diff --git a/ccm-core/src/main/java/org/libreccm/security/GroupMembership.java b/ccm-core/src/main/java/org/libreccm/security/GroupMembership.java index fe18e4c81..f32603937 100644 --- a/ccm-core/src/main/java/org/libreccm/security/GroupMembership.java +++ b/ccm-core/src/main/java/org/libreccm/security/GroupMembership.java @@ -160,6 +160,10 @@ public class GroupMembership implements Serializable, Exportable { return obj instanceof GroupMembership; } + public JsonObject toJson() { + return buildJson().build(); + } + public JsonObjectBuilder buildJson() { return Json diff --git a/ccm-core/src/main/java/org/libreccm/security/RoleMembership.java b/ccm-core/src/main/java/org/libreccm/security/RoleMembership.java index acea95f50..3ef431a44 100644 --- a/ccm-core/src/main/java/org/libreccm/security/RoleMembership.java +++ b/ccm-core/src/main/java/org/libreccm/security/RoleMembership.java @@ -35,6 +35,7 @@ import com.fasterxml.jackson.annotation.ObjectIdGenerators; import org.libreccm.imexport.Exportable; import javax.json.Json; +import javax.json.JsonObject; import javax.json.JsonObjectBuilder; import javax.persistence.Column; import javax.persistence.Entity; @@ -160,6 +161,10 @@ public class RoleMembership implements Serializable, Exportable { public boolean canEqual(final Object obj) { return obj instanceof RoleMembership; } + + public JsonObject toJson() { + return buildJson().build(); + } public JsonObjectBuilder buildJson() { return Json diff --git a/ccm-core/src/main/java/org/libreccm/security/UsersApi.java b/ccm-core/src/main/java/org/libreccm/security/UsersApi.java index 77f1119da..9f437438a 100644 --- a/ccm-core/src/main/java/org/libreccm/security/UsersApi.java +++ b/ccm-core/src/main/java/org/libreccm/security/UsersApi.java @@ -57,11 +57,23 @@ public class UsersApi { private IdentifierExtractor identifierExtractor; @Inject - private UserRepository userRepository; + private GroupManager groupManager; + + @Inject + private GroupRepository groupRepository; + + @Inject + private RoleManager roleManager; + + @Inject + private RoleRepository roleRepository; @Inject private UserManager userManager; + @Inject + private UserRepository userRepository; + @GET @Path("/") @Produces(MediaType.APPLICATION_JSON) @@ -188,34 +200,34 @@ public class UsersApi { final JsonObject userData ) { final User user = findUser(userIdentifier); - + boolean updated = false; if (!userData.isNull("familyName") - && !userData.getString("familyName").equals(user.getFamilyName())) { + && !userData.getString("familyName") + .equals(user.getFamilyName())) { user.setFamilyName(userIdentifier); updated = true; } - + if (!userData.isNull("givenName") - && !userData.getString("givenName").equals(user.getGivenName())) { + && !userData.getString("givenName").equals(user.getGivenName())) { user.setGivenName(userData.getString("givenName")); updated = true; } - + if (!userData.isNull("emailAddress") - && !userData.getString("emailAddress") - .equals(user.getPrimaryEmailAddress().getAddress()) - ) { + && !userData.getString("emailAddress") + .equals(user.getPrimaryEmailAddress().getAddress())) { user .getPrimaryEmailAddress() .setAddress(userData.getString("emailAddress")); updated = true; } - + if (updated) { userRepository.save(user); } - + return Response .status(Response.Status.OK) .entity( @@ -234,7 +246,13 @@ public class UsersApi { @PathParam("userIdentifier") final String userIdentifier ) { - throw new UnsupportedOperationException(); + final User user = findUser(userIdentifier); + final String name = user.getName(); + userRepository.delete(user); + return Response + .status(Response.Status.OK) + .entity(String.format("User %s deleted successfully.", name)) + .build(); } @GET @@ -247,7 +265,11 @@ public class UsersApi { @PathParam("userIdentifier") final String userIdentifier ) { - throw new UnsupportedOperationException(); + return findUser(userIdentifier) + .getGroupMemberships() + .stream() + .map(GroupMembership::toJson) + .collect(new JsonArrayCollector()); } @PUT @@ -261,7 +283,21 @@ public class UsersApi { @PathParam("groupIdentifier") final String groupIdentifier ) { - throw new UnsupportedOperationException(); + final User user = findUser(userIdentifier); + final Group group = findGroup(groupIdentifier); + + groupManager.addMemberToGroup(user, group); + + return Response + .ok() + .entity( + String.format( + "User %s successfully added to group %s.", + user.getName(), + group.getName() + ) + ) + .build(); } @DELETE @@ -275,7 +311,21 @@ public class UsersApi { @PathParam("groupIdentifier") final String groupIdentifier ) { - throw new UnsupportedOperationException(); + final User user = findUser(userIdentifier); + final Group group = findGroup(groupIdentifier); + + groupManager.removeMemberFromGroup(user, group); + + return Response + .ok() + .entity( + String.format( + "User %s successfully removed to group %s.", + user.getName(), + group.getName() + ) + ) + .build(); } @GET @@ -288,7 +338,11 @@ public class UsersApi { @PathParam("userIdentifier") final String userIdentifier ) { - throw new UnsupportedOperationException(); + return findUser(userIdentifier) + .getRoleMemberships() + .stream() + .map(RoleMembership::toJson) + .collect(new JsonArrayCollector()); } @PUT @@ -302,7 +356,21 @@ public class UsersApi { @PathParam("roleIdentifier") final String roleIdentifier ) { - throw new UnsupportedOperationException(); + final User user = findUser(userIdentifier); + final Role role = findRole(roleIdentifier); + + roleManager.assignRoleToParty(role, user); + + return Response + .ok() + .entity( + String.format( + "Role %s successfully assigned to user %s.", + role.getName(), + user.getName() + ) + ) + .build(); } @DELETE @@ -316,7 +384,109 @@ public class UsersApi { @PathParam("roleIdentifier") final String roleIdentifier ) { - throw new UnsupportedOperationException(); + final User user = findUser(userIdentifier); + final Role role = findRole(roleIdentifier); + + roleManager.removeRoleFromParty(role, user); + + return Response + .ok() + .entity( + String.format( + "Role %s successfully removed from user %s.", + role.getName(), + user.getName() + ) + ) + .build(); + } + + private Group findGroup(final String groupIdentifier) { + final ExtractedIdentifier identifier = identifierExtractor + .extractIdentifier(groupIdentifier); + + switch (identifier.getType()) { + case ID: + return groupRepository + .findById(Long.parseLong(identifier.getIdentifier())) + .orElseThrow( + () -> new WebApplicationException( + String.format( + "No group with ID %s found", + identifier.getIdentifier() + ), + Response.Status.NOT_FOUND + ) + ); + case UUID: + return groupRepository + .findByUuid(identifier.getIdentifier()) + .orElseThrow( + () -> new WebApplicationException( + String.format( + "No group with UUID %s found.", + identifier.getIdentifier() + ), + Response.Status.NOT_FOUND + ) + ); + default: + return groupRepository + .findByName(identifier.getIdentifier()) + .orElseThrow( + () -> new WebApplicationException( + String.format( + "No group with name %s found.", + identifier.getIdentifier() + ), + Response.Status.NOT_FOUND + ) + ); + } + } + + private Role findRole(final String roleIdentifier) { + final ExtractedIdentifier identifier = identifierExtractor + .extractIdentifier(roleIdentifier); + + switch (identifier.getType()) { + case ID: + return roleRepository + .findById(Long.parseLong(identifier.getIdentifier())) + .orElseThrow( + () -> new WebApplicationException( + String.format( + "No role with ID %s found.", + identifier.getIdentifier() + ), + Response.Status.NOT_FOUND + ) + ); + case UUID: + return roleRepository + .findByUuid(identifier.getIdentifier()) + .orElseThrow( + () -> new WebApplicationException( + String.format( + "No role with UUID %s found.", + identifier.getIdentifier() + ), + Response.Status.NOT_FOUND + ) + ); + default: + return roleRepository + .findByName(identifier.getIdentifier()) + .orElseThrow( + () -> new WebApplicationException( + String.format( + "No role with name %s found.", + identifier.getIdentifier() + ), + Response.Status.NOT_FOUND + ) + ); + } } private User findUser(final String identifierParam) { @@ -341,7 +511,7 @@ public class UsersApi { .orElseThrow( () -> new WebApplicationException( String.format( - "No user with ID %s found.", + "No user with UUID %s found.", identifier.getIdentifier() ), Response.Status.NOT_FOUND) @@ -352,7 +522,7 @@ public class UsersApi { .orElseThrow( () -> new WebApplicationException( String.format( - "No user with ID %s found.", + "No user with name %s found.", identifier.getIdentifier() ), Response.Status.NOT_FOUND)