@POST public Response add(final String body) { logger.debug("Adding a new user with body {}", body); User user = userJsonConverter.convertFrom(body); if (user.getUserType().equals(User.UserType.EMPLOYEE)) { return Response.status(HttpCode.FORBIDDEN.getCode()).build(); } HttpCode httpCode = HttpCode.CREATED; OperationResult result; try { user = userService.add(user); result = OperationResult.success(JsonUtils.getJsonElementWithId(user.getId())); } catch (final FieldNotValidException e) { httpCode = HttpCode.VALIDATION_ERROR; logger.error("One of the fields of the user is not valid", e); result = getOperationResultInvalidField(RESOURCE_MESSAGE, e); } catch (final UserExistException e) { httpCode = HttpCode.VALIDATION_ERROR; logger.error("There is already an user for the given email", e); result = getOperationResultExists(RESOURCE_MESSAGE, "email"); } logger.debug("Returning the operation result after adding user: {}", result); return Response.status(httpCode.getCode()) .entity(OperationResultJsonWriter.toJson(result)) .build(); }
@PUT @Path("/{id}/password") @PermitAll public Response updatePassword(@PathParam("id") final Long id, final String body) { logger.debug("Updating the password for user {}", id); if (!securityContext.isUserInRole(Roles.ADMINISTRATOR.name())) { if (!isLoggedUser(id)) { return Response.status(HttpCode.FORBIDDEN.getCode()).build(); } } HttpCode httpCode = HttpCode.OK; OperationResult result; try { userService.updatePassword(id, getPasswordFromJson(body)); result = OperationResult.success(); } catch (UserNotFoundException e) { httpCode = HttpCode.NOT_FOUND; logger.error("No user found for the given id", e); result = getOperationResultNotFound(RESOURCE_MESSAGE); } logger.debug("Returning the operation result after updating user password: {}", result); return Response.status(httpCode.getCode()) .entity(OperationResultJsonWriter.toJson(result)) .build(); }
@GET @Path("/{id}") @RolesAllowed({"ADMINISTRATOR"}) public Response find(@PathParam("id") final Long id) { logger.debug("Find user by id: {}", id); Response.ResponseBuilder responseBuilder; try { User user = userService.find(id); OperationResult result = OperationResult.success(userJsonConverter.convertToJsonElement(user)); responseBuilder = Response.status(HttpCode.OK.getCode()).entity(OperationResultJsonWriter.toJson(result)); logger.debug("User found by id: {}", user); } catch (UserNotFoundException e) { logger.error("No user found for id", id); responseBuilder = Response.status(HttpCode.NOT_FOUND.getCode()); } return responseBuilder.build(); }
@PUT @Path("/{id}") @PermitAll public Response update(@PathParam("id") final Long id, final String body) { logger.debug("Updating the user {} with body {}", id, body); if (!securityContext.isUserInRole(Roles.ADMINISTRATOR.name())) { if (!isLoggedUser(id)) { return Response.status(HttpCode.FORBIDDEN.getCode()).build(); } } final User user = userJsonConverter.convertFrom(body); user.setId(id); HttpCode httpCode = HttpCode.OK; OperationResult result; try { userService.update(user); result = OperationResult.success(); } catch (FieldNotValidException e) { httpCode = HttpCode.VALIDATION_ERROR; logger.error("One of the fields of the user is not valid", e); result = getOperationResultInvalidField(RESOURCE_MESSAGE, e); } catch (UserExistException e) { httpCode = HttpCode.VALIDATION_ERROR; logger.error("There is already an user for the given email", e); result = getOperationResultExists(RESOURCE_MESSAGE, "email"); } catch (UserNotFoundException e) { httpCode = HttpCode.NOT_FOUND; logger.error("No user found for the given id", e); result = getOperationResultNotFound(RESOURCE_MESSAGE); } logger.debug("Returning the operation result after updating user: {}", result); return Response.status(httpCode.getCode()) .entity(OperationResultJsonWriter.toJson(result)) .build(); }
@POST @Path("/authenticate") @PermitAll public Response findByEmailAndPassword(final String body) { logger.debug("Find user by email and password"); Response.ResponseBuilder responseBuilder; try { User userWithEmailAndPassword = getUserWithEmailAndPasswordFromJson(body); User user = userService.find( userWithEmailAndPassword.getEmail(), userWithEmailAndPassword.getPassword()); OperationResult result = OperationResult.success(userJsonConverter.convertToJsonElement(user)); responseBuilder = Response.status(HttpCode.OK.getCode()).entity(OperationResultJsonWriter.toJson(result)); logger.debug("User found by email/password: {}", user); } catch (UserNotFoundException e) { logger.error("No user found for email/password"); responseBuilder = Response.status(HttpCode.NOT_FOUND.getCode()); } return responseBuilder.build(); }