StephanRichter
/
LightOidc
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
Browse Source

implemented removal of user 

Signed-off-by: Stephan Richter <s.richter@srsoftware.de>
sqlite
Stephan Richter 3 months ago
parent
62c85410a9
commit
cc131d45e0
7 changed files with 70 additions and 17 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Split View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 1
      de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/Constants.java
  2. 30
      de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/UserController.java
  3. 4
      de.srsoftware.oidc.datastore.file/src/main/java/de/srsoftware/oidc/datastore/file/FileStore.java
  4. 13
      de.srsoftware.oidc.web/src/main/resources/en/scripts/common.js
  5. 33
      de.srsoftware.oidc.web/src/main/resources/en/scripts/users.js
  6. 1
      de.srsoftware.oidc.web/src/main/resources/en/todo.html
  7. 5
      de.srsoftware.oidc.web/src/main/resources/en/users.html

1
de.srsoftware.oidc.api/src/main/java/de/srsoftware/oidc/api/Constants.java
Unescape View File

@ -48,4 +48,5 @@ public class Constants { @@ -48,4 +48,5 @@ public class Constants {
public static final String TOKEN_TYPE = "token_type";
public static final String UNAUTHORIZED_CLIENT = "unauthorized_client";
public static final String USER = "user";
public static final String USER_ID = "user_id";
}

30
de.srsoftware.oidc.backend/src/main/java/de/srsoftware/oidc/backend/UserController.java
Unescape View File

@ -1,8 +1,7 @@ @@ -1,8 +1,7 @@
/* © SRSoftware 2024 */
package de.srsoftware.oidc.backend;
import static de.srsoftware.oidc.api.Constants.APP_NAME;
import static de.srsoftware.oidc.api.Constants.TOKEN;
import static de.srsoftware.oidc.api.Constants.*;
import static de.srsoftware.oidc.api.data.Permission.MANAGE_USERS;
import static de.srsoftware.oidc.api.data.User.*;
import static de.srsoftware.utils.Strings.uuid;
@ -44,6 +43,33 @@ public class UserController extends Controller { @@ -44,6 +43,33 @@ public class UserController extends Controller {
return sendContent(ex, newID);
}
@Override
public boolean doDelete(String path, HttpExchange ex) throws IOException {
var optSession = getSession(ex);
if (optSession.isEmpty()) return sendEmptyResponse(HTTP_UNAUTHORIZED, ex);
// post-login paths
var session = optSession.get();
switch (path) {
case "/delete":
return deleteUser(ex, session);
}
return badRequest(ex, "%s not found".formatted(path));
}
private boolean deleteUser(HttpExchange ex, Session session) throws IOException {
var json = json(ex);
if (!json.has(USER_ID)) return badRequest(ex, "missing_user_id");
var uuid = json.getString(USER_ID);
if (uuid == null || uuid.isBlank()) return badRequest(ex, "missing_user_id");
if (session.user().uuid().equals(uuid)) return badRequest(ex, "must_not_delete_self");
if (!json.has(CONFIRMED) || !json.getBoolean(CONFIRMED)) return badRequest(ex, "missing_confirmation");
Optional<User> targetUser = users.load(uuid);
if (targetUser.isEmpty()) return badRequest(ex, "unknown_user");
users.delete(targetUser.get());
return sendEmptyResponse(HTTP_OK, ex);
}
@Override
public boolean doGet(String path, HttpExchange ex) throws IOException {
switch (path) {

4
de.srsoftware.oidc.datastore.file/src/main/java/de/srsoftware/oidc/datastore/file/FileStore.java
Unescape View File

@ -76,7 +76,9 @@ public class FileStore implements AuthorizationService, ClientService, SessionSe @@ -76,7 +76,9 @@ public class FileStore implements AuthorizationService, ClientService, SessionSe
@Override
public UserService delete(User user) {
return null;
var users = json.getJSONObject(USERS);
users.remove(user.uuid());
return save();
}
@Override

13
de.srsoftware.oidc.web/src/main/resources/en/scripts/common.js
Unescape View File

@ -22,7 +22,15 @@ function getValue(id){ @@ -22,7 +22,15 @@ function getValue(id){
}
function hide(id){
get(id).style.display = 'none';
var elem = get(id);
if (elem) elem.style.display = 'none';
}
function hideAll(clazz){
var elems = document.getElementsByTagName('*'), i;
for (i in elems) {
if((' ' + elems[i].className + ' ').indexOf(' ' + clazz + ' ') > -1) elems[i].style.display = 'none';
}
}
function isChecked(id){
@ -48,5 +56,6 @@ function setValue(id,newVal){ @@ -48,5 +56,6 @@ function setValue(id,newVal){
}
function show(id){
get(id).style.display = '';
var elem = get(id);
if (elem) elem.style.display = '';
}

33
de.srsoftware.oidc.web/src/main/resources/en/scripts/users.js
Unescape View File

@ -29,29 +29,42 @@ async function handleUsers(response){ @@ -29,29 +29,42 @@ async function handleUsers(response){
var bottom = document.getElementById('bottom');
for (let id in users){
var row = document.createElement("tr");
var user = users[id];
row.innerHTML = `<td>${user.username}</td>
<td>${user.realname}</td>
<td>${user.email}</td>
var u = users[id];
row.innerHTML = `<td>${u.username}</td>
<td>${u.realname}</td>
<td>${u.email}</td>
<td>${id}</td>
<td>
<button type="button" onclick="reset_password('${id}')" id="reset-${id}">Reset password</button>
<button class="danger" onclick="remove('${id}')" type="button">Remove</button>
<button id="remove-${u.uuid}" class="danger" onclick="remove('${id}','${u.realname}')" type="button">Remove</button>
</td>`;
bottom.parentNode.insertBefore(row,bottom);
}
}
function handleRemove(response){
redirect("users.html");
async function handleRemove(response){
if (response.ok){
redirect("users.html");
} else {
var info = await response.text();
console.log(info);
show(info);
}
}
function remove(userId){
function remove(userId,name){
disable(`remove-${userId}`);
if (userId == user.uuid) {
//return;
}
setText(`remove-${userId}`,"sent…");
hideAll('error');
var message = document.getElementById('message').innerHTML;
if (confirm(message.replace("{}",userId))) {
if (confirm(message.replace("{}",name))) {
fetch(user_controller+"/delete",{
method: 'DELETE',
body : JSON.stringify({ userId : userId })
body : JSON.stringify({ user_id : userId, confirmed : true })
}).then(handleRemove);
}
}

1
de.srsoftware.oidc.web/src/main/resources/en/todo.html
Unescape View File

@ -12,7 +12,6 @@ @@ -12,7 +12,6 @@
<div id="content">
<h1>to do…</h1>
<ul>
<li><a href="users.html">Users: remove</a></li>
<li><a href="login.html">Login: "remember me" option</a></li>
<li>at_hash in ID Token</li>
<li>drop outdated sessions</li>

5
de.srsoftware.oidc.web/src/main/resources/en/users.html
Unescape View File

@ -41,7 +41,10 @@ @@ -41,7 +41,10 @@
</tr>
</table>
<span class="error" style="display: none" id="pw-mismatch">Passwords do not match!</span>
<span class="hidden" id="message">Really remove client "{}"?</span>
<span class="error" style="display: none" id="missing_user_id">Server did not receive a valid user_id for removal!</span>
<span class="error" style="display: none" id="missing_confirmation">Server did not receive confirmation for this request!</span>
<span class="error" style="display: none" id="unknown_user">The backend does not know this user!</span>
</fieldset>
</div>
</body>

Write Preview
Loading…
Cancel
Save