| /* |
| * Licensed to the Apache Software Foundation (ASF) under one or more |
| * contributor license agreements. See the NOTICE file distributed with |
| * this work for additional information regarding copyright ownership. |
| * The ASF licenses this file to You under the Apache License, Version 2.0 |
| * (the "License"); you may not use this file except in compliance with |
| * the License. You may obtain a copy of the License at |
| * |
| * http://www.apache.org/licenses/LICENSE-2.0 |
| * |
| * Unless required by applicable law or agreed to in writing, software |
| * distributed under the License is distributed on an "AS IS" BASIS, |
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| * See the License for the specific language governing permissions and |
| * limitations under the License. |
| */ |
| package org.apache.usergrid.rest.management.organizations.users; |
| |
| |
| import com.fasterxml.jackson.jaxrs.json.annotation.JSONP; |
| import org.apache.usergrid.management.OrganizationInfo; |
| import org.apache.usergrid.management.UserInfo; |
| import org.apache.usergrid.management.exceptions.ManagementException; |
| import org.apache.usergrid.rest.AbstractContextResource; |
| import org.apache.usergrid.rest.ApiResponse; |
| import org.apache.usergrid.rest.RootResource; |
| import org.apache.usergrid.rest.security.annotations.RequireOrganizationAccess; |
| import org.apache.usergrid.security.shiro.utils.SubjectUtils; |
| import org.slf4j.Logger; |
| import org.slf4j.LoggerFactory; |
| import org.springframework.context.annotation.Scope; |
| import org.springframework.stereotype.Component; |
| |
| import javax.ws.rs.*; |
| import javax.ws.rs.core.Context; |
| import javax.ws.rs.core.MediaType; |
| import javax.ws.rs.core.UriInfo; |
| import java.util.LinkedHashMap; |
| import java.util.List; |
| import java.util.Map; |
| import java.util.UUID; |
| |
| import static org.apache.commons.collections.MapUtils.getObject; |
| import static org.apache.usergrid.rest.exceptions.SecurityException.mappableSecurityException; |
| import static org.apache.usergrid.utils.ConversionUtils.getBoolean; |
| import static org.apache.usergrid.utils.ConversionUtils.string; |
| |
| |
| @Component("org.apache.usergrid.rest.management.organizations.users.UsersResource") |
| @Scope("prototype") |
| @Produces({ |
| MediaType.APPLICATION_JSON, "application/javascript", "application/x-javascript", "text/ecmascript", |
| "application/ecmascript", "text/jscript" |
| }) |
| public class UsersResource extends AbstractContextResource { |
| |
| private static final Logger logger = LoggerFactory.getLogger( UsersResource.class ); |
| |
| OrganizationInfo organization; |
| |
| |
| public UsersResource() { |
| } |
| |
| |
| public UsersResource init( OrganizationInfo organization ) { |
| this.organization = organization; |
| return this; |
| } |
| |
| |
| @RequireOrganizationAccess |
| @GET |
| @JSONP |
| @Produces({MediaType.APPLICATION_JSON, "application/javascript"}) |
| public ApiResponse getOrganizationUsers( @Context UriInfo ui, |
| @QueryParam("callback") @DefaultValue("callback") String callback ) |
| throws Exception { |
| |
| ApiResponse response = createApiResponse(); |
| response.setAction( "get organization users" ); |
| |
| List<UserInfo> users = management.getAdminUsersForOrganization( organization.getUuid() ); |
| response.setData( users ); |
| return response; |
| } |
| |
| |
| @RequireOrganizationAccess |
| @POST |
| @Consumes(MediaType.APPLICATION_JSON) |
| @JSONP |
| @Produces({MediaType.APPLICATION_JSON, "application/javascript"}) |
| public ApiResponse newUserForOrganization( @Context UriInfo ui, Map<String, Object> json, |
| @QueryParam("callback") @DefaultValue("callback") String callback ) |
| throws Exception { |
| |
| String email = string( json.get( "email" ) ); |
| String username = string( json.get( "username" ) ); |
| String name = string( json.get( "name" ) ); |
| String password = string( json.get( "password" ) ); |
| boolean invite = getBoolean( getObject( json, "invite", true ) ); |
| |
| return newUserForOrganizationFromForm( ui, username, name, email, password, invite, callback ); |
| } |
| |
| |
| @RequireOrganizationAccess |
| @POST |
| @Consumes(MediaType.APPLICATION_FORM_URLENCODED) |
| @JSONP |
| @Produces({MediaType.APPLICATION_JSON, "application/javascript"}) |
| public ApiResponse newUserForOrganizationFromForm( @Context UriInfo ui, @FormParam("username") String username, |
| @FormParam("name") String name, |
| @FormParam("email") String email, |
| @FormParam("password") String password, |
| @FormParam("invite") @DefaultValue("true") boolean invite, |
| @QueryParam("callback") @DefaultValue("callback") |
| String callback ) throws Exception { |
| |
| logger.info( "New user for organization: {} ({})", username, email); |
| |
| ApiResponse response = createApiResponse(); |
| response.setAction( "create user" ); |
| |
| UserInfo user = null; |
| if ( invite ) { |
| user = management.getAdminUserByEmail( email ); |
| } |
| |
| if ( user == null ) { |
| |
| if ( tokens.isExternalSSOProviderEnabled() ){ |
| //autoactivating user, since the activation is done via the external sso provider. |
| user = management.createAdminUser(organization.getUuid(),username,name,email,password,true,false); |
| } |
| else { |
| user = management.createAdminUser(organization.getUuid(), username, name, email, password, false, false); |
| // A null may be returned if the user fails validation check |
| if (user != null) { |
| management.startAdminUserPasswordResetFlow(organization.getUuid(), user); |
| } |
| } |
| |
| // DO NOT REMOVE - used for external classes to hook into any post-processing |
| management.createAdminUserPostProcessing(user, null); |
| |
| } |
| |
| if ( user == null ) { |
| return null; |
| } |
| |
| management.addAdminUserToOrganization( user, organization, true ); |
| |
| // DO NOT REMOVE - used for external classes to hook into any post-processing |
| management.addUserToOrganizationPostProcessing(user, organization.getName(), null); |
| |
| Map<String, Object> result = new LinkedHashMap<String, Object>(); |
| result.put( "user", user ); |
| response.setData( result ); |
| response.setSuccess(); |
| |
| return response; |
| } |
| |
| |
| @RequireOrganizationAccess |
| @PUT |
| @Path(RootResource.USER_ID_PATH) |
| @JSONP |
| @Produces({MediaType.APPLICATION_JSON, "application/javascript"}) |
| public ApiResponse addUserToOrganization( @Context UriInfo ui, @PathParam("userId") String userIdStr, |
| @QueryParam("callback") @DefaultValue("callback") String callback ) |
| throws Exception { |
| |
| ApiResponse response = createApiResponse(); |
| response.setAction( "add user to organization" ); |
| |
| UserInfo user = management.getAdminUserByUuid( UUID.fromString( userIdStr ) ); |
| if ( user == null ) { |
| throw new ManagementException( "No user found for: " + userIdStr ); |
| } |
| management.addAdminUserToOrganization( user, organization, true ); |
| |
| // DO NOT REMOVE - used for external classes to hook into any post-processing |
| management.addUserToOrganizationPostProcessing(user, organization.getName(), null); |
| |
| Map<String, Object> result = new LinkedHashMap<String, Object>(); |
| result.put( "user", user ); |
| response.setData( result ); |
| response.setSuccess(); |
| |
| return response; |
| } |
| |
| |
| @RequireOrganizationAccess |
| @PUT |
| @Path(RootResource.EMAIL_PATH) |
| @JSONP |
| @Produces({MediaType.APPLICATION_JSON, "application/javascript"}) |
| public ApiResponse addUserToOrganizationByEmail( @Context UriInfo ui, @PathParam("email") String email, |
| @QueryParam("callback") @DefaultValue("callback") |
| String callback ) throws Exception { |
| |
| ApiResponse response = createApiResponse(); |
| response.setAction( "add user to organization" ); |
| |
| UserInfo user = management.getAdminUserByEmail( email ); |
| if ( user == null ) { |
| throw new ManagementException( "User with specified email not found: " + email ); |
| } |
| management.addAdminUserToOrganization( user, organization, true ); |
| |
| // DO NOT REMOVE - used for external classes to hook into any post-processing |
| management.addUserToOrganizationPostProcessing(user, organization.getName(), null); |
| |
| Map<String, Object> result = new LinkedHashMap<String, Object>(); |
| result.put( "user", user ); |
| response.setData( result ); |
| response.setSuccess(); |
| |
| return response; |
| } |
| |
| |
| @RequireOrganizationAccess |
| @PUT |
| @Path("{username}") |
| @JSONP |
| @Produces({MediaType.APPLICATION_JSON, "application/javascript"}) |
| public ApiResponse addUserToOrganizationByUsername( @Context UriInfo ui, @PathParam("username") String username, |
| @QueryParam("callback") @DefaultValue("callback") |
| String callback ) throws Exception { |
| |
| if ( "me".equals( username ) ) { |
| UserInfo user = SubjectUtils.getAdminUser(); |
| if ( ( user != null ) && ( user.getUuid() != null ) ) { |
| return addUserToOrganization( ui, user.getUuid().toString(), callback ); |
| } |
| throw mappableSecurityException( "unauthorized", "No admin identity for access credentials provided" ); |
| } |
| |
| ApiResponse response = createApiResponse(); |
| response.setAction( "add user to organization" ); |
| |
| UserInfo user = management.getAdminUserByUsername( username ); |
| if ( user == null ) { |
| throw new ManagementException( "Username not found: " + username ); |
| } |
| management.addAdminUserToOrganization( user, organization, true ); |
| |
| // DO NOT REMOVE - used for external classes to hook into any post-processing |
| management.addUserToOrganizationPostProcessing(user, organization.getName(), null); |
| |
| Map<String, Object> result = new LinkedHashMap<String, Object>(); |
| result.put( "user", user ); |
| response.setData( result ); |
| response.setSuccess(); |
| |
| return response; |
| } |
| |
| |
| @RequireOrganizationAccess |
| @DELETE |
| @Path(RootResource.USER_ID_PATH) |
| public ApiResponse removeUserFromOrganizationByUserId( @Context UriInfo ui, |
| @PathParam("userId") String userIdStr, |
| @QueryParam("callback") @DefaultValue("callback") |
| String callback ) throws Exception { |
| |
| ApiResponse response = createApiResponse(); |
| response.setAction( "remove user from organization" ); |
| |
| UserInfo user = management.getAdminUserByUuid( UUID.fromString( userIdStr ) ); |
| if ( user == null ) { |
| return null; |
| } |
| management.removeAdminUserFromOrganization( user.getUuid(), organization.getUuid() ); |
| |
| // DO NOT REMOVE - used for external classes to hook into any post-processing |
| management.removeUserFromOrganizationPostProcessing(user, organization.getName(), null); |
| |
| Map<String, Object> result = new LinkedHashMap<String, Object>(); |
| result.put( "user", user ); |
| response.setData( result ); |
| response.setSuccess(); |
| |
| return response; |
| } |
| |
| |
| @RequireOrganizationAccess |
| @DELETE |
| @Path("{username}") |
| @JSONP |
| @Produces({MediaType.APPLICATION_JSON, "application/javascript"}) |
| public ApiResponse removeUserFromOrganizationByUsername( @Context UriInfo ui, |
| @PathParam("username") String username, |
| @QueryParam("callback") @DefaultValue("callback") |
| String callback ) throws Exception { |
| |
| if ( "me".equals( username ) ) { |
| UserInfo user = SubjectUtils.getAdminUser(); |
| if ( ( user != null ) && ( user.getUuid() != null ) ) { |
| return removeUserFromOrganizationByUserId( ui, user.getUuid().toString(), callback ); |
| } |
| throw mappableSecurityException( "unauthorized", "No admin identity for access credentials provided" ); |
| } |
| |
| ApiResponse response = createApiResponse(); |
| response.setAction( "remove user from organization" ); |
| |
| UserInfo user = management.getAdminUserByUsername( username ); |
| if ( user == null ) { |
| return null; |
| } |
| management.removeAdminUserFromOrganization( user.getUuid(), organization.getUuid() ); |
| |
| // DO NOT REMOVE - used for external classes to hook into any post-processing |
| management.removeUserFromOrganizationPostProcessing(user, organization.getName(), null); |
| |
| Map<String, Object> result = new LinkedHashMap<String, Object>(); |
| result.put( "user", user ); |
| response.setData( result ); |
| response.setSuccess(); |
| |
| return response; |
| } |
| |
| |
| @RequireOrganizationAccess |
| @DELETE |
| @Path(RootResource.EMAIL_PATH) |
| @JSONP |
| @Produces({MediaType.APPLICATION_JSON, "application/javascript"}) |
| public ApiResponse removeUserFromOrganizationByEmail( @Context UriInfo ui, @PathParam("email") String email, |
| @QueryParam("callback") @DefaultValue("callback") |
| String callback ) throws Exception { |
| |
| ApiResponse response = createApiResponse(); |
| response.setAction( "remove user from organization" ); |
| |
| UserInfo user = management.getAdminUserByEmail( email ); |
| if ( user == null ) { |
| return null; |
| } |
| management.removeAdminUserFromOrganization( user.getUuid(), organization.getUuid() ); |
| |
| // DO NOT REMOVE - used for external classes to hook into any post-processing |
| management.removeUserFromOrganizationPostProcessing(user, organization.getName(), null); |
| |
| Map<String, Object> result = new LinkedHashMap<String, Object>(); |
| result.put( "user", user ); |
| response.setData( result ); |
| response.setSuccess(); |
| |
| return response; |
| } |
| } |