Example 1 with PermissionEditRequest
use of org.graylog2.rest.models.users.requests.PermissionEditRequest in project graylog2-server by Graylog2.
the class UsersResource method editPermissions.
@PUT
@Path("{username}/permissions")
@RequiresPermissions(RestPermissions.USERS_PERMISSIONSEDIT)
@ApiOperation("Update a user's permission set.")
@ApiResponses({ @ApiResponse(code = 400, message = "Missing or invalid permission data.") })
@AuditEvent(type = AuditEventTypes.USER_PERMISSIONS_UPDATE)
public void editPermissions(@ApiParam(name = "username", value = "The name of the user to modify.", required = true) @PathParam("username") String username, @ApiParam(name = "JSON body", value = "The list of permissions to assign to the user.", required = true) @Valid @NotNull PermissionEditRequest permissionRequest) throws ValidationException {
final User user = userService.load(username);
if (user == null) {
throw new NotFoundException("Couldn't find user " + username);
}
user.setPermissions(getEffectiveUserPermissions(user, permissionRequest.permissions()));
userService.save(user);
}
Also used :
User(org.graylog2.plugin.database.users.User)
NotFoundException(javax.ws.rs.NotFoundException)
Path(javax.ws.rs.Path)
RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions)
ApiOperation(io.swagger.annotations.ApiOperation)
AuditEvent(org.graylog2.audit.jersey.AuditEvent)
PUT(javax.ws.rs.PUT)
ApiResponses(io.swagger.annotations.ApiResponses)
Aggregations
ApiOperation (io.swagger.annotations.ApiOperation)1
ApiResponses (io.swagger.annotations.ApiResponses)1
NotFoundException (javax.ws.rs.NotFoundException)1
PUT (javax.ws.rs.PUT)1
Path (javax.ws.rs.Path)1
RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)1
AuditEvent (org.graylog2.audit.jersey.AuditEvent)1
User (org.graylog2.plugin.database.users.User)1
