diff --git a/src/main/java/de/thm/arsnova/controller/UserController.java b/src/main/java/de/thm/arsnova/controller/UserController.java
index a525180f92ed49a2f4b4df07cdd7234d3931ca65..c6f2e279cf47a8c62d83e8c2994dcd894c630897 100644
--- a/src/main/java/de/thm/arsnova/controller/UserController.java
+++ b/src/main/java/de/thm/arsnova/controller/UserController.java
@@ -93,4 +93,13 @@ public class UserController extends AbstractController {
response.setStatus(HttpServletResponse.SC_BAD_REQUEST);
}
+
+ @RequestMapping(value = { "/{username}/delete" }, method = RequestMethod.POST)
+ public final void activate(@PathVariable final String username,
+ final HttpServletRequest request,
+ final HttpServletResponse response) {
+ if (null == userService.deleteDbUser(username)) {
+ response.setStatus(HttpServletResponse.SC_NOT_FOUND);
+ }
+ }
}
diff --git a/src/main/java/de/thm/arsnova/dao/CouchDBDao.java b/src/main/java/de/thm/arsnova/dao/CouchDBDao.java
index 508bf5d9bc7d35f1968aff58f58078216dd363d2..53c3d4ea81ad4e643102d2752202e61f9d1d9a6b 100644
--- a/src/main/java/de/thm/arsnova/dao/CouchDBDao.java
+++ b/src/main/java/de/thm/arsnova/dao/CouchDBDao.java
@@ -1385,4 +1385,17 @@ public class CouchDBDao implements IDatabaseDao {
DbUser.class
);
}
+
+ @Override
+ public boolean deleteUser(DbUser dbUser) {
+ try {
+ this.deleteDocument(dbUser.getId());
+
+ return true;
+ } catch (IOException e) {
+ LOGGER.error("Could not delete user {}", dbUser.getId());
+ }
+
+ return false;
+ }
}
diff --git a/src/main/java/de/thm/arsnova/dao/IDatabaseDao.java b/src/main/java/de/thm/arsnova/dao/IDatabaseDao.java
index b30507c2a892d4c3500af311df34b7b401418f0c..4bb273c40e83b567071c783f282f99b5baa01dc6 100644
--- a/src/main/java/de/thm/arsnova/dao/IDatabaseDao.java
+++ b/src/main/java/de/thm/arsnova/dao/IDatabaseDao.java
@@ -162,8 +162,10 @@ public interface IDatabaseDao {
void publishAllQuestions(Session session, boolean publish);
void deleteAllQuestionsAnswers(Session session);
-
+
DbUser createOrUpdateUser(DbUser user);
-
+
DbUser getUser(String username);
+
+ boolean deleteUser(DbUser dbUser);
}
diff --git a/src/main/java/de/thm/arsnova/services/IUserService.java b/src/main/java/de/thm/arsnova/services/IUserService.java
index 9ed3a108b47e4e69e4c05a175fd3f01f5adc4536..f3d0800c54fa3f8679aa17723f7b1ea9d106c638 100644
--- a/src/main/java/de/thm/arsnova/services/IUserService.java
+++ b/src/main/java/de/thm/arsnova/services/IUserService.java
@@ -54,10 +54,12 @@ public interface IUserService {
void removeUserFromMaps(User user);
int loggedInUsers();
-
+
DbUser getDbUser(String username);
-
+
DbUser createDbUser(String username, String password);
-
+
DbUser updateDbUser(DbUser dbUser);
+
+ DbUser deleteDbUser(String username);
}
diff --git a/src/main/java/de/thm/arsnova/services/UserService.java b/src/main/java/de/thm/arsnova/services/UserService.java
index a4ef5f51bc64bfd37ecfeb9aca5e582c024842ed..2a5da93977f850ac71fa655dca9502f675b70b44 100644
--- a/src/main/java/de/thm/arsnova/services/UserService.java
+++ b/src/main/java/de/thm/arsnova/services/UserService.java
@@ -45,6 +45,7 @@ import com.github.leleuj.ss.oauth.client.authentication.OAuthAuthenticationToken
import de.thm.arsnova.dao.IDatabaseDao;
import de.thm.arsnova.entities.DbUser;
import de.thm.arsnova.entities.User;
+import de.thm.arsnova.exceptions.NotFoundException;
import de.thm.arsnova.exceptions.UnauthorizedException;
import de.thm.arsnova.socket.ARSnovaSocketIOServer;
@@ -365,4 +366,23 @@ public class UserService implements IUserService {
return null;
}
+
+ @Override
+ public DbUser deleteDbUser(String username) {
+ User user = getCurrentUser();
+ if (!user.getUsername().equals(username)
+ && SecurityContextHolder.getContext().getAuthentication().getAuthorities()
+ .contains(new SimpleGrantedAuthority("ROLE_ADMIN"))) {
+ throw new UnauthorizedException();
+ }
+
+ DbUser dbUser = databaseDao.getUser(username);
+ if (null == dbUser) {
+ throw new NotFoundException();
+ }
+
+ databaseDao.deleteUser(dbUser);
+
+ return dbUser;
+ }
}