common/securis.git

..	..	@@ -46,210 +46,204 @@
46	46	@Path("/user")
47	47	public class UserResource {
48	48
49		- @Inject
50		- TokenHelper tokenHelper;
	49	+ @Inject
	50	+ TokenHelper tokenHelper;
51	51
52		- @Inject
53		- Provider<EntityManager> emProvider;
	52	+ @Inject
	53	+ Provider<EntityManager> emProvider;
54	54
55		- // private LicenseHelper licenseHelper = InjectorFactory.getInjector().getInstance(LicenseHelper.class);
56		- private static final Logger LOG = LogManager.getLogger(UserResource.class);
	55	+ private static final Logger LOG = LogManager.getLogger(UserResource.class);
57	56
58		- public UserResource() {
59		- }
	57	+ public UserResource() {}
60	58
61		- /**
62		- *
63		- * @return the server version in format majorVersion.minorVersion
64		- */
65		- @GET
66		- @Path("/")
67		- @Produces(
68		- { MediaType.APPLICATION_JSON })
69		- public Response index() {
70		- LOG.info("Getting users list ");
	59	+ /**
	60	+ *
	61	+ * @return the server version in format majorVersion.minorVersion
	62	+ */
	63	+ @GET
	64	+ @Path("/")
	65	+ @Produces({ MediaType.APPLICATION_JSON })
	66	+ public Response index() {
	67	+ LOG.info("Getting users list ");
71	68
72		- EntityManager em = emProvider.get();
73		- TypedQuery<User> q = em.createNamedQuery("list-users", User.class);
	69	+ EntityManager em = emProvider.get();
	70	+ TypedQuery<User> q = em.createNamedQuery("list-users", User.class);
74	71
75		- List<User> list = q.getResultList();
	72	+ List<User> list = q.getResultList();
76	73
77		- return Response.ok(list).build();
78		- }
	74	+ return Response.ok(list).build();
	75	+ }
79	76
80		- /**
81		- *
82		- * @return The user
83		- */
84		- @GET
85		- @Path("/{uid}")
86		- @Produces(
87		- { MediaType.APPLICATION_JSON })
88		- public Response get(@PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
89		- LOG.info("Getting user data for id: {}: ", uid);
90		- if (uid == null \|\| uid.equals("")) {
91		- LOG.error("User ID is mandatory");
92		- return Response.status(Status.NOT_FOUND).build();
93		- }
	77	+ /**
	78	+ *
	79	+ * @return The user
	80	+ */
	81	+ @GET
	82	+ @Path("/{uid}")
	83	+ @Produces({ MediaType.APPLICATION_JSON })
	84	+ public Response get(@PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
	85	+ LOG.info("Getting user data for id: {}: ", uid);
	86	+ if (uid == null \|\| "".equals(uid)) {
	87	+ LOG.error("User ID is mandatory");
	88	+ return Response.status(Status.NOT_FOUND).build();
	89	+ }
94	90
95		- EntityManager em = emProvider.get();
96		- User lt = em.find(User.class, uid);
97		- if (lt == null) {
98		- LOG.error("User with id {} not found in DB", uid);
99		- return Response.status(Status.NOT_FOUND).build();
100		- }
101		- return Response.ok(lt).build();
102		- }
	91	+ EntityManager em = emProvider.get();
	92	+ User lt = em.find(User.class, uid);
	93	+ if (lt == null) {
	94	+ LOG.error("User with id {} not found in DB", uid);
	95	+ return Response.status(Status.NOT_FOUND).build();
	96	+ }
	97	+ return Response.ok(lt).build();
	98	+ }
103	99
104		- @POST
105		- @Path("/")
106		- @Consumes(MediaType.APPLICATION_JSON)
107		- @Produces(
108		- { MediaType.APPLICATION_JSON })
109		- @Transactional
110		- public Response create(User user, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
111		- LOG.info("Creating new user");
112		- EntityManager em = emProvider.get();
113		- User currentUser = em.find(User.class, user.getUsername());
114		- if (currentUser != null) {
115		- LOG.info("User with id {} was found in DB, we'll try to modify it", user.getUsername());
116		- return modify(user, user.getUsername(), token);
117		- }
118		-
119		- try {
120		- this.setUserOrg(user, user.getOrgsIds(), em);
121		- } catch (SeCurisException e) {
122		- return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
123		- }
124		- user.setModificationTimestamp(new Date());
125		- user.setLastLogin(null);
126		- user.setCreationTimestamp(new Date());
127		- em.persist(user);
	100	+ @POST
	101	+ @Path("/")
	102	+ @Consumes(MediaType.APPLICATION_JSON)
	103	+ @Produces({ MediaType.APPLICATION_JSON })
	104	+ @Transactional
	105	+ public Response create(User user, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
	106	+ LOG.info("Creating new user");
	107	+ EntityManager em = emProvider.get();
	108	+ User currentUser = em.find(User.class, user.getUsername());
	109	+ if (currentUser != null) {
	110	+ LOG.info("User with id {} was found in DB, we'll try to modify it", user.getUsername());
	111	+ return modify(user, user.getUsername(), token);
	112	+ }
128	113
129		- return Response.ok(user).build();
130		- }
131		-
132		- private void setUserOrg(User user, Set<Integer> orgsIds, EntityManager em) throws SeCurisException {
133		- Set<Organization> orgs = null;
134		- if (orgsIds != null && orgsIds.size() > 0) {
135		- orgs = new HashSet<>();
136		- for (Integer orgId : orgsIds) {
137		- Organization o = em.find(Organization.class, orgId);
138		- if (o == null) {
139		- LOG.error("User organization with id {} not found in DB", orgId);
140		- throw new SeCurisException("User's organization not found with ID: " + orgId);
141		- }
142		- orgs.add(o);
143		- }
144		- }
	114	+ try {
	115	+ this.setUserOrg(user, user.getOrgsIds(), em);
	116	+ } catch (SeCurisException e) {
	117	+ return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
	118	+ }
	119	+ user.setModificationTimestamp(new Date());
	120	+ user.setLastLogin(null);
	121	+ user.setCreationTimestamp(new Date());
	122	+ em.persist(user);
145	123
146		- user.setOrganizations(orgs);
	124	+ return Response.ok(user).build();
	125	+ }
147	126
148		- }
	127	+ private void setUserOrg(User user, Set<Integer> orgsIds, EntityManager em) throws SeCurisException {
	128	+ Set<Organization> orgs = null;
	129	+ if (orgsIds != null && orgsIds.size() > 0) {
	130	+ orgs = new HashSet<>();
	131	+ for (Integer orgId : orgsIds) {
	132	+ Organization o = em.find(Organization.class, orgId);
	133	+ if (o == null) {
	134	+ LOG.error("User organization with id {} not found in DB", orgId);
	135	+ throw new SeCurisException("User's organization not found with ID: " + orgId);
	136	+ }
	137	+ orgs.add(o);
	138	+ }
	139	+ }
149	140
150		- @PUT
151		- @POST
152		- @Path("/{uid}")
153		- @Transactional
154		- @Consumes(MediaType.APPLICATION_JSON)
155		- @Produces(
156		- { MediaType.APPLICATION_JSON })
157		- public Response modify(User user, @PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
158		- LOG.info("Modifying user with id: {}", uid);
159		- EntityManager em = emProvider.get();
160		- User currentUser = em.find(User.class, uid);
161		- if (currentUser == null) {
162		- LOG.info("User with id {} not found in DB, we'll try to create it", uid);
163		- return create(user, token);
164		- }
	141	+ user.setOrganizations(orgs);
165	142
166		- try {
167		- this.setUserOrg(currentUser, user.getOrgsIds(), em);
168		- } catch (SeCurisException e) {
169		- return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
170		- }
171		- currentUser.setFirstName(user.getFirstName());
172		- currentUser.setLastName(user.getLastName());
173		- currentUser.setRoles(user.getRoles());
174		- currentUser.setLang(user.getLang());
175		- currentUser.setModificationTimestamp(new Date());
176		- currentUser.setPassword(user.getPassword());
177		- currentUser.setLastLogin(user.getLastLogin());
	143	+ }
178	144
179		- em.persist(currentUser);
	145	+ @PUT
	146	+ @POST
	147	+ @Path("/{uid}")
	148	+ @Transactional
	149	+ @Consumes(MediaType.APPLICATION_JSON)
	150	+ @Produces({ MediaType.APPLICATION_JSON })
	151	+ public Response modify(User user, @PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
	152	+ LOG.info("Modifying user with id: {}", uid);
	153	+ EntityManager em = emProvider.get();
	154	+ User currentUser = em.find(User.class, uid);
	155	+ if (currentUser == null) {
	156	+ LOG.info("User with id {} not found in DB, we'll try to create it", uid);
	157	+ return create(user, token);
	158	+ }
180	159
181		- return Response.ok(currentUser).build();
182		- }
	160	+ try {
	161	+ this.setUserOrg(currentUser, user.getOrgsIds(), em);
	162	+ } catch (SeCurisException e) {
	163	+ return Response.status(Status.NOT_FOUND).header(DefaultExceptionHandler.ERROR_MESSAGE_HEADER, e.getMessage()).build();
	164	+ }
	165	+ currentUser.setFirstName(user.getFirstName());
	166	+ currentUser.setLastName(user.getLastName());
	167	+ currentUser.setRoles(user.getRoles());
	168	+ currentUser.setLang(user.getLang());
	169	+ currentUser.setModificationTimestamp(new Date());
	170	+ currentUser.setPassword(user.getPassword());
	171	+ currentUser.setLastLogin(user.getLastLogin());
183	172
184		- @DELETE
185		- @Path("/{uid}")
186		- @Transactional
187		- @Produces(
188		- { MediaType.APPLICATION_JSON })
189		- public Response delete(@PathParam("uid") String uid, @Context HttpServletRequest request) {
190		- LOG.info("Deleting app with id: {}", uid);
191		- EntityManager em = emProvider.get();
192		- User app = em.find(User.class, uid);
193		- if (app == null) {
194		- LOG.error("User with id {} can not be deleted, It was not found in DB", uid);
195		- return Response.status(Status.NOT_FOUND).build();
196		- }
	173	+ em.persist(currentUser);
197	174
198		- em.remove(app);
199		- return Response.ok(Utils.createMap("success", true, "id", uid)).build();
200		- }
	175	+ return Response.ok(currentUser).build();
	176	+ }
201	177
202		- @POST
203		- @Path("/login")
204		- @Produces(
205		- { MediaType.APPLICATION_JSON })
206		- public Response login(@FormParam("username") String user, @FormParam("password") String password, @Context HttpServletRequest request) {
207		- LOG.info("index session: " + request.getSession());
208		- LOG.info("user: {}, pass: {}", user, password);
209		- LOG.info("is user in role: {} == {} ? ", "advance", request.isUserInRole("advance"));
	178	+ @DELETE
	179	+ @Path("/{uid}")
	180	+ @Transactional
	181	+ @Produces({ MediaType.APPLICATION_JSON })
	182	+ public Response delete(@PathParam("uid") String uid, @Context HttpServletRequest request) {
	183	+ LOG.info("Deleting app with id: {}", uid);
	184	+ EntityManager em = emProvider.get();
	185	+ User app = em.find(User.class, uid);
	186	+ if (app == null) {
	187	+ LOG.error("User with id {} can not be deleted, It was not found in DB", uid);
	188	+ return Response.status(Status.NOT_FOUND).build();
	189	+ }
210	190
211		- if ("no".equals(password))
212		- return Response.status(Status.UNAUTHORIZED).build();
213		- String tokenAuth = tokenHelper.generateToken(user);
214		- return Response.ok(Utils.createMap("success", true, "token", tokenAuth)).build();
215		- }
	191	+ em.remove(app);
	192	+ return Response.ok(Utils.createMap("success", true, "id", uid)).build();
	193	+ }
216	194
217		- /**
218		- * Check if current token is valid
219		- *
220		- * @param user
221		- * @param password
222		- * @param request
223		- * @return
224		- */
225		- @POST
226		- @Path("/check")
227		- @Produces(
228		- { MediaType.APPLICATION_JSON })
229		- public Response check(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token, @QueryParam("token") String token2) {
230		- if (token == null)
231		- token = token2;
232		- if (token == null)
233		- return Response.status(Status.FORBIDDEN).build();
	195	+ @POST
	196	+ @Path("/login")
	197	+ @Produces({ MediaType.APPLICATION_JSON })
	198	+ public Response login(@FormParam("username") String user, @FormParam("password") String password, @Context HttpServletRequest request) {
	199	+ LOG.info("index session: " + request.getSession());
	200	+ LOG.info("user: {}, pass: {}", user, password);
	201	+ LOG.info("is user in role: {} == {} ? ", "advance", request.isUserInRole("advance"));
234	202
235		- LOG.info("Token : " + token);
236		- String user = tokenHelper.extractUserFromToken(token);
237		- LOG.info("Token user: " + user);
238		- Date date = tokenHelper.extractDateCreationFromToken(token);
239		- LOG.info("Token date: " + date);
240		- boolean valid = tokenHelper.isTokenValid(token);
	203	+ if ("no".equals(password)) {
	204	+ // TODO: Code to test exception handling
	205	+ return Response.status(Status.UNAUTHORIZED).build();
	206	+ }
	207	+ String tokenAuth = tokenHelper.generateToken(user);
	208	+ return Response.ok(Utils.createMap("success", true, "token", tokenAuth)).build();
	209	+ }
241	210
242		- LOG.info("Is Token valid: " + valid);
	211	+ /**
	212	+ * Check if current token is valid
	213	+ *
	214	+ * @param user
	215	+ * @param password
	216	+ * @param request
	217	+ * @return
	218	+ */
	219	+ @POST
	220	+ @Path("/check")
	221	+ @Produces({ MediaType.APPLICATION_JSON })
	222	+ public Response check(@HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token, @QueryParam("token") String token2) {
	223	+ if (token == null) {
	224	+ token = token2;
	225	+ }
	226	+ if (token == null) {
	227	+ return Response.status(Status.FORBIDDEN).build();
	228	+ }
243	229
244		- return Response.ok(Utils.createMap("valid", true, "user", user, "date", date, "token", token)).build();
245		- }
	230	+ LOG.info("Token : " + token);
	231	+ String user = tokenHelper.extractUserFromToken(token);
	232	+ LOG.info("Token user: " + user);
	233	+ Date date = tokenHelper.extractDateCreationFromToken(token);
	234	+ LOG.info("Token date: " + date);
	235	+ boolean valid = tokenHelper.isTokenValid(token);
246	236
247		- @GET
248		- @Path("/logout")
249		- @Produces(
250		- { MediaType.APPLICATION_JSON })
251		- public Response logout(@Context HttpServletRequest request) {
252		- request.getSession().invalidate();
253		- return Response.ok().build();
254		- }
	237	+ LOG.info("Is Token valid: " + valid);
	238	+
	239	+ return Response.ok(Utils.createMap("valid", true, "user", user, "date", date, "token", token)).build();
	240	+ }
	241	+
	242	+ @GET
	243	+ @Path("/logout")
	244	+ @Produces({ MediaType.APPLICATION_JSON })
	245	+ public Response logout(@Context HttpServletRequest request) {
	246	+ request.getSession().invalidate();
	247	+ return Response.ok().build();
	248	+ }
255	249	}