001/* 002 * (C) Copyright 2013 Nuxeo SA (http://nuxeo.com/) and others. 003 * 004 * Licensed under the Apache License, Version 2.0 (the "License"); 005 * you may not use this file except in compliance with the License. 006 * You may obtain a copy of the License at 007 * 008 * http://www.apache.org/licenses/LICENSE-2.0 009 * 010 * Unless required by applicable law or agreed to in writing, software 011 * distributed under the License is distributed on an "AS IS" BASIS, 012 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. 013 * See the License for the specific language governing permissions and 014 * limitations under the License. 015 * 016 * Contributors: 017 * dmetzler 018 */ 019package org.nuxeo.ecm.restapi.server.jaxrs.directory; 020 021import static org.nuxeo.ecm.restapi.server.jaxrs.directory.DirectorySessionRunner.withDirectorySession; 022 023import java.util.ArrayList; 024import java.util.Collections; 025import java.util.List; 026 027import javax.ws.rs.GET; 028import javax.ws.rs.POST; 029import javax.ws.rs.Path; 030import javax.ws.rs.PathParam; 031import javax.ws.rs.Produces; 032import javax.ws.rs.core.MediaType; 033import javax.ws.rs.core.Response; 034import javax.ws.rs.core.Response.Status; 035 036import org.nuxeo.ecm.core.api.DocumentModel; 037import org.nuxeo.ecm.core.api.DocumentModelList; 038import org.nuxeo.ecm.core.api.NuxeoPrincipal; 039import org.nuxeo.ecm.directory.Directory; 040import org.nuxeo.ecm.directory.DirectoryException; 041import org.nuxeo.ecm.directory.Session; 042import org.nuxeo.ecm.directory.api.DirectoryEntry; 043import org.nuxeo.ecm.directory.api.DirectoryService; 044import org.nuxeo.ecm.platform.usermanager.UserManager; 045import org.nuxeo.ecm.webengine.WebException; 046import org.nuxeo.ecm.webengine.model.WebObject; 047import org.nuxeo.ecm.webengine.model.exceptions.WebResourceNotFoundException; 048import org.nuxeo.ecm.webengine.model.exceptions.WebSecurityException; 049import org.nuxeo.ecm.webengine.model.impl.DefaultObject; 050import org.nuxeo.runtime.api.Framework; 051 052/** 053 * @since 5.7.3 054 */ 055@WebObject(type = "directoryObject") 056@Produces(MediaType.APPLICATION_JSON) 057public class DirectoryObject extends DefaultObject { 058 059 private Directory directory; 060 061 @Override 062 protected void initialize(Object... args) { 063 if (args.length < 1) { 064 throw new IllegalArgumentException("Directory Object takes one parameter"); 065 } 066 try { 067 String dirName = (String) args[0]; 068 directory = Framework.getLocalService(DirectoryService.class).getDirectory(dirName); 069 if (directory == null) { 070 throw new WebResourceNotFoundException("Directory " + dirName + " was not found"); 071 } 072 } catch (DirectoryException e) { 073 throw WebException.wrap(e); 074 } 075 } 076 077 @GET 078 public List<DirectoryEntry> getDirectoryEntries() { 079 return withDirectorySession(directory, new DirectorySessionRunner<List<DirectoryEntry>>() { 080 081 @Override 082 List<DirectoryEntry> run(Session session) { 083 DocumentModelList entries = session.query(Collections.emptyMap()); 084 List<DirectoryEntry> dirEntries = new ArrayList<>(); 085 for (DocumentModel doc : entries) { 086 dirEntries.add(new DirectoryEntry(directory.getName(), doc)); 087 } 088 return dirEntries; 089 } 090 }); 091 092 } 093 094 @POST 095 public Response addEntry(final DirectoryEntry entry) { 096 checkEditGuards(); 097 DirectoryEntry result = withDirectorySession(directory, new DirectorySessionRunner<DirectoryEntry>() { 098 099 @Override 100 DirectoryEntry run(Session session) { 101 DocumentModel docEntry = session.createEntry(entry.getDocumentModel()); 102 return new DirectoryEntry(directory.getName(), docEntry); 103 } 104 }); 105 106 return Response.ok(result).status(Status.CREATED).build(); 107 } 108 109 void checkEditGuards() { 110 NuxeoPrincipal currentUser = (NuxeoPrincipal) getContext().getCoreSession().getPrincipal(); 111 if (!(currentUser.isAdministrator() || currentUser.isMemberOf("powerusers"))) { 112 throw new WebSecurityException("Not allowed to edit directory"); 113 } 114 115 UserManager um = Framework.getLocalService(UserManager.class); 116 if (directory.getName().equals(um.getUserDirectoryName()) 117 || directory.getName().equals(um.getGroupDirectoryName())) { 118 throw new WebSecurityException( 119 "Not allowed to edit user/group directories, please use user/group endpoints"); 120 } 121 } 122 123 @Path("{entryId}") 124 public Object getEntry(@PathParam("entryId") final String entryId) { 125 126 return withDirectorySession(directory, new DirectorySessionRunner<Object>() { 127 128 @Override 129 Object run(Session session) { 130 DocumentModel entry = session.getEntry(entryId); 131 if (entry == null) { 132 throw new WebResourceNotFoundException("Entry not found"); 133 } 134 return newObject("directoryEntry", new DirectoryEntry(directory.getName(), entry), entryId); 135 } 136 }); 137 138 } 139 140}