/*
* Copyright 2014 Ranjan Kumar
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
package com.restfiddle.controller.rest;
import java.util.List;
import javax.annotation.Resource;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.boot.autoconfigure.EnableAutoConfiguration;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.http.MediaType;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.crypto.password.PasswordEncoder;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.ResponseBody;
import org.springframework.web.bind.annotation.RestController;
import com.restfiddle.constant.StatusType;
import com.restfiddle.dao.UserRepository;
import com.restfiddle.dto.PasswordDTO;
import com.restfiddle.dto.PasswordResetDTO;
import com.restfiddle.dto.UserDTO;
import com.restfiddle.entity.User;
import com.restfiddle.util.CommonUtil;
@RestController
@EnableAutoConfiguration
@ComponentScan
@Transactional
public class UserController {
Logger logger = LoggerFactory.getLogger(UserController.class);
@Resource
private UserRepository userRepository;
@Autowired
private PasswordEncoder passwordEncoder;
@RequestMapping(value = "/api/users", method = RequestMethod.POST, headers = "Accept=application/json")
public @ResponseBody
UserDTO create(@RequestBody PasswordDTO passwordDTO) {
logger.debug("Creating a new user with information: " + passwordDTO);
// TODO add validation
User user = new User();
user.setName(passwordDTO.getName());
user.setDescription(passwordDTO.getDescription());
String userEmail = passwordDTO.getEmail();
user.setEmail(userEmail);
user.setPassword(CommonUtil.isNotEmpty(passwordDTO.getPassword()) ? passwordEncoder.encode(passwordDTO.getPassword()) : passwordEncoder
.encode("default"));
user.setStatus(StatusType.ACTIVE.name());
User savedUser = userRepository.save(user);
UserDTO userDTO = new UserDTO();
userDTO.setId(savedUser.getId());
userDTO.setName(savedUser.getName());
userDTO.setEmail(savedUser.getEmail());
return userDTO;
}
@RequestMapping(value = "/api/users/{id}", method = RequestMethod.DELETE, headers = "Accept=application/json")
public @ResponseBody
void delete(@PathVariable("id") String id) {
logger.debug("Deleting user with id: " + id);
User deleted = userRepository.findOne(id);
userRepository.delete(deleted);
}
@RequestMapping(value = "/api/users", method = RequestMethod.GET)
public @ResponseBody
List<User> findAll() {
logger.debug("Finding all users");
return userRepository.findAll();
}
@RequestMapping(value = "/api/users/{id}", method = RequestMethod.GET)
public @ResponseBody
User findById(@PathVariable("id") String id) {
logger.debug("Finding user by id: " + id);
return userRepository.findOne(id);
}
@RequestMapping(value = "/api/users/{id}", method = RequestMethod.PUT, headers = "Accept=application/json")
public @ResponseBody
UserDTO update(@PathVariable("id") Long id, @RequestBody UserDTO updated) {
logger.debug("Updating user with information: " + updated);
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
Object principal = authentication.getPrincipal();
if (principal != null && principal instanceof User) {
User loggedInUser = (User) principal;
User user = userRepository.findOne(loggedInUser.getId());
user.setName(updated.getName());
user.setDescription(updated.getDescription());
user.setEmail(updated.getEmail());
userRepository.save(user);
}
return updated;
}
@RequestMapping(value = "/api/users/current-user", method = RequestMethod.GET)
public @ResponseBody
UserDTO getCurrentUser() {
UserDTO userDTO = new UserDTO();
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
Object principal = authentication.getPrincipal();
if (principal != null && principal instanceof User) {
User loggedInUser = (User) principal;
User user = userRepository.findOne(loggedInUser.getId());
userDTO.setName(user.getName());
userDTO.setDescription(user.getDescription());
userDTO.setEmail(user.getEmail());
}
return userDTO;
}
@RequestMapping(value = "/api/users/change-password", method = RequestMethod.POST, headers = "Accept=application/json")
public @ResponseBody
void changePassword(@RequestBody PasswordResetDTO passwordResetDTO) {
Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
Object principal = authentication.getPrincipal();
if (principal != null && principal instanceof User) {
User loggedInUser = (User) principal;
User user = userRepository.findOne(loggedInUser.getId());
PasswordEncoder passwordEncoder = new BCryptPasswordEncoder();
user.setPassword(passwordEncoder.encode(passwordResetDTO.getRetypedPassword()));
userRepository.save(user);
}
}
@RequestMapping(value = "/api/users/set-password", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE)
String setPassword(@PathVariable("token") String token) {
return null;
}
}