Example 1 with SimpleHttpException
use of cn.opencil.exception.SimpleHttpException in project CILManagement-Server by LiuinStein.
the class UserController method initPassword.
/**
* For admin to initialize someone's password
* The default password for everyone is 666666
*/
@RequestMapping(value = "/password/", method = RequestMethod.PATCH, produces = { MediaType.APPLICATION_JSON_VALUE, MediaType.APPLICATION_XML_VALUE })
@ResponseStatus(HttpStatus.CREATED)
public RestfulResult initPassword(@RequestBody JSONObject input) throws SimpleHttpException, ValidationException {
RBACUser user = input.toJavaObject(RBACUser.class);
user.setPassword("666666");
if (!userService.changeUserPassword(ValidationUtils.validate(user))) {
throw new SimpleHttpException(500, "database access error", HttpStatus.INTERNAL_SERVER_ERROR);
}
return new RestfulResult(0, "Password has been initialized!", new HashMap<>());
}
Also used :
RBACUser(cn.opencil.po.RBACUser)
SimpleHttpException(cn.opencil.exception.SimpleHttpException)
RestfulResult(cn.opencil.vo.RestfulResult)
Example 2 with SimpleHttpException
use of cn.opencil.exception.SimpleHttpException in project CILManagement-Server by LiuinStein.
the class UserController method modifyPassword.
/**
* Modify your own password
*/
@RequestMapping(value = "/password/", method = RequestMethod.PUT, produces = { MediaType.APPLICATION_JSON_VALUE, MediaType.APPLICATION_XML_VALUE })
@ResponseStatus(HttpStatus.CREATED)
public RestfulResult modifyPassword(@RequestBody JSONObject input, HttpServletRequest request) throws SimpleHttpException, ValidationException {
String oldPassword = input.getString("old_password");
RBACUser userDetails = (RBACUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
if (oldPassword == null || !passwordEncoder.matches(oldPassword, userDetails.getPassword())) {
throw new SimpleHttpException(403, "Old password error", HttpStatus.FORBIDDEN);
}
userDetails.setPassword(input.getString("new_password"));
if (!userService.changeUserPassword(ValidationUtils.validate(userDetails))) {
throw new SimpleHttpException(500, "database access error", HttpStatus.INTERNAL_SERVER_ERROR);
}
// must re-login after password changing, otherwise, replay attacks maybe occurred
new SecurityContextLogoutHandler().logout(request, null, SecurityContextHolder.getContext().getAuthentication());
return new RestfulResult(0, "Password has been changed!", new HashMap<>());
}
Also used :
SecurityContextLogoutHandler(org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler)
RBACUser(cn.opencil.po.RBACUser)
SimpleHttpException(cn.opencil.exception.SimpleHttpException)
RestfulResult(cn.opencil.vo.RestfulResult)
Example 3 with SimpleHttpException
use of cn.opencil.exception.SimpleHttpException in project CILManagement-Server by LiuinStein.
the class UserController method modifyInfo.
/**
* Modify someone's personal information
*/
@RequestMapping(value = "/info/", method = RequestMethod.PUT, produces = { MediaType.APPLICATION_JSON_VALUE, MediaType.APPLICATION_XML_VALUE })
@ResponseStatus(HttpStatus.CREATED)
public RestfulResult modifyInfo(@RequestBody JSONObject input) throws ValidationException, SimpleHttpException {
UserInfo info = ValidationUtils.validate(input.toJavaObject(UserInfo.class));
RBACUser userDetails = (RBACUser) SecurityContextHolder.getContext().getAuthentication().getPrincipal();
if ((info.getEnrollTime() != null || info.getExitTime() != null) && !userDetails.getAuthorities().toString().equals("[admin]")) {
// Only administers can modify the value of enroll_time&exit_time fields. If others submit that, it would be ignored.
info.setEnrollTime(null);
info.setExitTime(null);
}
if (!info.getId().equals(userDetails.getId()) && !userDetails.getAuthorities().toString().equals("[admin]")) {
throw new SimpleHttpException(403, "need administer privilege", HttpStatus.FORBIDDEN);
}
if (!infoService.modifyUserInfo(info)) {
throw new SimpleHttpException(500, "database access error", HttpStatus.INTERNAL_SERVER_ERROR);
}
return new RestfulResult(0, "information has been changed!", new HashMap<>());
}
Also used :
RBACUser(cn.opencil.po.RBACUser)
SimpleHttpException(cn.opencil.exception.SimpleHttpException)
RestfulResult(cn.opencil.vo.RestfulResult)
UserInfo(cn.opencil.po.UserInfo)
Example 4 with SimpleHttpException
use of cn.opencil.exception.SimpleHttpException in project CILManagement-Server by LiuinStein.
the class UserController method queryMemberInfo.
/**
* Query someone's information by given condition
*/
@RequestMapping(value = "/info", method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_VALUE, MediaType.APPLICATION_XML_VALUE })
@ResponseStatus(HttpStatus.OK)
public RestfulResult queryMemberInfo(@RequestParam("mode") String mode, @RequestParam("condition") String condition, @RequestParam("value") String value) throws SimpleHttpException, ValidationException {
UserInfo info = new UserInfo();
switch(condition.toLowerCase()) {
case "id":
info.setId(Long.parseLong(value));
break;
case "name":
info.setName(value);
break;
case "department":
info.setDepartment(Integer.parseInt(value));
break;
default:
throw new SimpleHttpException(2, "condition is not supported", HttpStatus.BAD_REQUEST);
}
info = ValidationUtils.validate(info);
List<UserInfo> result;
switch(mode.toLowerCase()) {
case "summary":
result = infoService.querySummaryUserInfo(info);
break;
case "all":
result = infoService.queryAllUserInfo(info);
break;
default:
result = null;
}
if (result == null || result.size() == 0) {
throw new SimpleHttpException(404, "user not found", HttpStatus.NOT_FOUND);
}
HashMap<String, Object> data = new HashMap<>();
data.put("users", result);
return new RestfulResult(0, "", data);
}
Also used :
SimpleHttpException(cn.opencil.exception.SimpleHttpException)
HashMap(java.util.HashMap)
RestfulResult(cn.opencil.vo.RestfulResult)
UserInfo(cn.opencil.po.UserInfo)
JSONObject(com.alibaba.fastjson.JSONObject)
Example 5 with SimpleHttpException
use of cn.opencil.exception.SimpleHttpException in project CILManagement-Server by LiuinStein.
the class UserController method register.
/**
* Sign up a new member
*/
@RequestMapping(value = "/", method = RequestMethod.POST, produces = { MediaType.APPLICATION_JSON_VALUE, MediaType.APPLICATION_XML_VALUE })
@ResponseStatus(HttpStatus.CREATED)
public RestfulResult register(@RequestBody JSONObject input) throws SimpleHttpException, ValidationException {
RBACUser user = ValidationUtils.validate(input.toJavaObject(RBACUser.class), RegisterValidation.class);
UserInfo info = ValidationUtils.validate(input.toJavaObject(UserInfo.class), RegisterValidation.class);
RBACUserRole role = ValidationUtils.validate(input.toJavaObject(RBACUserRole.class), RegisterValidation.class);
if (!userService.addMember(user, info, role)) {
throw new SimpleHttpException(500, "database access error", HttpStatus.INTERNAL_SERVER_ERROR);
}
return new RestfulResult(0, "new member created", new HashMap<>());
}
Also used :
RBACUserRole(cn.opencil.po.RBACUserRole)
RBACUser(cn.opencil.po.RBACUser)
SimpleHttpException(cn.opencil.exception.SimpleHttpException)
RestfulResult(cn.opencil.vo.RestfulResult)
UserInfo(cn.opencil.po.UserInfo)
Aggregations
SimpleHttpException (cn.opencil.exception.SimpleHttpException)5
RestfulResult (cn.opencil.vo.RestfulResult)5
RBACUser (cn.opencil.po.RBACUser)4
UserInfo (cn.opencil.po.UserInfo)3
RBACUserRole (cn.opencil.po.RBACUserRole)1
JSONObject (com.alibaba.fastjson.JSONObject)1
HashMap (java.util.HashMap)1
SecurityContextLogoutHandler (org.springframework.security.web.authentication.logout.SecurityContextLogoutHandler)1
