@POST @Consumes(MediaType.APPLICATION_FORM_URLENCODED) @Produces(BeeterMediaType.BEETER_AUTH_TOKEN) public Response registerUser( @FormParam("loginid") String loginid, @FormParam("password") String password, @FormParam("email") String email, @FormParam("fullname") String fullname, @Context UriInfo uriInfo) throws URISyntaxException { if (loginid == null || password == null || email == null || fullname == null) throw new BadRequestException("all parameters are mandatory"); UserDAO userDAO = new UserDAOImpl(); User user = null; AuthToken authToken = null; try { user = userDAO.createUser(loginid, password, email, fullname); authToken = (new AuthTokenDAOImpl()).createAuthToken(user.getId()); } catch (UserAlreadyExistsException e) { throw new WebApplicationException("loginid already exists", Response.Status.CONFLICT); } catch (SQLException e) { throw new InternalServerErrorException(); } URI uri = new URI(uriInfo.getAbsolutePath().toString() + "/" + user.getId()); return Response.created(uri).type(BeeterMediaType.BEETER_AUTH_TOKEN).entity(authToken).build(); }
@Path("/{id}") @DELETE public void deleteUser(@PathParam("id") String id) { String userid = securityContext.getUserPrincipal().getName(); if (!userid.equals(id)) throw new ForbiddenException("operation not allowed"); UserDAO userDAO = new UserDAOImpl(); try { if (!userDAO.deleteUser(id)) throw new NotFoundException("User with id = " + id + " doesn't exist"); } catch (SQLException e) { throw new InternalServerErrorException(); } }
@Path("/{id}") @PUT @Consumes(BeeterMediaType.BEETER_USER) @Produces(BeeterMediaType.BEETER_USER) public User updateUser(@PathParam("id") String id, User user) { if (user == null) throw new BadRequestException("entity is null"); if (!id.equals(user.getId())) throw new BadRequestException("path parameter id and entity parameter id doesn't match"); String userid = securityContext.getUserPrincipal().getName(); if (!userid.equals(id)) throw new ForbiddenException("operation not allowed"); UserDAO userDAO = new UserDAOImpl(); try { user = userDAO.updateProfile(userid, user.getEmail(), user.getFullname()); if (user == null) throw new NotFoundException("User with id = " + id + " doesn't exist"); } catch (SQLException e) { throw new InternalServerErrorException(); } return user; }