Updates to VETTEDUSER

d38cf10e · Matija Obreza · 3a5c576f · d38cf10e · d38cf10e · d38cf10e
Commit d38cf10e authored Feb 04, 2014 by Matija Obreza
6 changed files
--- a/src/main/java/org/genesys2/server/model/impl/User.java
+++ b/src/main/java/org/genesys2/server/model/impl/User.java
@@ -217,5 +217,14 @@ public class User extends BusinessModel {
 		// We don't support password expiration
 		return false;
 	}
+	
+	public boolean hasRole(String roleName) {
+		for (UserRole userRole : getRoles()) {
+			if (userRole.getName().equalsIgnoreCase(roleName)) {
+				return true;
+			}
+		}
+		return false;
+	}

 }
--- a/src/main/java/org/genesys2/server/service/impl/UserServiceImpl.java
+++ b/src/main/java/org/genesys2/server/service/impl/UserServiceImpl.java
@@ -350,6 +350,7 @@ public class UserServiceImpl implements UserService {
 	}

    @Override
+    @Transactional
    public void addVettedUserRole(String uuid){
        User user = userPersistence.findByUuid(uuid);
        Set<UserRole> userRoles = user.getRoles();

--- a/src/main/java/org/genesys2/server/servlet/controller/UserProfileController.java
+++ b/src/main/java/org/genesys2/server/servlet/controller/UserProfileController.java
@@ -80,12 +80,12 @@ public class UserProfileController extends BaseController {
 		return "/user/index";
 	}

-    @RequestMapping("/{uuid:.+}/addRoleVettedUser")
-    @PreAuthorize("hasRole('ADMINISTRATOR')")
-    public String addRoleVettedUser(@PathVariable("uuid")String uuid){
-        userService.addVettedUserRole(uuid);
-        return "redirect:/profile/list";
-    }
+	@RequestMapping("/{uuid:.+}/vetted-user")
+	@PreAuthorize("hasRole('ADMINISTRATOR')")
+	public String addRoleVettedUser(@PathVariable("uuid") String uuid) {
+		userService.addVettedUserRole(uuid);
+		return "redirect:/profile/" + uuid;
+	}

 	@RequestMapping("/{uuid:.+}")
 	@PreAuthorize("isAuthenticated()")
@@ -154,7 +154,6 @@ public class UserProfileController extends BaseController {

 		return "redirect:/content/user.password-reset-email-sent";
 	}
-	

 	@RequestMapping(value = "/{tokenUuid:.+}/pwdreset", method = RequestMethod.GET)
 	public String passwordReset(ModelMap model, @PathVariable("tokenUuid") String tokenUuid) {
@@ -165,7 +164,7 @@ public class UserProfileController extends BaseController {
 	@RequestMapping(value = "/{tokenUuid:.+}/pwdreset", method = RequestMethod.POST)
 	public String updatePassword(ModelMap model, @PathVariable("tokenUuid") String tokenUuid, @RequestParam(value = "key", required = true) String key,
 			@RequestParam("password") String password) throws UserException {
-		
+
 		if (emailVerificationService.changePassword(tokenUuid, key, password)) {
 			return "redirect:/content/user.password-reset";
 		} else {

--- a/src/main/resources/content/language.properties
+++ b/src/main/resources/content/language.properties
@@ -107,6 +107,7 @@ user.email=E-mail Address
 user.account-status=Account Status
 user.account-disabled=Account disabled
 user.account-locked-until=Account locked until
+user.roles=User roles
 userprofile.page.title=User profile
 userprofile.update.title=Update your profile


--- a/src/main/webapp/WEB-INF/jsp/user/index.jsp
+++ b/src/main/webapp/WEB-INF/jsp/user/index.jsp
@@ -28,7 +28,6 @@
 					<c:if test="${not user.enabled}">DISABLED</c:if>
 					<c:if test="${user.accountLocked}">LOCKED</c:if>
 				</td>
-                <td><a href="<c:url value="/profile/${user.uuid}/addRoleVettedUser"/> "class="btn btn-default"/>VETTED USER</td>
 			</tr>
 		</c:forEach>
 	</table>

--- a/src/main/webapp/WEB-INF/jsp/user/profile.jsp
+++ b/src/main/webapp/WEB-INF/jsp/user/profile.jsp
@@ -37,6 +37,15 @@
 					</c:if>
 				</div>
 			</div>
+			
+			<div class="form-group">
+				<label class="col-lg-2 control-label"><spring:message code="user.roles" /></label>
+				<div class="col-lg-5">
+					<c:forEach items="${user.roles}" var="role">
+						${role}
+					</c:forEach>
+				</div>
+			</div>

 		</security:authorize>

@@ -61,8 +70,15 @@
                <security:authorize access="hasRole('ADMINISTRATOR') || (isAuthenticated() && principal.user.id == #user.id)">
                    <a href="<c:url value="/management/user/${user.uuid}/tokens" />" class="btn btn-default"><spring:message code="oauth-client.issued.tokens" /></a>
                </security:authorize>
-                <security:authorize access="(not hasRole('VALIDATEDUSER') && principal.user.id == #user.id)">
+                <security:authorize access="hasRole('ADMINISTRATOR') || principal.user.id == #user.id">
+                	<c:if test="${not user.hasRole('VALIDATEDUSER')}">
                    <a href="<c:url value="/profile/${user.uuid}/send"/>"  class="btn btn-default"/>Send validation email</a>
+                    </c:if>
+                </security:authorize>
+                <security:authorize access="hasRole('ADMINISTRATOR')">
+                	<c:if test="${not user.hasRole('VETTEDUSER')}">
+					<a href="<c:url value="/profile/${user.uuid}/vetted-user"/> "class="btn btn-default"/>Vetted user</a>
+					</c:if>
                </security:authorize>
    </div>