/** @see AccessControlManager#storeUser(User). */
@POST
@Path("/user/store")
@Produces(MediaType.APPLICATION_XML)
public void storeUser(
@FormParam("login") String authEmail,
@FormParam("login-pwd") String authPassword,
@FormParam("email") String email,
@FormParam("name") String name,
@FormParam("surname") String surname,
@FormParam("password") String userPassword,
@FormParam("notes") String notes,
@FormParam("role") String role,
@FormParam("secret") String apiPassword) {
AccessControlManager mgr = getAccessControlManager(authEmail, authPassword, null);
mgr.storeUser(
new User(
email,
name,
surname,
userPassword,
notes,
Role.valueOf(StringUtils.upperCase(role)),
apiPassword));
mgr.close();
}
/** @see AccessControlManager#storeUserFromXml(java.io.Reader). */
@POST
@Path("/user/store/from-xml")
@Produces(MediaType.APPLICATION_XML)
public void storeUserFromXml(
@FormParam("login") String authEmail,
@FormParam("login-pwd") String authPassword,
@FormParam("user-xml") String userXml) {
AccessControlManager mgr = getAccessControlManager(authEmail, authPassword, null);
mgr.storeUserFromXml(new StringReader(userXml));
mgr.close();
}
/** @see AccessControlManager#getUser(String). */
@POST
@Path("/user/get")
@Produces(MediaType.APPLICATION_XML)
public User getUser(
@FormParam("login") String authEmail,
@FormParam("login-pwd") String authPassword,
@FormParam("login-secret") String authApiPassword,
@FormParam("email") String email) {
AccessControlManager mgr = getAccessControlManager(authEmail, authPassword, authApiPassword);
User result = mgr.getUser(email);
mgr.close();
return result;
}
/** @see AccessControlManager#setEntitiesVisibility(String, String, String...). */
@POST
@Path("/visibility/entity/set")
@Produces(MediaType.APPLICATION_XML)
public void setEntitiesVisibility(
@FormParam("login") String authEmail,
@FormParam("login-secret") String authApiPassword,
@FormParam("public-flag") String publicFlagStr,
@FormParam("release-date") String releaseDateStr,
@FormParam("entity") List<String> entityIds) {
AccessControlManager mgr = getAccessControlManager(authEmail, null, authApiPassword);
mgr.setEntitiesVisibility(publicFlagStr, releaseDateStr, entityIds.toArray(new String[0]));
mgr.close();
}
/**
* @see AccessControlManager#deleteUser(String).
* @return a boolean in the form of a string, cause Jersey doesn't like other types very much.
*/
@POST
@Path("/user/delete")
@Produces(MediaType.APPLICATION_XML)
public String deleteUser(
@FormParam("login") String authEmail,
@FormParam("login-pwd") String authPassword,
@FormParam("login-secret") String authApiPassword,
@FormParam("email") String email) {
AccessControlManager mgr = getAccessControlManager(authEmail, authPassword, authApiPassword);
boolean result = mgr.deleteUser(email);
mgr.close();
return String.valueOf(result);
}
/** @see AccessControlManager#setUserRole(String, Role). */
@POST
@Path("/user/role/set")
@Produces(MediaType.APPLICATION_XML)
public void setUserRole(
@FormParam("login") String authEmail,
@FormParam("login-pwd") String authPassword,
@FormParam("login-secret") String authApiPassword,
@FormParam("email") String email,
@FormParam("role") String role) {
AccessControlManager mgr = getAccessControlManager(authEmail, authPassword, authApiPassword);
mgr.setUserRole(email, Role.valueOf(StringUtils.upperCase(role)));
mgr.close();
}
/**
* @see AccessControlManager#setServiceCollectionsVisibility(String, String, boolean, String...).
*/
@POST
@Path("/visibility/service-collection/set")
@Produces(MediaType.APPLICATION_XML)
public void setServiceCollectionVisibility(
@FormParam("login") String authEmail,
@FormParam("login-secret") String authApiPassword,
@FormParam("public-flag") String publicFlagStr,
@FormParam("release-date") String releaseDateStr,
@FormParam("cascade") boolean cascade,
@FormParam("service-coll") List<String> serviceCollNames) {
AccessControlManager mgr = getAccessControlManager(authEmail, null, authApiPassword);
mgr.setServiceCollectionsVisibility(
publicFlagStr, releaseDateStr, cascade, serviceCollNames.toArray(new String[0]));
mgr.close();
}
/**
* Performs {@link AccessControlManager#setAuthenticationCredentials(String, String)} or {@link
* AccessControlManager#setFullAuthenticationCredentials(String, String)}, depending on whether
* the authPassword or authApiPassword parameter is specified.
*
* <p>TODO: auth requests should be factorised to an Access service (they're not used by other WS
* requests). TODO: it's being done in an inefficient way (authentication done twice).
*/
@POST
@Path("/login")
@Produces(MediaType.APPLICATION_XML)
public User setAuthenticationCredentials(
@FormParam("login") String authEmail,
@FormParam("login-pwd") String authPassword,
@FormParam("login-secret") String authApiPassword)
throws SecurityException {
AccessControlManager mgr = getAccessControlManager(authEmail, authPassword, authApiPassword);
User result =
authPassword == null
? mgr.setAuthenticationCredentials(authEmail, authApiPassword)
: mgr.setFullAuthenticationCredentials(authEmail, authPassword);
mgr.close();
return result;
}