Example 71 with Audit
use of alien4cloud.audit.annotation.Audit in project alien4cloud by alien4cloud.
the class UserController method removeRole.
/**
* Removes a role from a given user.
*
* @param username The unique username of the user from which to remove the role.
* @param role The role to remove to the user.
* @return an empty (void) rest {@link RestResponse}.
*/
@ApiOperation(value = "Remove a role from a user.")
@RequestMapping(value = "/{username}/roles/{role}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public RestResponse<Void> removeRole(@PathVariable String username, @PathVariable String role, HttpServletResponse servletResponse) {
if (username == null || username.isEmpty()) {
return RestResponseBuilder.<Void>builder().error(RestErrorBuilder.builder(RestErrorCode.ILLEGAL_PARAMETER).message("username cannot be null or empty").build()).build();
}
// This checks that the role exists
String goodRoleToAdd = Role.getStringFormatedRole(role);
if (Role.ADMIN.equals(Role.valueOf(role)) && userService.isAdmin(username) && userService.countAdminUser() == 1) {
servletResponse.setStatus(HttpStatus.INTERNAL_SERVER_ERROR.value());
return RestResponseBuilder.<Void>builder().error(RestErrorBuilder.builder(RestErrorCode.DELETE_LAST_ADMIN_ROLE_ERROR).message("It's forbidden to remove the admin role of the last admin user.").build()).build();
}
User user = userService.retrieveUser(username);
String[] roles = user.getRoles();
roles = ArrayUtils.removeElement(roles, goodRoleToAdd);
user.setRoles(roles);
alienUserDao.save(user);
return RestResponseBuilder.<Void>builder().build();
}
Also used :
User(alien4cloud.security.model.User)
Audit(alien4cloud.audit.annotation.Audit)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
Audit (alien4cloud.audit.annotation.Audit)71
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)69
ApiOperation (io.swagger.annotations.ApiOperation)67
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)63
Application (alien4cloud.model.application.Application)27
ApplicationEnvironment (alien4cloud.model.application.ApplicationEnvironment)24
Location (alien4cloud.model.orchestrators.locations.Location)15
List (java.util.List)15
GroupDTO (alien4cloud.rest.orchestrator.model.GroupDTO)11
UserDTO (alien4cloud.rest.orchestrator.model.UserDTO)11
RestResponse (alien4cloud.rest.model.RestResponse)10
RequestMethod (org.springframework.web.bind.annotation.RequestMethod)9
ApplicationEnvironmentService (alien4cloud.application.ApplicationEnvironmentService)7
ResourcePermissionService (alien4cloud.authorization.ResourcePermissionService)7
IGenericSearchDAO (alien4cloud.dao.IGenericSearchDAO)7
DeploymentTopology (alien4cloud.model.deployment.DeploymentTopology)7
RestResponseBuilder (alien4cloud.rest.model.RestResponseBuilder)7
ApplicationEnvironmentAuthorizationDTO (alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)7
ApplicationEnvironmentAuthorizationUpdateRequest (alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)7
Subject (alien4cloud.security.Subject)7
