LibreCCM
/
libreccm
3
0
Fork 0
Code Issues 10 Pull Requests Packages Releases Wiki Activity

Started implementation of RESTful API endpoints for Roles

Jens Pelzetter 2020-05-27 21:37:34 +02:00
parent 1d7f88829b
commit 7d6424dcd9
1 changed files with 279 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

279
ccm-core/src/main/java/org/libreccm/security/RolesApi.java
View File

@ -5,8 +5,34 @@
*/
package org.libreccm.security;
import org.libreccm.core.CcmObject;
import org.libreccm.core.CcmObjectRepository;
import org.libreccm.core.CoreConstants;
import org.libreccm.core.api.ExtractedIdentifier;
import org.libreccm.core.api.IdentifierExtractor;
import org.libreccm.core.api.JsonArrayCollector;
import java.util.List;
import javax.enterprise.context.RequestScoped;
import javax.inject.Inject;
import javax.json.Json;
import javax.json.JsonArray;
import javax.json.JsonObject;
import javax.transaction.Transactional;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET;
import javax.ws.rs.POST;
import javax.ws.rs.PUT;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
/**
*
@ -15,5 +41,258 @@ import javax.ws.rs.Path;
@RequestScoped
@Path("/roles")
public class RolesApi {
@Inject
private IdentifierExtractor identifierExtractor;
@Inject
private CcmObjectRepository ccmObjectRepository;
@Inject
private PartyRepository partyRepository;
@Inject
private RoleManager roleManager;
@Inject
private RoleRepository roleRepository;
@GET
@Path("/")
@Produces(MediaType.APPLICATION_JSON)
@AuthorizationRequired
@RequiresPrivilege(CoreConstants.PRIVILEGE_ADMIN)
@Transactional(Transactional.TxType.REQUIRED)
public JsonObject getRoles(
@QueryParam("limit") @DefaultValue("20") final int limit,
@QueryParam("offset") @DefaultValue("0") final int offset
) {
final long count = roleRepository.countAll();
final List<Role> roles = roleRepository.findAll(limit, offset);
return Json
.createObjectBuilder()
.add("count", count)
.add("limit", limit)
.add("offset", offset)
.add(
"roles",
roles
.stream()
.map(Role::toJson)
.collect(new JsonArrayCollector())
)
.build();
}
@GET
@Path("/{roleIdentifier}")
@Produces(MediaType.APPLICATION_JSON)
@AuthorizationRequired
@RequiresPrivilege(CoreConstants.PRIVILEGE_ADMIN)
@Transactional(Transactional.TxType.REQUIRED)
public JsonObject getRole(
@PathParam("roleIdentifier") final String roleIdentifier
) {
return findRole(roleIdentifier).toJson();
}
@POST
@Path("/")
@Consumes(MediaType.APPLICATION_JSON)
@AuthorizationRequired
@RequiresPrivilege(CoreConstants.PRIVILEGE_ADMIN)
@Transactional(Transactional.TxType.REQUIRED)
public Response addRole(final JsonObject roleData) {
throw new UnsupportedOperationException();
}
@PUT
@Path("/{roleIdentifier}")
@Consumes(MediaType.APPLICATION_JSON)
@AuthorizationRequired
@RequiresPrivilege(CoreConstants.PRIVILEGE_ADMIN)
@Transactional(Transactional.TxType.REQUIRED)
public Response updateRole(
@PathParam("roleIdentifier") final String groupIdentifier,
final JsonObject groupData
) {
throw new UnsupportedOperationException();
}
@DELETE
@Path("/{roleIdentifier}")
@Consumes(MediaType.APPLICATION_JSON)
@AuthorizationRequired
@RequiresPrivilege(CoreConstants.PRIVILEGE_ADMIN)
@Transactional(Transactional.TxType.REQUIRED)
public Response deleteRole(
@PathParam("groupIdentifier") final String groupIdentifier
) {
throw new UnsupportedOperationException();
}
@GET
@Path("/{roleIdentifier}/members")
@Produces(MediaType.APPLICATION_JSON)
@AuthorizationRequired
@RequiresPrivilege(CoreConstants.PRIVILEGE_ADMIN)
@Transactional(Transactional.TxType.REQUIRED)
public JsonArray getMembers(
@PathParam("roleIdentifier") final String roleIdentifier
) {
throw new UnsupportedOperationException();
}
@PUT
@Path("/{roleIdentifier}/members/{partyIdentifier}")
@AuthorizationRequired
@RequiresPrivilege(CoreConstants.PRIVILEGE_ADMIN)
@Transactional(Transactional.TxType.REQUIRED)
public Response addMember(
@PathParam("roleIdentifier") final String groupIdentifier,
@PathParam("partyIdentifier") final String userIdentifier
) {
throw new UnsupportedOperationException();
}
@DELETE
@Path("/{roleIdentifier}/members/{partyIdentifier}")
@AuthorizationRequired
@RequiresPrivilege(CoreConstants.PRIVILEGE_ADMIN)
@Transactional(Transactional.TxType.REQUIRED)
public Response removeMember(
@PathParam("roleIdentifier") final String groupIdentifier,
@PathParam("partyIdentifier") final String userIdentifier
) {
throw new UnsupportedOperationException();
}
@GET
@Path("/{roleIdentifier}/permissions")
@Produces(MediaType.APPLICATION_JSON)
@AuthorizationRequired
@RequiresPrivilege(CoreConstants.PRIVILEGE_ADMIN)
@Transactional(Transactional.TxType.REQUIRED)
public JsonArray getPermissions(
@PathParam("roleIdentifier") final String groupIdentifier
) {
throw new UnsupportedOperationException();
}
@POST
@Path("/{roleIdentifier}/permissions")
@Consumes(MediaType.APPLICATION_JSON)
@AuthorizationRequired
@RequiresPrivilege(CoreConstants.PRIVILEGE_ADMIN)
@Transactional(Transactional.TxType.REQUIRED)
public Response addPermission(
@PathParam("roleIdentifier") final String groupIdentifier,
final JsonObject permissionData
) {
throw new UnsupportedOperationException();
}
@DELETE
@Path("/{roleIdentifier}/permissions/{permissionIdentifier}")
@AuthorizationRequired
@RequiresPrivilege(CoreConstants.PRIVILEGE_ADMIN)
@Transactional(Transactional.TxType.REQUIRED)
public Response removePermission(
@PathParam("roleIdentifier") final String groupIdentifier,
@PathParam("permissionIdentifier") final String permissionIdentifier
) {
throw new UnsupportedOperationException();
}
private Party findParty(final String partyIdentifier) {
final ExtractedIdentifier identifier = identifierExtractor
.extractIdentifier(partyIdentifier);
switch (identifier.getType()) {
case ID:
return partyRepository
.findById(Long.parseLong(identifier.getIdentifier()))
.orElseThrow(
() -> new WebApplicationException(
String.format(
"No party with ID %s found",
identifier.getIdentifier()
),
Response.Status.NOT_FOUND
)
);
case UUID:
return partyRepository
.findByUuid(identifier.getIdentifier())
.orElseThrow(
() -> new WebApplicationException(
String.format(
"No party with UUID %s found",
identifier.getIdentifier()
),
Response.Status.NOT_FOUND
)
);
default:
return partyRepository
.findByName(identifier.getIdentifier())
.orElseThrow(
() -> new WebApplicationException(
String.format(
"No party with name %s found",
identifier.getIdentifier()
),
Response.Status.NOT_FOUND
)
);
}
}
private Role findRole(final String roleIdentifier) {
final ExtractedIdentifier identifier = identifierExtractor
.extractIdentifier(roleIdentifier);
switch (identifier.getType()) {
case ID:
return roleRepository
.findById(Long.parseLong(identifier.getIdentifier()))
.orElseThrow(
() -> new WebApplicationException(
String.format(
"No role with ID %s found.",
identifier.getIdentifier()
),
Response.Status.NOT_FOUND
)
);
case UUID:
return roleRepository
.findByUuid(identifier.getIdentifier())
.orElseThrow(
() -> new WebApplicationException(
String.format(
"No role with UUID %s found.",
identifier.getIdentifier()
),
Response.Status.NOT_FOUND
)
);
default:
return roleRepository
.findByName(identifier.getIdentifier())
.orElseThrow(
() -> new WebApplicationException(
String.format(
"No role with name %s found.",
identifier.getIdentifier()
),
Response.Status.NOT_FOUND
)
);
}
}
}