@Secured(value = {"ROLE_ADMIN", "ROLE_USER", "ROLE_MANAGER"})
@RequestMapping(method = RequestMethod.GET)
public @ResponseBody ResponseEntity<UserDto> getUser(
Principal principal, @RequestParam(value = "uuid", required = false) String uuid) {
PipUser user;
if (uuid != null) user = PipUser.findPipUsersByUuidEquals(uuid).getSingleResult();
else user = PipUser.findPipUsersByEmailEquals(principal.getName()).getSingleResult();
UserDto dto = DtoCastUtil.cast(user);
return new ResponseEntity<UserDto>(dto, HttpStatus.OK);
}
@Secured(value = {"ROLE_ADMIN", "ROLE_USER", "ROLE_MANAGER"})
@RequestMapping(method = RequestMethod.PUT)
public @ResponseBody ResponseEntity<UserDto> updateUser(
@RequestBody UserDto dto,
Principal principal,
@RequestParam(value = "user-id", required = false) String uuid) {
PipUser user = PipUser.findPipUsersByUuidEquals(uuid).getSingleResult();
PipUser principalUser =
PipUser.findPipUsersByEmailEquals(principal.getName()).getSingleResult();
if (user.getEmail().equals(principal.getName())
|| PipRole.ADMIN.getName().equals(principalUser.getRole())) {
user.setName(dto.getName());
user.setSurname(dto.getSurname());
user.setPreferredTopics(DALCastUtil.cast(dto.getTopics()));
user.setPhone(dto.getPhone());
user.setLanguageSkills(dto.getLanguageSkills());
user.merge();
return new ResponseEntity<UserDto>(HttpStatus.OK);
} else return new ResponseEntity<UserDto>(HttpStatus.FORBIDDEN);
}
@Secured(value = {"ROLE_USER", "ROLE_ADMIN", "ROLE_MANAGER"})
@RequestMapping(method = RequestMethod.POST, value = "upload-profile-pic")
public @ResponseBody ResponseEntity<ResponseObject> uploadProfilePic(
@RequestParam("file") List<MultipartFile> files,
Principal principal,
@RequestParam(value = "userid", required = false) String userid) {
if (documentFolder.exists()) {
PipUser user;
PipUser principalUser =
PipUser.findPipUsersByEmailEquals(principal.getName()).getSingleResult();
if (userid != null) {
user = PipUser.findPipUsersByUuidEquals(userid).getSingleResult();
if (!PipRole.ADMIN.getName().equals(principalUser.getRole()) && !principalUser.equals(user))
return new ResponseEntity<ResponseObject>(HttpStatus.FORBIDDEN);
} else user = principalUser;
File directory = new File(documentFolder.getPath() + "/user-data/" + user.getUuid());
directory.mkdirs();
for (File file : directory.listFiles()) {
file.delete();
}
for (MultipartFile multiPartfile : files) {
File file = new File(directory, multiPartfile.getOriginalFilename());
try {
multiPartfile.transferTo(file);
} catch (IllegalStateException e) {
e.printStackTrace();
return new ResponseEntity<ResponseObject>(HttpStatus.INTERNAL_SERVER_ERROR);
} catch (IOException e) {
e.printStackTrace();
return new ResponseEntity<ResponseObject>(HttpStatus.INTERNAL_SERVER_ERROR);
}
}
return new ResponseEntity<ResponseObject>(HttpStatus.OK);
}
return new ResponseEntity<ResponseObject>(HttpStatus.INTERNAL_SERVER_ERROR);
}
