common/securis.git

..	..	@@ -28,6 +28,7 @@
28	28
29	29	import net.curisit.integrity.commons.Utils;
30	30	import net.curisit.securis.DefaultExceptionHandler;
	31	+import net.curisit.securis.SeCurisException;
31	32	import net.curisit.securis.db.Organization;
32	33	import net.curisit.securis.db.User;
33	34	import net.curisit.securis.utils.TokenHelper;
..	..	@@ -52,7 +53,7 @@
52	53	Provider<EntityManager> emProvider;
53	54
54	55	// private LicenseHelper licenseHelper = InjectorFactory.getInjector().getInstance(LicenseHelper.class);
55		- private static final Logger log = LogManager.getLogger(UserResource.class);
	56	+ private static final Logger LOG = LogManager.getLogger(UserResource.class);
56	57
57	58	public UserResource() {
58	59	}
..	..	@@ -66,7 +67,7 @@
66	67	@Produces(
67	68	{ MediaType.APPLICATION_JSON })
68	69	public Response index() {
69		- log.info("Getting users list ");
	70	+ LOG.info("Getting users list ");
70	71
71	72	EntityManager em = emProvider.get();
72	73	TypedQuery<User> q = em.createNamedQuery("list-users", User.class);
..	..	@@ -85,16 +86,16 @@
85	86	@Produces(
86	87	{ MediaType.APPLICATION_JSON })
87	88	public Response get(@PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
88		- log.info("Getting user data for id: {}: ", uid);
	89	+ LOG.info("Getting user data for id: {}: ", uid);
89	90	if (uid == null \|\| uid.equals("")) {
90		- log.error("User ID is mandatory");
	91	+ LOG.error("User ID is mandatory");
91	92	return Response.status(Status.NOT_FOUND).build();
92	93	}
93	94
94	95	EntityManager em = emProvider.get();
95	96	User lt = em.find(User.class, uid);
96	97	if (lt == null) {
97		- log.error("User with id {} not found in DB", uid);
	98	+ LOG.error("User with id {} not found in DB", uid);
98	99	return Response.status(Status.NOT_FOUND).build();
99	100	}
100	101	return Response.ok(lt).build();
..	..	@@ -107,35 +108,43 @@
107	108	{ MediaType.APPLICATION_JSON })
108	109	@Transactional
109	110	public Response create(User user, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
110		- log.info("Creating new user");
	111	+ LOG.info("Creating new user");
111	112	EntityManager em = emProvider.get();
112	113	User currentUser = em.find(User.class, user.getUsername());
113	114	if (currentUser != null) {
114		- log.info("User with id {} was found in DB, we'll try to modify it", user.getUsername());
	115	+ LOG.info("User with id {} was found in DB, we'll try to modify it", user.getUsername());
115	116	return modify(user, user.getUsername(), token);
116	117	}
117		-
118		- Set<Organization> orgs = null;
119		- Set<Integer> orgsIds = user.getOrgsIds();
120		- if (orgsIds != null && orgsIds.size() > 0) {
121		- orgs = new HashSet<>();
122		- for (Integer orgId : orgsIds) {
123		- Organization o = em.find(Organization.class, orgId);
124		- if (o == null) {
125		- log.error("User organization with id {} not found in DB", orgId);
126		- return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, "User's organization not found with ID: " + orgId).build();
127		- }
128		- orgs.add(o);
129		- }
	118	+
	119	+ try {
	120	+ this.setUserOrg(user, user.getOrgsIds(), em);
	121	+ } catch (SeCurisException e) {
	122	+ return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
130	123	}
131		-
132		- user.setOrganizations(orgs);
133	124	user.setModificationTimestamp(new Date());
134	125	user.setLastLogin(null);
135	126	user.setCreationTimestamp(new Date());
136	127	em.persist(user);
137	128
138	129	return Response.ok(user).build();
	130	+ }
	131	+
	132	+ private void setUserOrg(User user, Set<Integer> orgsIds, EntityManager em) throws SeCurisException {
	133	+ Set<Organization> orgs = null;
	134	+ if (orgsIds != null && orgsIds.size() > 0) {
	135	+ orgs = new HashSet<>();
	136	+ for (Integer orgId : orgsIds) {
	137	+ Organization o = em.find(Organization.class, orgId);
	138	+ if (o == null) {
	139	+ LOG.error("User organization with id {} not found in DB", orgId);
	140	+ throw new SeCurisException("User's organization not found with ID: " + orgId);
	141	+ }
	142	+ orgs.add(o);
	143	+ }
	144	+ }
	145	+
	146	+ user.setOrganizations(orgs);
	147	+
139	148	}
140	149
141	150	@PUT
..	..	@@ -146,29 +155,19 @@
146	155	@Produces(
147	156	{ MediaType.APPLICATION_JSON })
148	157	public Response modify(User user, @PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
149		- log.info("Modifying user with id: {}", uid);
	158	+ LOG.info("Modifying user with id: {}", uid);
150	159	EntityManager em = emProvider.get();
151	160	User currentUser = em.find(User.class, uid);
152	161	if (currentUser == null) {
153		- log.info("User with id {} not found in DB, we'll try to create it", uid);
	162	+ LOG.info("User with id {} not found in DB, we'll try to create it", uid);
154	163	return create(user, token);
155	164	}
156	165
157		- Set<Organization> orgs = null;
158		- Set<Integer> orgsIds = user.getOrgsIds();
159		- if (orgsIds != null && orgsIds.size() > 0) {
160		- orgs = new HashSet<>();
161		- for (Integer orgId : orgsIds) {
162		- Organization o = em.find(Organization.class, orgId);
163		- if (o == null) {
164		- log.error("User organization with id {} not found in DB", orgId);
165		- return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, "User's user not found with ID: " + orgId).build();
166		- }
167		- orgs.add(o);
168		- }
	166	+ try {
	167	+ this.setUserOrg(currentUser, user.getOrgsIds(), em);
	168	+ } catch (SeCurisException e) {
	169	+ return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
169	170	}
170		-
171		- currentUser.setOrganizations(orgs);
172	171	currentUser.setFirstName(user.getFirstName());
173	172	currentUser.setLastName(user.getLastName());
174	173	currentUser.setRoles(user.getRoles());
..	..	@@ -188,11 +187,11 @@
188	187	@Produces(
189	188	{ MediaType.APPLICATION_JSON })
190	189	public Response delete(@PathParam("uid") String uid, @Context HttpServletRequest request) {
191		- log.info("Deleting app with id: {}", uid);
	190	+ LOG.info("Deleting app with id: {}", uid);
192	191	EntityManager em = emProvider.get();
193	192	User app = em.find(User.class, uid);
194	193	if (app == null) {
195		- log.error("User with id {} can not be deleted, It was not found in DB", uid);
	194	+ LOG.error("User with id {} can not be deleted, It was not found in DB", uid);
196	195	return Response.status(Status.NOT_FOUND).build();
197	196	}
198	197
..	..	@@ -205,9 +204,9 @@
205	204	@Produces(
206	205	{ MediaType.APPLICATION_JSON })
207	206	public Response login(@FormParam("username") String user, @FormParam("password") String password, @Context HttpServletRequest request) {
208		- log.info("index session: " + request.getSession());
209		- log.info("user: {}, pass: {}", user, password);
210		- log.info("is user in role: {} == {} ? ", "advance", request.isUserInRole("advance"));
	207	+ LOG.info("index session: " + request.getSession());
	208	+ LOG.info("user: {}, pass: {}", user, password);
	209	+ LOG.info("is user in role: {} == {} ? ", "advance", request.isUserInRole("advance"));
211	210
212	211	if ("no".equals(password))
213	212	return Response.status(Status.UNAUTHORIZED).build();
..	..	@@ -233,14 +232,14 @@
233	232	if (token == null)
234	233	return Response.status(Status.FORBIDDEN).build();
235	234
236		- log.info("Token : " + token);
	235	+ LOG.info("Token : " + token);
237	236	String user = tokenHelper.extractUserFromToken(token);
238		- log.info("Token user: " + user);
	237	+ LOG.info("Token user: " + user);
239	238	Date date = tokenHelper.extractDateCreationFromToken(token);
240		- log.info("Token date: " + date);
	239	+ LOG.info("Token date: " + date);
241	240	boolean valid = tokenHelper.isTokenValid(token);
242	241
243		- log.info("Is Token valid: " + valid);
	242	+ LOG.info("Is Token valid: " + valid);
244	243
245	244	return Response.ok(Utils.createMap("valid", true, "user", user, "date", date, "token", token)).build();
246	245	}