REST apis for findin user, checking password and reseting password.

Used by Vectorama sw.

REST apis for findin user, checking password and reseting password.
Used by Vectorama sw.
Juho Juopperi
Commit 83117e3f authored Mar 29, 2015 by Juho Juopperi
Showing with 90 additions and 24 deletions
code/moya-beans-client/ejbModule/fi/codecrew/moya/beans/UserBeanLocal.java
code/moya-beans/ejbModule/fi/codecrew/moya/beans/UserBean.java
code/moya-restpojo/src/main/java/fi/codecrew/moya/rest/pojo/util/v1/ErrorRoot.java
code/moya-web/src/main/java/fi/codecrew/moya/rest/PojoUtils.java
code/moya-web/src/main/java/fi/codecrew/moya/rest/UserRestView.java
--- a/code/moya-beans-client/ejbModule/fi/codecrew/moya/beans/UserBeanLocal.java
+++ b/code/moya-beans-client/ejbModule/fi/codecrew/moya/beans/UserBeanLocal.java
@@ -62,6 +62,8 @@ public interface UserBeanLocal {
 	boolean resetPassword(User user, String password, String hash);
+    boolean resetPassword(User user, String password);
 	public User getUser(Integer id);
 	/**
@@ -177,5 +179,11 @@ public interface UserBeanLocal {
 	EventUser findEventuserByLogin(String username);
-    Boolean checkPassword(String username, String password);
+    /**
+     * Check that user's password matches.
+     * @param userId
+     * @param password
+     * @return true if matches, false if does not, null if user not found.
+     */
+    Boolean checkPassword(Integer userId, String password);
 }
--- a/code/moya-beans/ejbModule/fi/codecrew/moya/beans/UserBean.java
+++ b/code/moya-beans/ejbModule/fi/codecrew/moya/beans/UserBean.java
@@ -463,7 +463,12 @@ public class UserBean implements UserBeanLocal {
 		return false;
 	}
-	@Override
+    @Override
+    public boolean resetPassword(User user, String password) {
+        return false;
+    }
+    @Override
 	public boolean initPasswordResetForUsername(String username, String url) {
 		User user = userFacade.findByLogin(username);
 		return initPasswordReset(user, url);
@@ -1111,8 +1116,8 @@ public class UserBean implements UserBeanLocal {
 	}
    @Override
-    public Boolean checkPassword(String username, String password) {
+    public Boolean checkPassword(Integer userId, String password) {
-        User user = userFacade.findByLogin(username);
+        User user = userFacade.find(userId);
        if (user != null) {
            return user.checkPassword(password);
        }

--- a/code/moya-restpojo/src/main/java/fi/codecrew/moya/rest/pojo/util/v1/ErrorRoot.java
+++ b/code/moya-restpojo/src/main/java/fi/codecrew/moya/rest/pojo/util/v1/ErrorRoot.java
+package fi.codecrew.moya.rest.pojo.util.v1;
+import javax.xml.bind.annotation.XmlRootElement;
+@XmlRootElement
+public class ErrorRoot {
+    private String error;
+    public String getError() {
+        return error;
+    }
+    public void setError(String error) {
+        this.error= error;
+    }
+}
--- a/code/moya-web/src/main/java/fi/codecrew/moya/rest/PojoUtils.java
+++ b/code/moya-web/src/main/java/fi/codecrew/moya/rest/PojoUtils.java
@@ -29,6 +29,7 @@ import fi.codecrew.moya.rest.pojo.userinfo.v1.EventUserRestPojo;
 import fi.codecrew.moya.rest.pojo.userinfo.v1.PrintedCardRestPojo;
 import fi.codecrew.moya.rest.pojo.userinfo.v1.SimpleEventuserRoot;
 import fi.codecrew.moya.rest.pojo.userinfo.v1.UserReservationPlacePojo;
+import fi.codecrew.moya.rest.pojo.util.v1.ErrorRoot;
 public class PojoUtils {
 	public static EventUserRestPojo initEventUserRestPojo(EventUser user)
@@ -310,4 +311,11 @@ public class PojoUtils {
 		}
 		return ur;
 	}
+    public static ErrorRoot initErrorPojo(String errorMessage) {
+        ErrorRoot errorRoot = new ErrorRoot();
+        errorRoot.setError(errorMessage);
+        return errorRoot;
+    }
 }
--- a/code/moya-web/src/main/java/fi/codecrew/moya/rest/UserRestView.java
+++ b/code/moya-web/src/main/java/fi/codecrew/moya/rest/UserRestView.java
@@ -20,6 +20,7 @@ package fi.codecrew.moya.rest;
 import java.io.IOException;
 import java.security.Principal;
+import java.util.Collection;
 import java.util.List;
 import javax.ejb.EJB;
@@ -28,6 +29,7 @@ import javax.print.attribute.standard.Media;
 import javax.servlet.ServletException;
 import javax.servlet.ServletInputStream;
 import javax.servlet.http.HttpServletRequest;
+import javax.servlet.http.Part;
 import javax.ws.rs.*;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
@@ -35,6 +37,7 @@ import javax.ws.rs.core.Response;
 import javax.ws.rs.core.Response.ResponseBuilder;
 import javax.ws.rs.core.Response.Status;
+import fi.codecrew.moya.model.*;
 import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
@@ -50,10 +53,6 @@ import fi.codecrew.moya.beans.PlaceGroupBeanLocal;
 import fi.codecrew.moya.beans.ReaderBeanLocal;
 import fi.codecrew.moya.beans.TicketBeanLocal;
 import fi.codecrew.moya.beans.UserBeanLocal;
-import fi.codecrew.moya.model.EventUser;
-import fi.codecrew.moya.model.GroupMembership;
-import fi.codecrew.moya.model.Place;
-import fi.codecrew.moya.model.ReaderEvent;
 import fi.codecrew.moya.rest.pojo.userinfo.v1.EventUserRestPojo;
 import fi.codecrew.moya.rest.pojo.userinfo.v1.PrintedCardRestPojo;
 import fi.codecrew.moya.rest.pojo.userinfo.v1.SimpleEventuserRoot;
@@ -270,7 +269,6 @@ public class UserRestView {
 			return new EventUserRestPojo();
 	}
    @POST
    @Path("/create")
    @Produces({ MediaType.APPLICATION_JSON })
@@ -284,7 +282,7 @@ public class UserRestView {
    @GET
    @Path("/")
    @Produces({ MediaType.APPLICATION_JSON })
-    @ApiOperation(value = "Find user", response = EventUserRestPojo.class)
+    @ApiOperation(value = "Find event user", response = EventUserRestPojo.class)
    public Response getEventUser(@QueryParam("email") @ApiParam("Email address") String email,
                                 @QueryParam("login") @ApiParam("Username") String userName) {
        try {
@@ -310,38 +308,69 @@ public class UserRestView {
    }
    @POST
-    @Path("/check-password")
+    @Path("/{userid}/check-password")
    @Produces({ MediaType.APPLICATION_JSON })
    @ApiOperation(value = "Check user password")
    @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
-    public Response checkPassword(@FormParam("username") @ApiParam("Username") String username,
+    public Response checkPassword(@PathParam("userid") @ApiParam("User ID") Integer userId,
                                  @FormParam("password") @ApiParam("Password") String password) {
        try {
-            Boolean success = userbean.checkPassword(username, password);
-            if (success == null) {
+            EventUser user = userbean.findByUserId(userId, true);
+            if (user == null) {
                return Response.status(Status.NOT_FOUND).build();
            }
-            if (success.booleanValue() == true) {
-                return Response.ok().build();
+            boolean passwordOk = user.checkPassword(password);
-            } else {
+            if (passwordOk) {
-                return Response.status(Status.UNAUTHORIZED).build();
+                return Response.ok(PojoUtils.initEventUserRestPojo(user), MediaType.APPLICATION_JSON_TYPE).build();
            }
+            return Response.status(Status.UNAUTHORIZED).entity(PojoUtils.initErrorPojo("Wrong password")).build();
        } catch (Exception e) {
            logger.error("Checking user authentication failed", e);
-            return Response.serverError().build();
+            return Response.serverError().entity(PojoUtils.initErrorPojo("Checking password failed")).build();
+        }
+    }
+    @POST
+    @Path("/{userid}/reset-password")
+    @Produces({ MediaType.APPLICATION_JSON })
+    @ApiOperation(value = "Reset user password")
+    @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
+    public Response resetPassword(@PathParam("userid") @ApiParam("User ID") Integer userId,
+                                  @FormParam("password") @ApiParam("New password") String password) {
+        try {
+            EventUser eventUser = userbean.findByUserId(userId, true);
+            User user = eventUser.getUser();
+            userbean.resetPassword(user, password);
+            return Response.ok(PojoUtils.initEventUserRestPojo(eventUser)).build();
+        } catch (Exception e) {
+            logger.error("Checking user authentication failed", e);
+            return Response.serverError().entity(PojoUtils.initErrorPojo("Resetting user password failed")).build();
        }
    }
    @PUT
    @Path("/{userId}/image")
    @ApiOperation(value = "Upload image")
-    public Response updateUser(@Context HttpServletRequest request,
+    @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
-                               @PathParam("userId") @ApiParam("User ID") Integer userId
+    public Response updateUserImage(@Context HttpServletRequest request,
-    ) throws IOException {
+                                    @PathParam("userId") @ApiParam("User ID") Integer userId) throws IOException {
+        try {
+            Part imagePart = request.getPart("image");
-        ServletInputStream inputStream = request.getInputStream();
+            User user = userbean.getUser(userId);
+            EventUser eventUser = userbean.getEventUser(user, true);
+            UserImage userImage = userbean.uploadImage(eventUser, imagePart.getContentType(),
+                    imagePart.getInputStream(), imagePart.getSubmittedFileName(), null);
-        return null;
+            return Response.ok().build();
+        } catch (ServletException e) {
+            logger.error("Updating user image failed", e);
+            return Response.serverError().build();
+        }
    }
 }