@POST @Consumes(MediaType.APPLICATION_FORM_URLENCODED) @Produces(GrouptalkMediaType.GROUPTALK_AUTH_TOKEN) public Response createJoinGroup( @FormParam("userid") String userid, @FormParam("groupid") String groupid, @Context UriInfo uriInfo) throws URISyntaxException { if (userid == null || groupid == null) throw new BadRequestException("all parameters are mandatory"); JoinGroupDAO joinGroupDAO = new JoinGroupDAOImpl(); JoinGroup joinGroup = null; AuthToken authenticationToken = null; try { joinGroup = joinGroupDAO.createJoinGroup(securityContext.getUserPrincipal().getName(), groupid); } catch (SQLException e) { throw new InternalServerErrorException(); } URI uri = new URI(uriInfo.getAbsolutePath().toString() + "/" + joinGroup.getUserid()); return Response.created(uri) .type(GrouptalkMediaType.GROUPTALK_InterestGroups) .entity(joinGroup) .build(); }
private boolean isLoggedUser(final Long id) { try { final User loggerUser = userService.find(securityContext.getUserPrincipal().getName()); if (loggerUser.getId().equals(id)) { return true; } } catch (final UserNotFoundException e) { } return false; }
@Path("/{id}") @DELETE public void deleteUser(@PathParam("id") String id) { String userid = securityContext.getUserPrincipal().getName(); if (!userid.equals(id)) throw new ForbiddenException("operation not allowed"); UserDAO userDAO = new UserDAOImpl(); try { if (!userDAO.deleteUser(id)) throw new NotFoundException("User with id = " + id + " doesn't exist"); } catch (SQLException e) { throw new InternalServerErrorException(); } }
@GET @Path("/operator") @ApiOperation( value = "Current operator of person related processes", notes = "To be consumed by BPM flows using Basic auth", response = Profile.class, authorizations = @Authorization(value = "pp_basic")) @ApiResponses( value = { @ApiResponse(code = 200, message = "Сurent operator (Patrick if none)"), @ApiResponse(code = 400, message = "Unexpected error") }) public Response getOperator( @Context SecurityContext sc, @ApiParam(value = "Authentication") @HeaderParam("Authorization") String auth) throws NotFoundException { Principal pp = sc.getUserPrincipal(); return Response.ok().entity(PersonData.getOperator()).build(); }
@Path("/{id}") @PUT @Consumes(BeeterMediaType.BEETER_USER) @Produces(BeeterMediaType.BEETER_USER) public User updateUser(@PathParam("id") String id, User user) { if (user == null) throw new BadRequestException("entity is null"); if (!id.equals(user.getId())) throw new BadRequestException("path parameter id and entity parameter id doesn't match"); String userid = securityContext.getUserPrincipal().getName(); if (!userid.equals(id)) throw new ForbiddenException("operation not allowed"); UserDAO userDAO = new UserDAOImpl(); try { user = userDAO.updateProfile(userid, user.getEmail(), user.getFullname()); if (user == null) throw new NotFoundException("User with id = " + id + " doesn't exist"); } catch (SQLException e) { throw new InternalServerErrorException(); } return user; }