blame | history | patch | commit | commitdiff
rsanchez
2015-01-28 da889d489da5d7fa8c71d9f21f24b1dc2e29d8e1 
 securis/src/main/java/net/curisit/securis/services/UserResource.java
....@@ -6,12 +6,13 @@
66 import java.util.Set;
77 
88 import javax.annotation.security.RolesAllowed;
9
+import javax.enterprise.context.RequestScoped;
910 import javax.inject.Inject;
10
-import javax.inject.Provider;
1111 import javax.persistence.EntityManager;
1212 import javax.persistence.PersistenceException;
1313 import javax.persistence.TypedQuery;
1414 import javax.servlet.http.HttpServletRequest;
15
+import javax.transaction.Transactional;
1516 import javax.ws.rs.Consumes;
1617 import javax.ws.rs.DELETE;
1718 import javax.ws.rs.FormParam;
....@@ -35,12 +36,12 @@
3536 import net.curisit.securis.db.User;
3637 import net.curisit.securis.security.BasicSecurityContext;
3738 import net.curisit.securis.security.Securable;
39
+import net.curisit.securis.services.exception.SeCurisServiceException;
40
+import net.curisit.securis.services.exception.SeCurisServiceException.ErrorCodes;
3841 import net.curisit.securis.utils.TokenHelper;
3942 
4043 import org.apache.logging.log4j.LogManager;
4144 import org.apache.logging.log4j.Logger;
42
-
43
-import com.google.inject.persist.Transactional;
4445 
4546 /**
4647  * User resource
....@@ -48,13 +49,14 @@
4849  * @author roberto <roberto.sanchez@curisit.net>
4950  */
5051 @Path("/user")
52
+@RequestScoped
5153 public class UserResource {
5254 
5355     @Inject
5456     TokenHelper tokenHelper;
5557 
5658     @Inject
57
-    Provider<EntityManager> emProvider;
59
+    EntityManager em;
5860 
5961     private static final Logger LOG = LogManager.getLogger(UserResource.class);
6062 
....@@ -75,7 +77,7 @@
7577     public Response index() {
7678         LOG.info("Getting users list ");
7779 
78
-        EntityManager em = emProvider.get();
80
+        // EntityManager em = emProvider.get();
7981         em.clear();
8082         TypedQuery<User> q = em.createNamedQuery("list-users", User.class);
8183 
....@@ -102,7 +104,7 @@
102104             return Response.status(Status.NOT_FOUND).build();
103105         }
104106 
105
-        EntityManager em = emProvider.get();
107
+        // EntityManager em = emProvider.get();
106108         em.clear();
107109         User lt = em.find(User.class, uid);
108110         if (lt == null) {
....@@ -123,7 +125,7 @@
123125     @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
124126     public Response create(User user, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
125127         LOG.info("Creating new user");
126
-        EntityManager em = emProvider.get();
128
+        // EntityManager em = emProvider.get();
127129         User currentUser = em.find(User.class, user.getUsername());
128130         if (currentUser != null) {
129131             LOG.info("User with id {} was found in DB, we'll try to modify it", user.getUsername());
....@@ -179,7 +181,7 @@
179181     @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
180182     public Response modify(User user, @PathParam("uid") String uid, @HeaderParam(TokenHelper.TOKEN_HEADER_PÀRAM) String token) {
181183         LOG.info("Modifying user with id: {}", uid);
182
-        EntityManager em = emProvider.get();
184
+        // EntityManager em = emProvider.get();
183185         User currentUser = em.find(User.class, uid);
184186         if (currentUser == null) {
185187             LOG.info("User with id {} not found in DB, we'll try to create it", uid);
....@@ -222,7 +224,7 @@
222224     @RolesAllowed(BasicSecurityContext.ROL_ADMIN)
223225     public Response delete(@PathParam("uid") String uid, @Context HttpServletRequest request) {
224226         LOG.info("Deleting app with id: {}", uid);
225
-        EntityManager em = emProvider.get();
227
+        // EntityManager em = emProvider.get();
226228         User app = em.find(User.class, uid);
227229         if (app == null) {
228230             LOG.error("User with id {} can not be deleted, It was not found in DB", uid);
....@@ -238,23 +240,23 @@
238240     @Produces({
239241         MediaType.APPLICATION_JSON
240242     })
241
-    public Response login(@FormParam("username") String username, @FormParam("password") String password, @Context HttpServletRequest request) {
243
+    public Response login(@FormParam("username") String username, @FormParam("password") String password, @Context HttpServletRequest request)
244
+            throws SeCurisServiceException {
242245         LOG.info("index session: " + request.getSession());
243246         LOG.info("user: {}, pass: {}", username, password);
244247         LOG.info("is user in role: {} == {} ? ", "advance", request.isUserInRole("advance"));
245248         LOG.info("is user in role: {} == {} ? ", "admin", request.isUserInRole("admin"));
246249 
247
-        EntityManager em = emProvider.get();
250
+        // EntityManager em = emProvider.get();
248251         User user = em.find(User.class, username);
249252         if (user == null) {
250253             LOG.error("Inknown username {} used in login service", username);
251
-            return Response.status(Status.UNAUTHORIZED).build();
254
+            throw new SeCurisServiceException(ErrorCodes.UNAUTHORIZED_ACCESS, "Wrong credentials");
252255         }
253256         String securedPassword = Utils.sha256(password);
254257 
255258         if (securedPassword == null || !securedPassword.equals(user.getPassword())) {
256
-            // TODO: Code to test exception handling
257
-            return Response.status(Status.UNAUTHORIZED).build();
259
+            throw new SeCurisServiceException(ErrorCodes.UNAUTHORIZED_ACCESS, "Wrong credentials");
258260         }
259261         user.setLastLogin(new Date());
260262         em.getTransaction().begin();