@GET
@Path("{provider}/{id}")
@Produces("application/json")
public Json getUserJson(
@PathParam(value = "provider") String provider, @PathParam(value = "id") String id) {
UserProvider providerImpl = provider(provider);
if (providerImpl == null) return ko("Unknown realm " + provider);
return prepareReturn(providerImpl.get(id));
}
/**
* Searches a user by ID. If multiple realms are configured, each will be tried according to their
* ordinal number configuration. Only the first found is returned.
*/
public Json searchUserById(String id) {
if (id == null || id.length() == 0) return Json.array();
for (String providerName : orderedProviders()) {
UserProvider P = provider(providerName);
Json user = P.get(id);
if (!user.isNull()) return user;
}
return Json.nil();
}
/**
* Retrieve full user information given a user id (a.k.a. username). If there are multiple user
* backing stores configured, information from each will be aggregated. The provider with the
* highest priority will be used to provide based information, but then each separate provider is
* added as a property.
*
* <p>For example, if you have an LDAP provider called "ldap" and a databse provider called "db",
* with the ldap provider being the default (high priority), you would get something that looks
* like <code>{ "hasUsername":id, "FirstName":"John",
* "ldap":{...all LDAP user attributes }, "db":{ all DB user attributes}}</code>
*
* @param id
* @return
*/
@GET
@Path("{id}")
@Produces("application/json")
public Json getUserById(@PathParam("id") String id) {
Json user = Json.object("userid", id);
List<String> plist = orderedProviders();
for (String providerName : plist) {
UserProvider P = provider(providerName);
P.populate(user);
}
return ok().set("profile", prepareReturn(user));
}
/**
* This is a general method to retrieve information about a particular user. Because it's
* expensive to fill out all information we can get about a user, the request is a more complex
* object that specifies what is to be provided. In this way, a client can request all that is
* needed and only that which is needed in a single network round-trip.
*
* <p>The basic profile (first name, email etc.) is returned regardless. Here are the expected
* properties of the JSON <code>request</code> parameter that control what else is returned:
*
* <ul>
* <li>username - mandatory...of course
* <li>groups - true/false whether to include the list of groups the user belongs to
* <li>access - true/false whether to include the access policies for this user
* </ul>
*
* @param request
* @return
*/
@POST
@Path("/profile")
public Json userProfile(Json request) {
try {
if (!request.isObject() || !request.has("username")) return ko("bad request.");
if (!request.has("provider") || request.is("provider", ""))
request.set("provider", desc.at("authenticatesWith").at("hasName"));
UserProvider providerImpl = provider(request.at("provider").asString());
Json profile = providerImpl.get(request.at("username").asString());
if (profile.isNull()) return ko("No profile");
if (request.is("groups", true) || request.is("access", true))
profile.set("groups", providerImpl.findGroups(request.at("username").asString()));
if (request.is("access", true))
profile.set("access", getAccessPolicies(profile.at("groups")));
return ok().set("profile", prepareReturn(profile));
} catch (Throwable t) {
if (!"unavailable"
.equals(t.getMessage())) // error would have already been reported in the logs
t.printStackTrace(System.err);
return ko(t.getMessage());
}
}
public Json searchProvider(String name, Json prototype, int maxResults) {
UserProvider provider = provider(name);
if (provider == null) throw new RuntimeException("Unknown user realm " + name);
return provider.find(prototype, maxResults);
}