/** * Find a {@link UserNotifications} in the database. * * @param notificationId the id of the {@link UserNotifications}. * @return the {@link UserNotifications}. */ @RolesAllowed({"ADMIN", "USER"}) @TransactionAttribute(TransactionAttributeType.REQUIRED) public UserNotifications getNotification(int notificationId) { User user = auth.getCurrentUser(); UserNotifications userNotifications = null; try { userNotifications = em.createQuery( "SELECT un FROM UserNotifications un WHERE un.userId = :userId " + "AND un.notificationId = :notificationId", UserNotifications.class) .setParameter("userId", user.getLogin()) .setParameter("notificationId", notificationId) .getSingleResult(); } catch (NoResultException nre) { return null; } userNotifications.setReaded(true); em.persist(userNotifications); return userNotifications; }
/** * Remove the {@link User} in the database. * * @param login the {@link User} login. * @throws EJBTransactionRolledbackException if the {@link User} is null or the currently * identified {@link User} is not admin. */ @RolesAllowed("ADMIN") @TransactionAttribute(TransactionAttributeType.REQUIRED) public void removeUser(final String login) throws EJBTransactionRolledbackException { User user = em.find(User.class, login); User currentUser = auth.getCurrentUser(); if (user == null) { throw new EJBTransactionRolledbackException("User cannot be null"); } if (!currentUser.getRole().equals(Role.ADMIN)) { throw new EJBTransactionRolledbackException("User must be admin."); } em.createNativeQuery("DELETE FROM EventAttendees WHERE user_login = ?") .setParameter(1, user.getLogin()) .executeUpdate(); em.createQuery("DELETE FROM UserNotifications WHERE user = :user") .setParameter("user", user) .executeUpdate(); em.createQuery("DELETE FROM User u WHERE u.login = :login") .setParameter("login", login) .executeUpdate(); }
/** * Get all the {@link UserNotifications} by the current {@link User}. * * @return a list with {@link UserNotifications}. */ @RolesAllowed({"ADMIN", "USER"}) public List<UserNotifications> getNotifications() { User user = auth.getCurrentUser(); return em.createQuery( "SELECT un FROM UserNotifications un WHERE un.userId = :login", UserNotifications.class) .setParameter("login", user.getLogin()) .getResultList(); }
/** * Count the unread {@link UserNotifications} by the current {@link User}. * * @return a number of unread {@link UserNotifications} */ @RolesAllowed({"ADMIN", "USER"}) public Long countUnreadNotifications() { User user = auth.getCurrentUser(); return em.createQuery( "SELECT COUNT (un) FROM UserNotifications un WHERE un.userId = :login " + "AND un.readed = false", Long.class) .setParameter("login", user.getLogin()) .getSingleResult(); }
/** * Gets all the {@link User} in the database. * * @return The {@link List} with all the {@link User} sorted alphabetically. * @throws EJBTransactionRolledbackException if the currently identified {@link User} is not * admin. */ @RolesAllowed("ADMIN") public List<User> getUsers() throws EJBTransactionRolledbackException { User currentUser = auth.getCurrentUser(); if (!currentUser.getRole().equals(Role.ADMIN)) { throw new EJBTransactionRolledbackException("User must be admin."); } return em.createQuery( "SELECT u FROM User u ORDER BY u.completeName ASC, u.login ASC", User.class) .getResultList(); }
@RolesAllowed({"ADMIN", "USER"}) @TransactionAttribute(TransactionAttributeType.REQUIRED) public User update(final User user) throws IllegalArgumentException, SecurityException, EmailDuplicateException { isTrue(nonNull(user), "User cannot be null"); final User current = auth.getCurrentUser(); final User persisted = get(user.getLogin()).orElseThrow(IllegalArgumentException::new); if (current.getRole().equals(USER)) { if (!current.equals(user)) throw new SecurityException("You are not allowed to update other users."); if (!user.getRole().equals(USER)) throw new SecurityException("You are not allowed to change your Role"); } if (!persisted.getEmail().equals(user.getEmail()) && checkEmail(user.getEmail())) throw new EmailDuplicateException("Email already present in database"); return em.merge(user); }