Search in sources :

Example 1 with PermissionEditRequest

use of org.graylog2.rest.models.users.requests.PermissionEditRequest in project graylog2-server by Graylog2.

the class UsersResource method editPermissions.

@PUT
@Path("{username}/permissions")
@RequiresPermissions(RestPermissions.USERS_PERMISSIONSEDIT)
@ApiOperation("Update a user's permission set.")
@ApiResponses({ @ApiResponse(code = 400, message = "Missing or invalid permission data.") })
@AuditEvent(type = AuditEventTypes.USER_PERMISSIONS_UPDATE)
public void editPermissions(@ApiParam(name = "username", value = "The name of the user to modify.", required = true) @PathParam("username") String username, @ApiParam(name = "JSON body", value = "The list of permissions to assign to the user.", required = true) @Valid @NotNull PermissionEditRequest permissionRequest) throws ValidationException {
    final User user = userService.load(username);
    if (user == null) {
        throw new NotFoundException("Couldn't find user " + username);
    }
    user.setPermissions(getEffectiveUserPermissions(user, permissionRequest.permissions()));
    userService.save(user);
}
Also used : User(org.graylog2.plugin.database.users.User) NotFoundException(javax.ws.rs.NotFoundException) Path(javax.ws.rs.Path) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

ApiOperation (io.swagger.annotations.ApiOperation)1 ApiResponses (io.swagger.annotations.ApiResponses)1 NotFoundException (javax.ws.rs.NotFoundException)1 PUT (javax.ws.rs.PUT)1 Path (javax.ws.rs.Path)1 RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)1 AuditEvent (org.graylog2.audit.jersey.AuditEvent)1 User (org.graylog2.plugin.database.users.User)1