Esempio n. 1
0
  @PUT
  @Path("/{id}/password")
  @PermitAll
  public Response updatePassword(@PathParam("id") final Long id, final String body) {
    logger.debug("Updating the password for user {}", id);

    if (!securityContext.isUserInRole(Roles.ADMINISTRATOR.name())) {
      if (!isLoggedUser(id)) {
        return Response.status(HttpCode.FORBIDDEN.getCode()).build();
      }
    }

    HttpCode httpCode = HttpCode.OK;
    OperationResult result;
    try {
      userService.updatePassword(id, getPasswordFromJson(body));
      result = OperationResult.success();
    } catch (UserNotFoundException e) {
      httpCode = HttpCode.NOT_FOUND;
      logger.error("No user found for the given id", e);
      result = getOperationResultNotFound(RESOURCE_MESSAGE);
    }

    logger.debug("Returning the operation result after updating user password: {}", result);
    return Response.status(httpCode.getCode())
        .entity(OperationResultJsonWriter.toJson(result))
        .build();
  }
Esempio n. 2
0
 private boolean isLoggedUser(final Long id) {
   try {
     final User loggerUser = userService.find(securityContext.getUserPrincipal().getName());
     if (loggerUser.getId().equals(id)) {
       return true;
     }
   } catch (final UserNotFoundException e) {
   }
   return false;
 }
Esempio n. 3
0
  @PUT
  @Path("/{id}")
  @PermitAll
  public Response update(@PathParam("id") final Long id, final String body) {
    logger.debug("Updating the user {} with body {}", id, body);

    if (!securityContext.isUserInRole(Roles.ADMINISTRATOR.name())) {
      if (!isLoggedUser(id)) {
        return Response.status(HttpCode.FORBIDDEN.getCode()).build();
      }
    }

    final User user = userJsonConverter.convertFrom(body);
    user.setId(id);

    HttpCode httpCode = HttpCode.OK;
    OperationResult result;
    try {
      userService.update(user);
      result = OperationResult.success();
    } catch (FieldNotValidException e) {
      httpCode = HttpCode.VALIDATION_ERROR;
      logger.error("One of the fields of the user is not valid", e);
      result = getOperationResultInvalidField(RESOURCE_MESSAGE, e);
    } catch (UserExistException e) {
      httpCode = HttpCode.VALIDATION_ERROR;
      logger.error("There is already an user for the given email", e);
      result = getOperationResultExists(RESOURCE_MESSAGE, "email");
    } catch (UserNotFoundException e) {
      httpCode = HttpCode.NOT_FOUND;
      logger.error("No user found for the given id", e);
      result = getOperationResultNotFound(RESOURCE_MESSAGE);
    }

    logger.debug("Returning the operation result after updating user: {}", result);
    return Response.status(httpCode.getCode())
        .entity(OperationResultJsonWriter.toJson(result))
        .build();
  }