001/* 002 * (C) Copyright 2013 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl-2.1.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * dmetzler 016 */ 017package org.nuxeo.ecm.restapi.server.jaxrs.directory; 018 019import static org.nuxeo.ecm.restapi.server.jaxrs.directory.DirectorySessionRunner.withDirectorySession; 020 021import java.util.ArrayList; 022import java.util.List; 023 024import javax.ws.rs.GET; 025import javax.ws.rs.POST; 026import javax.ws.rs.Path; 027import javax.ws.rs.PathParam; 028import javax.ws.rs.Produces; 029import javax.ws.rs.core.MediaType; 030import javax.ws.rs.core.Response; 031import javax.ws.rs.core.Response.Status; 032 033import org.nuxeo.ecm.core.api.DocumentModel; 034import org.nuxeo.ecm.core.api.DocumentModelList; 035import org.nuxeo.ecm.core.api.NuxeoPrincipal; 036import org.nuxeo.ecm.directory.Directory; 037import org.nuxeo.ecm.directory.DirectoryException; 038import org.nuxeo.ecm.directory.Session; 039import org.nuxeo.ecm.directory.api.DirectoryEntry; 040import org.nuxeo.ecm.directory.api.DirectoryService; 041import org.nuxeo.ecm.platform.usermanager.UserManager; 042import org.nuxeo.ecm.webengine.WebException; 043import org.nuxeo.ecm.webengine.model.WebObject; 044import org.nuxeo.ecm.webengine.model.exceptions.WebResourceNotFoundException; 045import org.nuxeo.ecm.webengine.model.exceptions.WebSecurityException; 046import org.nuxeo.ecm.webengine.model.impl.DefaultObject; 047import org.nuxeo.runtime.api.Framework; 048 049/** 050 * @since 5.7.3 051 */ 052@WebObject(type = "directoryObject") 053@Produces(MediaType.APPLICATION_JSON) 054public class DirectoryObject extends DefaultObject { 055 056 private Directory directory; 057 058 @Override 059 protected void initialize(Object... args) { 060 if (args.length < 1) { 061 throw new IllegalArgumentException("Directory Object takes one parameter"); 062 } 063 try { 064 String dirName = (String) args[0]; 065 directory = Framework.getLocalService(DirectoryService.class).getDirectory(dirName); 066 if (directory == null) { 067 throw new WebResourceNotFoundException("Directory " + dirName + " was not found"); 068 } 069 } catch (DirectoryException e) { 070 throw WebException.wrap(e); 071 } 072 } 073 074 @GET 075 public List<DirectoryEntry> getDirectoryEntries() { 076 return withDirectorySession(directory, new DirectorySessionRunner<List<DirectoryEntry>>() { 077 078 @Override 079 List<DirectoryEntry> run(Session session) { 080 DocumentModelList entries = session.getEntries(); 081 List<DirectoryEntry> dirEntries = new ArrayList<>(); 082 for (DocumentModel doc : entries) { 083 dirEntries.add(new DirectoryEntry(directory.getName(), doc)); 084 } 085 return dirEntries; 086 } 087 }); 088 089 } 090 091 @POST 092 public Response addEntry(final DirectoryEntry entry) { 093 checkEditGuards(); 094 DirectoryEntry result = withDirectorySession(directory, new DirectorySessionRunner<DirectoryEntry>() { 095 096 @Override 097 DirectoryEntry run(Session session) { 098 DocumentModel docEntry = session.createEntry(entry.getDocumentModel()); 099 return new DirectoryEntry(directory.getName(), docEntry); 100 } 101 }); 102 103 return Response.ok(result).status(Status.CREATED).build(); 104 } 105 106 void checkEditGuards() { 107 NuxeoPrincipal currentUser = (NuxeoPrincipal) getContext().getCoreSession().getPrincipal(); 108 if (!(currentUser.isAdministrator() || currentUser.isMemberOf("powerusers"))) { 109 throw new WebSecurityException("Not allowed to edit directory"); 110 } 111 112 UserManager um = Framework.getLocalService(UserManager.class); 113 if (directory.getName().equals(um.getUserDirectoryName()) 114 || directory.getName().equals(um.getGroupDirectoryName())) { 115 throw new WebSecurityException( 116 "Not allowed to edit user/group directories, please use user/group endpoints"); 117 } 118 } 119 120 @Path("{entryId}") 121 public Object getEntry(@PathParam("entryId") final String entryId) { 122 123 return withDirectorySession(directory, new DirectorySessionRunner<Object>() { 124 125 @Override 126 Object run(Session session) { 127 DocumentModel entry = session.getEntry(entryId); 128 if (entry == null) { 129 throw new WebResourceNotFoundException("Entry not found"); 130 } 131 return newObject("directoryEntry", new DirectoryEntry(directory.getName(), entry)); 132 } 133 }); 134 135 } 136 137}