Fixed user/edit
This commit is contained in:
parent
bba0b6d5d2
commit
2918bc46b5
@ -158,13 +158,16 @@ public class UserController {
|
|||||||
@RequestParam String name,
|
@RequestParam String name,
|
||||||
@RequestParam String forename,
|
@RequestParam String forename,
|
||||||
@RequestParam String login,
|
@RequestParam String login,
|
||||||
@RequestParam String password,
|
@RequestParam(required = false) String password,
|
||||||
@RequestParam Boolean isAdmin
|
@RequestParam Boolean isAdmin
|
||||||
) {
|
) {
|
||||||
User authUser = authController.getAuthUserFromHeader(authorizationHeader, userRepository);
|
User authUser = authController.getAuthUserFromHeader(authorizationHeader, userRepository);
|
||||||
if (authUser == null || (!authUser.isAdmin() && authUser.getId() != userId)) {
|
if (authUser == null || (!authUser.isAdmin() && authUser.getId() != userId)) {
|
||||||
return new ResponseEntity<>("Du hast keine Rechte um den User zu editieren", HttpStatus.UNAUTHORIZED);
|
return new ResponseEntity<>("Du hast keine Rechte um den User zu editieren", HttpStatus.UNAUTHORIZED);
|
||||||
}
|
}
|
||||||
|
if(isAdmin && !authUser.isAdmin()){
|
||||||
|
return new ResponseEntity<>("Du hast keine Rechte um dich zum Admin zu machen", HttpStatus.UNAUTHORIZED);
|
||||||
|
}
|
||||||
User user = userRepository.findById(userId);
|
User user = userRepository.findById(userId);
|
||||||
if (user == null) {
|
if (user == null) {
|
||||||
return new ResponseEntity<>("User nicht in der Datenbank vorhanden", HttpStatus.BAD_REQUEST);
|
return new ResponseEntity<>("User nicht in der Datenbank vorhanden", HttpStatus.BAD_REQUEST);
|
||||||
@ -175,20 +178,22 @@ public class UserController {
|
|||||||
return new ResponseEntity<>("Login exestiert bereits", HttpStatus.BAD_REQUEST);
|
return new ResponseEntity<>("Login exestiert bereits", HttpStatus.BAD_REQUEST);
|
||||||
}
|
}
|
||||||
|
|
||||||
byte[] salt = Hasher.GenerateSalt();
|
if(password != null){
|
||||||
byte[] hash;
|
byte[] salt = Hasher.GenerateSalt();
|
||||||
try {
|
byte[] hash;
|
||||||
hash = Hasher.HashPassword(password, salt);
|
try {
|
||||||
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
|
hash = Hasher.HashPassword(password, salt);
|
||||||
e.printStackTrace();
|
user.setPassword(hash);
|
||||||
return new ResponseEntity<>("Fehler beim hashen", HttpStatus.INTERNAL_SERVER_ERROR);
|
user.setSalt(salt);
|
||||||
|
} catch (NoSuchAlgorithmException | InvalidKeySpecException e) {
|
||||||
|
e.printStackTrace();
|
||||||
|
return new ResponseEntity<>("Fehler beim hashen", HttpStatus.INTERNAL_SERVER_ERROR);
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
user.setName(name);
|
user.setName(name);
|
||||||
user.setForename(forename);
|
user.setForename(forename);
|
||||||
user.setLogin(login);
|
user.setLogin(login);
|
||||||
user.setPassword(hash);
|
|
||||||
user.setSalt(salt);
|
|
||||||
user.setToken("");
|
user.setToken("");
|
||||||
user.setAdmin(isAdmin);
|
user.setAdmin(isAdmin);
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user