admin can delete user

WatcherGui/src/main/java/com/joelhelkala/watcherGui/frames/subframes/AdminFrame.java

@@ -13,12 +13,14 @@ import javax.swing.Box;
 import javax.swing.JButton;
 import javax.swing.JCheckBox;
 import javax.swing.JLabel;
+import javax.swing.JOptionPane;
 import javax.swing.JPanel;
 import javax.swing.JTextField;
 import javax.swing.SwingConstants;
 
 import com.joelhelkala.watcherGui.Colors.Colors;
 import com.joelhelkala.watcherGui.Datatypes.UserType;
+import com.joelhelkala.watcherGui.frames.WelcomePage;
 import com.joelhelkala.watcherGui.httpRequests.HttpRequests;
 
 public class AdminFrame extends JPanel implements ActionListener {
@@ -88,7 +90,8 @@ public class AdminFrame extends JPanel implements ActionListener {
 
 	// Delete user with given id
 	private void performActionOnId(Long id) {
-		System.out.println("Delete : " + id);
+		boolean delete = WelcomePage.handleSave();
+		if(delete) HttpRequests.deleteUser(id);
 	}
 
 	@Override

WatcherGui/src/main/java/com/joelhelkala/watcherGui/httpRequests/HttpRequests.java

@@ -253,6 +253,35 @@ public class HttpRequests {
 		}
 		return data;
 	}
+	
+	// Deletes the user with given id
+	public static void deleteUser(Long id) {
+		try {
+			URL url = new URL(address + "/appuser/"+id);
+			StringBuilder response = new StringBuilder();
+			HttpURLConnection con = (HttpURLConnection)url.openConnection();
+			con.setRequestMethod("DELETE");
+			con.setRequestProperty("Content-Type", "application/json; utf-8");
+			con.setRequestProperty("Accept", "application/json");
+			con.setDoOutput(true);
+	        con.setRequestProperty("Authorization","Bearer " + User.getToken());
+	        try(BufferedReader br = new BufferedReader(
+  			  new InputStreamReader(con.getInputStream(), "utf-8"))) {
+  			    String responseLine = null;
+  			    while ((responseLine = br.readLine()) != null) {
+  			        response.append(responseLine.trim());
+  			    }
+  			}
+	        System.out.println(response.toString());
+			con.disconnect();
+		} catch (MalformedURLException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		} catch (IOException e) {
+			// TODO Auto-generated catch block
+			e.printStackTrace();
+		}
+	}
 
 	/*
 	 * Send a PUT request to update a node

watcherServer/src/main/java/com/joelhelkala/watcherServer/appuser/AppUserController.java

 package com.joelhelkala.watcherServer.appuser;
 
-import com.joelhelkala.watcherServer.response.UserGetResponse;
+import com.joelhelkala.watcherServer.registration.token.ConfirmationTokenService;
 import com.joelhelkala.watcherServer.response.UserType;
-import org.apache.catalina.User;
 import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpStatus;
-import org.springframework.http.ResponseEntity;
 import org.springframework.web.bind.annotation.*;
 
 import java.util.List;
@@ -15,10 +12,12 @@ import java.util.List;
 public class AppUserController {
 
     private final AppUserService userService;
+    private final ConfirmationTokenService confirmationTokenService;
 
     @Autowired
-    public AppUserController(AppUserService userService) {
+    public AppUserController(AppUserService userService, ConfirmationTokenService confirmationTokenService) {
         this.userService = userService;
+        this.confirmationTokenService = confirmationTokenService;
     }
 
     // Endpoint for person GET request which returns all the users
@@ -38,6 +37,7 @@ public class AppUserController {
     // TODO: perhaps change to email?
     @DeleteMapping(path = "{personId}")
     public void deletePerson(@PathVariable("personId") Long id) {
+        confirmationTokenService.deleteTokenByUser(id);
         userService.deleteUser(id);
     }
 

watcherServer/src/main/java/com/joelhelkala/watcherServer/appuser/AppUserService.java

@@ -70,7 +70,6 @@ public class AppUserService implements UserDetailsService {
 
     // Delete a user with given id
     public void deleteUser(Long id) {
-        // TODO: first remove the table with foreign key (confirmation token)
         log.info("Deleting user with ID: " + id);
 
         boolean exists = appUserRepository.existsById(id);

watcherServer/src/main/java/com/joelhelkala/watcherServer/registration/token/ConfirmationTokenRepository.java

@@ -3,6 +3,7 @@ package com.joelhelkala.watcherServer.registration.token;
 import org.springframework.data.jpa.repository.JpaRepository;
 import org.springframework.data.jpa.repository.Modifying;
 import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.query.Param;
 import org.springframework.stereotype.Repository;
 
 import javax.transaction.Transactional;
@@ -21,4 +22,14 @@ public interface ConfirmationTokenRepository extends JpaRepository<ConfirmationT
             "WHERE c.token = ?1")
     int updateConfirmedAt(String token,
                           LocalDateTime confirmedAt);
+    
+    @Transactional
+    @Modifying
+    @Query(value = "DELETE FROM ConfirmationToken c WHERE c.appUser.id = :id")
+    int deleteByUserId(@Param("id") Long id);
+
+    @Query("SELECT c " +
+            "FROM ConfirmationToken c " +
+            "WHERE c.appUser.id = ?1")
+    Optional<ConfirmationToken> existsByUserId(Long id);
 }

watcherServer/src/main/java/com/joelhelkala/watcherServer/registration/token/ConfirmationTokenService.java

 package com.joelhelkala.watcherServer.registration.token;
 
 import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
 import org.springframework.stereotype.Service;
 
 import java.time.LocalDateTime;
@@ -8,6 +9,7 @@ import java.util.Optional;
 
 @Service
 @AllArgsConstructor
+@Slf4j
 public class ConfirmationTokenService {
 
     private final ConfirmationTokenRepository confirmationTokenRepository;
@@ -24,4 +26,12 @@ public class ConfirmationTokenService {
         return confirmationTokenRepository.updateConfirmedAt(
                 token, LocalDateTime.now());
     }
+
+    public void deleteTokenByUser(Long userId) {
+        log.info("Deleting token with userID : {}", userId);
+        Optional<ConfirmationToken> exists = confirmationTokenRepository.existsByUserId(userId);
+        if(!exists.isPresent()) return;
+        int removed = confirmationTokenRepository.deleteByUserId(userId);
+        log.info("deleted {} tokens", removed);
+    }
 }

watcherServer/src/main/java/com/joelhelkala/watcherServer/security/config/WebSecurityConfig.java

@@ -19,6 +19,7 @@ import org.springframework.security.core.userdetails.UserDetailsService;
 import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
 import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
 
+import static org.springframework.http.HttpMethod.DELETE;
 import static org.springframework.http.HttpMethod.GET;
 
 @Configuration @EnableWebSecurity @RequiredArgsConstructor
@@ -49,8 +50,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
 
 
         // GET requests to appuser endpoint should have ADMIN roles
-        // TODO: This does not work I think
         http.authorizeRequests().antMatchers(GET, "/api/v*/appuser").hasAnyAuthority("ADMIN");
+        http.authorizeRequests().antMatchers(DELETE, "/api/v*/appuser").hasAnyAuthority("ADMIN");
         // Every request should be authenticated
         http.authorizeRequests().anyRequest().authenticated();
         http.addFilter(customAuthenticationFilter);