implemented display of document positions

user/src/main/java/de/srsoftware/umbrella/user/UserModule.java

@@ -12,8 +12,7 @@ import static de.srsoftware.umbrella.core.ResponseCode.*;
 import static de.srsoftware.umbrella.core.ResponseCode.HTTP_SERVER_ERROR;
 import static de.srsoftware.umbrella.core.Util.open;
 import static de.srsoftware.umbrella.core.Util.request;
-import static de.srsoftware.umbrella.core.exceptions.UmbrellaException.missingConfigException;
-import static de.srsoftware.umbrella.core.exceptions.UmbrellaException.missingFieldException;
+import static de.srsoftware.umbrella.core.exceptions.UmbrellaException.*;
 import static de.srsoftware.umbrella.user.Constants.*;
 import static de.srsoftware.umbrella.user.Paths.*;
 import static de.srsoftware.umbrella.user.Paths.IMPERSONATE;
@@ -185,9 +184,9 @@ public class UserModule extends BaseHandler implements UserService {
 
 			};
 			long userId = Long.parseLong(head);
-			if (user.isEmpty()) return forbidden(ex);
-			if (!(user.get() instanceof DbUser dbUser)) return forbidden(ex);
-			if (!(dbUser.id() == userId || dbUser.permissions().contains(LIST_USERS))) return forbidden(ex);
+			if (user.isEmpty()) return unauthorized(ex);
+			if (!(user.get() instanceof DbUser dbUser)) return unauthorized(ex);
+			if (!(dbUser.id() == userId || dbUser.permissions().contains(LIST_USERS))) throw forbidden("You are not allowed to access that user!");
 			return sendContent(ex,users.load(userId));
 		} catch (UmbrellaException e) {
 			return send(ex,e);
@@ -215,7 +214,7 @@ public class UserModule extends BaseHandler implements UserService {
 			userId = Long.parseLong(head);
 			DbUser editedUser = (DbUser) users.load(userId);
 
-			if (!(requestingUser.get() instanceof DbUser dbUser) || !(dbUser.id() == userId || dbUser.permissions().contains(UPDATE_USERS))) return sendContent(ex,HTTP_FORBIDDEN,"You are not allowed to update user "+editedUser.name());
+			if (!(requestingUser.get() instanceof DbUser dbUser) || !(dbUser.id() == userId || dbUser.permissions().contains(UPDATE_USERS))) throw forbidden("You are not allowed to update user "+editedUser.name());
 
 			JSONObject json;
 			try {
@@ -242,14 +241,18 @@ public class UserModule extends BaseHandler implements UserService {
 			targetId = Long.parseLong(head);
 			head = path.pop();
 		} catch (NumberFormatException ignored) {}
-		switch (head){
-			case CREATE: return postCreate(ex);
-			case OIDC: return postOIDC(ex,path);
-			case IMPERSONATE: return impersonate(ex,targetId);
-			case LOGIN: return postLogin(ex);
-			case RESET_PW: return postResetPassword(ex);
+		try {
+			return switch (head) {
+				case CREATE -> postCreate(ex);
+				case OIDC -> postOIDC(ex, path);
+				case IMPERSONATE -> impersonate(ex, targetId);
+				case LOGIN -> postLogin(ex);
+				case RESET_PW -> postResetPassword(ex);
+				case null, default -> super.doPost(path,ex);
+			};
+		} catch (UmbrellaException e){
+			return send(ex,e);
 		}
-		return super.doPost(path, ex);
 	}
 
 	private boolean exchangeToken(HttpExchange ex) throws IOException {
@@ -303,7 +306,7 @@ public class UserModule extends BaseHandler implements UserService {
 
 	}
 
-	private boolean getOIDC(HttpExchange ex, UmbrellaUser user, Path path) throws IOException {
+	private boolean getOIDC(HttpExchange ex, UmbrellaUser user, Path path) throws IOException, UmbrellaException {
 		var head = path.pop();
 		return switch (head){
 			case BUTTONS -> getOidcButtons(ex);
@@ -315,15 +318,9 @@ public class UserModule extends BaseHandler implements UserService {
 		};
 	}
 
-	private boolean getOIDC(HttpExchange ex, UmbrellaUser user, String serviceId) throws IOException {
-		if (!(user instanceof DbUser dbUser && dbUser.permissions().contains(MANAGE_LOGIN_SERVICES))) return forbidden(ex);
-		try {
-			return sendContent(ex,logins.loadLoginService(serviceId).toMap());
-		} catch (UmbrellaException e) {
-			return send(ex,e);
-		} catch (IOException e) {
-			return sendContent(ex,HTTP_SERVER_ERROR,e.getMessage());
-		}
+	private boolean getOIDC(HttpExchange ex, UmbrellaUser user, String serviceId) throws IOException, UmbrellaException {
+		if (!(user instanceof DbUser dbUser && dbUser.permissions().contains(MANAGE_LOGIN_SERVICES))) throw forbidden("You are not allowed to manage that service!");
+		return sendContent(ex,logins.loadLoginService(serviceId).toMap());
 	}
 
 	private JSONObject getOidcConfig(LoginService service) throws UmbrellaException {
@@ -375,40 +372,26 @@ public class UserModule extends BaseHandler implements UserService {
 		}
 	}
 
-	private boolean getServiceList(HttpExchange ex, UmbrellaUser user) throws IOException {
-		if (!(user instanceof DbUser dbUser && dbUser.permissions().contains(MANAGE_LOGIN_SERVICES))) return forbidden(ex);
-		try {
-			var services = logins.listLoginServices().stream().map(LoginService::toMap);
-			return sendContent(ex,services);
-		} catch (UmbrellaException e) {
-			return send(ex,e);
-		} catch (IOException e) {
-			return sendContent(ex,HTTP_SERVER_ERROR,e.getMessage());
-		}
+	private boolean getServiceList(HttpExchange ex, UmbrellaUser user) throws IOException, UmbrellaException {
+		if (!(user instanceof DbUser dbUser && dbUser.permissions().contains(MANAGE_LOGIN_SERVICES))) throw forbidden("You are not allowed to manage that service!");
+		var services = logins.listLoginServices().stream().map(LoginService::toMap);
+		return sendContent(ex,services);
 	}
 
-	private boolean getUserList(HttpExchange ex, UmbrellaUser user) throws IOException {
-		if (!(user instanceof DbUser dbUser && dbUser.permissions().contains(LIST_USERS))) return sendContent(ex,HTTP_FORBIDDEN,"You are not allowed to list users!");
-		try {
-			var list = users.list(0, null).stream().map(UmbrellaUser::toMap).toList();
-			return sendContent(ex,list);
-		} catch (UmbrellaException e) {
-			return send(ex,e);
-		}
+	private boolean getUserList(HttpExchange ex, UmbrellaUser user) throws IOException, UmbrellaException {
+		if (!(user instanceof DbUser dbUser && dbUser.permissions().contains(LIST_USERS))) throw forbidden("You are not allowed to list users!");
+		var list = users.list(0, null).stream().map(UmbrellaUser::toMap).toList();
+		return sendContent(ex,list);
 	}
 
-	private boolean impersonate(HttpExchange ex, Long targetId) throws IOException {
-		try {
-			var requestingUser = loadUser(ex);
-			if (!(requestingUser.isPresent() && requestingUser.get() instanceof DbUser dbUser)) return unauthorized(ex);
-			if (!dbUser.permissions().contains(PERMISSION.IMPERSONATE)) return forbidden(ex);
-			if (targetId == null) return sendContent(ex,HTTP_UNPROCESSABLE,"user id missing");
-			var targetUser = users.load(targetId);
-			users.getSession(targetUser).cookie().addTo(ex);
-			return sendContent(ex,targetUser.toMap());
-		} catch (UmbrellaException e) {
-			return send(ex,e);
-		}
+	private boolean impersonate(HttpExchange ex, Long targetId) throws IOException, UmbrellaException {
+		var requestingUser = loadUser(ex);
+		if (!(requestingUser.isPresent() && requestingUser.get() instanceof DbUser dbUser)) return unauthorized(ex);
+		if (!dbUser.permissions().contains(PERMISSION.IMPERSONATE)) throw forbidden("You are not allowed to impersonate other users!");
+		if (targetId == null) return sendContent(ex,HTTP_UNPROCESSABLE,"user id missing");
+		var targetUser = users.load(targetId);
+		users.getSession(targetUser).cookie().addTo(ex);
+		return sendContent(ex,targetUser.toMap());
 	}
 
 	public boolean logout(HttpExchange ex, Optional<Token> optToken) throws IOException {
@@ -456,28 +439,23 @@ public class UserModule extends BaseHandler implements UserService {
 		}
 	}
 
-	private boolean postCreate(HttpExchange ex) throws IOException {
+	private boolean postCreate(HttpExchange ex) throws IOException, UmbrellaException {
+		var optUser = loadUser(ex);
+		if (!(optUser.isPresent() && optUser.get() instanceof DbUser dbUser)) return unauthorized(ex);
+		if (!dbUser.permissions().contains(PERMISSION.CREATE_USERS)) throw forbidden("You are not allowed to create new users!");
+		var json = json(ex);
 
-		try {
-			var optUser = loadUser(ex);
-			if (!(optUser.isPresent() && optUser.get() instanceof DbUser dbUser)) return unauthorized(ex);
-			if (!dbUser.permissions().contains(PERMISSION.CREATE_USERS)) return forbidden(ex);
-			var json = json(ex);
+		if (json.has(USER)) json = json.getJSONObject(USER);
+		var name = json.has(NAME) ? json.getString(NAME) : null;
+		var email = json.has(EMAIL) ? new EmailAddress(json.getString(EMAIL)) : null;
+		var theme = json.has(THEME) ? json.getString(THEME) : null;
+		var lang = json.has(LANGUAGE) ? json.getString(LANGUAGE) : null;
+		var pass = json.has(PASSWORD) ? json.getString(PASSWORD) : null;
+		var hashedPass = Password.of(BAD_HASHER.hash(pass,null));
+		var newUser = new DbUser(0, name, email, hashedPass, theme, lang, Set.of(), null);
 
-			if (json.has(USER)) json = json.getJSONObject(USER);
-			var name = json.has(NAME) ? json.getString(NAME) : null;
-			var email = json.has(EMAIL) ? new EmailAddress(json.getString(EMAIL)) : null;
-			var theme = json.has(THEME) ? json.getString(THEME) : null;
-			var lang = json.has(LANGUAGE) ? json.getString(LANGUAGE) : null;
-			var pass = json.has(PASSWORD) ? json.getString(PASSWORD) : null;
-			var hashedPass = Password.of(BAD_HASHER.hash(pass,null));
-			var newUser = new DbUser(0, name, email, hashedPass, theme, lang, Set.of(), null);
-
-			var user = users.save(newUser);
-			return sendContent(ex,HTTP_OK,user);
-		} catch (UmbrellaException e) {
-			return send(ex,e);
-		}
+		var user = users.save(newUser);
+		return sendContent(ex,HTTP_OK,user);
 	}
 
 	private boolean postResetPassword(HttpExchange ex) throws IOException {
@@ -503,19 +481,15 @@ public class UserModule extends BaseHandler implements UserService {
 		return ok(ex);
 	}
 
-	private boolean patchService(HttpExchange ex, String serviceName, UmbrellaUser requestingUser) throws IOException {
-		if (!(requestingUser instanceof DbUser user && user.permissions().contains(MANAGE_LOGIN_SERVICES))) return forbidden(ex);
-		try {
-			var json = json(ex);
-			if (!json.has(NAME)          ||          !(json.get(NAME) instanceof String name)     || name.isBlank())    throw missingFieldException(NAME);
-			if (!json.has(URL)           ||           !(json.get(URL) instanceof String url)      || url.isBlank())      throw missingFieldException(URL);
-			if (!json.has(CLIENT_ID)     ||     !(json.get(CLIENT_ID) instanceof String clientId) || clientId.isBlank()) throw missingFieldException(CLIENT_ID);
-			if (!json.has(CLIENT_SECRET) || !(json.get(CLIENT_SECRET) instanceof String secret)   || secret.isBlank())   throw missingFieldException(CLIENT_SECRET);
-			var service = logins.save(new LoginService(name,url,clientId,secret, DEFAULT_FIELD));
-			return sendContent(ex,service.toMap());
-		} catch (UmbrellaException e) {
-			return send(ex,e);
-		}
+	private boolean patchService(HttpExchange ex, String serviceName, UmbrellaUser requestingUser) throws IOException, UmbrellaException {
+		if (!(requestingUser instanceof DbUser user && user.permissions().contains(MANAGE_LOGIN_SERVICES))) throw forbidden("You are not allowed to manage that service!");
+		var json = json(ex);
+		if (!json.has(NAME)          ||          !(json.get(NAME) instanceof String name)     || name.isBlank())     throw missingFieldException(NAME);
+		if (!json.has(URL)           ||           !(json.get(URL) instanceof String url)      || url.isBlank())      throw missingFieldException(URL);
+		if (!json.has(CLIENT_ID)     ||     !(json.get(CLIENT_ID) instanceof String clientId) || clientId.isBlank()) throw missingFieldException(CLIENT_ID);
+		if (!json.has(CLIENT_SECRET) || !(json.get(CLIENT_SECRET) instanceof String secret)   || secret.isBlank())   throw missingFieldException(CLIENT_SECRET);
+		var service = logins.save(new LoginService(name,url,clientId,secret, DEFAULT_FIELD));
+		return sendContent(ex,service.toMap());
 	}
 
 	private boolean postLogin(HttpExchange ex) throws IOException {