Package com.foundationdb.rest.resources

Source Code of com.foundationdb.rest.resources.SecurityResource

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
/**
* Copyright (C) 2009-2013 FoundationDB, LLC
*
* This program is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with this program.  If not, see <http://www.gnu.org/licenses/>.
*/

package com.foundationdb.rest.resources;

import com.foundationdb.rest.ResourceRequirements;
import com.foundationdb.rest.RestResponseBuilder;
import com.foundationdb.server.error.ErrorCode;
import com.foundationdb.server.service.security.SecurityService;
import com.foundationdb.server.service.security.User;
import com.foundationdb.server.service.session.Session;

import javax.servlet.http.HttpServletRequest;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.Context;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

import com.fasterxml.jackson.databind.JsonNode;

import java.io.PrintWriter;
import java.util.ArrayList;
import java.util.List;

import static com.foundationdb.rest.resources.ResourceHelper.MEDIATYPE_JSON_JAVASCRIPT;
import static com.foundationdb.util.JsonUtils.readTree;

/**
* Security operations via REST.
*/
@Path("/security")
public class SecurityResource {
    private final ResourceRequirements reqs;

    public SecurityResource(ResourceRequirements reqs) {
        this.reqs = reqs;
    }

    @Path("/users")
    @POST
    @Consumes(MediaType.APPLICATION_JSON)
    @Produces(MEDIATYPE_JSON_JAVASCRIPT)
    public Response addUser(@Context HttpServletRequest request,
                            byte[] userBytes) throws Exception {
        RestResponseBuilder response = RestResponseBuilder.forRequest(request);
        if (!request.isUserInRole(SecurityService.ADMIN_ROLE)) {
            return response.status(Response.Status.FORBIDDEN).build();
        }
        JsonNode node = readTree(userBytes);
        JsonNode userNode = node.get("user");
        JsonNode passwordNode = node.get("password");
        JsonNode rolesNode = node.get("roles");
        if ((userNode == null) || !userNode.isTextual()) {
            return badRequest(response, "user string required");
        }
        if ((passwordNode == null) || !passwordNode.isTextual()) {
            return badRequest(response, "password string required");
        }
        if ((rolesNode == null) || !rolesNode.isArray()) {
            return badRequest(response, "roles array required");
        }
        final String user = userNode.asText();
        final String password = passwordNode.asText();
        final List<String> roles = new ArrayList<>();
        for (JsonNode elem : rolesNode) {
            roles.add(elem.asText());
        }
        response.body(new RestResponseBuilder.BodyGenerator() {
            @Override
            public void write(PrintWriter writer) throws Exception {
                User newUser = reqs.securityService.addUser(user, password, roles);
                writer.write("{\"id\":");
                writer.print(newUser.getId());
                writer.write('}');
            }
        });
        return response.build();
    }

    @Path("/users/{user}")
    @DELETE
    @Consumes(MediaType.APPLICATION_JSON)
    @Produces(MEDIATYPE_JSON_JAVASCRIPT)
    public Response deleteUser(@Context HttpServletRequest request,
                               @PathParam("user") final String user) {
        RestResponseBuilder response = RestResponseBuilder.forRequest(request);
        if (!request.isUserInRole(SecurityService.ADMIN_ROLE)) {
            return response.status(Response.Status.FORBIDDEN).build();
        }
        response.body(new RestResponseBuilder.BodyGenerator() {
            @Override
            public void write(PrintWriter writer) throws Exception {
                try (Session session = reqs.sessionService.createSession()) {
                    reqs.dxlService.ddlFunctions().dropSchema(session, user);
                    reqs.securityService.deleteUser(user);
                }
            }
        });
        return response.build();
    }

    private static Response badRequest(RestResponseBuilder builder, String message) {
        return builder
                .status(Response.Status.BAD_REQUEST)
                .body(ErrorCode.SECURITY, message)
                .build();
    }
}
TOP

Related Classes of com.foundationdb.rest.resources.SecurityResource

  • com.fasterxml.jackson.databind.JsonNode
  • com.foundationdb.rest.RestResponseBuilder
  • com.foundationdb.server.service.security.User
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.