Fixed user/edit

This commit is contained in:
Marc Beyer 2022-01-31 20:51:04 +01:00
parent bba0b6d5d2
commit 2918bc46b5

View File

@ -158,13 +158,16 @@ public class UserController {
@RequestParam String name, @RequestParam String name,
@RequestParam String forename, @RequestParam String forename,
@RequestParam String login, @RequestParam String login,
@RequestParam String password, @RequestParam(required = false) String password,
@RequestParam Boolean isAdmin @RequestParam Boolean isAdmin
) { ) {
User authUser = authController.getAuthUserFromHeader(authorizationHeader, userRepository); User authUser = authController.getAuthUserFromHeader(authorizationHeader, userRepository);
if (authUser == null || (!authUser.isAdmin() && authUser.getId() != userId)) { if (authUser == null || (!authUser.isAdmin() && authUser.getId() != userId)) {
return new ResponseEntity<>("Du hast keine Rechte um den User zu editieren", HttpStatus.UNAUTHORIZED); return new ResponseEntity<>("Du hast keine Rechte um den User zu editieren", HttpStatus.UNAUTHORIZED);
} }
if(isAdmin && !authUser.isAdmin()){
return new ResponseEntity<>("Du hast keine Rechte um dich zum Admin zu machen", HttpStatus.UNAUTHORIZED);
}
User user = userRepository.findById(userId); User user = userRepository.findById(userId);
if (user == null) { if (user == null) {
return new ResponseEntity<>("User nicht in der Datenbank vorhanden", HttpStatus.BAD_REQUEST); return new ResponseEntity<>("User nicht in der Datenbank vorhanden", HttpStatus.BAD_REQUEST);
@ -175,20 +178,22 @@ public class UserController {
return new ResponseEntity<>("Login exestiert bereits", HttpStatus.BAD_REQUEST); return new ResponseEntity<>("Login exestiert bereits", HttpStatus.BAD_REQUEST);
} }
if(password != null){
byte[] salt = Hasher.GenerateSalt(); byte[] salt = Hasher.GenerateSalt();
byte[] hash; byte[] hash;
try { try {
hash = Hasher.HashPassword(password, salt); hash = Hasher.HashPassword(password, salt);
user.setPassword(hash);
user.setSalt(salt);
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) { } catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
e.printStackTrace(); e.printStackTrace();
return new ResponseEntity<>("Fehler beim hashen", HttpStatus.INTERNAL_SERVER_ERROR); return new ResponseEntity<>("Fehler beim hashen", HttpStatus.INTERNAL_SERVER_ERROR);
} }
}
user.setName(name); user.setName(name);
user.setForename(forename); user.setForename(forename);
user.setLogin(login); user.setLogin(login);
user.setPassword(hash);
user.setSalt(salt);
user.setToken(""); user.setToken("");
user.setAdmin(isAdmin); user.setAdmin(isAdmin);