View Javadoc
1   package usecase.user;
2   
3   import common.http.ParameterConverter;
4   import common.http.error.ForwardOnError;
5   import common.http.interceptor.InterceptableServlet;
6   import usecase.auth.AuthorizationConstraints;
7   import usecase.auth.AuthorizationException;
8   import usecase.auth.CurrentUser;
9   
10  import javax.inject.Inject;
11  import javax.servlet.ServletException;
12  import javax.servlet.annotation.MultipartConfig;
13  import javax.servlet.annotation.WebServlet;
14  import javax.servlet.http.HttpServletRequest;
15  import javax.servlet.http.HttpServletResponse;
16  import javax.servlet.http.Part;
17  import java.io.BufferedInputStream;
18  import java.io.IOException;
19  
20  import static usecase.auth.AuthorizationConstraints.Types.REQUIRE_AUTHENTICATION;
21  /**
22   * Servlet che permette la modifica di un account utente da parte di un amministratore.
23   */
24  @WebServlet("/edituser")
25  @MultipartConfig
26  @AuthorizationConstraints(REQUIRE_AUTHENTICATION)
27  class EditUserServlet extends InterceptableServlet {
28      @Inject private UserService service;
29      @Inject private CurrentUser currentUser;
30  
31      private static final String EDIT_USER_PAGE = "/WEB-INF/views/edit-user.jsp";
32  
33      @Override
34      protected void doGet(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
35          ParameterConverter converter = new ParameterConverter(request);
36          int userId = converter.getIntParameter("id").orElse(0);
37          if(!currentUser.isAdmin() && currentUser.getId() != userId)
38              throw new AuthorizationException();
39          UserProfile user = service.getUser(userId);
40          request.setAttribute("user", user);
41          request.getRequestDispatcher("/WEB-INF/views/edit-user.jsp").forward(request, response);
42      }
43  
44      @Override
45      @ForwardOnError(EDIT_USER_PAGE)
46      protected void doPost(HttpServletRequest request, HttpServletResponse response) throws ServletException, IOException {
47          ParameterConverter converter = new ParameterConverter(request);
48          int userId = converter.getIntParameter("id").orElse(0);
49          String email = request.getParameter("email");
50          String description = request.getParameter("description");
51          Part picture = request.getPart("picture");
52          String pass = request.getParameter("pass");
53          String pass2 = request.getParameter("pass2");
54  
55          if((!pass.isEmpty() || !pass2.isEmpty()) && !pass.equals(pass2))
56              throw new IllegalArgumentException("Le password devono coincidere");
57  
58          BufferedInputStream stream = picture.getSize() > 0 ? new BufferedInputStream(picture.getInputStream()) : null;
59          UserEditPage userEditPage = new UserEditPage(description,email,stream ,pass);
60          service.edit(userEditPage,userId);
61  
62          response.sendRedirect(request.getContextPath() + "/u/" + service.getUsernameById(userId));
63      }
64  }