From 0c98992cf9e97b7184b3840625ad84179901b541 Mon Sep 17 00:00:00 2001
From: mbremer <m.bremer@neusta.de>
Date: Mon, 2 Aug 2021 18:40:18 +0200
Subject: [PATCH] Fix change-password dialog, user-edit for admin

---
 .../mbremer/extension/CommonExtensions.java   |  6 +++
 src/main/java/de/mbremer/secutity/User.java   | 14 ++++-
 .../java/de/mbremer/secutity/UserForm.java    |  6 ++-
 .../de/mbremer/secutity/UserResource.java     | 53 +++++++++++++++++--
 src/main/resources/templates/user-modal.html  | 28 +++++++---
 src/main/resources/templates/user.html        | 30 ++++++++++-
 6 files changed, 120 insertions(+), 17 deletions(-)

diff --git a/src/main/java/de/mbremer/extension/CommonExtensions.java b/src/main/java/de/mbremer/extension/CommonExtensions.java
index 17c2a34..d3eb75e 100644
--- a/src/main/java/de/mbremer/extension/CommonExtensions.java
+++ b/src/main/java/de/mbremer/extension/CommonExtensions.java
@@ -1,5 +1,7 @@
 package de.mbremer.extension;
 
+import de.mbremer.room.Room;
+import de.mbremer.secutity.User;
 import io.quarkus.qute.TemplateExtension;
 
 import java.time.LocalDate;
@@ -24,4 +26,8 @@ public class CommonExtensions {
   public static String rightPad(String str, int length) {
     return String.format("%1$-" + length + "s", str);
   }
+
+  public static String selectedIfIn(User user, Room room) {
+    return user !=null && user.getRoom() != null && user.getRoom().getName().equals(room.getName()) ? "selected" : "";
+  }
 }
diff --git a/src/main/java/de/mbremer/secutity/User.java b/src/main/java/de/mbremer/secutity/User.java
index bd2d5b6..2e1655e 100644
--- a/src/main/java/de/mbremer/secutity/User.java
+++ b/src/main/java/de/mbremer/secutity/User.java
@@ -34,7 +34,6 @@ public class User extends PanacheEntity {
 
   @OneToOne
   @Getter
-  @Setter
   private Room room;
 
   /**
@@ -60,4 +59,17 @@ public class User extends PanacheEntity {
     this.role = role == null ? role : role.toUpperCase();
     return this;
   }
+
+  public User setRoom(Room room) {
+    this.room = room;
+    return this;
+  }
+
+  public boolean hasRoleAdmin() {
+    return "ADMIN".equals(role);
+  }
+
+  public boolean hasRoleUser() {
+    return "USER".equals(role);
+  }
 }
diff --git a/src/main/java/de/mbremer/secutity/UserForm.java b/src/main/java/de/mbremer/secutity/UserForm.java
index a79d4b6..40bf2dc 100644
--- a/src/main/java/de/mbremer/secutity/UserForm.java
+++ b/src/main/java/de/mbremer/secutity/UserForm.java
@@ -1,15 +1,19 @@
 package de.mbremer.secutity;
 
+import de.mbremer.room.Room;
+
 import javax.ws.rs.FormParam;
 
 public class UserForm {
   public @FormParam("username") String username;
   public @FormParam("password") String password;
   public @FormParam("passwordVerify") String passwordVerify;
+  public @FormParam("room") String room;
   public @FormParam("role") String role;
 
   public User getUser() {
-    return new User().setUsername(username).setPassword(password).setRole(role);
+    return new User().setUsername(username).setPassword(password).setRole(role)
+        .setRoom((Room) Room.find("name", room).singleResultOptional().orElse(null));
   }
 
   public boolean verifyPassword() {
diff --git a/src/main/java/de/mbremer/secutity/UserResource.java b/src/main/java/de/mbremer/secutity/UserResource.java
index a01e2a2..5e9f4c8 100644
--- a/src/main/java/de/mbremer/secutity/UserResource.java
+++ b/src/main/java/de/mbremer/secutity/UserResource.java
@@ -1,5 +1,7 @@
 package de.mbremer.secutity;
 
+import de.mbremer.room.Room;
+import io.quarkus.panache.common.Sort;
 import io.quarkus.qute.Location;
 import io.quarkus.qute.Template;
 import io.quarkus.qute.TemplateInstance;
@@ -28,6 +30,8 @@ public class UserResource {
   @Inject
   SecurityIdentity identity;
   @Inject
+  UserService userService;
+  @Inject
   Template userinit;
   @Inject
   @Location("user.html")
@@ -37,10 +41,17 @@ public class UserResource {
   @Produces(MediaType.TEXT_HTML)
   @RolesAllowed({"USER", "ADMIN"})
   public TemplateInstance getUser() {
-    return userTemplate
-        .data("user_count", User.count())
-        .data("current_username", identity.getPrincipal().getName())
-        .data("is_admin", identity.hasRole("ADMIN"));
+    TemplateInstance templateInstance = userTemplate
+        .data("current_username", identity.getPrincipal().getName());
+
+    if (identity.hasRole("ADMIN")) {
+      templateInstance
+        .data("is_admin", true)
+        .data("users", User.listAll(Sort.by("username")))
+        .data("rooms", Room.listAll(Sort.by("name")));
+    }
+
+    return templateInstance;
   }
 
   @POST
@@ -99,6 +110,38 @@ public class UserResource {
     User user = userForm.getUser();
     user.persist();
 
-    return getUser().data("info", "User angelegt.");
+    return getUser().data("info", "User angelegt");
+  }
+
+  @POST
+  @Consumes(MediaType.MULTIPART_FORM_DATA)
+  @Produces(MediaType.TEXT_HTML)
+  @Transactional
+  @Path("/password")
+  @RolesAllowed({"USER", "ADMIN"})
+  public TemplateInstance changePassword(@MultipartForm UserForm userForm) {
+    if (!userForm.verifyPassword()) {
+      return getUser().data("error", "Das Passwort ist zu kurz oder stimmt nicht mit der Wiederholung überein.");
+    }
+
+    userService.getCurrentUser().setPassword(userForm.password);
+
+    return getUser().data("info", "Passwort aktualisiert");
+  }
+
+  @POST
+  @Consumes(MediaType.MULTIPART_FORM_DATA)
+  @Produces(MediaType.TEXT_HTML)
+  @Transactional
+  @Path("/update")
+  public TemplateInstance update(@MultipartForm UserForm userForm) {
+    log.info("update");
+
+    Room room = Room.find("name", userForm.room).singleResult();
+    log.info("set room " + room.getName());
+    User user = User.find("username", userForm.username).singleResult();
+    user.setRoom(room);
+
+    return getUser();
   }
 }
diff --git a/src/main/resources/templates/user-modal.html b/src/main/resources/templates/user-modal.html
index cac8df1..6b226ee 100644
--- a/src/main/resources/templates/user-modal.html
+++ b/src/main/resources/templates/user-modal.html
@@ -1,4 +1,4 @@
-<div class="modal fade" id="userModal" tabindex="-1" aria-labelledby="userModalLabel" aria-hidden="true">
+<div class="modal fade" id="userModal{#if id}{id}{/if}" tabindex="-1" aria-labelledby="userModalLabel" aria-hidden="true">
   <div class="modal-dialog">
     <div class="modal-content">
       <div class="modal-header">
@@ -6,25 +6,37 @@
         <button type="button" class="btn-close" data-bs-dismiss="modal" aria-label="Close"></button>
       </div>
 
-      <form action="/user/new" method="POST" name="userForm" enctype="multipart/form-data">
+      <form action="/user/{#if update}update{#else}new{/if}" method="POST" name="userForm" enctype="multipart/form-data">
         <div class="modal-body row mb-3">
           <div class="align-items-center col-md-10 mx-auto col-lg-11">
             <div class="form-floating mb-3">
-              <input type="text" name="username" class="form-control" id="name" placeholder="Benutzername" required>
+              <input type="text" name="username" class="form-control" id="name" placeholder="Benutzername" required
+                     {#if update}readonly value="{user.username}"{/if}>
               <label for="name">Benutzername</label>
             </div>
             <div class="form-floating mb-3">
-              <input type="password" name="password" class="form-control" id="pwd" placeholder="Password" required>
+              <input type="password" name="password" class="form-control" id="pwd" placeholder="Password" required
+                     {#if update}disabled value="xxxxx"{/if}>
               <label for="pwd">Passwort</label>
             </div>
             <div class="form-floating mb-3">
-              <input type="password" name="passwordVerify" class="form-control" id="pwdv" placeholder="Passwort wiederholen" required>
+              <input type="password" name="passwordVerify" class="form-control" id="pwdv" placeholder="Passwort wiederholen" required
+                     {#if update}disabled value="xxxxx"{/if}>
               <label for="pwd">Passwort wiederholen</label>
             </div>
             <div class="form-floating mb-3">
-              <select id="role" name="role" class="form-select" required>
-                <option selected>USER</option>
-                <option>ADMIN</option>
+              <select id="room" name="room" class="form-select" required>
+                <option value="">Bitte wählen...</option>
+                {#for room in rooms}
+                <option {user.selectedIfIn(room)}>{room.name}</option>
+                {/for}
+              </select>
+              <label class="col-sm-3 col-form-label1" for="room">Raum</label>
+            </div>
+            <div class="form-floating mb-3">
+              <select id="role" name="role" class="form-select" required {#if update}disabled{/if}>
+                <option {#if update and user.hasRoleUser}selected{/if}>USER</option>
+                <option {#if update and user.hasRoleAdmin}selected{/if}>ADMIN</option>
               </select>
               <label class="col-sm-3 col-form-label1" for="role">Rolle</label>
             </div>
diff --git a/src/main/resources/templates/user.html b/src/main/resources/templates/user.html
index 7cbaaf3..d9dbbde 100644
--- a/src/main/resources/templates/user.html
+++ b/src/main/resources/templates/user.html
@@ -4,7 +4,33 @@
 
 <div class="mt-2">
   <h2>Hallo {current_username}</h2>
-  {#if is_admin}User: {user_count}{/if}
+  {#if is_admin}
+  <table class="table table-striped table-bordered">
+    <thead>
+    <tr>
+      <th scope="col">Username</th>
+      <th scope="col">Raum</th>
+      <th scope="col"/>
+    </tr>
+    </thead>
+    <tbody>
+    {#for user in users}
+    <tr>
+      <td>
+        {user.username}
+      </td>
+      <td>
+        {user.room.name}
+      </td>
+      <td style="width:1px; white-space:nowrap;">
+        <a class="btn btn-primary btn-sm" data-bs-toggle="modal" data-bs-target="#userModal{count}" role="button">Edit</a>
+        {#include user-modal.html rooms=rooms update=true id=count user=user}{/include}
+      </td>
+    </tr>
+    {/for}
+    </tbody>
+  </table>
+  {/if}
 </div>
 
   <div class="mt-2" >
@@ -13,7 +39,7 @@
     {/if}
     <a class="btn btn-primary" data-bs-toggle="modal" data-bs-target="#passwordModal" role="button">Passwort ändern</a>
     {#if is_admin}
-      {#include user-modal.html}{/include}
+      {#include user-modal.html rooms=rooms}{/include}
     {/if}
     {#include password-modal.html}{/include}
   </div>