001/* 002 * (C) Copyright 2013 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * dmetzler 018 */ 019package org.nuxeo.ecm.restapi.server.jaxrs.directory; 020 021import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST; 022import static org.nuxeo.ecm.restapi.server.jaxrs.directory.DirectorySessionRunner.withDirectorySession; 023 024import java.util.List; 025 026import javax.ws.rs.GET; 027import javax.ws.rs.POST; 028import javax.ws.rs.Path; 029import javax.ws.rs.PathParam; 030import javax.ws.rs.Produces; 031import javax.ws.rs.core.MediaType; 032import javax.ws.rs.core.Response; 033import javax.ws.rs.core.Response.Status; 034 035import org.nuxeo.ecm.core.api.DocumentModel; 036import org.nuxeo.ecm.core.api.NuxeoException; 037import org.nuxeo.ecm.core.api.NuxeoPrincipal; 038import org.nuxeo.ecm.directory.Directory; 039import org.nuxeo.ecm.directory.Session; 040import org.nuxeo.ecm.directory.api.DirectoryEntry; 041import org.nuxeo.ecm.directory.api.DirectoryService; 042import org.nuxeo.ecm.platform.query.api.PageProviderDefinition; 043import org.nuxeo.ecm.platform.query.api.PageProviderService; 044import org.nuxeo.ecm.platform.usermanager.UserManager; 045import org.nuxeo.ecm.restapi.server.jaxrs.PaginableObject; 046import org.nuxeo.ecm.webengine.model.WebObject; 047import org.nuxeo.ecm.webengine.model.exceptions.WebResourceNotFoundException; 048import org.nuxeo.ecm.webengine.model.exceptions.WebSecurityException; 049import org.nuxeo.runtime.api.Framework; 050 051/** 052 * @since 5.7.3 053 */ 054@WebObject(type = "directoryObject") 055@Produces(MediaType.APPLICATION_JSON) 056public class DirectoryObject extends PaginableObject<DirectoryEntry> { 057 058 public static final String PAGE_PROVIDER_NAME = "nuxeo_directory_entry_listing"; 059 060 private Directory directory; 061 062 @Override 063 protected void initialize(Object... args) { 064 super.initialize(args); 065 if (args.length < 1) { 066 throw new IllegalArgumentException("Directory Object takes one parameter"); 067 } 068 String dirName = (String) args[0]; 069 directory = Framework.getService(DirectoryService.class).getDirectory(dirName); 070 if (directory == null) { 071 throw new WebResourceNotFoundException("Directory " + dirName + " was not found"); 072 } 073 } 074 075 @Override 076 protected PageProviderDefinition getPageProviderDefinition() { 077 PageProviderService pageProviderService = Framework.getService(PageProviderService.class); 078 return pageProviderService.getPageProviderDefinition(PAGE_PROVIDER_NAME); 079 } 080 081 @Override 082 protected Object[] getParams() { 083 return new Object[] { directory }; 084 } 085 086 @GET 087 public List<DirectoryEntry> getDirectoryEntries() { 088 return getPaginableEntries(); 089 } 090 091 @POST 092 public Response addEntry(final DirectoryEntry entry) { 093 checkEditGuards(); 094 DirectoryEntry result = withDirectorySession(directory, new DirectorySessionRunner<>() { 095 096 @Override 097 DirectoryEntry run(Session session) { 098 DocumentModel docEntry = session.createEntry(entry.getDocumentModel()); 099 return new DirectoryEntry(directory.getName(), docEntry); 100 } 101 }); 102 103 return Response.ok(result).status(Status.CREATED).build(); 104 } 105 106 void checkEditGuards() { 107 NuxeoPrincipal currentUser = getContext().getCoreSession().getPrincipal(); 108 if (!(currentUser.isAdministrator() || currentUser.isMemberOf("powerusers"))) { 109 throw new WebSecurityException("Not allowed to edit directory"); 110 } 111 112 UserManager um = Framework.getService(UserManager.class); 113 if (directory.getName().equals(um.getUserDirectoryName()) 114 || directory.getName().equals(um.getGroupDirectoryName())) { 115 throw new NuxeoException("Not allowed to edit user/group directories, please use user/group endpoints", 116 SC_BAD_REQUEST); 117 } 118 } 119 120 @Path("{entryId:((?:(?!/@).)*)}") 121 public Object getEntry(@PathParam("entryId") final String entryId) { 122 return withDirectorySession(directory, new DirectorySessionRunner<>() { 123 124 @Override 125 Object run(Session session) { 126 DocumentModel entry = session.getEntry(entryId); 127 if (entry == null) { 128 throw new WebResourceNotFoundException("Entry not found"); 129 } 130 return newObject("directoryEntry", new DirectoryEntry(directory.getName(), entry), entryId); 131 } 132 }); 133 134 } 135 136}