001/* 002 * (C) Copyright 2013 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * dmetzler 018 */ 019package org.nuxeo.ecm.restapi.server.jaxrs.usermanager; 020 021import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST; 022import static javax.servlet.http.HttpServletResponse.SC_CONFLICT; 023 024import java.util.List; 025 026import javax.ws.rs.Produces; 027import javax.ws.rs.core.MediaType; 028 029import org.nuxeo.ecm.core.api.NuxeoException; 030import org.nuxeo.ecm.core.api.NuxeoPrincipal; 031import org.nuxeo.ecm.platform.query.api.PageProviderDefinition; 032import org.nuxeo.ecm.platform.query.api.PageProviderService; 033import org.nuxeo.ecm.platform.usermanager.UserManager; 034import org.nuxeo.ecm.webengine.model.WebObject; 035import org.nuxeo.runtime.api.Framework; 036 037/** 038 * @since 5.7.3 039 */ 040@WebObject(type = "users") 041@Produces(MediaType.APPLICATION_JSON) 042public class UserRootObject extends AbstractUMRootObject<NuxeoPrincipal> { 043 044 public static final String PAGE_PROVIDER_NAME = "nuxeo_principals_listing"; 045 046 @Override 047 protected NuxeoPrincipal getArtifact(String id) { 048 return um.getPrincipal(id); 049 } 050 051 @Override 052 protected String getArtifactType() { 053 return "user"; 054 } 055 056 @Override 057 protected void checkPrecondition(NuxeoPrincipal principal) { 058 checkCurrentUserCanCreateArtifact(principal); 059 checkPrincipalDoesNotAlreadyExists(principal, um); 060 checkPrincipalHasAName(principal); 061 } 062 063 @Override 064 protected NuxeoPrincipal createArtifact(NuxeoPrincipal principal) { 065 um.createUser(principal.getModel()); 066 return um.getPrincipal(principal.getName()); 067 } 068 069 private void checkPrincipalDoesNotAlreadyExists(NuxeoPrincipal principal, UserManager um) { 070 NuxeoPrincipal user = um.getPrincipal(principal.getName()); 071 if (user != null) { 072 throw new NuxeoException("User already exists", SC_CONFLICT); 073 } 074 } 075 076 private void checkPrincipalHasAName(NuxeoPrincipal principal) { 077 if (principal.getName() == null) { 078 throw new NuxeoException("User MUST have a name", SC_BAD_REQUEST); 079 } 080 } 081 082 @Override 083 boolean isAPowerUserEditableArtifact(NuxeoPrincipal artifact) { 084 return isAPowerUserEditableUser(artifact); 085 } 086 087 static boolean isAPowerUserEditableUser(NuxeoPrincipal user) { 088 UserManager um = Framework.getService(UserManager.class); 089 List<String> adminGroups = um.getAdministratorsGroups(); 090 for (String adminGroup : adminGroups) { 091 if (user.getAllGroups().contains(adminGroup)) { 092 return false; 093 } 094 } 095 return true; 096 } 097 098 @Override 099 protected PageProviderDefinition getPageProviderDefinition() { 100 PageProviderService ppService = Framework.getService(PageProviderService.class); 101 return ppService.getPageProviderDefinition(PAGE_PROVIDER_NAME); 102 } 103 104 @Override 105 protected Object[] getParams() { 106 return new Object[] { query }; 107 } 108 109}