user creation rest api stuff

code/moya-beans-client/ejbModule/fi/codecrew/moya/beans/UserBeanLocal.java

@@ -176,4 +176,6 @@ public interface UserBeanLocal {
 	String findUsernameByEmailUsername(String filter);
 
 	EventUser findEventuserByLogin(String username);
+
+    Boolean checkPassword(String username, String password);
 }

code/moya-beans/ejbModule/fi/codecrew/moya/beans/UserBean.java

@@ -1110,9 +1110,17 @@ public class UserBean implements UserBeanLocal {
 		return eventUserFacade.findByLogin(username);
 	}
 
+    @Override
+    public Boolean checkPassword(String username, String password) {
+        User user = userFacade.findByLogin(username);
+        if (user != null) {
+            return user.checkPassword(password);
+        }
+        return null;
+    }
 
 
-	@Override
+    @Override
 	@RolesAllowed(EventPermission.S_MANAGE_EVENT)
 	public EventUser getUserByAuthcode(String authcode) {
 		logger.info("getUser({})", authcode);

code/moya-web/src/main/java/fi/codecrew/moya/rest/UserRestView.java

@@ -18,22 +18,17 @@
  */
 package fi.codecrew.moya.rest;
 
+import java.io.IOException;
 import java.security.Principal;
 import java.util.List;
 
 import javax.ejb.EJB;
 import javax.enterprise.context.RequestScoped;
+import javax.print.attribute.standard.Media;
 import javax.servlet.ServletException;
+import javax.servlet.ServletInputStream;
 import javax.servlet.http.HttpServletRequest;
-import javax.ws.rs.Consumes;
-import javax.ws.rs.DefaultValue;
-import javax.ws.rs.FormParam;
-import javax.ws.rs.GET;
-import javax.ws.rs.POST;
-import javax.ws.rs.Path;
-import javax.ws.rs.PathParam;
-import javax.ws.rs.Produces;
-import javax.ws.rs.QueryParam;
+import javax.ws.rs.*;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
@@ -67,12 +62,13 @@ import fi.codecrew.moya.rest.pojo.userinfo.v1.UserReservationRoot;
 import fi.codecrew.moya.util.UserSearchQuery;
 import fi.codecrew.moya.utilities.SearchQuery.QuerySortOrder;
 import fi.codecrew.moya.utilities.SearchResult;
+import sun.security.provider.certpath.OCSPResponse;
 
 @RequestScoped
 @Path("/user")
 @Consumes({ MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML })
 @Produces({ MediaType.APPLICATION_JSON + "; charset=UTF-8" })
-@Api("/user")
+@Api(value = "/user", description = "Administer users")
 public class UserRestView {
 
 	@EJB
@@ -103,6 +99,7 @@ public class UserRestView {
 	@POST
 	@Path("/giveplace/{placeId}")
 	@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
+    @ApiOperation(value = "Set place status to give/ungive", response = UserReservationPlacePojo.class)
 	public Response setPlacesGivenStatus(
 			@PathParam("placeId") Integer id,
 			@FormParam("action") String status) {
@@ -144,30 +141,38 @@ public class UserRestView {
 
 	@GET
 	@Path("/reservationswithcode/{code}")
+    @ApiOperation(value = "Get places with code", response = UserReservationRoot.class)
 	public Response getPlacesWithCode(@PathParam("code") String code) {
+        try {
 
-		EventUser curruser = permbean.getCurrentUser();
-		ReaderEvent revent = readerbean.checkCode("restapi: " + curruser.getLogin(), code);
+            EventUser curruser = permbean.getCurrentUser();
+            ReaderEvent revent = readerbean.checkCode("restapi: " + curruser.getLogin(), code);
 
-		if (revent != null && revent.getUser() != null) {
-			EventUser eu = revent.getUser();
-			List<GroupMembership> gms = ticketbean.findMembershipPrintlistForUser(eu);
+            if (revent != null && revent.getUser() != null) {
+                EventUser eu = revent.getUser();
+                List<GroupMembership> gms = ticketbean.findMembershipPrintlistForUser(eu);
 
-			UserReservationRoot ret = new UserReservationRoot();
-			ret.setUser(PojoUtils.initEventUserRestPojo(eu));
+                UserReservationRoot ret = new UserReservationRoot();
+                ret.setUser(PojoUtils.initEventUserRestPojo(eu));
 
-			for (GroupMembership g : gms) {
+                for (GroupMembership g : gms) {
 
-				ret.getReservations().add(PojoUtils.initUserReservationPlace(g));
-			}
-			return Response.ok(ret).build();
-		}
-		return Response.status(Status.NOT_FOUND).build();
+                    ret.getReservations().add(PojoUtils.initUserReservationPlace(g));
+                }
+                return Response.ok(ret).build();
+            }
+            return Response.status(Status.NOT_FOUND).build();
+
+        } catch (Exception e) {
+            logger.error("Getting places failed", e);
+            return Response.serverError().build();
+        }
 
 	}
 
 	@GET
 	@Path("/{userid}/reservations")
+    @ApiOperation(value = "Get user's reservations", response = UserReservationRoot.class)
 	public Response usersPlaces(@PathParam("userid") Integer userid) {
 		EventUser eu = userbean.findByUserId(userid, false);
 		if (eu != null) {
@@ -188,6 +193,7 @@ public class UserRestView {
 	@Path("/auth")
 	@Produces({ MediaType.APPLICATION_JSON })
 	@Consumes(MediaType.APPLICATION_FORM_URLENCODED)
+    @ApiOperation(value = "Authenticate", response = EventUserRestPojo.class)
 	public Response auth(
 			@FormParam("username") String username,
 			@FormParam("password") String password) {
@@ -229,9 +235,16 @@ public class UserRestView {
 			@QueryParam("search") String search
 			) {
 
-		UserSearchQuery q = new UserSearchQuery(page, pagesize, null, search, QuerySortOrder.UNSORTED);
-		SearchResult<EventUser> users = userbean.getThisEventsUsers(q);
-		return PojoUtils.parseEventusers(users.getResults());
+        try {
+
+            UserSearchQuery q = new UserSearchQuery(page, pagesize, null, search, QuerySortOrder.UNSORTED);
+            SearchResult<EventUser> users = userbean.getThisEventsUsers(q);
+            return PojoUtils.parseEventusers(users.getResults());
+
+        } catch (Exception e) {
+            logger.error("Getting EventUsers failed", e);
+            throw e;
+        }
 	}
 
 	@GET
@@ -256,4 +269,79 @@ public class UserRestView {
 		else
 			return new EventUserRestPojo();
 	}
+
+
+    @POST
+    @Path("/create")
+    @Produces({ MediaType.APPLICATION_JSON })
+    @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
+    @ApiOperation(value = "Create user", response = EventUserRestPojo.class)
+    public EventUserRestPojo createEventUser() {
+        return null;
+    }
+
+
+    @GET
+    @Path("/")
+    @Produces({ MediaType.APPLICATION_JSON })
+    @ApiOperation(value = "Find user", response = EventUserRestPojo.class)
+    public Response getEventUser(@QueryParam("email") @ApiParam("Email address") String email,
+                                 @QueryParam("login") @ApiParam("Username") String userName) {
+        try {
+
+            // If username not given, try to find username by email
+            if (userName == null || userName.isEmpty()) {
+                userName = userbean.findUsernameByEmailUsername(email);
+            }
+
+            // Get the user
+            EventUser eventUser = userbean.findEventuserByLogin(userName);
+            if (eventUser == null) {
+                return Response.status(Status.NOT_FOUND).build();
+            }
+
+            // Return the EventUser
+            return Response.ok(PojoUtils.initEventUserRestPojo(eventUser)).build();
+
+        } catch (Exception e) {
+            logger.error("Finding event user failed", e);
+            return Response.serverError().build();
+        }
+    }
+
+    @POST
+    @Path("/check-password")
+    @Produces({ MediaType.APPLICATION_JSON })
+    @ApiOperation(value = "Check user password")
+    @Consumes(MediaType.APPLICATION_FORM_URLENCODED)
+    public Response checkPassword(@FormParam("username") @ApiParam("Username") String username,
+                                  @FormParam("password") @ApiParam("Password") String password) {
+        try {
+            Boolean success = userbean.checkPassword(username, password);
+            if (success == null) {
+                return Response.status(Status.NOT_FOUND).build();
+            }
+            if (success.booleanValue() == true) {
+                return Response.ok().build();
+            } else {
+                return Response.status(Status.UNAUTHORIZED).build();
+            }
+        } catch (Exception e) {
+            logger.error("Checking user authentication failed", e);
+            return Response.serverError().build();
+        }
+    }
+
+    @PUT
+    @Path("/{userId}/image")
+    @ApiOperation(value = "Upload image")
+    public Response updateUser(@Context HttpServletRequest request,
+                               @PathParam("userId") @ApiParam("User ID") Integer userId
+    ) throws IOException {
+
+        ServletInputStream inputStream = request.getInputStream();
+
+        return null;
+    }
+
 }

code/moya-web/src/main/java/fi/codecrew/moya/servlet/SwaggerJaxrsConfig.java

@@ -23,7 +23,7 @@ public class SwaggerJaxrsConfig extends HttpServlet {
 
 	// TODO: Make API url configurable or invent something smart to overcome
 	// the need of base url.
-	private static final String BASE_URL = "http://localhost:49080/MoyaWeb";
+	private static final String BASE_URL = "http://localhost:8080/MoyaWeb";
 	private static final String API_RESOURCE_PACKAGE = "fi.codecrew.moya.rest";
 
 	@Override