UserManagementController.java

/*
 * Copyright 2025 Global Crop Diversity Trust
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *   http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */
package org.genesys.server.api.v2.impl;

import io.swagger.annotations.Api;
import org.genesys.blocks.security.NoUserFoundException;
import org.genesys.blocks.security.NotUniqueUserException;
import org.genesys.blocks.security.UserException;
import org.genesys.server.api.ApiBaseController;
import org.genesys.server.api.FilteredPage;
import org.genesys.server.api.Pagination;
import org.genesys.server.api.v2.facade.UserApiService;
import org.genesys.server.api.v2.model.impl.UserDTO;
import org.genesys.server.exception.NotFoundElement;
import org.genesys.server.service.ShortFilterService.FilterInfo;
import org.genesys.server.service.filter.UserFilter;
import org.genesys.server.service.worker.ShortFilterProcessor;

import org.springdoc.api.annotations.ParameterObject;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.data.domain.Sort;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.PostMapping;
import org.springframework.web.bind.annotation.PutMapping;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;

import java.io.IOException;
import java.util.List;
import java.util.Set;
import java.util.UUID;

@RestController("userApi2")
@RequestMapping(UserManagementController.CONTROLLER_URL)
@PreAuthorize("isAuthenticated()")
@Api(tags = { "user" })
public class UserManagementController extends ApiBaseController {

	/** The Constant CONTROLLER_URL. */
	public static final String CONTROLLER_URL = ApiBaseController.APIv2_BASE + "/user";

	/** The short filter service. */
	@Autowired
	protected ShortFilterProcessor shortFilterProcessor;

	@Autowired
	protected UserApiService userService;

	/**
	 * Gets the user.
	 *
	 * @param uuid the uuid
	 * @return the user
	 */
	@GetMapping(value = "/u/{uuid}")
	public UserDTO getUser(@PathVariable("uuid") final UUID uuid) {
		UserDTO user = userService.getUser(uuid);
		if (user == null) {
			throw new NotFoundElement("No such user");
		}
		return user;
	}
	
	/**
	 * Unlock account.
	 *
	 * @param uuid the uuid
	 * @return the user
	 * @throws NoUserFoundException the no user found exception
	 */
	@PreAuthorize("hasRole('ADMINISTRATOR')")
	@PostMapping(value = "/u/{uuid}/unlock")
	public UserDTO unlockAccount(@PathVariable("uuid") final UUID uuid) throws NoUserFoundException {
		return userService.unlockAccount(uuid);
	}
	
	/**
	 * Lock account.
	 *
	 * @param uuid the uuid
	 * @return the user
	 * @throws NoUserFoundException the no user found exception
	 */
	@PreAuthorize("hasRole('ADMINISTRATOR')")
	@PostMapping(value = "/u/{uuid}/lock")
	public UserDTO lockAccount(@PathVariable("uuid") final UUID uuid) throws NoUserFoundException {
		return userService.lockAccount(uuid);
	}

	/**
	 * Extend account.
	 *
	 * @param uuid the uuid
	 * @return the user
	 */
	@PreAuthorize("hasRole('ADMINISTRATOR')")
	@PostMapping(value = "/u/{uuid}/extend")
	public UserDTO extendAccount(@PathVariable("uuid") final UUID uuid) {
		return userService.extendAccount(uuid);
	}

	/**
	 * Enable account.
	 *
	 * @param uuid the uuid
	 * @return the user
	 * @throws NoUserFoundException the no user found exception
	 */
	@PreAuthorize("hasRole('ADMINISTRATOR')")
	@PostMapping(value = "/u/{uuid}/enable")
	public UserDTO enableAccount(@PathVariable("uuid") final UUID uuid) throws UserException {
		return userService.enableAccount(uuid);
	}
	
	/**
	 * Disable account.
	 *
	 * @param uuid the uuid
	 * @return the user
	 * @throws NoUserFoundException the no user found exception
	 */
	@PreAuthorize("hasRole('ADMINISTRATOR')")
	@PostMapping(value = "/u/{uuid}/disable")
	public UserDTO disableAccount(@PathVariable("uuid") final UUID uuid) throws UserException {
		return userService.disableAccount(uuid);
	}

	/**
	 * Archive account.
	 *
	 * @param uuid the uuid
	 * @return the user
	 * @throws UserException the user exception
	 */
	@PreAuthorize("hasRole('ADMINISTRATOR')")
	@PostMapping(value = "/u/{uuid}/archive")
	public UserDTO archiveAccount(@PathVariable("uuid") final UUID uuid) throws UserException {
		return userService.archiveAccount(uuid);
	}

	/**
	 * Archive accounts.
	 *
	 * @param uuids the set of uuids
	 * @return the list of archived users
	 */
	@PreAuthorize("hasRole('ADMINISTRATOR')")
	@PostMapping(value = "/u/archive")
	public List<UserDTO> archiveAccounts(@RequestBody final Set<UUID> uuids) {
		return userService.archiveAccounts(uuids);
	}

	/**
	 * Generate ftp password.
	 *
	 * @param uuid the uuid
	 * @return the user
	 * @throws UserException the user exception
	 */
	@PostMapping(value = "/u/{uuid}/ftp-password")
	public String generateFtpPassword(@PathVariable("uuid") final UUID uuid) throws UserException {
		return userService.generateFtpPassword(uuid);
	}


	/**
	 * Send verification email.
	 *
	 * @param uuid the uuid
	 */
	@PostMapping(value = "/u/{uuid}/email-verification")
	public boolean sendEmail(@PathVariable("uuid") UUID uuid) {
		userService.sendEmail(uuid);
		return true;
	}

	/**
	 * Update user.
	 *
	 * @param user the user
	 * @return the user
	 * @throws NotUniqueUserException the not unique user exception
	 * @throws UserException the user exception
	 */
	@PutMapping(value = "/user")
	@PreAuthorize("hasRole('ADMINISTRATOR')")
	public UserDTO updateUser(@RequestBody UserDTO user) throws NotUniqueUserException, UserException {
		return userService.updateUser(user);
	}

	/**
	 * List users.
	 *
	 * @param filterCode the filter code
	 * @param page the page
	 * @param filter the filter
	 * @return the filtered page
	 * @throws IOException Signals that an I/O exception has occurred.
	 */
	@PostMapping(value = "/list")
	@PreAuthorize("hasRole('ADMINISTRATOR')")
	public FilteredPage<UserDTO, UserFilter> listUsers(@RequestParam(name = "f", required = false) String filterCode, @ParameterObject final Pagination page,
			@RequestBody(required = false) UserFilter filter) throws IOException {

		FilterInfo<UserFilter> filterInfo = shortFilterProcessor.processFilter(filterCode, filter, UserFilter.class);
		return new FilteredPage<>(filterInfo.filterCode, filterInfo.filter, userService.list(filterInfo.filter, page.toPageRequest(MAX_PAGE_SIZE, DEFAULT_PAGE_SIZE, Sort.Direction.ASC, "email")));
	}

}