
u.setDisabled(!userModel.isEnabled());
u.setEmail(req.getEmail());
u.setDisabled(!req.isEnabled());
userDAO.saveOrUpdate(u);
Set<Role> roles = userRoleDAO.findRoles(u);
if (userModel.isAdmin() && !roles.contains(Role.ADMIN)) {
if (req.isAdmin() && !roles.contains(Role.ADMIN)) {
userRoleDAO.saveOrUpdate(new UserRole(u, Role.ADMIN));
} else if (!userModel.isAdmin() && roles.contains(Role.ADMIN)) {
} else if (!req.isAdmin() && roles.contains(Role.ADMIN)) {
if (CommaFeedApplication.USERNAME_ADMIN.equals(u.getName())) {
return Response.status(Status.FORBIDDEN).entity("You cannot remove the admin role from the admin user.").build();
}