*/
@RequestMapping(value = "/users", method = RequestMethod.POST)
@ResponseBody
- public String saveLocalUserConfig(@RequestParam(required = true) String json,
+ public Status saveLocalUserConfig(@RequestParam(required = true) String json,
@RequestParam(required = true) String action, HttpServletRequest request) {
IUserManager userManager = (IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this);
if (userManager == null) {
- return "Internal Error";
+ return new Status(StatusCode.NOSERVICE, "User Manager unavailable");
}
if (!authorize(userManager, UserLevel.NETWORKADMIN, request)) {
- return "Operation not permitted";
+ return new Status(StatusCode.UNAUTHORIZED, "Operation not permitted");
}
Gson gson = new Gson();
Status result = (action.equals("add")) ? userManager.addLocalUser(config) : userManager.removeLocalUser(config);
if (result.isSuccess()) {
- String userAction = (action.equals("add")) ? "added" : "removed";
if (action.equals("add")) {
- String userRoles = "";
- for (String userRole : config.getRoles()) {
- userRoles = userRoles + userRole + ",";
- }
- DaylightWebUtil.auditlog("User", request.getUserPrincipal().getName(), userAction, config.getUser()
- + " as " + userRoles.substring(0, userRoles.length() - 1));
+ DaylightWebUtil.auditlog("User", request.getUserPrincipal().getName(), "added", config.getUser()
+ + " as " + config.getRoles().toString());
} else {
- DaylightWebUtil.auditlog("User", request.getUserPrincipal().getName(), userAction, config.getUser());
+ DaylightWebUtil.auditlog("User", request.getUserPrincipal().getName(), "removed", config.getUser());
}
- return "Success";
}
- return result.getDescription();
+ return result;
}
+ @RequestMapping(value = "/user/modify", method = RequestMethod.POST)
+ @ResponseBody
+ public Status modifyUser(@RequestParam(required = true) String json,
+ @RequestParam(required = true) String action, HttpServletRequest request) {
+
+ IUserManager userManager = (IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this);
+ if (userManager == null) {
+ return new Status(StatusCode.NOSERVICE, "User Manager unavailable");
+ }
+
+ if (!authorize(userManager, UserLevel.NETWORKADMIN, request)) {
+ return new Status(StatusCode.UNAUTHORIZED, "Operation not permitted");
+ }
+
+ UserConfig newConfig = gson.fromJson(json, UserConfig.class);
+ List<UserConfig> currentUserConfig = userManager.getLocalUserList();
+ String password = null;
+ String user = newConfig.getUser();
+ for (UserConfig userConfig : currentUserConfig) {
+ if(userConfig.getUser().equals(user)){
+ password = userConfig.getPassword();
+ break;
+ }
+ }
+ if (password == null) {
+ String msg = String.format("User %s not found in configuration database", user);
+ return new Status(StatusCode.NOTFOUND, msg);
+ }
+
+ //While modifying a user role, the password is not provided from GUI for any user.
+ //The password is stored in hash mode, hence it cannot be retrieved and added to UserConfig object
+ //The hashed password is injected below to the json string containing username and new roles before
+ //converting to UserConfig object.
+ json = json.replace("\"roles\"", "\"password\":\""+ password + "\",\"roles\"");
+ Gson gson = new Gson();
+ newConfig = gson.fromJson(json, UserConfig.class);
+
+ Status result = userManager.modifyLocalUser(newConfig);
+ if (result.isSuccess()) {
+ DaylightWebUtil.auditlog("Roles of", request.getUserPrincipal().getName(), "updated", newConfig.getUser()
+ + " to " + newConfig.getRoles().toString());
+ }
+ return result;
+ }
+
+
@RequestMapping(value = "/users/{username}", method = RequestMethod.POST)
@ResponseBody
- public String removeLocalUser(@PathVariable("username") String userName, HttpServletRequest request) {
+ public Status removeLocalUser(@PathVariable("username") String userName, HttpServletRequest request) {
- String username = request.getUserPrincipal().getName();
- if (username.equals(userName)) {
- return "Invalid Request: User cannot delete itself";
+ String loggedInUser = request.getUserPrincipal().getName();
+ if (loggedInUser.equals(userName)) {
+ String msg = "Invalid Request: User cannot delete itself";
+ return new Status(StatusCode.NOTALLOWED, msg);
}
IUserManager userManager = (IUserManager) ServiceHelper.getGlobalInstance(IUserManager.class, this);
if (userManager == null) {
- return "Internal Error";
+ return new Status(StatusCode.NOSERVICE, "User Manager unavailable");
}
if (!authorize(userManager, UserLevel.NETWORKADMIN, request)) {
- return "Operation not permitted";
+ return new Status(StatusCode.UNAUTHORIZED, "Operation not permitted");
}
- Status result = userManager.removeLocalUser(userName);
- if (result.isSuccess()) {
+ Status status = userManager.removeLocalUser(userName);
+ if (status.isSuccess()) {
DaylightWebUtil.auditlog("User", request.getUserPrincipal().getName(), "removed", userName);
- return "Success";
+ return status;
}
- return result.getDescription();
+ return status;
}
@RequestMapping(value = "/users/password/{username}", method = RequestMethod.POST)
}
if (status.isSuccess()) {
- DaylightWebUtil.auditlog("User", request.getUserPrincipal().getName(), " changed password for User ",
+ DaylightWebUtil.auditlog("User", request.getUserPrincipal().getName(), "changed password for",
username);
}
return status;
close : "one_main_admin_id_modal_remove_close",
password : 'one_main_admin_id_modal_remove_password'
},
+ modify : {
+ user : "one_main_admin_id_modal_modify_user",
+ },
password : {
modal : 'one_main_admin_id_modal_password_modal',
submit : 'one_main_admin_id_modal_password_submit',
add : {
user : "one_main_admin_id_add_user"
}
+ },
+ registry :{
+
},
address : {
root : "/admin",
users : "/users",
+ modifyUser : "/user/modify",
password : '/admin/users/password/'
},
modal : {
$.getJSON(one.main.admin.address.root
+ one.main.admin.address.users, function(data) {
var body = one.main.admin.data.users(data);
+ one.main.admin.registry["users"] = data;
var $body = one.main.admin.body.users(body);
callback($body);
});
remove : {
modal : {
initialize : function(id) {
- var h3 = "Edit User";
+ var h3 = "Manage user - " + id;
var footer = one.main.admin.remove.footer();
var $body = one.main.admin.remove.body();
var $modal = one.lib.modal.spawn(one.main.admin.id.modal.user,
$('#'+one.main.admin.id.modal.remove.close, $modal).click(function() {
$modal.modal('hide');
});
+ // close binding
+ $('#'+one.main.admin.id.modal.modify.user, $modal).click(function() {
+ one.main.admin.add.modal.initialize(id, true);
+ });
// remove binding
$('#' + one.main.admin.id.modal.remove.user, $modal).click(function() {
one.main.admin.remove.modal.ajax(id, function(result) {
- if (result == 'Success') {
+ if (result.description == 'Success') {
$modal.modal('hide');
// body inject
var $admin = $('#'+one.main.admin.id.modal.main);
one.lib.modal.inject.body($admin, $body);
});
} else {
- alert("Failed to remove user: " + result);
+ alert("Failed to remove user: " + result.description);
}
});
});
one.main.admin.id.modal.remove.user, "btn-danger", "");
var $removeButton = one.lib.dashlet.button.button(removeButton);
footer.push($removeButton);
+ var modifyButton = one.lib.dashlet.button.single("Change Role",
+ one.main.admin.id.modal.modify.user, "btn-success", "");
+ var $modifyButton = one.lib.dashlet.button.button(modifyButton);
+ footer.push($modifyButton);
var change = one.lib.dashlet.button.single('Change Password',
one.main.admin.id.modal.remove.password, 'btn-success', '');
var $change = one.lib.dashlet.button.button(change);
},
add : {
modal : {
- initialize : function() {
- var h3 = "Add User";
- var footer = one.main.admin.add.footer();
- var $body = one.main.admin.add.body();
+ initialize : function(id, edit) {
+ var h3 = edit? "Change Role of user " + id:"Add User";
+ var footer = one.main.admin.add.footer(edit);
+ var $body = one.main.admin.add.body(id, edit);
var $modal = one.lib.modal.spawn(one.main.admin.id.modal.user,
h3, $body, footer);
// close binding
});
// add binding
$('#' + one.main.admin.id.modal.add.user, $modal).click(function() {
- one.main.admin.add.modal.add($modal, function(result) {
- if (result == 'Success') {
+ one.main.admin.add.modal.add($modal, edit, function(result) {
+ if (result.description == 'Success') {
$modal.modal('hide');
// body inject
var $admin = $('#'+one.main.admin.id.modal.main);
one.main.admin.ajax.users(function($body) {
- one.lib.modal.inject.body($admin, $body);
+ one.lib.modal.inject.body($admin, $body);
});
} else {
- alert("Failed to add user: "+result);
+ var action = edit? "edit" :"add";
+ alert("Failed to "+ action +" user: "+result.description);
}
});
});
$modal.modal();
},
- add : function($modal, callback) {
+ add : function($modal, edit, callback) {
var user = {};
user['user'] = $modal.find(
'#' + one.main.admin.id.modal.add.form.name).val();
- user['password'] = $modal.find(
- '#' + one.main.admin.id.modal.add.form.password).val();
+ if (!edit) {
+ user['password'] = $modal.find(
+ '#' + one.main.admin.id.modal.add.form.password).val();
+ }
roles = new Array();
roles[0] = $modal.find(
'#' + one.main.admin.id.modal.add.form.role).find(
'option:selected').attr('value');
user['roles'] = roles;
- // password check
- var verify = $('#'+one.main.admin.id.modal.add.form.verify).val();
- if (user.password != verify) {
- alert('Passwords do not match');
- return false;
+ if (!edit) {
+ // password check
+ var verify = $('#'+one.main.admin.id.modal.add.form.verify).val();
+ if (user.password != verify) {
+ alert('Passwords do not match');
+ return false;
+ }
}
-
var resource = {};
resource['json'] = JSON.stringify(user);
resource['action'] = 'add'
- one.main.admin.add.modal.ajax(resource, callback);
+ one.main.admin.add.modal.ajax(resource, edit, callback);
},
- ajax : function(data, callback) {
- $.post(one.main.admin.address.root
- + one.main.admin.address.users, data, function(data) {
- callback(data);
- });
+ ajax : function(data, edit, callback) {
+ if(edit) {
+ $.post(one.main.admin.address.root
+ + one.main.admin.address.modifyUser, data, function(data) {
+ callback(data);
+ });
+ } else {
+ $.post(one.main.admin.address.root
+ + one.main.admin.address.users, data, function(data) {
+ callback(data);
+ });
+ }
}
},
- body : function() {
+ body : function(id, edit) {
var $form = $(document.createElement('form'));
var $fieldset = $(document.createElement('fieldset'));
+ var users = one.main.admin.registry["users"];
+ var currentUser;
+ if(edit) {
+ $(users).each(function(index, val) {
+ if(val.user == id){
+ currentUser = val;
+ }
+ });
+ }
+
// user
var $label = one.lib.form.label('Username');
var $input = one.lib.form.input('Username');
$input.attr('id', one.main.admin.id.modal.add.form.name);
+ if(edit) {
+ $input.attr("disabled",true);
+ $input.val(id);
+ }
$fieldset.append($label).append($input);
- // password
- var $label = one.lib.form.label('Password');
- var $input = one.lib.form.input('Password');
- $input.attr('id', one.main.admin.id.modal.add.form.password);
- $input.attr('type', 'password');
- $fieldset.append($label).append($input);
- // password verify
- var $label = one.lib.form.label('Verify Password');
- var $input = one.lib.form.input('Verify Password');
- $input.attr('id', one.main.admin.id.modal.add.form.verify);
- $input.attr('type', 'password');
- $fieldset.append($label).append($input);
+ if(!edit) {
+ // password
+ var $label = one.lib.form.label('Password');
+ var $input = one.lib.form.input('Password');
+ $input.attr('id', one.main.admin.id.modal.add.form.password);
+ $input.attr('type', 'password');
+ $fieldset.append($label).append($input);
+ // password verify
+ var $label = one.lib.form.label('Verify Password');
+ var $input = one.lib.form.input('Verify Password');
+ $input.attr('id', one.main.admin.id.modal.add.form.verify);
+ $input.attr('type', 'password');
+ $fieldset.append($label).append($input);
+ }
// roles
var $label = one.lib.form.label('Roles');
var options = {
};
var $select = one.lib.form.select.create(options);
$select.attr('id', one.main.admin.id.modal.add.form.role);
+ if(edit) {
+ $select.children().each(function() {
+ this.selected = (this.text == options[currentUser.roles[0]]);
+ });
+ }
+
$fieldset.append($label).append($select);
$form.append($fieldset);
return $form;
},
- footer : function() {
+ footer : function(edit) {
var footer = [];
- var addButton = one.lib.dashlet.button.single("Add User",
+ var buttonText = edit ? "Update User" : "Add User";
+
+ var addButton = one.lib.dashlet.button.single(buttonText,
one.main.admin.id.modal.add.user, "btn-primary", "");
var $addButton = one.lib.dashlet.button.button(addButton);
footer.push($addButton);
});
/** MAIN PAGE LOAD */
-one.main.menu.load();
+one.main.menu.load();
\ No newline at end of file
Code Review / controller.git / commitdiff