Add User ID as PK for User entities; (DOECODE-787)

Author: sowerstl

src/main/java/gov/osti/entity/User.java

@@ -11,6 +11,8 @@
 
 import javax.persistence.ElementCollection;
 import javax.persistence.Entity;
+import javax.persistence.GeneratedValue;
+import javax.persistence.GenerationType;
 import javax.persistence.Id;
 import javax.persistence.NamedQueries;
 import javax.persistence.NamedQuery;
@@ -19,9 +21,10 @@
 import javax.persistence.Table;
 import javax.persistence.Temporal;
 import javax.persistence.TemporalType;
+import javax.persistence.UniqueConstraint;
 
 @Entity
-@Table(name="users")
+@Table(name="users", uniqueConstraints=@UniqueConstraint(columnNames={"email","apiKey"}))
 @NamedQueries ({
     @NamedQuery (name = "User.findAllUsers", query = "SELECT u FROM User u ORDER BY u.lastName"),
     @NamedQuery (name = "User.findUser", query = "SELECT u FROM User u WHERE u.email=lower(:email)")
@@ -48,6 +51,8 @@ public User(String email, String password, String apiKey, String confirmationCod
 
     // email address is primary key for Users
     @Id
+    @GeneratedValue(strategy = GenerationType.AUTO)
+    private Long userId = null;
     private String email = null;
     private String password = null;
     private String apiKey = null;
@@ -120,6 +125,14 @@ public void setConfirmationCode(String confirmationCode) {
             this.confirmationCode = confirmationCode;
     }
 
+    public Long getUserId() {
+            return userId;
+    }
+
+    public void setUserId(Long userId) {
+        this.userId = userId;
+    }
+
     public String getEmail() {
             return email;
     }

src/main/java/gov/osti/services/UserServices.java

@@ -29,6 +29,7 @@
 import com.fasterxml.jackson.core.JsonProcessingException;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import com.fasterxml.jackson.databind.PropertyNamingStrategy;
+import com.fasterxml.jackson.databind.node.ObjectNode;
 
 import gov.osti.entity.Site;
 
@@ -161,7 +162,7 @@ public Response hasRole(@PathParam("role") String role) {
     }
 
     /**
-     * Endpoint that returns user email
+     * Endpoint that returns user id and email
      * 
      * @return an OK Response if session is logged in, otherwise a FORBIDDEN or
      * UNAUTHENTICATED response as appropriate
@@ -178,7 +179,7 @@ public Response load() {
         // return an OK if authenticated, otherwise authentication services will handle status
         return Response
                 .status(Response.Status.OK)
-                .entity(mapper.createObjectNode().put("email", user.getEmail()).toString())
+                .entity(mapper.createObjectNode().put("userId", user.getUserId()).put("email", user.getEmail()).toString())
                 .build();
     }
 
@@ -318,6 +319,7 @@ public Response login(String object) {
                         .createObjectNode()
                         .put("xsrfToken", xsrfToken)
                         .put("site", user.getSiteId())
+                        .put("userid", user.getUserId())
                         .put("email", user.getEmail())
                         .put("first_name", user.getFirstName())
                         .put("last_name", user.getLastName())
@@ -441,7 +443,7 @@ public Response register(String object) {
                     .build();
 
         try {
-            User user = em.find(User.class, request.getEmail());
+            User user = findUserByEmail(em, request.getEmail());
 
             // if there's already a user on file, cannot re-register if VERIFIED
             if ( user != null && user.isVerified() ) {
@@ -572,7 +574,7 @@ public Response forgotPassword(String object) {
 
         // attempt to process the request
         try {
-            User user = em.find(User.class, request.getEmail());
+            User user = findUserByEmail(em, request.getEmail());
 
             // account has to exist AND be verified
             if (null==user || !user.isVerified()) 
@@ -816,27 +818,21 @@ public Response getUsers(
     @RequiresRoles("OSTI")
     @Path("/{email}")
     public Response getUser(@PathParam("email") String email) {
-        EntityManager em = DoeServletContextListener.createEntityManager();
-        
         try {
             if (StringUtils.isBlank(email)) 
                 return ErrorResponse
                         .badRequest("Missing required parameter.")
                         .build();
 
-            TypedQuery<User> q = em.createNamedQuery("User.findUser", User.class)
-                    .setParameter("email", email);
+            // should just be one user
+            User u = findUserByEmail(email);
 
             // if no users, send back a 404 response
-            List<User> users = q.getResultList();
-            if (users.isEmpty())
+            if (u == null)
                 return ErrorResponse
                         .notFound("No users found.")
                         .build();
 
-            // should just be one
-            User u = users.get(0);
-            
             return Response
                     .ok()
                     .entity(mapper.writeValueAsString(u))
@@ -846,8 +842,6 @@ public Response getUser(@PathParam("email") String email) {
             return ErrorResponse
                     .internalServerError("JSON processing error on User.")
                     .build();
-        } finally {
-            em.close();
         }
     }
 
@@ -969,19 +963,14 @@ public Response editUser(@PathParam("email") String email, String json) {
                     .build();
 
         try {
-            TypedQuery<User> query = em.createNamedQuery("User.findUser", User.class)
-                    .setParameter("email", email);
-            
-            List<User> results = query.getResultList();
+            // obtain the BEFORE User
+            User source = findUserByEmail(em, email);
 
-            if (results.isEmpty())
+            if (source == null)
                 return ErrorResponse
                         .notFound("User is not on file.")
                         .build();
 
-            // obtain the BEFORE User
-            User source = results.get(0);
-            
             // ensure the EMAILS match, if supplied
             if ( !StringUtils.equalsIgnoreCase(email, source.getEmail()) )
                 return ErrorResponse
@@ -1083,7 +1072,7 @@ public Response changePassword(String object) {
                     .build();
 
         try {
-            User u = em.find(User.class, user.getEmail());
+            User u = em.find(User.class, user.getUserId());
 
             if (null==u) {
                 return ErrorResponse
@@ -1456,7 +1445,7 @@ public Response confirmUser(@QueryParam("confirmation") String jwt) {
             String confirmationCode = claims.getId();
             String email = claims.getSubject();
 
-            currentUser = em.find(User.class, email);
+            currentUser = findUserByEmail(em, email);
 
             if (currentUser == null) {
                 //no user matched, return with error
@@ -1627,12 +1616,36 @@ protected static User findUserByEmail(String email) {
         EntityManager em = DoeServletContextListener.createEntityManager();
 
         try {
-            return em.find(User.class, email);
+            return findUserByEmail(em, email);
+        } finally {
+            em.close();
+        }
+    }
+
+    /**
+     * Locate a User record by EMAIL address.
+     * 
+     * @param em the ENTITY MANAGER to use if ATTACHED object is needed
+     * @param email the EMAIL to look for
+     * @return a User object if possible or null if not found or errors
+     */
+    private static User findUserByEmail(EntityManager em, String email) {        
+        try {
+            TypedQuery<User> q = em.createNamedQuery("User.findUser", User.class)
+                    .setParameter("email", email);
+
+            // if no users, send back a 404 response
+            List<User> users = q.getResultList();
+            if (users.isEmpty())
+                throw new Exception("No users found.");
+            
+            // should just be one
+            User u = users.get(0);
+
+            return u;
         } catch ( Exception e ) {
             log.warn("Error locating user : " + email, e);
             return null;
-        } finally {
-            em.close();
         }
     }
 
@@ -1650,7 +1663,7 @@ private static void processUserLogin(String email, boolean failure) {
 
         try {
             // find the User
-            User user = em.find(User.class, email);
+            User user = findUserByEmail(em, email);
 
             // this shouldn't happen
             if (null==user) 
@@ -1698,7 +1711,7 @@ private static void resetUserToken(String email) {
         EntityManager em = DoeServletContextListener.createEntityManager();
 
         try {
-            User user = em.find(User.class, email);
+            User user = findUserByEmail(em, email);
 
             if (null==user)
                 throw new NotFoundException("Unable to locate user " + email);