diff --git a/src/main/java/com/knecon/fforesight/tenantusermanagement/controller/ControllerAdvice.java b/src/main/java/com/knecon/fforesight/tenantusermanagement/controller/ControllerAdvice.java index 775f86a..89b5872 100644 --- a/src/main/java/com/knecon/fforesight/tenantusermanagement/controller/ControllerAdvice.java +++ b/src/main/java/com/knecon/fforesight/tenantusermanagement/controller/ControllerAdvice.java @@ -1,6 +1,8 @@ package com.knecon.fforesight.tenantusermanagement.controller; import javax.ws.rs.BadRequestException; +import javax.ws.rs.ForbiddenException; +import javax.ws.rs.NotFoundException; import org.springframework.http.HttpStatus; import org.springframework.http.ResponseEntity; @@ -9,6 +11,7 @@ import org.springframework.web.bind.annotation.ExceptionHandler; import org.springframework.web.bind.annotation.RestControllerAdvice; import org.springframework.web.server.ResponseStatusException; +import com.knecon.fforesight.keycloakcommons.security.KeycloakSecurity; import com.knecon.fforesight.tenantusermanagement.model.ErrorMessage; @RestControllerAdvice @@ -20,6 +23,16 @@ public class ControllerAdvice { return new ResponseEntity<>(new ErrorMessage(e.getMessage()), HttpStatus.BAD_REQUEST); } + @ExceptionHandler(NotFoundException.class) + public ResponseEntity handleNotFound(NotFoundException e) { + return new ResponseEntity<>(new ErrorMessage(e.getMessage()), HttpStatus.NOT_FOUND); + } + + @ExceptionHandler(ForbiddenException.class) + public ResponseEntity handleForbiddenAccess(ForbiddenException e) { + return new ResponseEntity<>(new ErrorMessage(e.getMessage()), HttpStatus.FORBIDDEN); + } + @ExceptionHandler(ResponseStatusException.class) public ResponseEntity handleResponseStatusException(ResponseStatusException e) { diff --git a/src/main/java/com/knecon/fforesight/tenantusermanagement/controller/external/UserPreferenceController.java b/src/main/java/com/knecon/fforesight/tenantusermanagement/controller/external/UserPreferenceController.java index 455647f..4268bce 100644 --- a/src/main/java/com/knecon/fforesight/tenantusermanagement/controller/external/UserPreferenceController.java +++ b/src/main/java/com/knecon/fforesight/tenantusermanagement/controller/external/UserPreferenceController.java @@ -4,6 +4,9 @@ import java.util.HashMap; import java.util.List; import java.util.Map; +import javax.ws.rs.ForbiddenException; +import javax.ws.rs.NotFoundException; + import org.springframework.security.access.prepost.PreAuthorize; import org.springframework.web.bind.annotation.PathVariable; import org.springframework.web.bind.annotation.RestController; @@ -42,19 +45,23 @@ public class UserPreferenceController implements UserPreferenceResource, PublicR @PreAuthorize("hasAuthority('" + UserManagementPermissions.MANAGE_USER_PREFERENCES + "')") public void setAttribute(@PathVariable(KEY_PARAMETER_NAME) String key, List values) { - String userId = KeycloakSecurity.getUserId(); + try { + String userId = KeycloakSecurity.getUserId(); - var userResource = userService.getUserResource(userId); - var userRepresentation = userResource.toRepresentation(); + var userResource = userService.getUserResource(userId); + var userRepresentation = userResource.toRepresentation(); - var attributes = userRepresentation.getAttributes(); - if (attributes == null) { - attributes = new HashMap<>(); + var attributes = userRepresentation.getAttributes(); + if (attributes == null) { + attributes = new HashMap<>(); + } + attributes.put(key, values); + userRepresentation.setAttributes(attributes); + + userResource.update(userRepresentation); + } catch(NotFoundException exception) { + throw new ForbiddenException("user could not be authenticated because user data does not exist"); } - attributes.put(key, values); - userRepresentation.setAttributes(attributes); - - userResource.update(userRepresentation); }