@GET @Path("/count") @Produces(MediaType.APPLICATION_JSON) @RolesAllowed({ADMIN, ADMIN_READONLY}) public Long count(@QueryParam("search") String search) { if (search != null) return userFinder.countBySearchCriteria(search); else return userFinder.countAll(); }
@GET @Path("/") @Produces(MediaType.APPLICATION_JSON) @RolesAllowed({ADMIN, ADMIN_READONLY}) public List<User> findAll( @QueryParam("search") String search, @QueryParam("start") Integer start, @QueryParam("size") Integer size, @QueryParam("orderBy") String orderBy, @QueryParam("isDesc") Boolean isDesc) { if (search != null) return userFinder.findBySearchCriteria(search, start, size, orderBy, isDesc); else return userFinder.findAll(start, size, orderBy, isDesc); }
@PUT @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @RolesAllowed({ADMIN, USER}) public User modify(@NotNull User user) { User existingUser = null; if (sessionContext.isCallerInRole(USER) && !sessionContext.isCallerInRole(ADMIN)) { existingUser = userFinder.findByLogin(sessionContext.getCallerPrincipal().getName()); if (!existingUser.getId().equals(user.getId()) || !existingUser.getLogin().equals(user.getLogin())) { throw new WebApplicationException(Response.Status.UNAUTHORIZED); } user.setActivated(existingUser.getActivated()); user.setDisabled(existingUser.getDisabled()); user.setActionToken(existingUser.getActionToken()); } if (existingUser == null) { existingUser = entityManager.find(User.class, user.getId()); } checkNotNull(existingUser); user.setPassword(existingUser.getPassword()); user.setCreationDate(existingUser.getCreationDate()); user.setRoles(existingUser.getRoles()); return entityManager.merge(user); }
@POST @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @Path("/{userLogin}/password") @PermitAll public void sendResetPasswordMail(@NotNull @PathParam("userLogin") String userLogin) { User user = userFinder.findByLogin(userLogin); if (user != null) { generateActionTokenAndSendMail(user, Mails.userResetPassword); } else { throw new WebApplicationException(Response.Status.NOT_FOUND); } }
@GET @Path("/current") @Produces(MediaType.APPLICATION_JSON) @RolesAllowed({ADMIN, ADMIN_READONLY, USER}) public User findCurrentUser() { User user = userFinder.findByLogin(sessionContext.getCallerPrincipal().getName()); if (user == null) { throw new WebApplicationException(Response.Status.NOT_FOUND); } return user; }
@PUT @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @Path("/{userLogin}/password") @PermitAll public void resetPassword( @NotNull @PathParam("userLogin") String userLogin, @QueryParam("token") String token, @NotNull String newPassword) { User user; if (sessionContext.isCallerInRole(ADMIN)) { user = userFinder.findByLogin(userLogin); } else if (sessionContext.isCallerInRole(USER)) { user = userFinder.findByLogin(sessionContext.getCallerPrincipal().getName()); if (!userLogin.equals(user.getLogin())) { throw new WebApplicationException(Response.Status.UNAUTHORIZED); } } else { user = userFinder.findByLogin(userLogin); if (user == null || !user.getActionToken().equals(UUID.fromString(token))) { throw new WebApplicationException(Response.Status.NOT_FOUND); } user.setActionToken(null); } user.setPassword(hashSha256Base64(newPassword)); user.setActivated(true); sendMail(user, Mails.userChangePassword); }
@PUT @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @Path("/{userLogin}") @PermitAll public void activate(@NotNull @PathParam("userLogin") String userLogin, @NotNull String token) { User user = userFinder.findByLogin(userLogin); if (user != null && user.getActionToken() != null && user.getActionToken().equals(UUID.fromString(token))) { user.setActivated(true); user.setActionToken(null); } else { throw new WebApplicationException(Response.Status.NOT_FOUND); } }
@Test public void shouldResponse() throws Exception { when(mockUserFinder.findUsersByName(new String[] {"피평가자1", "평가자1", "계정없음", "피평가자2"})) .thenReturn( Arrays.asList( found("피평가자1", "ratee1"), found("평가자1", "rater1"), notFound("계정없음"), found("피평가자2", "ratee2"))); mockMvc .perform(get("/api/users").param("op", "findId").param("name", "피평가자1,평가자1,계정없음,피평가자2")) .andExpect(jsonPath("$.[0].name").value("피평가자1")) .andExpect(jsonPath("$.[0].found").value(true)) .andExpect(jsonPath("$.[0].id").value("ratee1")) .andExpect(jsonPath("$.[2].name").value("계정없음")) .andExpect(jsonPath("$.[2].found").value(false)); }
@POST @Consumes(MediaType.APPLICATION_JSON) @Produces(MediaType.APPLICATION_JSON) @PermitAll public User create(@NotNull User user) { if (user.getId() != null) { throw new WebApplicationException(Response.Status.BAD_REQUEST); } User userByLogin = userFinder.findByLogin(user.getLogin()); if (userByLogin != null) { throw new WebApplicationException(Response.Status.CONFLICT); } final Address userAddress = user.getAddress(); if (userAddress != null) { if (userAddress.getId() != null) { throw new WebApplicationException(Response.Status.BAD_REQUEST); } if (!countryChecker.isAvailable(userAddress.getCountryIso3Code())) { LOG.error("Country {} is not available", userAddress.getCountryIso3Code()); throw new WebApplicationException(Response.Status.BAD_REQUEST); } } entityManager.persist(user); Role userRole = roleFinder.findByName(RoleName.user); user.setRoles(Sets.newHashSet(userRole)); user.setPassword(hashSha256Base64(user.getPassword())); if (!sessionContext.isCallerInRole(ADMIN)) { user.setActivated(false); generateActionTokenAndSendMail(user, Mails.userRegistration); } return user; }