2022-09-28 16:58:17 +02:00
|
|
|
package org.gcube.gcat.rest.administration;
|
2018-12-04 12:06:22 +01:00
|
|
|
|
|
|
|
import javax.ws.rs.Consumes;
|
|
|
|
import javax.ws.rs.DELETE;
|
2022-04-21 17:44:34 +02:00
|
|
|
import javax.ws.rs.ForbiddenException;
|
2018-12-04 12:06:22 +01:00
|
|
|
import javax.ws.rs.GET;
|
2022-04-12 11:48:12 +02:00
|
|
|
//import javax.ws.rs.NotAuthorizedException;
|
2018-12-04 12:06:22 +01:00
|
|
|
import javax.ws.rs.POST;
|
|
|
|
import javax.ws.rs.PUT;
|
|
|
|
import javax.ws.rs.Path;
|
|
|
|
import javax.ws.rs.PathParam;
|
|
|
|
import javax.ws.rs.Produces;
|
|
|
|
import javax.ws.rs.core.Response;
|
2022-04-21 16:43:24 +02:00
|
|
|
import javax.ws.rs.core.Response.Status;
|
2018-12-04 12:06:22 +01:00
|
|
|
|
2022-04-21 17:44:34 +02:00
|
|
|
import org.gcube.common.authorization.utils.manager.SecretManager;
|
|
|
|
import org.gcube.common.authorization.utils.manager.SecretManagerProvider;
|
2022-04-21 16:43:24 +02:00
|
|
|
import org.gcube.gcat.annotation.PURGE;
|
2022-04-12 11:48:12 +02:00
|
|
|
//import org.gcube.common.authorization.control.annotations.AuthorizationControl;
|
2022-02-21 10:34:52 +01:00
|
|
|
import org.gcube.gcat.api.GCatConstants;
|
2022-04-21 17:44:34 +02:00
|
|
|
import org.gcube.gcat.api.roles.Role;
|
2022-04-12 11:48:12 +02:00
|
|
|
//import org.gcube.gcat.api.roles.Role;
|
2018-12-04 12:06:22 +01:00
|
|
|
import org.gcube.gcat.persistence.ckan.CKANUser;
|
2022-04-21 16:43:24 +02:00
|
|
|
import org.gcube.gcat.persistence.ckan.CKANUserCache;
|
2022-09-28 16:58:17 +02:00
|
|
|
import org.gcube.gcat.rest.REST;
|
2018-12-04 12:06:22 +01:00
|
|
|
|
2022-09-28 16:58:17 +02:00
|
|
|
import com.webcohesion.enunciate.metadata.rs.ResourceGroup;
|
2022-09-28 14:45:02 +02:00
|
|
|
import com.webcohesion.enunciate.metadata.rs.ResourceLabel;
|
|
|
|
|
2018-12-04 12:06:22 +01:00
|
|
|
/**
|
|
|
|
* @author Luca Frosini (ISTI - CNR)
|
|
|
|
*/
|
2019-01-29 17:46:22 +01:00
|
|
|
@Path(User.USERS)
|
2022-09-28 16:58:17 +02:00
|
|
|
@ResourceGroup("Administration APIs")
|
2022-09-28 14:45:02 +02:00
|
|
|
@ResourceLabel("User APIs")
|
2019-01-29 17:46:22 +01:00
|
|
|
public class User extends REST<CKANUser> implements org.gcube.gcat.api.interfaces.User<Response,Response> {
|
2018-12-04 12:06:22 +01:00
|
|
|
|
2022-04-21 17:44:34 +02:00
|
|
|
protected static final String GCUBE_USERNAME_PARAMETER = "GCUBE_USERNAME";
|
|
|
|
protected static final String CKAN_USER_ID_PARAMETER = "USER_ID";
|
2018-12-04 12:06:22 +01:00
|
|
|
|
|
|
|
public User() {
|
2022-04-21 17:44:34 +02:00
|
|
|
super(USERS, CKAN_USER_ID_PARAMETER, CKANUser.class);
|
2018-12-04 12:06:22 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
@GET
|
2022-02-21 10:34:52 +01:00
|
|
|
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
|
2022-04-12 11:48:12 +02:00
|
|
|
// @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
|
2018-12-04 12:06:22 +01:00
|
|
|
public String list() {
|
2019-09-16 14:48:18 +02:00
|
|
|
return super.list(-1, -1);
|
2018-12-04 12:06:22 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
@POST
|
2022-02-21 10:34:52 +01:00
|
|
|
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
|
|
|
|
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
|
2018-12-04 12:06:22 +01:00
|
|
|
@Override
|
2022-04-12 11:48:12 +02:00
|
|
|
// @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
|
2018-12-04 12:06:22 +01:00
|
|
|
public Response create(String json) {
|
|
|
|
return super.create(json);
|
|
|
|
}
|
|
|
|
|
|
|
|
@GET
|
2022-04-21 17:44:34 +02:00
|
|
|
@Path("/{" + CKAN_USER_ID_PARAMETER + "}")
|
2022-02-21 10:34:52 +01:00
|
|
|
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
|
2018-12-04 12:06:22 +01:00
|
|
|
@Override
|
2022-04-12 11:48:12 +02:00
|
|
|
// @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
|
2022-04-21 17:44:34 +02:00
|
|
|
public String read(@PathParam(CKAN_USER_ID_PARAMETER) String username) {
|
2019-01-29 17:46:22 +01:00
|
|
|
return super.read(username);
|
2018-12-04 12:06:22 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
@PUT
|
2022-04-21 17:44:34 +02:00
|
|
|
@Path("/{" + CKAN_USER_ID_PARAMETER + "}")
|
2022-02-21 10:34:52 +01:00
|
|
|
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
|
|
|
|
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
|
2018-12-04 12:06:22 +01:00
|
|
|
@Override
|
2022-04-12 11:48:12 +02:00
|
|
|
// @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
|
2022-04-21 17:44:34 +02:00
|
|
|
public String update(@PathParam(CKAN_USER_ID_PARAMETER) String username, String json) {
|
2019-01-29 17:46:22 +01:00
|
|
|
return super.update(username, json);
|
2018-12-04 12:06:22 +01:00
|
|
|
}
|
|
|
|
|
2022-04-21 17:44:34 +02:00
|
|
|
@PURGE
|
|
|
|
@Path("/{" + CKAN_USER_ID_PARAMETER + "}")
|
2022-04-12 11:48:12 +02:00
|
|
|
// @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
|
2022-04-21 17:44:34 +02:00
|
|
|
public Response purge(@PathParam(CKAN_USER_ID_PARAMETER) String username) {
|
|
|
|
return super.delete(username, true);
|
|
|
|
}
|
|
|
|
|
|
|
|
|
|
|
|
@DELETE
|
|
|
|
// @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
|
|
|
|
public Response removeCallerFromCache() {
|
|
|
|
SecretManager secretManager = SecretManagerProvider.instance.get();
|
|
|
|
org.gcube.common.authorization.utils.user.User user = secretManager.getUser();
|
|
|
|
if(user.getRoles().contains(Role.MANAGER.getPortalRole())) {
|
|
|
|
CKANUserCache.removeUserFromCache();
|
|
|
|
}else {
|
2022-04-21 17:51:57 +02:00
|
|
|
throw new ForbiddenException("Only " + Role.MANAGER.getPortalRole() + "s are authorized to remove an user from the cache");
|
2022-04-21 17:44:34 +02:00
|
|
|
}
|
2022-04-21 16:43:24 +02:00
|
|
|
return Response.status(Status.NO_CONTENT).build();
|
|
|
|
}
|
|
|
|
|
2022-04-21 17:44:34 +02:00
|
|
|
@DELETE
|
|
|
|
@Path("/{" + GCUBE_USERNAME_PARAMETER + "}")
|
2022-04-21 16:43:24 +02:00
|
|
|
// @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
|
2022-04-21 17:44:34 +02:00
|
|
|
public Response removeUserFromCache(@PathParam(GCUBE_USERNAME_PARAMETER) String username) {
|
|
|
|
SecretManager secretManager = SecretManagerProvider.instance.get();
|
|
|
|
org.gcube.common.authorization.utils.user.User user = secretManager.getUser();
|
|
|
|
if(user.getRoles().contains(Role.MANAGER.getPortalRole())) {
|
|
|
|
CKANUserCache.removeUserFromCache(username);
|
|
|
|
}else {
|
2022-04-21 17:51:57 +02:00
|
|
|
throw new ForbiddenException("Only " + Role.MANAGER.getPortalRole() + "s are authorized to remove an user from the cache");
|
2022-04-21 17:44:34 +02:00
|
|
|
}
|
|
|
|
return Response.status(Status.NO_CONTENT).build();
|
2018-12-04 12:06:22 +01:00
|
|
|
}
|
|
|
|
|
|
|
|
}
|