@GET
@Produces(MediaType.TEXT_HTML)
public Response detailView(@Context HttpServletRequest request) {
ModelAndView view;
ModelMap model = new ModelMap();
ResponseBuilder builder;
try {
model.addAttribute("title", "Account Settings - " + getContextName());
model.addAttribute("user", getCurrentUser());
model.addAttribute("currentView", "detail");
addFlashMessage(request, model);
view = new ModelAndView("user.detail", model);
builder = Response.ok();
} catch (UserNotFoundException e) {
logger.warn("User not found", e);
view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage());
builder = Response.serverError();
}
return builder.entity(view).build();
}
@POST
@Path("provider")
public Response changeProviderStatus(@Context UriInfo uri, @Context HttpServletRequest request) {
ModelAndView view;
ResponseBuilder builder;
User currentUser;
URI redirectURI;
try {
currentUser = getCurrentUser();
boolean wasProvider = currentUser.isProvider();
getUserBo().changeProviderStatus(currentUser.getUserName());
redirectURI = UriBuilder.fromUri(uri.getBaseUri()).path("account").build();
String flashMessage;
if (wasProvider) {
flashMessage = "You are <strong>not</strong> a provider anymore.";
} else {
flashMessage = "You are a provider now.";
}
setFlashMessage(request, flashMessage);
builder = Response.seeOther(redirectURI);
} catch (UserNotFoundException e) {
logger.warn("User not found", e);
view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage());
builder = Response.serverError().entity(view);
} catch (NotAuthorizedException e) {
logger.info("User unauthorized", e);
view = buildErrorView(Status.UNAUTHORIZED, e.getMessage());
builder = Response.status(Status.UNAUTHORIZED).entity(view);
}
return builder.build();
}
@POST
@Produces(MediaType.TEXT_HTML)
@Path("delete")
public Response deleteView(@Context HttpServletRequest request, @Context UriInfo uri) {
HttpSession session;
ModelAndView view;
ResponseBuilder builder;
URI redirectURI;
try {
User user = getCurrentUser();
getUserBo().delete(user.getUserName());
session = request.getSession();
// TODO: Delete all the user's session
synchronized (session) {
session.invalidate();
}
redirectURI = UriBuilder.fromUri(uri.getBaseUri()).path("login").queryParam("out", 2).build();
builder = Response.seeOther(redirectURI);
} catch (UserNotFoundException e) {
logger.warn("User not found", e);
view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage());
builder = Response.serverError().entity(view);
} catch (NotAuthorizedException e) {
logger.info("User unauthorized", e);
view = buildErrorView(Status.UNAUTHORIZED, e.getMessage());
builder = Response.status(Status.UNAUTHORIZED).entity(view);
}
return builder.build();
}
@POST
@Produces(MediaType.TEXT_HTML)
public Response updateView(
@Context UriInfo uri,
@Context HttpServletRequest request,
@FormParam("userName") String userName,
@FormParam("displayName") String displayName,
@FormParam("email") String email,
@FormParam("company") String company) {
ModelAndView view;
ModelMap model = new ModelMap();
ResponseBuilder builder;
User user = new User();
User currentUser;
URI redirectURI;
try {
currentUser = getCurrentUser();
model.addAttribute("user", currentUser);
model.addAttribute("title", "Account Settings - " + getContextName());
user.setDisplayName(displayName);
user.setEmail(email);
if (!company.isEmpty()) {
user.setCompany(company);
}
getUserBo().update(userName, user);
redirectURI = UriBuilder.fromUri(uri.getBaseUri()).path("account").build();
setFlashMessage(request, "Your profile was updated successfully.");
builder = Response.seeOther(redirectURI);
} catch (UserNotFoundException e) {
logger.warn("User not found", e);
view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage());
builder = Response.serverError().entity(view);
} catch (NotAuthorizedException e) {
logger.info("User unauthorized", e);
view = buildErrorView(Status.UNAUTHORIZED, e.getMessage());
builder = Response.status(Status.UNAUTHORIZED).entity(view);
} catch (ValidationException e) {
logger.info("A form field is not valid", e);
Map<String, String> formInfo = new HashMap<String, String>();
formInfo.put("userName", userName);
formInfo.put("displayName", displayName);
formInfo.put("email", email);
formInfo.put("company", company);
model.addAttribute("form_data", formInfo);
model.addAttribute("form_error", e);
view = new ModelAndView("user.detail", model);
builder = Response.status(Status.BAD_REQUEST).entity(view);
}
return builder.build();
}
@POST
@Produces(MediaType.TEXT_HTML)
@Path("password")
public Response updatePasswordView(
@Context UriInfo uri,
@Context HttpServletRequest request,
@FormParam("oldPassword") String oldPassword,
@FormParam("password") String password,
@FormParam("passwordConfirm") String passwordConfirm) {
HttpSession session;
ModelAndView view;
ModelMap model = new ModelMap();
ResponseBuilder builder;
User user = new User();
User currentUser;
URI redirectURI;
try {
currentUser = getCurrentUser();
model.addAttribute("user", currentUser);
model.addAttribute("title", "Credentials - " + getContextName());
user.setPassword(password);
// Validate old password
if (!getUserBo().checkCurrentUserPassword(oldPassword)) {
throw new ValidationException("oldPassword", "The password given is not valid.");
}
// Exception risen if passwords don't match
checkPasswordConfirmation(password, passwordConfirm);
getUserBo().update(currentUser.getUserName(), user);
session = request.getSession();
// TODO: Invalidate all the user's session
synchronized (session) {
session.invalidate();
}
redirectURI = UriBuilder.fromUri(uri.getBaseUri()).path("login").queryParam("out", 3).build();
builder = Response.seeOther(redirectURI);
} catch (UserNotFoundException e) {
logger.warn("User not found", e);
view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage());
builder = Response.serverError().entity(view);
} catch (NotAuthorizedException e) {
logger.info("User unauthorized", e);
view = buildErrorView(Status.UNAUTHORIZED, e.getMessage());
builder = Response.status(Status.UNAUTHORIZED).entity(view);
} catch (ValidationException e) {
logger.info("A form field is not valid", e);
model.addAttribute("form_error", e);
view = new ModelAndView("user.credentials", model);
builder = Response.status(Status.BAD_REQUEST).entity(view);
}
return builder.build();
}