@Path("/user/getAll") @GET @ApiOperation( value = "Get all users", notes = "Get all users", responseClass = "List[com.commafeed.frontend.model.UserModel]") public Response getUsers() { Map<Long, UserModel> users = Maps.newHashMap(); for (UserRole role : userRoleDAO.findAll()) { User user = role.getUser(); Long key = user.getId(); UserModel userModel = users.get(key); if (userModel == null) { userModel = new UserModel(); userModel.setId(user.getId()); userModel.setName(user.getName()); userModel.setEmail(user.getEmail()); userModel.setEnabled(!user.isDisabled()); userModel.setCreated(user.getCreated()); userModel.setLastLogin(user.getLastLogin()); users.put(key, userModel); } if (role.getRole() == Role.ADMIN) { userModel.setAdmin(true); } } return Response.ok(users.values()).build(); }
@Path("/user/get/{id}") @GET @ApiOperation( value = "Get user information", notes = "Get user information", responseClass = "com.commafeed.frontend.model.UserModel") public Response getUser(@ApiParam(value = "user id", required = true) @PathParam("id") Long id) { Preconditions.checkNotNull(id); User user = userDAO.findById(id); UserModel userModel = new UserModel(); userModel.setId(user.getId()); userModel.setName(user.getName()); userModel.setEmail(user.getEmail()); userModel.setEnabled(!user.isDisabled()); for (UserRole role : userRoleDAO.findAll(user)) { if (role.getRole() == Role.ADMIN) { userModel.setAdmin(true); } } return Response.ok(userModel).build(); }
@Path("/user/save") @POST @ApiOperation( value = "Save or update a user", notes = "Save or update a user. If the id is not specified, a new user will be created") public Response save(@ApiParam(required = true) UserModel userModel) { Preconditions.checkNotNull(userModel); Preconditions.checkNotNull(userModel.getName()); Long id = userModel.getId(); if (id == null) { Preconditions.checkNotNull(userModel.getPassword()); Set<Role> roles = Sets.newHashSet(Role.USER); if (userModel.isAdmin()) { roles.add(Role.ADMIN); } try { userService.register( userModel.getName(), userModel.getPassword(), userModel.getEmail(), roles, true); } catch (Exception e) { return Response.status(Status.CONFLICT).entity(e.getMessage()).build(); } } else { User user = userDAO.findById(id); if (StartupBean.USERNAME_ADMIN.equals(user.getName()) && !userModel.isEnabled()) { return Response.status(Status.FORBIDDEN) .entity("You cannot disable the admin user.") .build(); } user.setName(userModel.getName()); if (StringUtils.isNotBlank(userModel.getPassword())) { user.setPassword( encryptionService.getEncryptedPassword(userModel.getPassword(), user.getSalt())); } user.setEmail(userModel.getEmail()); user.setDisabled(!userModel.isEnabled()); userDAO.saveOrUpdate(user); Set<Role> roles = userRoleDAO.findRoles(user); if (userModel.isAdmin() && !roles.contains(Role.ADMIN)) { userRoleDAO.saveOrUpdate(new UserRole(user, Role.ADMIN)); } else if (!userModel.isAdmin() && roles.contains(Role.ADMIN)) { if (StartupBean.USERNAME_ADMIN.equals(user.getName())) { return Response.status(Status.FORBIDDEN) .entity("You cannot remove the admin role from the admin user.") .build(); } for (UserRole userRole : userRoleDAO.findAll(user)) { if (userRole.getRole() == Role.ADMIN) { userRoleDAO.delete(userRole); } } } } return Response.ok(Status.OK).entity("OK").build(); }