Beispiel #1
0
  @Path("/user/save")
  @POST
  @ApiOperation(
      value = "Save or update a user",
      notes = "Save or update a user. If the id is not specified, a new user will be created")
  public Response save(@ApiParam(required = true) UserModel userModel) {
    Preconditions.checkNotNull(userModel);
    Preconditions.checkNotNull(userModel.getName());

    Long id = userModel.getId();
    if (id == null) {
      Preconditions.checkNotNull(userModel.getPassword());

      Set<Role> roles = Sets.newHashSet(Role.USER);
      if (userModel.isAdmin()) {
        roles.add(Role.ADMIN);
      }
      try {
        userService.register(
            userModel.getName(), userModel.getPassword(), userModel.getEmail(), roles, true);
      } catch (Exception e) {
        return Response.status(Status.CONFLICT).entity(e.getMessage()).build();
      }
    } else {
      User user = userDAO.findById(id);
      if (StartupBean.USERNAME_ADMIN.equals(user.getName()) && !userModel.isEnabled()) {
        return Response.status(Status.FORBIDDEN)
            .entity("You cannot disable the admin user.")
            .build();
      }
      user.setName(userModel.getName());
      if (StringUtils.isNotBlank(userModel.getPassword())) {
        user.setPassword(
            encryptionService.getEncryptedPassword(userModel.getPassword(), user.getSalt()));
      }
      user.setEmail(userModel.getEmail());
      user.setDisabled(!userModel.isEnabled());
      userDAO.saveOrUpdate(user);

      Set<Role> roles = userRoleDAO.findRoles(user);
      if (userModel.isAdmin() && !roles.contains(Role.ADMIN)) {
        userRoleDAO.saveOrUpdate(new UserRole(user, Role.ADMIN));
      } else if (!userModel.isAdmin() && roles.contains(Role.ADMIN)) {
        if (StartupBean.USERNAME_ADMIN.equals(user.getName())) {
          return Response.status(Status.FORBIDDEN)
              .entity("You cannot remove the admin role from the admin user.")
              .build();
        }
        for (UserRole userRole : userRoleDAO.findAll(user)) {
          if (userRole.getRole() == Role.ADMIN) {
            userRoleDAO.delete(userRole);
          }
        }
      }
    }
    return Response.ok(Status.OK).entity("OK").build();
  }
Beispiel #2
0
  @PostConstruct
  private void init() {
    startupTime = Calendar.getInstance().getTimeInMillis();
    if (userDAO.getCount() == 0) {
      initialData();
    }

    initSupportedLanguages();

    ApplicationSettings settings = applicationSettingsService.get();
    int threads = settings.getBackgroundThreads();
    log.info("Starting {} background threads", threads);

    executor = Executors.newFixedThreadPool(Math.max(threads, 1));
    for (int i = 0; i < threads; i++) {
      final int threadId = i;
      executor.execute(
          new Runnable() {
            @Override
            public void run() {
              FeedRefreshWorker worker = workers.get();
              worker.start(running, "Thread " + threadId);
            }
          });
    }
  }
Beispiel #3
0
 public void unregister(User user) {
   feedEntryStatusDAO.delete(feedEntryStatusDAO.findAll(user, false, ReadingOrder.desc, false));
   feedSubscriptionDAO.delete(feedSubscriptionDAO.findAll(user));
   feedCategoryDAO.delete(feedCategoryDAO.findAll(user));
   userSettingsDAO.delete(userSettingsDAO.findByUser(user));
   userRoleDAO.delete(userRoleDAO.findAll(user));
   userDAO.delete(user);
 }
Beispiel #4
0
  public User login(String name, String password) {
    if (name == null || password == null) {
      return null;
    }

    User user = userDAO.findByName(name);
    if (user != null && !user.isDisabled()) {
      boolean authenticated =
          encryptionService.authenticate(password, user.getPassword(), user.getSalt());
      if (authenticated) {
        user.setLastLogin(Calendar.getInstance().getTime());
        userDAO.update(user);
        return user;
      }
    }

    return null;
  }
Beispiel #5
0
  public User register(String name, String password, String email, Collection<Role> roles) {
    Preconditions.checkNotNull(name);
    Preconditions.checkNotNull(password);

    if (userDAO.findByName(name) != null) {
      return null;
    }
    User user = new User();
    byte[] salt = encryptionService.generateSalt();
    user.setName(name);
    user.setEmail(email);
    user.setSalt(salt);
    user.setPassword(encryptionService.getEncryptedPassword(password, salt));
    for (Role role : roles) {
      user.getRoles().add(new UserRole(user, role));
    }
    userDAO.save(user);
    return user;
  }
Beispiel #6
0
  @Path("/user/delete")
  @POST
  @ApiOperation(value = "Delete a user", notes = "Delete a user, and all his subscriptions")
  public Response delete(@ApiParam(required = true) IDRequest req) {
    Preconditions.checkNotNull(req);
    Preconditions.checkNotNull(req.getId());

    User user = userDAO.findById(req.getId());
    if (user == null) {
      return Response.status(Status.NOT_FOUND).build();
    }
    if (StartupBean.USERNAME_ADMIN.equals(user.getName())) {
      return Response.status(Status.FORBIDDEN).entity("You cannot delete the admin user.").build();
    }
    userService.unregister(user);
    return Response.ok().build();
  }
Beispiel #7
0
 @Path("/user/get/{id}")
 @GET
 @ApiOperation(
     value = "Get user information",
     notes = "Get user information",
     responseClass = "com.commafeed.frontend.model.UserModel")
 public Response getUser(@ApiParam(value = "user id", required = true) @PathParam("id") Long id) {
   Preconditions.checkNotNull(id);
   User user = userDAO.findById(id);
   UserModel userModel = new UserModel();
   userModel.setId(user.getId());
   userModel.setName(user.getName());
   userModel.setEmail(user.getEmail());
   userModel.setEnabled(!user.isDisabled());
   for (UserRole role : userRoleDAO.findAll(user)) {
     if (role.getRole() == Role.ADMIN) {
       userModel.setAdmin(true);
     }
   }
   return Response.ok(userModel).build();
 }