@AfterMethod(groups = "slow")
public void afterMethod() throws Exception {
securityApi.logout();
// Make sure we finish in a clean state
assertListenerStatus();
stopTestFramework(testListener, busService, subscriptionBaseService, entitlementService);
}
@TimedResource
@DELETE
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
@Path("/users/{username:"******"}")
@ApiOperation(value = "Invalidate an existing user")
public Response invalidateUser(
@PathParam("username") final String username,
@HeaderParam(HDR_CREATED_BY) final String createdBy,
@HeaderParam(HDR_REASON) final String reason,
@HeaderParam(HDR_COMMENT) final String comment,
@javax.ws.rs.core.Context final HttpServletRequest request,
@javax.ws.rs.core.Context final UriInfo uriInfo)
throws SecurityApiException {
securityApi.invalidateUser(
username, context.createContext(createdBy, reason, comment, request));
return Response.status(Status.NO_CONTENT).build();
}
@TimedResource
@PUT
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
@Path("/users/{username:"******"}/roles")
@ApiOperation(value = "Update roles associated to a user")
public Response updateUserRoles(
final UserRolesJson json,
@PathParam("username") final String username,
@HeaderParam(HDR_CREATED_BY) final String createdBy,
@HeaderParam(HDR_REASON) final String reason,
@HeaderParam(HDR_COMMENT) final String comment,
@javax.ws.rs.core.Context final HttpServletRequest request,
@javax.ws.rs.core.Context final UriInfo uriInfo)
throws SecurityApiException {
securityApi.updateUserRoles(
username, json.getRoles(), context.createContext(createdBy, reason, comment, request));
return Response.status(Status.OK).build();
}
@TimedResource
@GET
@Path("/permissions")
@Produces(APPLICATION_JSON)
@ApiOperation(
value = "List user permissions",
response = String.class,
responseContainer = "List")
@ApiResponses(value = {})
public Response getCurrentUserPermissions(
@javax.ws.rs.core.Context final HttpServletRequest request) {
// The getCurrentUserPermissions takes a TenantContext which is not used because permissions are
// cross tenants (at this point)
final TenantContext nullTenantContext = null;
final Set<Permission> permissions = securityApi.getCurrentUserPermissions(nullTenantContext);
final List<String> json =
ImmutableList.<String>copyOf(
Iterables.<Permission, String>transform(permissions, Functions.toStringFunction()));
return Response.status(Status.OK).entity(json).build();
}
@TimedResource
@POST
@Path("/roles")
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
@ApiOperation(value = "Add a new role definition)")
public Response addRoleDefinition(
final RoleDefinitionJson json,
@HeaderParam(HDR_CREATED_BY) final String createdBy,
@HeaderParam(HDR_REASON) final String reason,
@HeaderParam(HDR_COMMENT) final String comment,
@javax.ws.rs.core.Context final HttpServletRequest request,
@javax.ws.rs.core.Context final UriInfo uriInfo)
throws SecurityApiException {
securityApi.addRoleDefinition(
json.getRole(),
json.getPermissions(),
context.createContext(createdBy, reason, comment, request));
return Response.status(Status.CREATED).build();
}
@TimedResource
@POST
@Path("/users")
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
@ApiOperation(value = "Add a new user with roles (to make api requests)")
public Response addUserRoles(
final UserRolesJson json,
@HeaderParam(HDR_CREATED_BY) final String createdBy,
@HeaderParam(HDR_REASON) final String reason,
@HeaderParam(HDR_COMMENT) final String comment,
@javax.ws.rs.core.Context final HttpServletRequest request,
@javax.ws.rs.core.Context final UriInfo uriInfo)
throws SecurityApiException {
securityApi.addUserRoles(
json.getUsername(),
json.getPassword(),
json.getRoles(),
context.createContext(createdBy, reason, comment, request));
return Response.status(Status.CREATED).build();
}
private void login(final String username) {
securityApi.login(username, "password");
}