UserProfileController.java

  1. /*
  2.  * Copyright 2022 Global Crop Diversity Trust
  3.  *
  4.  * Licensed under the Apache License, Version 2.0 (the "License");
  5.  * you may not use this file except in compliance with the License.
  6.  * You may obtain a copy of the License at
  7.  *
  8.  *   http://www.apache.org/licenses/LICENSE-2.0
  9.  *
  10.  * Unless required by applicable law or agreed to in writing, software
  11.  * distributed under the License is distributed on an "AS IS" BASIS,
  12.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  13.  * See the License for the specific language governing permissions and
  14.  * limitations under the License.
  15.  */
  16. package org.genesys.server.api.admin.v1;

  18. import java.util.List;
  19. import java.util.Set;
  20. import java.util.UUID;

  22. import org.apache.commons.lang3.StringUtils;
  23. import org.genesys.blocks.security.UserException;
  24. import org.genesys.server.api.ApiBaseController;
  25. import org.genesys.server.exception.InvalidApiUsageException;
  26. import org.genesys.server.exception.NotFoundElement;
  27. import org.genesys.server.model.UserRole;
  28. import org.genesys.server.model.impl.User;
  29. import org.genesys.server.mvc.BaseController;
  30. import org.genesys.server.service.EMailVerificationService;
  31. import org.genesys.server.service.TokenVerificationService.NoSuchVerificationTokenException;
  32. import org.genesys.server.service.TokenVerificationService.TokenExpiredException;
  33. import org.genesys.server.service.UserService;
  34. import org.springframework.beans.factory.annotation.Autowired;
  35. import org.springframework.data.domain.Page;
  36. import org.springframework.data.domain.PageRequest;
  37. import org.springframework.data.domain.Sort;
  38. import org.springframework.http.MediaType;
  39. import org.springframework.security.access.prepost.PreAuthorize;
  40. import org.springframework.web.bind.annotation.DeleteMapping;
  41. import org.springframework.web.bind.annotation.GetMapping;
  42. import org.springframework.web.bind.annotation.PathVariable;
  43. import org.springframework.web.bind.annotation.PostMapping;
  44. import org.springframework.web.bind.annotation.RequestBody;
  45. import org.springframework.web.bind.annotation.RequestMapping;
  46. import org.springframework.web.bind.annotation.RequestParam;
  47. import org.springframework.web.bind.annotation.RestController;

  49. @RestController("adminUsersControllerV1")
  50. @RequestMapping(UserProfileController.CONTROLLER_URL)
  51. @PreAuthorize("hasRole('ADMINISTRATOR')")
  52. public class UserProfileController extends BaseController {

  54.     /** The Constant CONTROLLER_URL. */
  55.     public static final String CONTROLLER_URL = ApiBaseController.APIv1_BASE + "/admin/users/";

  57.     @Autowired
  58.     private UserService userService;

  60.     @Autowired
  61.     private EMailVerificationService emailVerificationService;

  63.     @GetMapping(value = "", produces = { MediaType.APPLICATION_JSON_VALUE })
  64.     public Page<User> list(@RequestParam(value = "page", defaultValue = "1") int page) {
  65.         return userService.listUsers(PageRequest.of(page - 1, 50, Sort.by("fullName")));
  66.     }

  68.     @PostMapping("/{uuid:.+}/vetted-user")
  69.     public void addRoleVettedUser(@PathVariable("uuid") UUID uuid) {
  70.         userService.addVettedUserRole(uuid);
  71.     }

  73.     @GetMapping(value = "/{uuid:.+}", produces = { MediaType.APPLICATION_JSON_VALUE })
  74.     public User someProfile(@PathVariable("uuid") UUID uuid) {
  75.         final User user = userService.getUser(uuid);
  76.         if (user == null) {
  77.             throw new NotFoundElement();
  78.         }

  80.         return user;
  81.     }

  83.     @GetMapping(value = "/roles", produces = { MediaType.APPLICATION_JSON_VALUE })
  84.     public List<UserRole> getAvailableRoles() {

  86.         return userService.listAvailableRoles();
  87.     }

  89.     @PostMapping(value = "/{uuid}/send")
  90.     public void sendEmail(@PathVariable("uuid") UUID uuid) {
  91.         final User user = userService.getUser(uuid);
  92.         emailVerificationService.sendVerificationEmail(user);
  93.     }

  95.     @PostMapping(value = "/{tokenUuid:.+}/cancel")
  96.     public void cancelValidation(@PathVariable("tokenUuid") String tokenUuid) throws Exception {
  97.         emailVerificationService.cancelValidation(tokenUuid);
  98.     }

  100.     @PostMapping(value = "/{tokenUuid:.+}/validate")
  101.     public void validateEmail2(@PathVariable("tokenUuid") String tokenUuid, @RequestParam(value = "key", required = true) String key) throws NoSuchVerificationTokenException, TokenExpiredException {
  102.         emailVerificationService.validateEMail(tokenUuid, key);
  103.     }

  105.     @PostMapping(value = "/password/reset")
  106.     public void resetPassword(@RequestParam("email") String email) {
  107.         final User user = userService.getUserByEmail(email);

  109.         if (user != null) {
  110.             emailVerificationService.sendPasswordResetEmail(user);
  111.         }
  112.     }

  114.     @PostMapping(value = "/{tokenUuid:.+}/pwdreset")
  115.     public void updatePassword(@PathVariable("tokenUuid") String tokenUuid, @RequestParam(value = "key") String key, @RequestParam("password") String password)
  116.             throws UserException, NoSuchVerificationTokenException, TokenExpiredException {
  117.         emailVerificationService.changePassword(tokenUuid, key, password);
  118.     }

  120.     @PostMapping(value = "/{uuid:.+}/update")
  121.     public void update(@PathVariable("uuid") final UUID uuid, @RequestBody User updatedUser, @RequestParam("pwd1") String pwd1) throws UserException {
  122.         final User user = userService.getUser(UUID.fromString(updatedUser.getUuid()));
  123.         if (user == null) {
  124.             throw new NotFoundElement();
  125.         }

  127.         userService.updateUser(user, updatedUser.getEmail(), updatedUser.getFullName());

  129.         if (StringUtils.isNotBlank(pwd1)) {
  130.             if (pwd1.equals(updatedUser.getPassword())) {
  131.                 LOG.info("Updating password for {}", user);
  132.                 userService.changePassword(user, updatedUser.getPassword());
  133.                 LOG.warn("Password updated for {}", user);
  134.             }
  135.         }
  136.     }

  138.     @DeleteMapping(value = "/{uuid:.+}")
  139.     public void delete(@PathVariable("uuid") UUID uuid) throws UserException {
  140.         final User user = userService.getUser(uuid);

  142.         if (user==null) {
  143.             throw new NotFoundElement();
  144.         }

  146.         if (! user.isAccountNonExpired()) {
  147.             throw new InvalidApiUsageException("User is already expired");
  148.         }

  150.         LOG.warn("Archiving user account {}", user.getEmail());
  151.         userService.archiveUser(user);

  153.     }

  155.     @PostMapping(value = "/{uuid:.+}/update-roles")
  156.     public void updateRoles(@PathVariable("uuid") UUID uuid, @RequestParam("role") Set<UserRole> selectedRoles) {
  157.         final User user = userService.getUser(uuid);
  158.         if (user == null) {
  159.             throw new NotFoundElement();
  160.         }

  162.         userService.setRoles(user, selectedRoles);
  163.     }

  165. }
Created with JaCoCo 0.8.12.202403310830