@ApiOperation(
value = "Adding a User",
notes = "The User data is passed as JSON in the Request Body")
@RequestMapping(
method = RequestMethod.POST,
consumes = MediaType.APPLICATION_JSON_VALUE,
produces = MediaType.APPLICATION_JSON_VALUE)
@ResponseStatus(HttpStatus.CREATED)
@PreAuthorize("hasAnyRole('ROLE_ADMIN')")
public User create(@RequestBody @Valid User user)
throws PasswordWeakException, NotAllowedException, BadRequestException, NotFoundException {
log.info("Adding user: " + user.getUsername());
if (isAdmin()) {
user = userManagement.add(user);
} else {
throw new NotAllowedException("Forbidden to create a new user");
}
return user;
}