Commit e9fb3515 authored by Matija Obreza's avatar Matija Obreza
Browse files

Started on user profile

parent 453c7db4
......@@ -39,6 +39,7 @@ public interface UserService {
@PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')")
void removeUser(User user) throws UserException;
@PreAuthorize("hasRole('ADMINISTRATOR') || hasPermission(#user, 'WRITE')")
void removeUserById(long userId) throws UserException;
User getUserByEmail(String email);
......
......@@ -20,6 +20,7 @@ import java.util.Locale;
import javax.servlet.http.HttpServletRequest;
import org.genesys2.server.model.impl.User;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
......@@ -55,6 +56,11 @@ public abstract class BaseController {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
return authentication != null && !ANONYMOUS_USER.equals(authentication.getName());
}
protected User getUser() {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
return authentication!=null && authentication.getDetails() instanceof User ? (User) authentication.getDetails() : null;
}
protected boolean hasRole(String role) {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
......
......@@ -110,8 +110,6 @@ public class HtmlController extends BaseController {
String remoteAddr = req.getRemoteAddr();
ReCaptchaImpl reCaptcha = new ReCaptchaImpl();
// Probably don't want to hardcode your private key here but
// just to get it working is OK...
reCaptcha.setPrivateKey(captchaPrivateKey);
ReCaptchaResponse reCaptchaResponse = reCaptcha.checkAnswer(remoteAddr, challenge, response);
......
/**
* Copyright 2013 Global Crop Diversity Trust
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
**/
package org.genesys2.server.servlet.controller;
import org.genesys2.server.exception.UserException;
import org.genesys2.server.model.impl.User;
import org.genesys2.server.service.ContentService;
import org.genesys2.server.service.UserService;
import org.genesys2.spring.ResourceNotFoundException;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.beans.factory.annotation.Value;
import org.springframework.security.access.prepost.PreAuthorize;
import org.springframework.stereotype.Controller;
import org.springframework.ui.ModelMap;
import org.springframework.validation.Validator;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
/**
* Controller which simply handles *.html requests
*/
@Controller("/profile")
public class UserProfileController extends BaseController {
@Autowired
private UserService userService;
@Autowired
private Validator validator;
@Autowired
private ContentService contentService;
@Value("${captcha.privateKey}")
private String captchaPrivateKey;
@Value("${captcha.publicKey}")
private String captchaPublicKey;
@RequestMapping
public String welcome(ModelMap model) {
User user = getUser();
model.addAttribute("user", user);
if (user == null) {
throw new ResourceNotFoundException();
}
return "/user/me";
}
@RequestMapping("/edit")
public String edit(ModelMap model) {
welcome(model);
return "/user/edit";
}
@PreAuthorize("isAuthenticated()")
@RequestMapping(value = "/update", method = { RequestMethod.POST })
public String updateMe(ModelMap model, @RequestParam("pwd1") String pwd1, @RequestParam("pwd2") String pwd2) {
User user = getUser();
if (user == null) {
throw new ResourceNotFoundException();
}
if (pwd1 != null) {
if (pwd1.equals(pwd2)) {
try {
_logger.info("Updating password for " + user);
userService.updatePassword(user.getId(), pwd1);
_logger.warn("Password updated for " + user);
} catch (UserException e) {
_logger.error(e.getMessage(), e);
}
}
}
return "redirect:/profile";
}
}
<!DOCTYPE html>
<%@include file="/WEB-INF/jsp/init.jsp"%>
<html>
<head>
<title><spring:message code="userprofile.page.title" /></title>
</head>
<body>
<h1>
<spring:message code="userprofile.page.title" />
</h1>
<form role="form" class="" action="<c:url value="/profile/update" />" method="post">
<div class="form-group">
<label for="password" class="col-lg-2 control-label"><spring:message code="registration.password" /></label>
<div class="col-lg-3">
<input type="password" id="password" name="pwd1" class="span3 form-control" />
</div>
</div>
<div class="form-group">
<label for="confirm_password" class="col-lg-2 control-label"><spring:message code="registration.confirm-password" /></label>
<div class="col-lg-3">
<input type="password" id="confirm_password" name="pwd2" class="span3 required form-control" equalTo="#pwd1" />
</div>
</div>
<div class="form-group">
<div class="col-lg-offset-2 col-lg-10">
<input type="submit" value="<spring:message code="update"/>" class="btn btn-primary" /> <a class="btn btn-default" href="<c:url value="/profile" />" class="btn"> <spring:message code="cancel" />
</a>
</div>
</div>
</form>
</body>
</html>
\ No newline at end of file
<!DOCTYPE html>
<%@include file="/WEB-INF/jsp/init.jsp"%>
<html>
<head>
<title><spring:message code="userprofile.page.title" /></title>
</head>
<body>
<h1>
<spring:message code="userprofile.page.title" />
</h1>
<a href="<c:url value="/profile/edit" />" class="close">
<spring:message code="edit" />
</a>
</body>
</html>
\ No newline at end of file
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment