Package com.commafeed.backend.model

Examples of com.commafeed.backend.model.User


    } else {
      if (userModel.getId().equals(user.getId()) && !userModel.isEnabled()) {
        return Response.status(Status.FORBIDDEN).entity("You cannot disable your own account.").build();
      }

      User u = userDAO.findById(id);
      u.setName(userModel.getName());
      if (StringUtils.isNotBlank(userModel.getPassword())) {
        u.setPassword(encryptionService.getEncryptedPassword(userModel.getPassword(), u.getSalt()));
      }
      u.setEmail(userModel.getEmail());
      u.setDisabled(!userModel.isEnabled());
      userDAO.saveOrUpdate(u);

      Set<Role> roles = userRoleDAO.findRoles(u);
      if (userModel.isAdmin() && !roles.contains(Role.ADMIN)) {
        userRoleDAO.saveOrUpdate(new UserRole(u, Role.ADMIN));
      } else if (!userModel.isAdmin() && roles.contains(Role.ADMIN)) {
        if (CommaFeedApplication.USERNAME_ADMIN.equals(u.getName())) {
          return Response.status(Status.FORBIDDEN).entity("You cannot remove the admin role from the admin user.").build();
        }
        for (UserRole userRole : userRoleDAO.findAll(u)) {
          if (userRole.getRole() == Role.ADMIN) {
            userRoleDAO.delete(userRole);
View Full Code Here


  @GET
  @UnitOfWork
  @ApiOperation(value = "Get user information", notes = "Get user information", response = UserModel.class)
  public Response getUser(@SecurityCheck(Role.ADMIN) User user, @ApiParam(value = "user id", required = true) @PathParam("id") Long id) {
    Preconditions.checkNotNull(id);
    User u = userDAO.findById(id);
    UserModel userModel = new UserModel();
    userModel.setId(u.getId());
    userModel.setName(u.getName());
    userModel.setEmail(u.getEmail());
    userModel.setEnabled(!u.isDisabled());
    for (UserRole role : userRoleDAO.findAll(u)) {
      if (role.getRole() == Role.ADMIN) {
        userModel.setAdmin(true);
      }
    }
View Full Code Here

  @UnitOfWork
  @ApiOperation(value = "Get all users", notes = "Get all users", response = UserModel.class, responseContainer = "List")
  public Response getUsers(@SecurityCheck(Role.ADMIN) User user) {
    Map<Long, UserModel> users = Maps.newHashMap();
    for (UserRole role : userRoleDAO.findAll()) {
      User u = role.getUser();
      Long key = u.getId();
      UserModel userModel = users.get(key);
      if (userModel == null) {
        userModel = new UserModel();
        userModel.setId(u.getId());
        userModel.setName(u.getName());
        userModel.setEmail(u.getEmail());
        userModel.setEnabled(!u.isDisabled());
        userModel.setCreated(u.getCreated());
        userModel.setLastLogin(u.getLastLogin());
        users.put(key, userModel);
      }
      if (role.getRole() == Role.ADMIN) {
        userModel.setAdmin(true);
      }
View Full Code Here

  @ApiOperation(value = "Delete a user", notes = "Delete a user, and all his subscriptions")
  public Response delete(@SecurityCheck(Role.ADMIN) User user, @ApiParam(required = true) IDRequest req) {
    Preconditions.checkNotNull(req);
    Preconditions.checkNotNull(req.getId());

    User u = userDAO.findById(req.getId());
    if (u == null) {
      return Response.status(Status.NOT_FOUND).build();
    }
    if (user.getId().equals(u.getId())) {
      return Response.status(Status.FORBIDDEN).entity("You cannot delete your own user.").build();
    }
    userService.unregister(u);
    return Response.ok().build();
  }
View Full Code Here

  @UnitOfWork
  @ApiOperation(value = "Save user's profile")
  public Response save(@SecurityCheck User user, @ApiParam(required = true) ProfileModificationRequest request) {
    Preconditions.checkArgument(StringUtils.isBlank(request.getPassword()) || request.getPassword().length() >= 6);
    if (StringUtils.isNotBlank(request.getEmail())) {
      User u = userDAO.findByEmail(request.getEmail());
      Preconditions.checkArgument(u == null || user.getId().equals(u.getId()));
    }

    if (CommaFeedApplication.USERNAME_DEMO.equals(user.getName())) {
      return Response.status(Status.FORBIDDEN).build();
    }
View Full Code Here

  @POST
  @UnitOfWork
  @ApiOperation(value = "Register a new account")
  public Response register(@Valid @ApiParam(required = true) RegistrationRequest req, @Context SessionHelper sessionHelper) {
    try {
      User registeredUser = userService.register(req.getName(), req.getPassword(), req.getEmail(), Arrays.asList(Role.USER));
      userService.login(req.getName(), req.getPassword());
      sessionHelper.setLoggedInUser(registeredUser);
      return Response.ok().build();
    } catch (final IllegalArgumentException e) {
      return Response.status(422).entity(new ValidationErrorMessage(Collections.<ConstraintViolation<?>> emptySet()) {
View Full Code Here

  @Path("/passwordReset")
  @POST
  @UnitOfWork
  @ApiOperation(value = "send a password reset email")
  public Response sendPasswordReset(@Valid PasswordResetRequest req) {
    User user = userDAO.findByEmail(req.getEmail());
    if (user == null) {
      return Response.status(Status.PRECONDITION_FAILED).entity("Email not found.").build();
    }
    try {
      user.setRecoverPasswordToken(DigestUtils.sha1Hex(UUID.randomUUID().toString()));
      user.setRecoverPasswordTokenDate(new Date());
      userDAO.saveOrUpdate(user);
      mailService.sendMail(user, "Password recovery", buildEmailContent(user));
      return Response.ok().build();
    } catch (Exception e) {
      log.error(e.getMessage(), e);
View Full Code Here

  @Produces(MediaType.TEXT_HTML)
  public Response passwordRecoveryCallback(@QueryParam("email") String email, @QueryParam("token") String token) {
    Preconditions.checkNotNull(email);
    Preconditions.checkNotNull(token);

    User user = userDAO.findByEmail(email);
    if (user == null) {
      return Response.status(Status.UNAUTHORIZED).entity("Email not found.").build();
    }
    if (user.getRecoverPasswordToken() == null || !user.getRecoverPasswordToken().equals(token)) {
      return Response.status(Status.UNAUTHORIZED).entity("Invalid token.").build();
    }
    if (user.getRecoverPasswordTokenDate().before(DateUtils.addDays(new Date(), -2))) {
      return Response.status(Status.UNAUTHORIZED).entity("token expired.").build();
    }

    String passwd = RandomStringUtils.randomAlphanumeric(10);
    byte[] encryptedPassword = encryptionService.getEncryptedPassword(passwd, user.getSalt());
    user.setPassword(encryptedPassword);
    if (StringUtils.isNotBlank(user.getApiKey())) {
      user.setApiKey(userService.generateApiKey(user));
    }
    user.setRecoverPasswordToken(null);
    user.setRecoverPasswordTokenDate(null);
    userDAO.saveOrUpdate(user);

    String message = "Your new password is: " + passwd;
    message += "<br />";
    message += String.format("<a href=\"%s\">Back to Homepage</a>", config.getApplicationSettings().getPublicUrl());
View Full Code Here

 
  public Optional<User> getLoggedInUser() {
    Optional<HttpSession> session = getSession(false);
   
    if (session.isPresent()) {
      User user = (User) session.get().getAttribute(SESSION_KEY_USER);
      return Optional.fromNullable(user);
    }
   
    return Optional.absent();
  }
View Full Code Here

  before_each_test() {
    MockitoAnnotations.initMocks(this);
   
    userService = new UserService(feedCategoryDAO, userDAO, userSettingsDAO, passwordEncryptionService, commaFeedConfiguration, postLoginActivities);
   
    disabledUser = new User();
    disabledUser.setDisabled(true);
   
    normalUser = new User();
    normalUser.setDisabled(false);
    normalUser.setSalt(SALT);
    normalUser.setPassword(ENCRYPTED_PASSWORD);
  }
View Full Code Here

TOP

Related Classes of com.commafeed.backend.model.User

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.