001/* 002 * (C) Copyright 2013 Nuxeo SA (http://nuxeo.com/) and contributors. 003 * 004 * All rights reserved. This program and the accompanying materials 005 * are made available under the terms of the GNU Lesser General Public License 006 * (LGPL) version 2.1 which accompanies this distribution, and is available at 007 * http://www.gnu.org/licenses/lgpl-2.1.html 008 * 009 * This library is distributed in the hope that it will be useful, 010 * but WITHOUT ANY WARRANTY; without even the implied warranty of 011 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU 012 * Lesser General Public License for more details. 013 * 014 * Contributors: 015 * dmetzler 016 */ 017package org.nuxeo.ecm.restapi.server.jaxrs.directory; 018 019import static org.nuxeo.ecm.restapi.server.jaxrs.directory.DirectorySessionRunner.withDirectorySession; 020 021import java.util.ArrayList; 022import java.util.Collections; 023import java.util.List; 024 025import javax.ws.rs.GET; 026import javax.ws.rs.POST; 027import javax.ws.rs.Path; 028import javax.ws.rs.PathParam; 029import javax.ws.rs.Produces; 030import javax.ws.rs.core.MediaType; 031import javax.ws.rs.core.Response; 032import javax.ws.rs.core.Response.Status; 033 034import org.nuxeo.ecm.core.api.DocumentModel; 035import org.nuxeo.ecm.core.api.DocumentModelList; 036import org.nuxeo.ecm.core.api.NuxeoPrincipal; 037import org.nuxeo.ecm.directory.Directory; 038import org.nuxeo.ecm.directory.DirectoryException; 039import org.nuxeo.ecm.directory.Session; 040import org.nuxeo.ecm.directory.api.DirectoryEntry; 041import org.nuxeo.ecm.directory.api.DirectoryService; 042import org.nuxeo.ecm.platform.usermanager.UserManager; 043import org.nuxeo.ecm.webengine.WebException; 044import org.nuxeo.ecm.webengine.model.WebObject; 045import org.nuxeo.ecm.webengine.model.exceptions.WebResourceNotFoundException; 046import org.nuxeo.ecm.webengine.model.exceptions.WebSecurityException; 047import org.nuxeo.ecm.webengine.model.impl.DefaultObject; 048import org.nuxeo.runtime.api.Framework; 049 050/** 051 * @since 5.7.3 052 */ 053@WebObject(type = "directoryObject") 054@Produces(MediaType.APPLICATION_JSON) 055public class DirectoryObject extends DefaultObject { 056 057 private Directory directory; 058 059 @Override 060 protected void initialize(Object... args) { 061 if (args.length < 1) { 062 throw new IllegalArgumentException("Directory Object takes one parameter"); 063 } 064 try { 065 String dirName = (String) args[0]; 066 directory = Framework.getLocalService(DirectoryService.class).getDirectory(dirName); 067 if (directory == null) { 068 throw new WebResourceNotFoundException("Directory " + dirName + " was not found"); 069 } 070 } catch (DirectoryException e) { 071 throw WebException.wrap(e); 072 } 073 } 074 075 @GET 076 public List<DirectoryEntry> getDirectoryEntries() { 077 return withDirectorySession(directory, new DirectorySessionRunner<List<DirectoryEntry>>() { 078 079 @Override 080 List<DirectoryEntry> run(Session session) { 081 DocumentModelList entries = session.query(Collections.emptyMap()); 082 List<DirectoryEntry> dirEntries = new ArrayList<>(); 083 for (DocumentModel doc : entries) { 084 dirEntries.add(new DirectoryEntry(directory.getName(), doc)); 085 } 086 return dirEntries; 087 } 088 }); 089 090 } 091 092 @POST 093 public Response addEntry(final DirectoryEntry entry) { 094 checkEditGuards(); 095 DirectoryEntry result = withDirectorySession(directory, new DirectorySessionRunner<DirectoryEntry>() { 096 097 @Override 098 DirectoryEntry run(Session session) { 099 DocumentModel docEntry = session.createEntry(entry.getDocumentModel()); 100 return new DirectoryEntry(directory.getName(), docEntry); 101 } 102 }); 103 104 return Response.ok(result).status(Status.CREATED).build(); 105 } 106 107 void checkEditGuards() { 108 NuxeoPrincipal currentUser = (NuxeoPrincipal) getContext().getCoreSession().getPrincipal(); 109 if (!(currentUser.isAdministrator() || currentUser.isMemberOf("powerusers"))) { 110 throw new WebSecurityException("Not allowed to edit directory"); 111 } 112 113 UserManager um = Framework.getLocalService(UserManager.class); 114 if (directory.getName().equals(um.getUserDirectoryName()) 115 || directory.getName().equals(um.getGroupDirectoryName())) { 116 throw new WebSecurityException( 117 "Not allowed to edit user/group directories, please use user/group endpoints"); 118 } 119 } 120 121 @Path("{entryId}") 122 public Object getEntry(@PathParam("entryId") final String entryId) { 123 124 return withDirectorySession(directory, new DirectorySessionRunner<Object>() { 125 126 @Override 127 Object run(Session session) { 128 DocumentModel entry = session.getEntry(entryId); 129 if (entry == null) { 130 throw new WebResourceNotFoundException("Entry not found"); 131 } 132 return newObject("directoryEntry", new DirectoryEntry(directory.getName(), entry)); 133 } 134 }); 135 136 } 137 138}