From 48a649c8e6fca04a0a7de20110e6a8427e9da659 Mon Sep 17 00:00:00 2001
From: ulrich <undisclosed>
Date: Thu, 06 Apr 2017 15:26:35 +0000
Subject: [PATCH] Profil hinzugefuegt
---
src/java/de/uhilger/um/api/Profil.java | 75 +++++++++
web/WEB-INF/web.xml | 33 ++++
web/ui/index.html | 1
src/java/logging.properties | 68 ++++++++
web/WEB-INF/sql.properties | 3
web/profil/stile.css | 42 +++++
web/profil/index.html | 72 +++++++++
web/profil/ui.js | 129 ++++++++++++++++
web/WEB-INF/create_database.sql | 1
9 files changed, 424 insertions(+), 0 deletions(-)
diff --git a/src/java/de/uhilger/um/api/Profil.java b/src/java/de/uhilger/um/api/Profil.java
new file mode 100644
index 0000000..e89992f
--- /dev/null
+++ b/src/java/de/uhilger/um/api/Profil.java
@@ -0,0 +1,75 @@
+/*
+ * Nutzerverwaltung - User and role management in your browser
+ * Copyright (C) 2011-2017 Ulrich Hilger, http://uhilger.de
+ *
+ * This program is free software: you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation, either version 3 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program. If not, see http://www.gnu.org/licenses/
+ */
+
+
+package de.uhilger.um.api;
+
+import de.uhilger.baselink.PersistenceManager;
+import de.uhilger.baselink.Record;
+import de.uhilger.um.Digester;
+import static de.uhilger.um.api.UserMgr.MP_USER;
+import static de.uhilger.um.api.UserMgr.P_DIGESTER;
+import de.uhilger.um.daten.User;
+import java.util.List;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+
+/**
+ * API-Methoden fuer die Aenderung der eigenen Nutzerdaten
+ */
+public class Profil extends Api {
+ private static final Logger logger = Logger.getLogger(Profil.class.getName());
+
+ public static final String SQL_GET_USER = "getUser";
+
+ public String setUserPw(String userId, String currentPw, String newPw) {
+ String result = "Kennwort nicht geändert";
+ try {
+
+ String digesterClassName = getServletContext().getInitParameter(P_DIGESTER);
+ Digester digester = (Digester) Class.forName(digesterClassName).newInstance();
+ /*
+ MD5 geht nicht mehr,
+ vgl. http://stackoverflow.com/questions/39967289/how-to-use-digest-authentication-in-tomcat-8-5
+ */
+ String digestedCurrentPw = digester.digest(currentPw, Digester.SHA256, null);
+ PersistenceManager pm = getDb();
+ logger.fine(getSql(SQL_GET_USER));
+ List list = pm.select(getSql(SQL_GET_USER), getMapper(MP_USER), Record.WITHOUT_BLOBS, userId);
+ if(list != null && list.size() > 0) {
+ Object o = list.get(0);
+ if(o instanceof User) {
+ User u = (User) o;
+ if(u.getPw().equals(digestedCurrentPw)) {
+ String digestedNewPw = digester.digest(newPw, Digester.SHA256, null);
+ u.setPw(digestedNewPw);
+ pm.update(u, getMapper(MP_USER));
+ result = "Kennwort geaendert";
+ } else {
+ result = "Das Kennwort ist falsch";
+ }
+ }
+ } else {
+ result = "Benutzer " + userId + " nicht gefunden";
+ }
+ } catch (ClassNotFoundException|InstantiationException|IllegalAccessException ex) {
+ logger.log(Level.SEVERE, ex.getLocalizedMessage(), ex);
+ }
+ return result;
+ }
+}
diff --git a/src/java/logging.properties b/src/java/logging.properties
new file mode 100644
index 0000000..374ff88
--- /dev/null
+++ b/src/java/logging.properties
@@ -0,0 +1,68 @@
+############################################################
+# Default Logging Configuration File
+#
+# You can use a different file by specifying a filename
+# with the java.util.logging.config.file system property.
+# For example java -Djava.util.logging.config.file=myfile
+############################################################
+
+############################################################
+# Global properties
+############################################################
+
+# "handlers" specifies a comma separated list of log Handler
+# classes. These handlers will be installed during VM startup.
+# Note that these classes must be on the system classpath.
+# By default we only configure a ConsoleHandler, which will only
+# show messages at the INFO and above levels.
+# handlers= java.util.logging.ConsoleHandler
+
+# To also add the FileHandler, use the following line instead.
+handlers= java.util.logging.FileHandler, java.util.logging.ConsoleHandler
+
+# Default global logging level.
+# This specifies which kinds of events are logged across
+# all loggers. For any given facility this global level
+# can be overriden by a facility specific level
+# Note that the ConsoleHandler also has a separate level
+# setting to limit messages printed to the console.
+# .level= FINE
+.level = OFF
+
+############################################################
+# Handler specific properties.
+# Describes specific configuration info for Handlers.
+############################################################
+
+# default file output is in user's home directory.
+# java.util.logging.FileHandler.pattern = %h/java%u.log
+# java.util.logging.FileHandler.pattern = /media/extmirror/tomcat747/logs/tv_%u.log
+java.util.logging.FileHandler.pattern = ${catalina.base}/logs/um_%u.log
+java.util.logging.FileHandler.limit = 50000
+# java.util.logging.FileHandler.count = 1
+java.util.logging.FileHandler.count = 2
+# java.util.logging.FileHandler.formatter = java.util.logging.XMLFormatter
+java.util.logging.FileHandler.formatter = java.util.logging.SimpleFormatter
+java.util.logging.FileHandler.level = FINER
+
+# Limit the message that are printed on the console to INFO and above.
+# java.util.logging.ConsoleHandler.level = INFO
+java.util.logging.ConsoleHandler.level = FINER
+java.util.logging.ConsoleHandler.formatter = java.util.logging.SimpleFormatter
+
+# Example to customize the SimpleFormatter output format
+# to print one-line log message like this:
+# <level>: <log message> [<date/time>]
+#
+# java.util.logging.SimpleFormatter.format=%4$s: %5$s [%1$tc]%n
+
+############################################################
+# Facility specific properties.
+# Provides extra control for each logger.
+############################################################
+
+# For example, set the com.xyz.foo logger to only log SEVERE
+# messages:
+# com.xyz.foo.level = SEVERE
+de.uhilger.um.handlers = java.util.logging.FileHandler, java.util.logging.ConsoleHandler
+de.uhilger.um.level = FINER
diff --git a/web/WEB-INF/create_database.sql b/web/WEB-INF/create_database.sql
index 4f1be1b..5258a34 100644
--- a/web/WEB-INF/create_database.sql
+++ b/web/WEB-INF/create_database.sql
@@ -19,6 +19,7 @@
);
insert into APP.USER_ROLES (user_name, role_name) values ('admin', 'manager-script');
insert into APP.USER_ROLES (user_name, role_name) values ('admin', 'nutzerAdmin');
+insert into APP.USER_ROLES (user_name, role_name) values ('admin', 'nutzerProfil');
insert into APP.USER_ROLES (user_name, role_name) values ('admin', 'wbxAdmin');
insert into APP.USER_ROLES (user_name, role_name) values ('admin', 'ownFileAdmin');
insert into APP.USER_ROLES (user_name, role_name) values ('admin', 'sqlKonsole');
diff --git a/web/WEB-INF/sql.properties b/web/WEB-INF/sql.properties
index b94548e..7613271 100644
--- a/web/WEB-INF/sql.properties
+++ b/web/WEB-INF/sql.properties
@@ -41,6 +41,9 @@
<entry key="getUserData">
select user_name,user_first,user_last,user_email from app.users where user_name = ?
</entry>
+ <entry key="getUser">
+ select * from app.users where user_name = ?
+ </entry>
<entry key="getDateList">
select substr(or_zeit,1,8) as tag, count(*) as anz from app.orte as orte
where or_pers_id = ?
diff --git a/web/WEB-INF/web.xml b/web/WEB-INF/web.xml
index 6f037ac..f6dc948 100644
--- a/web/WEB-INF/web.xml
+++ b/web/WEB-INF/web.xml
@@ -37,6 +37,14 @@
<param-value>de.uhilger.um.pub</param-value>
</init-param>
</servlet>
+ <servlet>
+ <servlet-name>ProfilDienst</servlet-name>
+ <servlet-class>de.uhilger.transit.web.TransitServlet</servlet-class>
+ <init-param>
+ <param-name>klassen</param-name>
+ <param-value>de.uhilger.um.api.Profil</param-value>
+ </init-param>
+ </servlet>
<servlet-mapping>
<servlet-name>TransitServlet</servlet-name>
<url-pattern>/api</url-pattern>
@@ -44,6 +52,10 @@
<servlet-mapping>
<servlet-name>PublicTransit</servlet-name>
<url-pattern>/pub</url-pattern>
+ </servlet-mapping>
+ <servlet-mapping>
+ <servlet-name>ProfilDienst</servlet-name>
+ <url-pattern>/prf</url-pattern>
</servlet-mapping>
<session-config>
<session-timeout>
@@ -56,12 +68,29 @@
<web-resource-name>nutzerAdmin</web-resource-name>
<description>Nutzer-Administration</description>
<url-pattern>/ui/*</url-pattern>
+ <url-pattern>/ui*</url-pattern>
<url-pattern>/svc/*</url-pattern>
+ <url-pattern>/svc*</url-pattern>
<url-pattern>/api/*</url-pattern>
+ <url-pattern>/api*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>nutzerAdminAuthContraint</description>
<role-name>nutzerAdmin</role-name>
+ </auth-constraint>
+ </security-constraint>
+ <security-constraint>
+ <display-name>nutzerProfilConstraint</display-name>
+ <web-resource-collection>
+ <web-resource-name>nutzerProfil</web-resource-name>
+ <description>Nutzerprofil</description>
+ <url-pattern>/prf*</url-pattern>
+ <url-pattern>/prf/*</url-pattern>
+ <url-pattern>/profil/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <description>nutzerProfilAuthContraint</description>
+ <role-name>nutzerProfil</role-name>
</auth-constraint>
</security-constraint>
<login-config>
@@ -75,4 +104,8 @@
<description/>
<role-name>nutzerAdmin</role-name>
</security-role>
+ <security-role>
+ <description/>
+ <role-name>nutzerProfil</role-name>
+ </security-role>
</web-app>
diff --git a/web/profil/index.html b/web/profil/index.html
new file mode 100644
index 0000000..9919174
--- /dev/null
+++ b/web/profil/index.html
@@ -0,0 +1,72 @@
+<!DOCTYPE html>
+<html>
+ <head>
+ <meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
+ <meta name="viewport" content="width=device-width, initial-scale=1.0">
+ <title>Benutzer</title>
+ <link rel="stylesheet" type="text/css" href="/jslib/bootstrap/css/bootstrap.min.css">
+ <link rel="stylesheet" type="text/css" href="stile.css">
+ <script id="tpl-list" type="x-tmpl-mustache">
+ {{#List}}
+ {{#List}}
+ <option value="{{ String }}">{{ String }}</option>'
+ {{/List}}
+ {{/List}}
+ </script>
+ </head>
+ <body>
+ <div id="inhalt">
+ <ul class="nav">
+ <li class="nav-item dropdown">
+ <a id="userMenu" class="nav-link dropdown-toggle" data-toggle="dropdown" href="#" role="button" aria-haspopup="true" aria-expanded="false">Dropdown</a>
+ <div class="dropdown-menu">
+ <a class="dropdown-item" href="/data/dok/wbx/Bedienung.htmi">Hilfe</a>
+ <a class="dropdown-item" href="/">Zur Hauptseite der WebBox wechseln</a>
+ <div class="dropdown-divider"></div>
+ <a class="dropdown-item" href="/wbx/mng">Apps verwalten</a>
+ <a class="dropdown-item" href="/um/ui">Benutzer verwalten</a>
+ <a class="dropdown-item" href="/file-cms/ui">Dateien verwalten</a>
+ <a class="dropdown-item" href="/wbx-dbcon/ui">Datenbanken verwalten</a>
+ <div class="dropdown-divider"></div>
+ <a id="profil" class="dropdown-item disabled" href="/um/profil">Profil</a>
+ <a id="logout" class="dropdown-item" href="#">Abmelden</a>
+ </div>
+ </li>
+ </ul>
+ <!-- <h1>Benutzer</h1> -->
+ <div class="bg-warning p-3" id="meldung-box">
+ <button type="button" class="close" aria-label="Close" id="mldg-x">
+ <span aria-hidden="true">×</span>
+ </button>
+ <div class="meldung"></div>
+ </div>
+ <div id="user-form">
+ <label class="pl-3" id="anmeldename">id</label>
+ <!-- <input class="form-control eingabe" type="text" size="20" maxlength="30" placeholder="Anmeldename" name="anmeldename" id="anmeldename"> -->
+ <input class="form-control eingabe" type="password" size="20" maxlength="30" placeholder="Kennwort" name="kennwort" id="kennwort">
+ <input class="form-control eingabe" type="password" size="20" maxlength="30" placeholder="Neues Kennwort" name="kennwortneu" id="kennwortNeu">
+ <input class="form-control eingabe" type="password" size="20" maxlength="30" placeholder="Wiederholung" name="kennwortw" id="kennwortw">
+ <input class="form-control eingabe" type="text" size="20" maxlength="250" placeholder="Vorname" name="vorname" id="vorname">
+ <input class="form-control eingabe" type="text" size="20" maxlength="250" placeholder="Name" name="nachname" id="nachname">
+ <!--<button class="user-cancel-btn">Abbrechen</button>-->
+ <button class="user-save-btn btn btn-primary eingabe">Speichern</button>
+ </div>
+
+ <!--
+ <div id="nav">
+ <button id="nav-back-btn" class="btn btn-secondary">zurück</button>
+ </div>
+ -->
+ </div>
+ <script src="/jslib/jquery/jquery.min.js"></script>
+ <script src="/jslib/bootstrap/js/bootstrap.min.js"></script>
+ <script src="/jslib/mustache/mustache.min.js"></script>
+ <script src="ui.js"></script>
+ <script type="text/javascript" charset="utf-8">
+ //var ui;
+ $(document).ready(function() {
+ um_prf_init();
+ });
+ </script>
+ </body>
+</html>
diff --git a/web/profil/stile.css b/web/profil/stile.css
new file mode 100644
index 0000000..f990909
--- /dev/null
+++ b/web/profil/stile.css
@@ -0,0 +1,42 @@
+
+
+#inhalt {
+ margin-top: 0.5em;
+ margin-left: 0.5em;
+ margin-right: 0.5em;
+}
+
+#nutzerliste {
+ height: 10em;
+ width: 80%
+}
+
+#nutzerrollen {
+ height: 5em;
+ width: 80%
+}
+
+#rollen {
+ height: 5em;
+ width: 80%
+}
+
+#nav {
+ margin-top: 1em;
+}
+
+#role-form {
+ margin-top: 1em;
+}
+
+#user-role-form {
+ margin-top: 1em;
+}
+
+.eingabe {
+ margin-top: 0.5em;
+}
+
+.role-select {
+ margin-bottom: 0.5em;
+}
\ No newline at end of file
diff --git a/web/profil/ui.js b/web/profil/ui.js
new file mode 100644
index 0000000..aba8469
--- /dev/null
+++ b/web/profil/ui.js
@@ -0,0 +1,129 @@
+
+
+function um_prf_init() {
+ $('#meldung-box').hide();
+ $('#anmeldename').hide();
+ $('.user-save-btn').click(um_prf_user_save);
+ $('#logout').click(um_prf_apicall_logout);
+ um_prf_apicall_get_login();
+}
+
+function um_prf_user_form_fuellen(resp) {
+ $('#anmeldename').text(resp.UserData.id);
+ $('#vorname').val(resp.UserData.firstName);
+ $('#nachname').val(resp.UserData.lastName);
+}
+
+function um_prf_user_save() {
+ var uid = $('#anmeldename').text();
+ var aktKennwort = $('#kennwort').val();
+ var neuKennwort = $('#kennwortNeu').val();
+ var wKennwort = $('#kennwortw').val();
+ if(neuKennwort === '' || wKennwort === '') {
+ um_prf_meldung_anzeigen('Das neue Kennwort darf nicht leer sein.');
+ } else if(neuKennwort !== wKennwort) {
+ um_prf_meldung_anzeigen('Kennworte stimmen nicht überein');
+ } else if(aktKennwort === neuKennwort) {
+ um_prf_meldung_anzeigen('Altes und neues Kennwort müssen sich unterscheiden');
+ } else {
+ um_prf_apicall_kennwort_aendern(uid, aktKennwort, neuKennwort);
+ }
+}
+
+function um_prf_meldung_anzeigen(msg) {
+ $('#meldung-box').show();
+ $("#mldg-x").on('click', function() {
+ $("#mldg-x").attr('onclick','').unbind('click');
+ $('.meldung').slideUp('fast', function() {
+ $('#meldung-box').hide();
+ });
+ });
+ $('.meldung').empty();
+ $('.meldung').text(msg);
+ $('.meldung').slideDown('fast', function(){
+ //
+ });
+}
+
+
+function um_prf_apicall_get_login() {
+ var m = '?c=de.uhilger.um.pub.SessionManager&m=getSessionUser';
+ var u = '../pub' + m;
+ $.ajax({
+ url: u,
+ type: "GET",
+ dataType : "json",
+ success: function( resp ) {
+ $('#userMenu').text(resp.UserData.firstName);
+ um_prf_user_form_fuellen(resp);
+ },
+ error: function( xhr, status, errorThrown ) {
+ $('#fehler').html("Error: " + errorThrown + " Status: " + status);
+ },
+ complete: function( xhr, status ) {
+ //alert( "The request is complete!" );
+ }
+ });
+
+}
+function um_prf_apicall_get_user() {
+ var m = '?c=de.uhilger.um.api.Profil&m=getUser';
+ var u = '../prf' + m;
+ $.ajax({
+ url: u,
+ type: "GET",
+ dataType : "json",
+ success: function( resp ) {
+ um_prf_user_form_fuellen(resp);
+ },
+ error: function( xhr, status, errorThrown ) {
+ $('#fehler').html("Error: " + errorThrown + " Status: " + status);
+ },
+ complete: function( xhr, status ) {
+ //alert( "The request is complete!" );
+ }
+ });
+}
+
+function um_prf_apicall_kennwort_aendern(userId, aktKw, neuKw) {
+ var m = '?c=de.uhilger.um.api.Profil&m=setUserPw&p=' + userId + '&p=' + aktKw + '&p=' + neuKw;
+ var u = '../prf' + m;
+ $.ajax({
+ url: u,
+ type: "GET",
+ dataType : "text",
+ success: function( resp ) {
+ um_prf_meldung_anzeigen(resp);
+ },
+ error: function( xhr, status, errorThrown ) {
+ $('#fehler').html("Error: " + errorThrown + " Status: " + status);
+ },
+ complete: function( xhr, status ) {
+ //alert( "The request is complete!" );
+ }
+ });
+}
+
+function um_prf_apicall_logout() {
+ var m = '?c=de.uhilger.um.pub.SessionManager&m=expireSession';
+ var u = '../pub' + m;
+ $.ajax({
+ url: u,
+ type: "GET",
+ dataType : "text",
+ success: function( resp ) {
+ $('#userMenu').text('nicht angemeldet');
+ window.location.href = '../logout.html';
+ },
+ error: function( xhr, status, errorThrown ) {
+ $('#fehler').html("Error: " + errorThrown + " Status: " + status);
+ },
+ complete: function( xhr, status ) {
+ //alert( "The request is complete!" );
+ }
+ });
+}
+
+
+
+
diff --git a/web/ui/index.html b/web/ui/index.html
index f210d5f..f11ade7 100644
--- a/web/ui/index.html
+++ b/web/ui/index.html
@@ -28,6 +28,7 @@
<a class="dropdown-item" href="/file-cms/ui">Dateien verwalten</a>
<a class="dropdown-item" href="/wbx-dbcon/ui">Datenbanken verwalten</a>
<div class="dropdown-divider"></div>
+ <a id="profil" class="dropdown-item" href="/um/profil">Profil</a>
<a id="logout" class="dropdown-item" href="#">Abmelden</a>
</div>
</li>
--
Gitblit v1.9.3