use of annis.security.ANNISUserConfigurationManager in project ANNIS by korpling.
the class AdminServiceImpl method deleteGroup.
@DELETE
@Path("groups/{groupName}")
public Response deleteGroup(@PathParam("groupName") String groupName) {
Subject requestingUser = SecurityUtils.getSubject();
requestingUser.checkPermission("admin:write:group");
if (SecurityUtils.getSecurityManager() instanceof ANNISSecurityManager) {
ANNISUserConfigurationManager confManager = getConfManager();
if (confManager != null) {
if (confManager.deleteGroup(groupName)) {
return Response.ok().build();
}
}
}
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Could not delete group").build();
}
use of annis.security.ANNISUserConfigurationManager in project ANNIS by korpling.
the class AdminServiceImpl method listUsers.
@GET
@Path("users")
@Produces("application/xml")
public List<User> listUsers() {
Subject requestingUser = SecurityUtils.getSubject();
requestingUser.checkPermission("admin:read:user");
if (SecurityUtils.getSecurityManager() instanceof ANNISSecurityManager) {
ANNISUserConfigurationManager confManager = getConfManager();
if (confManager != null) {
return confManager.listAllUsers();
}
}
return new LinkedList<>();
}
use of annis.security.ANNISUserConfigurationManager in project ANNIS by korpling.
the class AdminServiceImpl method getUser.
@GET
@Path("users/{userName}")
@Produces("application/xml")
@Override
public User getUser(@PathParam("userName") String userName) {
Subject requestingUser = SecurityUtils.getSubject();
requestingUser.checkPermission("admin:read:user");
ANNISUserConfigurationManager conf = getConfManager();
if (conf != null) {
User u = conf.getUser(userName);
if (u == null) {
throw new WebApplicationException(Response.Status.NOT_FOUND);
}
// remove the password hash from the result, we don't want someone with
// lower adminstration rights to crack it
u.setPasswordHash("");
return u;
}
throw new WebApplicationException(Response.Status.INTERNAL_SERVER_ERROR);
}
use of annis.security.ANNISUserConfigurationManager in project ANNIS by korpling.
the class AdminServiceImpl method deleteUser.
@DELETE
@Path("users/{userName}")
public Response deleteUser(@PathParam("userName") String userName) {
Subject requestingUser = SecurityUtils.getSubject();
requestingUser.checkPermission("admin:write:user");
if (SecurityUtils.getSecurityManager() instanceof ANNISSecurityManager) {
ANNISUserConfigurationManager confManager = getConfManager();
if (confManager != null) {
if (confManager.deleteUser(userName)) {
// also delete any possible user configs
adminDao.deleteUserConfig(userName);
// if no error until here everything went well
return Response.ok().build();
}
}
}
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Could not delete user").build();
}
use of annis.security.ANNISUserConfigurationManager in project ANNIS by korpling.
the class AdminServiceImpl method updateOrCreateGroup.
@PUT
@Path("groups/{groupName}")
@Consumes("application/xml")
public Response updateOrCreateGroup(Group group, @PathParam("groupName") String groupName) {
Subject requestingUser = SecurityUtils.getSubject();
requestingUser.checkPermission("admin:write:group");
if (!groupName.equals(group.getName())) {
return Response.status(Response.Status.BAD_REQUEST).entity("Group name in object is not the same as in path").build();
}
if (SecurityUtils.getSecurityManager() instanceof ANNISSecurityManager) {
ANNISUserConfigurationManager confManager = getConfManager();
if (confManager != null) {
if (confManager.writeGroup(group)) {
return Response.ok().build();
}
}
}
return Response.status(Response.Status.INTERNAL_SERVER_ERROR).entity("Could not update/create group").build();
}
Aggregations