001/*
002 * (C) Copyright 2013 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     dmetzler
018 */
019package org.nuxeo.ecm.restapi.server.jaxrs.directory;
020
021import static org.nuxeo.ecm.restapi.server.jaxrs.directory.DirectorySessionRunner.withDirectorySession;
022
023import java.util.ArrayList;
024import java.util.Collections;
025import java.util.List;
026
027import javax.ws.rs.GET;
028import javax.ws.rs.POST;
029import javax.ws.rs.Path;
030import javax.ws.rs.PathParam;
031import javax.ws.rs.Produces;
032import javax.ws.rs.core.MediaType;
033import javax.ws.rs.core.Response;
034import javax.ws.rs.core.Response.Status;
035
036import org.nuxeo.ecm.core.api.DocumentModel;
037import org.nuxeo.ecm.core.api.DocumentModelList;
038import org.nuxeo.ecm.core.api.NuxeoPrincipal;
039import org.nuxeo.ecm.directory.Directory;
040import org.nuxeo.ecm.directory.DirectoryException;
041import org.nuxeo.ecm.directory.Session;
042import org.nuxeo.ecm.directory.api.DirectoryEntry;
043import org.nuxeo.ecm.directory.api.DirectoryService;
044import org.nuxeo.ecm.platform.usermanager.UserManager;
045import org.nuxeo.ecm.webengine.WebException;
046import org.nuxeo.ecm.webengine.model.WebObject;
047import org.nuxeo.ecm.webengine.model.exceptions.WebResourceNotFoundException;
048import org.nuxeo.ecm.webengine.model.exceptions.WebSecurityException;
049import org.nuxeo.ecm.webengine.model.impl.DefaultObject;
050import org.nuxeo.runtime.api.Framework;
051
052/**
053 * @since 5.7.3
054 */
055@WebObject(type = "directoryObject")
056@Produces(MediaType.APPLICATION_JSON)
057public class DirectoryObject extends DefaultObject {
058
059    private Directory directory;
060
061    @Override
062    protected void initialize(Object... args) {
063        if (args.length < 1) {
064            throw new IllegalArgumentException("Directory Object takes one parameter");
065        }
066        try {
067            String dirName = (String) args[0];
068            directory = Framework.getLocalService(DirectoryService.class).getDirectory(dirName);
069            if (directory == null) {
070                throw new WebResourceNotFoundException("Directory " + dirName + " was not found");
071            }
072        } catch (DirectoryException e) {
073            throw WebException.wrap(e);
074        }
075    }
076
077    @GET
078    public List<DirectoryEntry> getDirectoryEntries() {
079        return withDirectorySession(directory, new DirectorySessionRunner<List<DirectoryEntry>>() {
080
081            @Override
082            List<DirectoryEntry> run(Session session) {
083                DocumentModelList entries = session.query(Collections.emptyMap());
084                List<DirectoryEntry> dirEntries = new ArrayList<>();
085                for (DocumentModel doc : entries) {
086                    dirEntries.add(new DirectoryEntry(directory.getName(), doc));
087                }
088                return dirEntries;
089            }
090        });
091
092    }
093
094    @POST
095    public Response addEntry(final DirectoryEntry entry) {
096        checkEditGuards();
097        DirectoryEntry result = withDirectorySession(directory, new DirectorySessionRunner<DirectoryEntry>() {
098
099            @Override
100            DirectoryEntry run(Session session) {
101                DocumentModel docEntry = session.createEntry(entry.getDocumentModel());
102                return new DirectoryEntry(directory.getName(), docEntry);
103            }
104        });
105
106        return Response.ok(result).status(Status.CREATED).build();
107    }
108
109    void checkEditGuards() {
110        NuxeoPrincipal currentUser = (NuxeoPrincipal) getContext().getCoreSession().getPrincipal();
111        if (!(currentUser.isAdministrator() || currentUser.isMemberOf("powerusers"))) {
112            throw new WebSecurityException("Not allowed to edit directory");
113        }
114
115        UserManager um = Framework.getLocalService(UserManager.class);
116        if (directory.getName().equals(um.getUserDirectoryName())
117                || directory.getName().equals(um.getGroupDirectoryName())) {
118            throw new WebSecurityException(
119                    "Not allowed to edit user/group directories, please use user/group endpoints");
120        }
121    }
122
123    @Path("{entryId}")
124    public Object getEntry(@PathParam("entryId") final String entryId) {
125
126        return withDirectorySession(directory, new DirectorySessionRunner<Object>() {
127
128            @Override
129            Object run(Session session) {
130                DocumentModel entry = session.getEntry(entryId);
131                if (entry == null) {
132                    throw new WebResourceNotFoundException("Entry not found");
133                }
134                return newObject("directoryEntry", new DirectoryEntry(directory.getName(), entry));
135            }
136        });
137
138    }
139
140}