From 34869b1dbc1ea5729370cd9334a7cf06dceba1ec Mon Sep 17 00:00:00 2001
From: joalhelk <joalhelk@jyu.fi>
Date: Thu, 24 Mar 2022 10:38:43 +0200
Subject: [PATCH] admin can delete user
---
.../frames/subframes/AdminFrame.java | 5 +++-
.../watcherGui/httpRequests/HttpRequests.java | 29 +++++++++++++++++++
.../appuser/AppUserController.java | 10 +++----
.../watcherServer/appuser/AppUserService.java | 1 -
.../token/ConfirmationTokenRepository.java | 11 +++++++
.../token/ConfirmationTokenService.java | 10 +++++++
.../security/config/WebSecurityConfig.java | 3 +-
7 files changed, 61 insertions(+), 8 deletions(-)
diff --git a/WatcherGui/src/main/java/com/joelhelkala/watcherGui/frames/subframes/AdminFrame.java b/WatcherGui/src/main/java/com/joelhelkala/watcherGui/frames/subframes/AdminFrame.java
index d6e9149..9c50d3e 100644
--- a/WatcherGui/src/main/java/com/joelhelkala/watcherGui/frames/subframes/AdminFrame.java
+++ b/WatcherGui/src/main/java/com/joelhelkala/watcherGui/frames/subframes/AdminFrame.java
@@ -13,12 +13,14 @@ import javax.swing.Box;
import javax.swing.JButton;
import javax.swing.JCheckBox;
import javax.swing.JLabel;
+import javax.swing.JOptionPane;
import javax.swing.JPanel;
import javax.swing.JTextField;
import javax.swing.SwingConstants;
import com.joelhelkala.watcherGui.Colors.Colors;
import com.joelhelkala.watcherGui.Datatypes.UserType;
+import com.joelhelkala.watcherGui.frames.WelcomePage;
import com.joelhelkala.watcherGui.httpRequests.HttpRequests;
public class AdminFrame extends JPanel implements ActionListener {
@@ -88,7 +90,8 @@ public class AdminFrame extends JPanel implements ActionListener {
// Delete user with given id
private void performActionOnId(Long id) {
- System.out.println("Delete : " + id);
+ boolean delete = WelcomePage.handleSave();
+ if(delete) HttpRequests.deleteUser(id);
}
@Override
diff --git a/WatcherGui/src/main/java/com/joelhelkala/watcherGui/httpRequests/HttpRequests.java b/WatcherGui/src/main/java/com/joelhelkala/watcherGui/httpRequests/HttpRequests.java
index 5e6b7d0..a148dce 100644
--- a/WatcherGui/src/main/java/com/joelhelkala/watcherGui/httpRequests/HttpRequests.java
+++ b/WatcherGui/src/main/java/com/joelhelkala/watcherGui/httpRequests/HttpRequests.java
@@ -253,6 +253,35 @@ public class HttpRequests {
}
return data;
}
+
+ // Deletes the user with given id
+ public static void deleteUser(Long id) {
+ try {
+ URL url = new URL(address + "/appuser/"+id);
+ StringBuilder response = new StringBuilder();
+ HttpURLConnection con = (HttpURLConnection)url.openConnection();
+ con.setRequestMethod("DELETE");
+ con.setRequestProperty("Content-Type", "application/json; utf-8");
+ con.setRequestProperty("Accept", "application/json");
+ con.setDoOutput(true);
+ con.setRequestProperty("Authorization","Bearer " + User.getToken());
+ try(BufferedReader br = new BufferedReader(
+ new InputStreamReader(con.getInputStream(), "utf-8"))) {
+ String responseLine = null;
+ while ((responseLine = br.readLine()) != null) {
+ response.append(responseLine.trim());
+ }
+ }
+ System.out.println(response.toString());
+ con.disconnect();
+ } catch (MalformedURLException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ } catch (IOException e) {
+ // TODO Auto-generated catch block
+ e.printStackTrace();
+ }
+ }
/*
* Send a PUT request to update a node
diff --git a/watcherServer/src/main/java/com/joelhelkala/watcherServer/appuser/AppUserController.java b/watcherServer/src/main/java/com/joelhelkala/watcherServer/appuser/AppUserController.java
index 298b36c..9ce7ae9 100644
--- a/watcherServer/src/main/java/com/joelhelkala/watcherServer/appuser/AppUserController.java
+++ b/watcherServer/src/main/java/com/joelhelkala/watcherServer/appuser/AppUserController.java
@@ -1,11 +1,8 @@
package com.joelhelkala.watcherServer.appuser;
-import com.joelhelkala.watcherServer.response.UserGetResponse;
+import com.joelhelkala.watcherServer.registration.token.ConfirmationTokenService;
import com.joelhelkala.watcherServer.response.UserType;
-import org.apache.catalina.User;
import org.springframework.beans.factory.annotation.Autowired;
-import org.springframework.http.HttpStatus;
-import org.springframework.http.ResponseEntity;
import org.springframework.web.bind.annotation.*;
import java.util.List;
@@ -15,10 +12,12 @@ import java.util.List;
public class AppUserController {
private final AppUserService userService;
+ private final ConfirmationTokenService confirmationTokenService;
@Autowired
- public AppUserController(AppUserService userService) {
+ public AppUserController(AppUserService userService, ConfirmationTokenService confirmationTokenService) {
this.userService = userService;
+ this.confirmationTokenService = confirmationTokenService;
}
// Endpoint for person GET request which returns all the users
@@ -38,6 +37,7 @@ public class AppUserController {
// TODO: perhaps change to email?
@DeleteMapping(path = "{personId}")
public void deletePerson(@PathVariable("personId") Long id) {
+ confirmationTokenService.deleteTokenByUser(id);
userService.deleteUser(id);
}
diff --git a/watcherServer/src/main/java/com/joelhelkala/watcherServer/appuser/AppUserService.java b/watcherServer/src/main/java/com/joelhelkala/watcherServer/appuser/AppUserService.java
index ea76b8b..e3bbcf9 100644
--- a/watcherServer/src/main/java/com/joelhelkala/watcherServer/appuser/AppUserService.java
+++ b/watcherServer/src/main/java/com/joelhelkala/watcherServer/appuser/AppUserService.java
@@ -70,7 +70,6 @@ public class AppUserService implements UserDetailsService {
// Delete a user with given id
public void deleteUser(Long id) {
- // TODO: first remove the table with foreign key (confirmation token)
log.info("Deleting user with ID: " + id);
boolean exists = appUserRepository.existsById(id);
diff --git a/watcherServer/src/main/java/com/joelhelkala/watcherServer/registration/token/ConfirmationTokenRepository.java b/watcherServer/src/main/java/com/joelhelkala/watcherServer/registration/token/ConfirmationTokenRepository.java
index e7af774..f783833 100644
--- a/watcherServer/src/main/java/com/joelhelkala/watcherServer/registration/token/ConfirmationTokenRepository.java
+++ b/watcherServer/src/main/java/com/joelhelkala/watcherServer/registration/token/ConfirmationTokenRepository.java
@@ -3,6 +3,7 @@ package com.joelhelkala.watcherServer.registration.token;
import org.springframework.data.jpa.repository.JpaRepository;
import org.springframework.data.jpa.repository.Modifying;
import org.springframework.data.jpa.repository.Query;
+import org.springframework.data.repository.query.Param;
import org.springframework.stereotype.Repository;
import javax.transaction.Transactional;
@@ -21,4 +22,14 @@ public interface ConfirmationTokenRepository extends JpaRepository<ConfirmationT
"WHERE c.token = ?1")
int updateConfirmedAt(String token,
LocalDateTime confirmedAt);
+
+ @Transactional
+ @Modifying
+ @Query(value = "DELETE FROM ConfirmationToken c WHERE c.appUser.id = :id")
+ int deleteByUserId(@Param("id") Long id);
+
+ @Query("SELECT c " +
+ "FROM ConfirmationToken c " +
+ "WHERE c.appUser.id = ?1")
+ Optional<ConfirmationToken> existsByUserId(Long id);
}
diff --git a/watcherServer/src/main/java/com/joelhelkala/watcherServer/registration/token/ConfirmationTokenService.java b/watcherServer/src/main/java/com/joelhelkala/watcherServer/registration/token/ConfirmationTokenService.java
index 4b08fce..e5a2846 100644
--- a/watcherServer/src/main/java/com/joelhelkala/watcherServer/registration/token/ConfirmationTokenService.java
+++ b/watcherServer/src/main/java/com/joelhelkala/watcherServer/registration/token/ConfirmationTokenService.java
@@ -1,6 +1,7 @@
package com.joelhelkala.watcherServer.registration.token;
import lombok.AllArgsConstructor;
+import lombok.extern.slf4j.Slf4j;
import org.springframework.stereotype.Service;
import java.time.LocalDateTime;
@@ -8,6 +9,7 @@ import java.util.Optional;
@Service
@AllArgsConstructor
+@Slf4j
public class ConfirmationTokenService {
private final ConfirmationTokenRepository confirmationTokenRepository;
@@ -24,4 +26,12 @@ public class ConfirmationTokenService {
return confirmationTokenRepository.updateConfirmedAt(
token, LocalDateTime.now());
}
+
+ public void deleteTokenByUser(Long userId) {
+ log.info("Deleting token with userID : {}", userId);
+ Optional<ConfirmationToken> exists = confirmationTokenRepository.existsByUserId(userId);
+ if(!exists.isPresent()) return;
+ int removed = confirmationTokenRepository.deleteByUserId(userId);
+ log.info("deleted {} tokens", removed);
+ }
}
diff --git a/watcherServer/src/main/java/com/joelhelkala/watcherServer/security/config/WebSecurityConfig.java b/watcherServer/src/main/java/com/joelhelkala/watcherServer/security/config/WebSecurityConfig.java
index 009f2d7..16a1fc7 100644
--- a/watcherServer/src/main/java/com/joelhelkala/watcherServer/security/config/WebSecurityConfig.java
+++ b/watcherServer/src/main/java/com/joelhelkala/watcherServer/security/config/WebSecurityConfig.java
@@ -19,6 +19,7 @@ import org.springframework.security.core.userdetails.UserDetailsService;
import org.springframework.security.crypto.bcrypt.BCryptPasswordEncoder;
import org.springframework.security.web.authentication.UsernamePasswordAuthenticationFilter;
+import static org.springframework.http.HttpMethod.DELETE;
import static org.springframework.http.HttpMethod.GET;
@Configuration @EnableWebSecurity @RequiredArgsConstructor
@@ -49,8 +50,8 @@ public class WebSecurityConfig extends WebSecurityConfigurerAdapter {
// GET requests to appuser endpoint should have ADMIN roles
- // TODO: This does not work I think
http.authorizeRequests().antMatchers(GET, "/api/v*/appuser").hasAnyAuthority("ADMIN");
+ http.authorizeRequests().antMatchers(DELETE, "/api/v*/appuser").hasAnyAuthority("ADMIN");
// Every request should be authenticated
http.authorizeRequests().anyRequest().authenticated();
http.addFilter(customAuthenticationFilter);
--
GitLab