ManageSuperUserResource xref

View Javadoc

1   /*
2    * Copyright (C) 2017-2019 Centre National d'Etudes Spatiales (CNES).
3    *
4    * This library is free software; you can redistribute it and/or
5    * modify it under the terms of the GNU Lesser General Public
6    * License as published by the Free Software Foundation; either
7    * version 3.0 of the License, or (at your option) any later version.
8    *
9    * This library is distributed in the hope that it will be useful,
10   * but WITHOUT ANY WARRANTY; without even the implied warranty of
11   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the GNU
12   * Lesser General Public License for more details.
13   *
14   * You should have received a copy of the GNU Lesser General Public
15   * License along with this library; if not, write to the Free Software
16   * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston,
17   * MA 02110-1301  USA
18   */
19  package fr.cnes.doi.resource.admin;
20  
21  import org.apache.logging.log4j.Logger;
22  import org.restlet.resource.Delete;
23  import org.restlet.resource.Get;
24  import org.restlet.resource.ResourceException;
25  
26  import fr.cnes.doi.application.AdminApplication;
27  import static fr.cnes.doi.application.AdminApplication.USERS_NAME_TEMPLATE;
28  import fr.cnes.doi.db.AbstractUserRoleDBHelper;
29  import fr.cnes.doi.plugin.PluginFactory;
30  import fr.cnes.doi.resource.AbstractResource;
31  import fr.cnes.doi.security.RoleAuthorizer;
32  import org.apache.logging.log4j.Level;
33  import org.restlet.data.Method;
34  import org.restlet.data.Status;
35  import org.restlet.ext.wadl.MethodInfo;
36  import org.restlet.ext.wadl.ParameterStyle;
37  
38  /**
39   * Provide a resource to ask if a user belong to the super user group and
40   * another one to remove a user from the super user group.
41   */
42  public class ManageSuperUserResource extends AbstractResource {
43  
44      /**
45       * Logger.
46       */
47      private volatile Logger LOG;
48  
49      /**
50       * User name.
51       */
52      private volatile String userName;
53  
54      /**
55       * Set-up method that can be overridden in order to initialize the state of
56       * the resource.
57       *
58       * @throws ResourceException - if a problem happens
59       */
60      @Override
61      protected void doInit() throws ResourceException {
62          super.doInit();
63          final AdminApplication app = (AdminApplication) getApplication();
64          LOG = app.getLog();
65          LOG.traceEntry();
66          this.userName = getAttribute(USERS_NAME_TEMPLATE);
67          LOG.debug(this.userName);
68          setDescription("This resource handles super user");
69          LOG.traceExit();
70      }
71  
72      // TODO requirement
73      /**
74       * Returns null is user doesn't exist otherwise return true or false if user
75       * is admin or not.
76       *
77       * @return boolean.
78       */
79      @Get
80      public boolean isUserExistAndAdmin() {
81          LOG.traceEntry();
82          final AbstractUserRoleDBHelper manageUsers = PluginFactory.getUserManagement();
83          if (!manageUsers.isUserExist(userName)) {
84              throw LOG.throwing(Level.ERROR, new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST,
85                      "The user " + userName + " does not exist"));
86          }
87          return LOG.traceExit(isInRole(RoleAuthorizer.ROLE_ADMIN));
88      }
89  
90      // TODO requirement
91      /**
92       * Delete the SUPERUSER from database.
93       *
94       */
95      // @Requirement(reqId = Requirement.DOI_SRV_140, reqName =
96      // Requirement.DOI_SRV_140_NAME)
97      @Delete
98      public void deleteSuperUser() {
99          LOG.traceEntry();
100         final AbstractUserRoleDBHelper manageUsers = PluginFactory.getUserManagement();
101         if (manageUsers.unsetUserFromAdminGroup(userName)) {
102             setStatus(Status.SUCCESS_NO_CONTENT);
103         } else {
104             throw LOG.throwing(new ResourceException(
105                     Status.CLIENT_ERROR_BAD_REQUEST, "Can't delete super user " + userName));
106         }
107         LOG.traceExit();
108     }
109 
110     @Override
111     protected void describeGet(final MethodInfo info) {
112         info.setName(Method.GET);
113         info.setDocumentation("Checks if the user is admin");
114         addRequestDocToMethod(info, createQueryParamDoc(
115                 USERS_NAME_TEMPLATE, ParameterStyle.TEMPLATE,
116                 "user name", true, "xs:string")
117         );
118         addResponseDocToMethod(info, createResponseDoc(
119                 Status.SUCCESS_NO_CONTENT, "Operation successful with true or false",
120                 stringRepresentation())
121         );
122 
123         addResponseDocToMethod(info, createResponseDoc(
124                 Status.CLIENT_ERROR_BAD_REQUEST, "The user does not exist",
125                 htmlRepresentation())
126         );
127     }
128 
129     @Override
130     protected void describeDelete(final MethodInfo info) {
131         info.setName(Method.DELETE);
132         info.setDocumentation("Delete a project");
133         addRequestDocToMethod(info, createQueryParamDoc(
134                 USERS_NAME_TEMPLATE, ParameterStyle.TEMPLATE,
135                 "user name", true, "xs:string")
136         );
137         addResponseDocToMethod(info, createResponseDoc(
138                 Status.SUCCESS_NO_CONTENT, "Operation successful",
139                 stringRepresentation())
140         );
141 
142         addResponseDocToMethod(info, createResponseDoc(
143                 Status.CLIENT_ERROR_BAD_REQUEST, "Cannot delete super user",
144                 htmlRepresentation())
145         );
146     }
147 
148 }