From fd4c75279f0a9e54843fdbebcdbb9f98b7af4cb7 Mon Sep 17 00:00:00 2001 From: Anthony Stirling <77850077+Frooodle@users.noreply.github.com.> Date: Thu, 6 Jun 2024 21:23:33 +0100 Subject: [PATCH] init --- .../SPDF/controller/api/UserController.java | 62 +++++++++---------- src/main/resources/application.properties | 2 +- src/main/resources/templates/addUsers.html | 2 +- 3 files changed, 33 insertions(+), 33 deletions(-) diff --git a/src/main/java/stirling/software/SPDF/controller/api/UserController.java b/src/main/java/stirling/software/SPDF/controller/api/UserController.java index ae85d650..44a51a3a 100644 --- a/src/main/java/stirling/software/SPDF/controller/api/UserController.java +++ b/src/main/java/stirling/software/SPDF/controller/api/UserController.java @@ -66,46 +66,46 @@ public class UserController { RedirectAttributes redirectAttributes) { if (!userService.isUsernameValid(newUsername)) { - return new RedirectView("/account?messageType=invalidUsername"); + return new RedirectView("/account?messageType=invalidUsername",true); } if (principal == null) { - return new RedirectView("/account?messageType=notAuthenticated"); + return new RedirectView("/account?messageType=notAuthenticated",true); } // The username MUST be unique when renaming Optional userOpt = userService.findByUsername(principal.getName()); if (userOpt == null || userOpt.isEmpty()) { - return new RedirectView("/account?messageType=userNotFound"); + return new RedirectView("/account?messageType=userNotFound",true); } User user = userOpt.get(); if (user.getUsername().equals(newUsername)) { - return new RedirectView("/account?messageType=usernameExists"); + return new RedirectView("/account?messageType=usernameExists",true); } if (!userService.isPasswordCorrect(user, currentPassword)) { - return new RedirectView("/account?messageType=incorrectPassword"); + return new RedirectView("/account?messageType=incorrectPassword",true); } if (!user.getUsername().equals(newUsername) && userService.usernameExists(newUsername)) { - return new RedirectView("/account?messageType=usernameExists"); + return new RedirectView("/account?messageType=usernameExists",true); } if (newUsername != null && newUsername.length() > 0) { try { userService.changeUsername(user, newUsername); } catch (IllegalArgumentException e) { - return new RedirectView("/account?messageType=invalidUsername"); + return new RedirectView("/account?messageType=invalidUsername",true); } } // Logout using Spring's utility new SecurityContextLogoutHandler().logout(request, response, null); - return new RedirectView(LOGIN_MESSAGETYPE_CREDSUPDATED); + return new RedirectView(LOGIN_MESSAGETYPE_CREDSUPDATED,true); } @PreAuthorize("!hasAuthority('ROLE_DEMO_USER')") @@ -118,19 +118,19 @@ public class UserController { HttpServletResponse response, RedirectAttributes redirectAttributes) { if (principal == null) { - return new RedirectView("/change-creds?messageType=notAuthenticated"); + return new RedirectView("/change-creds?messageType=notAuthenticated",true); } Optional userOpt = userService.findByUsernameIgnoreCase(principal.getName()); if (userOpt == null || userOpt.isEmpty()) { - return new RedirectView("/change-creds?messageType=userNotFound"); + return new RedirectView("/change-creds?messageType=userNotFound",true); } User user = userOpt.get(); if (!userService.isPasswordCorrect(user, currentPassword)) { - return new RedirectView("/change-creds?messageType=incorrectPassword"); + return new RedirectView("/change-creds?messageType=incorrectPassword",true); } userService.changePassword(user, newPassword); @@ -138,7 +138,7 @@ public class UserController { // Logout using Spring's utility new SecurityContextLogoutHandler().logout(request, response, null); - return new RedirectView(LOGIN_MESSAGETYPE_CREDSUPDATED); + return new RedirectView(LOGIN_MESSAGETYPE_CREDSUPDATED,true); } @PreAuthorize("!hasAuthority('ROLE_DEMO_USER')") @@ -151,19 +151,19 @@ public class UserController { HttpServletResponse response, RedirectAttributes redirectAttributes) { if (principal == null) { - return new RedirectView("/account?messageType=notAuthenticated"); + return new RedirectView("/account?messageType=notAuthenticated",true); } Optional userOpt = userService.findByUsernameIgnoreCase(principal.getName()); if (userOpt == null || userOpt.isEmpty()) { - return new RedirectView("/account?messageType=userNotFound"); + return new RedirectView("/account?messageType=userNotFound",true); } User user = userOpt.get(); if (!userService.isPasswordCorrect(user, currentPassword)) { - return new RedirectView("/account?messageType=incorrectPassword"); + return new RedirectView("/account?messageType=incorrectPassword",true); } userService.changePassword(user, newPassword); @@ -171,7 +171,7 @@ public class UserController { // Logout using Spring's utility new SecurityContextLogoutHandler().logout(request, response, null); - return new RedirectView(LOGIN_MESSAGETYPE_CREDSUPDATED); + return new RedirectView(LOGIN_MESSAGETYPE_CREDSUPDATED,true); } @PreAuthorize("!hasAuthority('ROLE_DEMO_USER')") @@ -204,7 +204,7 @@ public class UserController { boolean forceChange) { if (!userService.isUsernameValid(username)) { - return new RedirectView("/addUsers?messageType=invalidUsername"); + return new RedirectView("/addUsers?messageType=invalidUsername",true); } Optional userOpt = userService.findByUsernameIgnoreCase(username); @@ -212,26 +212,26 @@ public class UserController { if (userOpt.isPresent()) { User user = userOpt.get(); if (user != null && user.getUsername().equalsIgnoreCase(username)) { - return new RedirectView("/addUsers?messageType=usernameExists"); + return new RedirectView("/addUsers?messageType=usernameExists",true); } } if (userService.usernameExistsIgnoreCase(username)) { - return new RedirectView("/addUsers?messageType=usernameExists"); + return new RedirectView("/addUsers?messageType=usernameExists",true); } try { // Validate the role Role roleEnum = Role.fromString(role); if (roleEnum == Role.INTERNAL_API_USER) { // If the role is INTERNAL_API_USER, reject the request - return new RedirectView("/addUsers?messageType=invalidRole"); + return new RedirectView("/addUsers?messageType=invalidRole",true); } } catch (IllegalArgumentException e) { // If the role ID is not valid, redirect with an error message - return new RedirectView("/addUsers?messageType=invalidRole"); + return new RedirectView("/addUsers?messageType=invalidRole",true); } userService.saveUser(username, password, role, forceChange); - return new RedirectView("/addUsers"); // Redirect to account page after adding the user + return new RedirectView("/addUsers",true); // Redirect to account page after adding the user } @PreAuthorize("hasRole('ROLE_ADMIN')") @@ -244,33 +244,33 @@ public class UserController { Optional userOpt = userService.findByUsernameIgnoreCase(username); if (!userOpt.isPresent()) { - return new RedirectView("/addUsers?messageType=userNotFound"); + return new RedirectView("/addUsers?messageType=userNotFound",true); } if (!userService.usernameExistsIgnoreCase(username)) { - return new RedirectView("/addUsers?messageType=userNotFound"); + return new RedirectView("/addUsers?messageType=userNotFound",true); } // Get the currently authenticated username String currentUsername = authentication.getName(); // Check if the provided username matches the current session's username if (currentUsername.equalsIgnoreCase(username)) { - return new RedirectView("/addUsers?messageType=downgradeCurrentUser"); + return new RedirectView("/addUsers?messageType=downgradeCurrentUser",true); } try { // Validate the role Role roleEnum = Role.fromString(role); if (roleEnum == Role.INTERNAL_API_USER) { // If the role is INTERNAL_API_USER, reject the request - return new RedirectView("/addUsers?messageType=invalidRole"); + return new RedirectView("/addUsers?messageType=invalidRole",true); } } catch (IllegalArgumentException e) { // If the role ID is not valid, redirect with an error message - return new RedirectView("/addUsers?messageType=invalidRole"); + return new RedirectView("/addUsers?messageType=invalidRole",true); } User user = userOpt.get(); userService.changeRole(user, role); - return new RedirectView("/addUsers"); // Redirect to account page after adding the user + return new RedirectView("/addUsers",true); // Redirect to account page after adding the user } @PreAuthorize("hasRole('ROLE_ADMIN')") @@ -279,7 +279,7 @@ public class UserController { @PathVariable(name = "username") String username, Authentication authentication) { if (!userService.usernameExistsIgnoreCase(username)) { - return new RedirectView("/addUsers?messageType=deleteUsernameExists"); + return new RedirectView("/addUsers?messageType=deleteUsernameExists",true); } // Get the currently authenticated username @@ -287,11 +287,11 @@ public class UserController { // Check if the provided username matches the current session's username if (currentUsername.equalsIgnoreCase(username)) { - return new RedirectView("/addUsers?messageType=deleteCurrentUser"); + return new RedirectView("/addUsers?messageType=deleteCurrentUser",true); } invalidateUserSessions(username); userService.deleteUser(username); - return new RedirectView("/addUsers"); + return new RedirectView("/addUsers",true); } @Autowired private SessionRegistry sessionRegistry; diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties index a5f12e64..e6961d78 100644 --- a/src/main/resources/application.properties +++ b/src/main/resources/application.properties @@ -17,7 +17,7 @@ spring.servlet.multipart.max-file-size=2000MB spring.servlet.multipart.max-request-size=2000MB server.servlet.session.tracking-modes=cookie -server.servlet.context-path=${SYSTEM_ROOTURIPATH:/} +server.servlet.context-path=/pdf spring.devtools.restart.enabled=true spring.devtools.livereload.enabled=true diff --git a/src/main/resources/templates/addUsers.html b/src/main/resources/templates/addUsers.html index 0cb5c512..848b1f13 100644 --- a/src/main/resources/templates/addUsers.html +++ b/src/main/resources/templates/addUsers.html @@ -78,7 +78,7 @@
Default message if not found
-
+