UserSession usrSess = context.getUserSession();
Profile myProfile = usrSess.getProfile();
String myUserId = usrSess.getUserId();
final UserGroupRepository groupRepository = context.getBean(UserGroupRepository.class);
final UserRepository userRepository = context.getBean(UserRepository.class);
@SuppressWarnings("unchecked")
java.util.List<Element> userGroups = params.getChildren(Params.GROUPS);
if (profile == Profile.Administrator) {
userGroups = new ArrayList<Element>();
}
if (myProfile == Profile.Administrator ||
myProfile == Profile.UserAdmin ||
myUserId.equals(id)) {
checkAccessRights(operation, id, username, myProfile, myUserId, userGroups, groupRepository);
User user = getUser(userRepository, operation, id, username);
if (username != null) {
user.setUsername(username);
}
if (name != null) {
user.setName(name);
}
if (surname != null) {
user.setSurname(surname);
}
if (profile != null) {
if (!myProfile.getAll().contains(profile)) {
throw new IllegalArgumentException("Trying to set profile to "+profile+" max profile permitted is: "+myProfile);
}
user.setProfile(profile);
}
if (kind != null) {
user.setKind(kind);
}
if (organ != null) {
user.setOrganisation(organ);
}
Address addressEntity;
boolean hasNoAddress = user.getAddresses().isEmpty();
if (hasNoAddress) {
addressEntity = new Address();
} else {
addressEntity = user.getAddresses().iterator().next();
}
if (address != null) {
addressEntity.setAddress(address);
}
if (city != null) {
addressEntity.setCity(city);
}
if (state != null) {
addressEntity.setState(state);
}
if (zip != null) {
addressEntity.setZip(zip);
}
if (country != null) {
addressEntity.setCountry(country);
}
if (hasNoAddress) {
user.getAddresses().add(addressEntity);
}
if (email != null) {
user.getEmailAddresses().add(email);
}
if (password != null) {
user.getSecurity().setPassword(PasswordUtil.encode(context, password));
} else if (operation.equals(Params.Operation.RESETPW)) {
throw new IllegalArgumentException("password is a required parameter for operation: " + Params.Operation.RESETPW);
}
// -- For adding new user
if (operation.equals(Params.Operation.NEWUSER)) {
user = userRepository.save(user);
setUserGroups(user, params, context);
} else if (operation.equals(Params.Operation.FULLUPDATE) || operation.equals(Params.Operation.EDITINFO)) {
user = userRepository.save(user);
//--- add groups
groupRepository.deleteAllByIdAttribute(UserGroupId_.userId, Arrays.asList(user.getId()));
setUserGroups(user, params, context);
} else if (operation.equals(Params.Operation.RESETPW)) {
user = userRepository.save(user);
} else {
throw new IllegalArgumentException("unknown user update operation " + operation);
}
} else {
throw new IllegalArgumentException("You don't have rights to do this");