/**
* Find a {@link UserNotifications} in the database.
*
* @param notificationId the id of the {@link UserNotifications}.
* @return the {@link UserNotifications}.
*/
@RolesAllowed({"ADMIN", "USER"})
@TransactionAttribute(TransactionAttributeType.REQUIRED)
public UserNotifications getNotification(int notificationId) {
User user = auth.getCurrentUser();
UserNotifications userNotifications = null;
try {
userNotifications =
em.createQuery(
"SELECT un FROM UserNotifications un WHERE un.userId = :userId "
+ "AND un.notificationId = :notificationId",
UserNotifications.class)
.setParameter("userId", user.getLogin())
.setParameter("notificationId", notificationId)
.getSingleResult();
} catch (NoResultException nre) {
return null;
}
userNotifications.setReaded(true);
em.persist(userNotifications);
return userNotifications;
}
/**
* Remove the {@link User} in the database.
*
* @param login the {@link User} login.
* @throws EJBTransactionRolledbackException if the {@link User} is null or the currently
* identified {@link User} is not admin.
*/
@RolesAllowed("ADMIN")
@TransactionAttribute(TransactionAttributeType.REQUIRED)
public void removeUser(final String login) throws EJBTransactionRolledbackException {
User user = em.find(User.class, login);
User currentUser = auth.getCurrentUser();
if (user == null) {
throw new EJBTransactionRolledbackException("User cannot be null");
}
if (!currentUser.getRole().equals(Role.ADMIN)) {
throw new EJBTransactionRolledbackException("User must be admin.");
}
em.createNativeQuery("DELETE FROM EventAttendees WHERE user_login = ?")
.setParameter(1, user.getLogin())
.executeUpdate();
em.createQuery("DELETE FROM UserNotifications WHERE user = :user")
.setParameter("user", user)
.executeUpdate();
em.createQuery("DELETE FROM User u WHERE u.login = :login")
.setParameter("login", login)
.executeUpdate();
}
/**
* Get all the {@link UserNotifications} by the current {@link User}.
*
* @return a list with {@link UserNotifications}.
*/
@RolesAllowed({"ADMIN", "USER"})
public List<UserNotifications> getNotifications() {
User user = auth.getCurrentUser();
return em.createQuery(
"SELECT un FROM UserNotifications un WHERE un.userId = :login",
UserNotifications.class)
.setParameter("login", user.getLogin())
.getResultList();
}
/**
* Count the unread {@link UserNotifications} by the current {@link User}.
*
* @return a number of unread {@link UserNotifications}
*/
@RolesAllowed({"ADMIN", "USER"})
public Long countUnreadNotifications() {
User user = auth.getCurrentUser();
return em.createQuery(
"SELECT COUNT (un) FROM UserNotifications un WHERE un.userId = :login "
+ "AND un.readed = false",
Long.class)
.setParameter("login", user.getLogin())
.getSingleResult();
}
/**
* Gets all the {@link User} in the database.
*
* @return The {@link List} with all the {@link User} sorted alphabetically.
* @throws EJBTransactionRolledbackException if the currently identified {@link User} is not
* admin.
*/
@RolesAllowed("ADMIN")
public List<User> getUsers() throws EJBTransactionRolledbackException {
User currentUser = auth.getCurrentUser();
if (!currentUser.getRole().equals(Role.ADMIN)) {
throw new EJBTransactionRolledbackException("User must be admin.");
}
return em.createQuery(
"SELECT u FROM User u ORDER BY u.completeName ASC, u.login ASC", User.class)
.getResultList();
}
@RolesAllowed({"ADMIN", "USER"})
@TransactionAttribute(TransactionAttributeType.REQUIRED)
public User update(final User user)
throws IllegalArgumentException, SecurityException, EmailDuplicateException {
isTrue(nonNull(user), "User cannot be null");
final User current = auth.getCurrentUser();
final User persisted = get(user.getLogin()).orElseThrow(IllegalArgumentException::new);
if (current.getRole().equals(USER)) {
if (!current.equals(user))
throw new SecurityException("You are not allowed to update other users.");
if (!user.getRole().equals(USER))
throw new SecurityException("You are not allowed to change your Role");
}
if (!persisted.getEmail().equals(user.getEmail()) && checkEmail(user.getEmail()))
throw new EmailDuplicateException("Email already present in database");
return em.merge(user);
}
