Skip to content

Instantly share code, notes, and snippets.

@victorximenis

victorximenis/UserController.java

Created July 23, 2015 20:38
Show Gist options
  • Save victorximenis/168af889983afc147df1 to your computer and use it in GitHub Desktop.
Save victorximenis/168af889983afc147df1 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
UserController.java
package br.com.media4all.mvc.controller;
import java.text.ParseException;
import java.text.SimpleDateFormat;
import java.util.ArrayList;
import java.util.Date;
import java.util.HashSet;
import java.util.List;
import java.util.Set;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;
import javax.ws.rs.core.Context;
import br.com.media4all.mvc.service.*;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.security.authentication.AuthenticationManager;
import org.springframework.security.authentication.UsernamePasswordAuthenticationToken;
import org.springframework.security.core.Authentication;
import org.springframework.security.core.context.SecurityContextHolder;
import org.springframework.security.core.userdetails.UserDetails;
import org.springframework.transaction.annotation.Transactional;
import org.springframework.web.bind.annotation.RequestBody;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.bind.annotation.RequestMethod;
import org.springframework.web.bind.annotation.RequestParam;
import org.springframework.web.bind.annotation.RestController;
import org.springframework.web.context.WebApplicationContext;
import br.com.media4all.app.infra.security.CustomMembership;
import br.com.media4all.app.infra.security.CustomUserDetails;
import br.com.media4all.app.infra.security.CustomUserDetails.AuthenticationTypeEnum;
import br.com.media4all.app.util.ResourceMessages;
import br.com.media4all.app.util.enums.PersonSexEnum;
import br.com.media4all.app.util.enums.RoleEnum;
import br.com.media4all.app.util.exception.EduException;
import br.com.media4all.mvc.controller.dto.AccountUserDto;
import br.com.media4all.mvc.controller.dto.AccountUserListDto;
import br.com.media4all.mvc.controller.dto.PermissionDtoList;
import br.com.media4all.mvc.controller.dto.PersonDto;
import br.com.media4all.mvc.controller.dto.RoleDto;
import br.com.media4all.mvc.controller.dto.UserDto;
import br.com.media4all.mvc.controller.dto.UserListDto;
import br.com.media4all.mvc.controller.dto.UserProfileDto;
import br.com.media4all.mvc.entity.Account;
import br.com.media4all.mvc.entity.AccountUser;
import br.com.media4all.mvc.entity.Membership;
import br.com.media4all.mvc.entity.Permission;
import br.com.media4all.mvc.entity.Person;
import br.com.media4all.mvc.entity.Role;
import br.com.media4all.mvc.entity.User;
@RestController
@RequestMapping(value = "/user")
public class UserController {
protected Logger _log = LoggerFactory.getLogger(getClass());
protected WebApplicationContext springContext;
protected AuthenticationManager authManager;
@Autowired
private UserService userService;
@Autowired
private PersonService personService;
@Autowired
private PermissionService permissionService;
@Autowired
private AccountService accountService;
@Autowired
private AccountUserService accountUserService;
@RequestMapping(value = "/getUserProfile", method = RequestMethod.GET, headers = "Accept=application/json")
public UserProfileDto getUserProfile(){
User user = userService.findById(getUsuarioLogado().getUserId());
return new UserProfileDto(user);
}
@RequestMapping(value = "/checkUserName", method = RequestMethod.GET, headers = "Accept=application/json")
public boolean checkUserName(@RequestParam(value = "username", required = true) String username){
if(userService.findByUserName(username) != null)
return true;
return false;
};
@RequestMapping(value = "/saveUserProfile", method = RequestMethod.POST, headers = "Accept=application/json")
@Transactional(noRollbackFor = { EduException.class })
public void saveUserProfile(@RequestBody UserProfileDto userProfileDto){
User user = userService.findById(userProfileDto.getUserId());
Person person = personService.findById(userProfileDto.getPersonId());
user.setUserName(userProfileDto.getUsername());
user.setImgName(userProfileDto.getImgName());
if(userProfileDto.getPassword() != null && !userProfileDto.getPassword().equals("")){
user.setPassword(userProfileDto.getPassword());
}
person.setFirstName(userProfileDto.getFirstName());
person.setLastName(userProfileDto.getLastName());
if(userProfileDto.getBirthday() != null){
SimpleDateFormat formatter = new SimpleDateFormat("MM/dd/yyyy");
try {
person.setDateOfBirth(formatter.parse(userProfileDto.getBirthday()));
} catch (ParseException e) {
// TODO Auto-generated catch block
throw new EduException("003", ResourceMessages.getMessage("exception","msg.code.003"));
}
}
if(userProfileDto.getSex() != null)
person.setSexo((userProfileDto.getSex().equals("M")) ? PersonSexEnum.MASCULINO : PersonSexEnum.FEMININO);
person.setWhoIs(userProfileDto.getWhoIs());
person.setAddress(userProfileDto.getAddress());
userService.update(user);
}
@RequestMapping(value = "/authenticateUser", method = RequestMethod.GET, headers = "Accept=application/json")
@Transactional(noRollbackFor = { EduException.class })
public UserDto authenticateUser(
@RequestParam(value = "login", required = true) String login,
@RequestParam(value = "password", required = true) String password,
@Context HttpServletRequest req) {
User user = userService.findByUserName(login);
UserDto userDTO = null;
HttpSession session = req.getSession(true);
if (user == null) {
_log.error("Cannot locate user : " + login);
session.invalidate();
throw new EduException("001", ResourceMessages.getMessage("exception","msg.code.001"));
}
if (!user.getIsActive()) {
session.invalidate();
throw new EduException("001", ResourceMessages.getMessage("exception","msg.code.001"));
}
if (user.getIsLocked() != null && user.getIsLocked()) {
session.invalidate();
throw new EduException("001", ResourceMessages.getMessage("exception","msg.code.001"));
}
Set<Membership> memberships = user.getPerson().getMemberships();
if (memberships == null || memberships.size() == 0) {
session.invalidate();
throw new EduException("001", ResourceMessages.getMessage("exception","msg.code.001"));
}
if (password == null || password.isEmpty() || !password.equals(user.getPassword())) {
userService.authenticationFail(user);
if (user.getIsLocked()) {
session.invalidate();
throw new EduException("001", ResourceMessages.getMessage("exception","msg.code.001"));
} else {
session.invalidate();
throw new EduException("001", ResourceMessages.getMessage("exception","msg.code.001"));
}
}
CustomUserDetails userDetails = new CustomUserDetails();
userDetails.setUserId(user.getId());
userDetails.setUsername(login);
userDetails.setPassword(password);
// Setting Authentication Object
Authentication auth = SecurityContextHolder.getContext().getAuthentication();
auth = new UsernamePasswordAuthenticationToken(login, password);
Authentication result = createSuccessAuthentication(
auth.getPrincipal(), auth, userDetails);
SecurityContextHolder.getContext().setAuthentication(result);
userDTO = new UserDto(user);
return userDTO;
}
private PermissionDtoList getPermissions(String strRoleId) throws EduException {
List<String> permissions = new ArrayList<String>();
Long roleId = Long.valueOf(strRoleId);
Set<Permission> permissionList = permissionService.findByRoleId(roleId);
for (Permission permission : permissionList) {
permissions.add(permission.getName());
}
PermissionDtoList permissionListDto = new PermissionDtoList(permissions);
return permissionListDto;
}
protected Authentication createSuccessAuthentication(Object principal,
Authentication authentication, UserDetails user) {
UsernamePasswordAuthenticationToken result = new UsernamePasswordAuthenticationToken(
principal, authentication.getCredentials(),
user.getAuthorities());
result.setDetails(user);
return result;
}
private Boolean isValidRole(Membership membership) {
Boolean flag = true;
if (membership.getRole() == null) {
flag = false;
}
return flag;
}
public CustomUserDetails getUsuarioLogado() {
CustomUserDetails user = (CustomUserDetails) SecurityContextHolder.getContext().getAuthentication().getDetails();
return user;
}
@RequestMapping(value = "/userByAttr", method = RequestMethod.GET, headers = "Accept=application/json")
public UserListDto userByAttr(@RequestParam(value = "attr", required = true) String attr){
List<User> list = userService.list(attr);
List<UserDto> listUDto = new ArrayList<UserDto>();
UserDto uDto = null;
for(User u : list){
uDto = new UserDto();
//uDto.setId(u.getId());
//uDto.setPerson(new PersonDto(u.getPerson()));
listUDto.add(uDto);
}
UserListDto uListDto = new UserListDto(listUDto);
return uListDto;
}
@RequestMapping(value = "/listUsersByAccountId", method = RequestMethod.GET, headers = "Accept=application/json")
public List<PersonDto> listUsersByAccountId(@RequestParam(value = "accountId", required = true) String accountId){
List<User> usersList = accountUserService.listUsersByAccountId(Long.parseLong(accountId));
List<PersonDto> personDtoList = new ArrayList<PersonDto>();
for(User user : usersList){
personDtoList.add(new PersonDto(user.getPerson()));
}
return personDtoList;
}
}
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment