Source code

001/*
002 * (C) Copyright 2013 Nuxeo SA (http://nuxeo.com/) and others.
003 *
004 * Licensed under the Apache License, Version 2.0 (the "License");
005 * you may not use this file except in compliance with the License.
006 * You may obtain a copy of the License at
007 *
008 *     http://www.apache.org/licenses/LICENSE-2.0
009 *
010 * Unless required by applicable law or agreed to in writing, software
011 * distributed under the License is distributed on an "AS IS" BASIS,
012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
013 * See the License for the specific language governing permissions and
014 * limitations under the License.
015 *
016 * Contributors:
017 *     dmetzler
018 */
019package org.nuxeo.ecm.restapi.server.jaxrs.directory;
020
021import static javax.servlet.http.HttpServletResponse.SC_BAD_REQUEST;
022import static org.nuxeo.ecm.restapi.server.jaxrs.directory.DirectorySessionRunner.withDirectorySession;
023
024import java.util.ArrayList;
025import java.util.Collections;
026import java.util.List;
027
028import javax.ws.rs.GET;
029import javax.ws.rs.POST;
030import javax.ws.rs.Path;
031import javax.ws.rs.PathParam;
032import javax.ws.rs.Produces;
033import javax.ws.rs.core.MediaType;
034import javax.ws.rs.core.Response;
035import javax.ws.rs.core.Response.Status;
036
037import org.nuxeo.ecm.core.api.DocumentModel;
038import org.nuxeo.ecm.core.api.DocumentModelList;
039import org.nuxeo.ecm.core.api.NuxeoException;
040import org.nuxeo.ecm.core.api.NuxeoPrincipal;
041import org.nuxeo.ecm.directory.Directory;
042import org.nuxeo.ecm.directory.Session;
043import org.nuxeo.ecm.directory.api.DirectoryEntry;
044import org.nuxeo.ecm.directory.api.DirectoryService;
045import org.nuxeo.ecm.platform.query.api.PageProviderDefinition;
046import org.nuxeo.ecm.platform.query.api.PageProviderService;
047import org.nuxeo.ecm.platform.usermanager.UserManager;
048import org.nuxeo.ecm.restapi.server.jaxrs.PaginableObject;
049import org.nuxeo.ecm.webengine.model.WebObject;
050import org.nuxeo.ecm.webengine.model.exceptions.WebResourceNotFoundException;
051import org.nuxeo.ecm.webengine.model.exceptions.WebSecurityException;
052import org.nuxeo.ecm.webengine.model.impl.DefaultObject;
053import org.nuxeo.runtime.api.Framework;
054
055/**
056 * @since 5.7.3
057 */
058@WebObject(type = "directoryObject")
059@Produces(MediaType.APPLICATION_JSON)
060public class DirectoryObject extends PaginableObject<DirectoryEntry> {
061
062    public static final String PAGE_PROVIDER_NAME = "nuxeo_directory_entry_listing";
063
064    private Directory directory;
065
066    @Override
067    protected void initialize(Object... args) {
068        super.initialize(args);
069        if (args.length < 1) {
070            throw new IllegalArgumentException("Directory Object takes one parameter");
071        }
072        String dirName = (String) args[0];
073        directory = Framework.getService(DirectoryService.class).getDirectory(dirName);
074        if (directory == null) {
075            throw new WebResourceNotFoundException("Directory " + dirName + " was not found");
076        }
077    }
078
079    @Override
080    protected PageProviderDefinition getPageProviderDefinition() {
081        PageProviderService pageProviderService = Framework.getService(PageProviderService.class);
082        return pageProviderService.getPageProviderDefinition(PAGE_PROVIDER_NAME);
083    }
084
085    @Override
086    protected Object[] getParams() {
087        return new Object[] { directory };
088    }
089
090    @GET
091    public List<DirectoryEntry> getDirectoryEntries() {
092        return getPaginableEntries();
093    }
094
095    @POST
096    public Response addEntry(final DirectoryEntry entry) {
097        checkEditGuards();
098        DirectoryEntry result = withDirectorySession(directory, new DirectorySessionRunner<DirectoryEntry>() {
099
100            @Override
101            DirectoryEntry run(Session session) {
102                DocumentModel docEntry = session.createEntry(entry.getDocumentModel());
103                return new DirectoryEntry(directory.getName(), docEntry);
104            }
105        });
106
107        return Response.ok(result).status(Status.CREATED).build();
108    }
109
110    void checkEditGuards() {
111        NuxeoPrincipal currentUser = getContext().getCoreSession().getPrincipal();
112        if (!(currentUser.isAdministrator() || currentUser.isMemberOf("powerusers"))) {
113            throw new WebSecurityException("Not allowed to edit directory");
114        }
115
116        UserManager um = Framework.getService(UserManager.class);
117        if (directory.getName().equals(um.getUserDirectoryName())
118                || directory.getName().equals(um.getGroupDirectoryName())) {
119            throw new NuxeoException("Not allowed to edit user/group directories, please use user/group endpoints",
120                    SC_BAD_REQUEST);
121        }
122    }
123
124    @Path("{entryId:((?:(?!/@).)*)}")
125    public Object getEntry(@PathParam("entryId") final String entryId) {
126        return withDirectorySession(directory, new DirectorySessionRunner<Object>() {
127
128            @Override
129            Object run(Session session) {
130                DocumentModel entry = session.getEntry(entryId);
131                if (entry == null) {
132                    throw new WebResourceNotFoundException("Entry not found");
133                }
134                return newObject("directoryEntry", new DirectoryEntry(directory.getName(), entry), entryId);
135            }
136        });
137
138    }
139
140}