Only returns List of users, not their roles or password

d5584f64 · Franz Reischl · 618e3507 · d5584f64 · d5584f64 · d5584f64
Commit d5584f64 authored Jul 14, 2019 by Franz Reischl
--- a/src/main/java/university/at/jku/ce/authentication/AuthenticationFilter.java
+++ b/src/main/java/university/at/jku/ce/authentication/AuthenticationFilter.java
 package university.at.jku.ce.authentication;

-import java.lang.reflect.Method;
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
+import university.at.jku.ce.dao.StudentDao;
+import university.at.jku.ce.dao.h2dao.H2StudentDao;
+import university.at.jku.ce.model.User;

 import javax.annotation.security.DenyAll;
 import javax.annotation.security.PermitAll;
@@ -15,10 +13,11 @@ import javax.ws.rs.container.ResourceInfo;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MultivaluedMap;
 import javax.ws.rs.ext.Provider;
-
-import university.at.jku.ce.dao.StudentDao;
-import university.at.jku.ce.dao.h2dao.H2StudentDao;
-import university.at.jku.ce.model.User;
+import java.lang.reflect.Method;
+import java.util.Arrays;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
 
 /**
 * This filter verify the access permissions for a user

--- a/src/main/java/university/at/jku/ce/dao/StudentDao.java
+++ b/src/main/java/university/at/jku/ce/dao/StudentDao.java
 package university.at.jku.ce.dao;

-import java.util.List;
-
+import university.at.jku.ce.dao.h2dao.H2StudentDao;
 import university.at.jku.ce.model.Student;
 import university.at.jku.ce.model.Study;
 import university.at.jku.ce.model.User;

+import java.util.List;
+
 public interface StudentDao {
 	public Student getStudent(int matrNr);
 	
@@ -28,6 +29,8 @@ public interface StudentDao {
 	public User getUser(String username);
 	
 	public List<User> getAllUsers();
+
+	public List<H2StudentDao.UserName> getAllUserNames();
 	
 	public void addUser(int id, Student student);
 	

--- a/src/main/java/university/at/jku/ce/dao/h2dao/H2StudentDao.java
+++ b/src/main/java/university/at/jku/ce/dao/h2dao/H2StudentDao.java
--- a/src/main/java/university/at/jku/ce/resource/UserResource.java
+++ b/src/main/java/university/at/jku/ce/resource/UserResource.java
 package university.at.jku.ce.resource;

-import java.util.List;
-import javax.annotation.security.RolesAllowed;
-import javax.ws.rs.GET;
-import javax.ws.rs.Path;
-import javax.ws.rs.Produces;
-import javax.ws.rs.core.Context;
-import javax.ws.rs.core.GenericEntity;
-import javax.ws.rs.core.HttpHeaders;
-import javax.ws.rs.core.MediaType;
-import javax.ws.rs.core.Response;
-
 import university.at.jku.ce.dao.StudentDao;
 import university.at.jku.ce.dao.h2dao.H2StudentDao;
 import university.at.jku.ce.exception.ExceptionParam;
-import university.at.jku.ce.model.User;
+
+import javax.annotation.security.PermitAll;
+import javax.ws.rs.GET;
+import javax.ws.rs.Path;
+import javax.ws.rs.Produces;
+import javax.ws.rs.core.*;
+import java.util.List;

 @Path("/users")
 public class UserResource {

 	StudentDao dao =new H2StudentDao();
-	
-	@RolesAllowed("ADMIN")
+
+	@PermitAll
 	@GET
    @Produces({MediaType.APPLICATION_JSON, MediaType.APPLICATION_XML})
    public Response getUsers(@Context HttpHeaders headers) {
+		System.out.println("Roles requested");
 		ExceptionParam.setMediaType(headers.getMediaType());
-		List<User>list= dao.getAllUsers();
-		GenericEntity<List<User>> entity=new GenericEntity<List<User>>(list) {};
+		List<H2StudentDao.UserName>list =
+				dao.getAllUserNames();
+		GenericEntity<List<H2StudentDao.UserName>> entity=new GenericEntity<List<H2StudentDao.UserName>>(list) {};
 		 return Response.ok(entity).build();
    }
+
+
 }