@POST @Path("provider") public Response changeProviderStatus(@Context UriInfo uri, @Context HttpServletRequest request) { ModelAndView view; ResponseBuilder builder; User currentUser; URI redirectURI; try { currentUser = getCurrentUser(); boolean wasProvider = currentUser.isProvider(); getUserBo().changeProviderStatus(currentUser.getUserName()); redirectURI = UriBuilder.fromUri(uri.getBaseUri()).path("account").build(); String flashMessage; if (wasProvider) { flashMessage = "You are <strong>not</strong> a provider anymore."; } else { flashMessage = "You are a provider now."; } setFlashMessage(request, flashMessage); builder = Response.seeOther(redirectURI); } catch (UserNotFoundException e) { logger.warn("User not found", e); view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage()); builder = Response.serverError().entity(view); } catch (NotAuthorizedException e) { logger.info("User unauthorized", e); view = buildErrorView(Status.UNAUTHORIZED, e.getMessage()); builder = Response.status(Status.UNAUTHORIZED).entity(view); } return builder.build(); }
@POST @Produces(MediaType.TEXT_HTML) @Path("delete") public Response deleteView(@Context HttpServletRequest request, @Context UriInfo uri) { HttpSession session; ModelAndView view; ResponseBuilder builder; URI redirectURI; try { User user = getCurrentUser(); getUserBo().delete(user.getUserName()); session = request.getSession(); // TODO: Delete all the user's session synchronized (session) { session.invalidate(); } redirectURI = UriBuilder.fromUri(uri.getBaseUri()).path("login").queryParam("out", 2).build(); builder = Response.seeOther(redirectURI); } catch (UserNotFoundException e) { logger.warn("User not found", e); view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage()); builder = Response.serverError().entity(view); } catch (NotAuthorizedException e) { logger.info("User unauthorized", e); view = buildErrorView(Status.UNAUTHORIZED, e.getMessage()); builder = Response.status(Status.UNAUTHORIZED).entity(view); } return builder.build(); }
@POST @Produces(MediaType.TEXT_HTML) public Response updateView( @Context UriInfo uri, @Context HttpServletRequest request, @FormParam("userName") String userName, @FormParam("displayName") String displayName, @FormParam("email") String email, @FormParam("company") String company) { ModelAndView view; ModelMap model = new ModelMap(); ResponseBuilder builder; User user = new User(); User currentUser; URI redirectURI; try { currentUser = getCurrentUser(); model.addAttribute("user", currentUser); model.addAttribute("title", "Account Settings - " + getContextName()); user.setDisplayName(displayName); user.setEmail(email); if (!company.isEmpty()) { user.setCompany(company); } getUserBo().update(userName, user); redirectURI = UriBuilder.fromUri(uri.getBaseUri()).path("account").build(); setFlashMessage(request, "Your profile was updated successfully."); builder = Response.seeOther(redirectURI); } catch (UserNotFoundException e) { logger.warn("User not found", e); view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage()); builder = Response.serverError().entity(view); } catch (NotAuthorizedException e) { logger.info("User unauthorized", e); view = buildErrorView(Status.UNAUTHORIZED, e.getMessage()); builder = Response.status(Status.UNAUTHORIZED).entity(view); } catch (ValidationException e) { logger.info("A form field is not valid", e); Map<String, String> formInfo = new HashMap<String, String>(); formInfo.put("userName", userName); formInfo.put("displayName", displayName); formInfo.put("email", email); formInfo.put("company", company); model.addAttribute("form_data", formInfo); model.addAttribute("form_error", e); view = new ModelAndView("user.detail", model); builder = Response.status(Status.BAD_REQUEST).entity(view); } return builder.build(); }
@POST @Produces(MediaType.TEXT_HTML) @Path("password") public Response updatePasswordView( @Context UriInfo uri, @Context HttpServletRequest request, @FormParam("oldPassword") String oldPassword, @FormParam("password") String password, @FormParam("passwordConfirm") String passwordConfirm) { HttpSession session; ModelAndView view; ModelMap model = new ModelMap(); ResponseBuilder builder; User user = new User(); User currentUser; URI redirectURI; try { currentUser = getCurrentUser(); model.addAttribute("user", currentUser); model.addAttribute("title", "Credentials - " + getContextName()); user.setPassword(password); // Validate old password if (!getUserBo().checkCurrentUserPassword(oldPassword)) { throw new ValidationException("oldPassword", "The password given is not valid."); } // Exception risen if passwords don't match checkPasswordConfirmation(password, passwordConfirm); getUserBo().update(currentUser.getUserName(), user); session = request.getSession(); // TODO: Invalidate all the user's session synchronized (session) { session.invalidate(); } redirectURI = UriBuilder.fromUri(uri.getBaseUri()).path("login").queryParam("out", 3).build(); builder = Response.seeOther(redirectURI); } catch (UserNotFoundException e) { logger.warn("User not found", e); view = buildErrorView(Status.INTERNAL_SERVER_ERROR, e.getMessage()); builder = Response.serverError().entity(view); } catch (NotAuthorizedException e) { logger.info("User unauthorized", e); view = buildErrorView(Status.UNAUTHORIZED, e.getMessage()); builder = Response.status(Status.UNAUTHORIZED).entity(view); } catch (ValidationException e) { logger.info("A form field is not valid", e); model.addAttribute("form_error", e); view = new ModelAndView("user.credentials", model); builder = Response.status(Status.BAD_REQUEST).entity(view); } return builder.build(); }