@PUT @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @RolesAllowed({ADMIN, USER}) public User modify(@NotNull User user) { User existingUser = null; if (sessionContext.isCallerInRole(USER) && !sessionContext.isCallerInRole(ADMIN)) { existingUser = userFinder.findByLogin(sessionContext.getCallerPrincipal().getName()); if (!existingUser.getId().equals(user.getId()) || !existingUser.getLogin().equals(user.getLogin())) { throw new WebApplicationException(Response.Status.UNAUTHORIZED); } user.setActivated(existingUser.getActivated()); user.setDisabled(existingUser.getDisabled()); user.setActionToken(existingUser.getActionToken()); } if (existingUser == null) { existingUser = entityManager.find(User.class, user.getId()); } checkNotNull(existingUser); user.setPassword(existingUser.getPassword()); user.setCreationDate(existingUser.getCreationDate()); user.setRoles(existingUser.getRoles()); return entityManager.merge(user); }
@POST @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @Path("/{userLogin}/password") @PermitAll public void sendResetPasswordMail(@NotNull @PathParam("userLogin") String userLogin) { User user = userFinder.findByLogin(userLogin); if (user != null) { generateActionTokenAndSendMail(user, Mails.userResetPassword); } else { throw new WebApplicationException(Response.Status.NOT_FOUND); } }
@GET @Path("/current") @Produces(MediaType.APPLICATION_JSON) @RolesAllowed({ADMIN, ADMIN_READONLY, USER}) public User findCurrentUser() { User user = userFinder.findByLogin(sessionContext.getCallerPrincipal().getName()); if (user == null) { throw new WebApplicationException(Response.Status.NOT_FOUND); } return user; }
@PUT @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @Path("/{userLogin}/password") @PermitAll public void resetPassword( @NotNull @PathParam("userLogin") String userLogin, @QueryParam("token") String token, @NotNull String newPassword) { User user; if (sessionContext.isCallerInRole(ADMIN)) { user = userFinder.findByLogin(userLogin); } else if (sessionContext.isCallerInRole(USER)) { user = userFinder.findByLogin(sessionContext.getCallerPrincipal().getName()); if (!userLogin.equals(user.getLogin())) { throw new WebApplicationException(Response.Status.UNAUTHORIZED); } } else { user = userFinder.findByLogin(userLogin); if (user == null || !user.getActionToken().equals(UUID.fromString(token))) { throw new WebApplicationException(Response.Status.NOT_FOUND); } user.setActionToken(null); } user.setPassword(hashSha256Base64(newPassword)); user.setActivated(true); sendMail(user, Mails.userChangePassword); }
@PUT @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @Path("/{userLogin}") @PermitAll public void activate(@NotNull @PathParam("userLogin") String userLogin, @NotNull String token) { User user = userFinder.findByLogin(userLogin); if (user != null && user.getActionToken() != null && user.getActionToken().equals(UUID.fromString(token))) { user.setActivated(true); user.setActionToken(null); } else { throw new WebApplicationException(Response.Status.NOT_FOUND); } }
@POST @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @PermitAll public User create(@NotNull User user) { if (user.getId() != null) { throw new WebApplicationException(Response.Status.BAD_REQUEST); } User userByLogin = userFinder.findByLogin(user.getLogin()); if (userByLogin != null) { throw new WebApplicationException(Response.Status.CONFLICT); } final Address userAddress = user.getAddress(); if (userAddress != null) { if (userAddress.getId() != null) { throw new WebApplicationException(Response.Status.BAD_REQUEST); } if (!countryChecker.isAvailable(userAddress.getCountryIso3Code())) { LOG.error("Country {} is not available", userAddress.getCountryIso3Code()); throw new WebApplicationException(Response.Status.BAD_REQUEST); } } entityManager.persist(user); Role userRole = roleFinder.findByName(RoleName.user); user.setRoles(Sets.newHashSet(userRole)); user.setPassword(hashSha256Base64(user.getPassword())); if (!sessionContext.isCallerInRole(ADMIN)) { user.setActivated(false); generateActionTokenAndSendMail(user, Mails.userRegistration); } return user; }