@Override
@RequestMapping(value = "/admin/suspendAccount", method = RequestMethod.POST)
public ResponseEntity suspendAccount(
@RequestBody AccountSuspensionInfo suspendInfo,
@RequestHeader(value = "token") String token) {
String actionName = "AdminControllerImpl.suspendAccount";
try {
if (!sessionService.isSessionActive(token)) {
return new ResponseEntity<>(HttpStatus.FORBIDDEN);
}
String userRoleForToken = sessionService.getUserRoleByToken(token);
String usernameForToken = sessionService.getUsernameByToken(token);
try {
if (permissionService.isOperationAvailable(actionName, userRoleForToken)) {
adminService.suspendAccount(suspendInfo);
auditService.addEvent(
new AuditItem(
usernameForToken,
actionName,
suspendInfo.toString(),
Constants.ADMIN_SUSPEND,
true));
return new ResponseEntity<>(HttpStatus.OK);
} else {
auditService.addEvent(
new AuditItem(
usernameForToken,
actionName,
suspendInfo.toString(),
Constants.NO_PERMISSION,
false));
return new ResponseEntity<>(HttpStatus.UNAUTHORIZED);
}
} catch (ServiceException serviceException) {
auditService.addEvent(
new AuditItem(
usernameForToken,
actionName,
suspendInfo.toString(),
serviceException.getMessage(),
false));
return new ResponseEntity<>(serviceException.getMessage(), HttpStatus.UNPROCESSABLE_ENTITY);
} catch (NotFoundException notFoundException) {
auditService.addEvent(
new AuditItem(
usernameForToken,
actionName,
suspendInfo.toString(),
notFoundException.getMessage(),
false));
return new ResponseEntity<>(notFoundException.getMessage(), HttpStatus.NOT_FOUND);
}
} catch (ServiceException serviceException) {
return new ResponseEntity<>(serviceException.getMessage(), HttpStatus.UNPROCESSABLE_ENTITY);
}
}
