Search in sources :

Example 6 with UserSummary

use of org.graylog2.rest.models.users.responses.UserSummary in project graylog2-server by Graylog2.

the class UsersResource method getbyId.

@GET
@Path("id/{userId}")
@ApiOperation(value = "Get user details by userId", notes = "The user's permissions are only included if a user asks for his " + "own account or for users with the necessary permissions to edit permissions.")
@ApiResponses({ @ApiResponse(code = 404, message = "The user could not be found.") })
public UserSummary getbyId(@ApiParam(name = "userId", value = "The userId to return information for.", required = true) @PathParam("userId") String userId, @Context UserContext userContext) {
    final User user = loadUserById(userId);
    final String username = user.getName();
    // Reader users always have permissions to edit their own profile.
    if (!isPermitted(USERS_EDIT, username)) {
        throw new ForbiddenException("Not allowed to view userId " + userId);
    }
    return returnSummary(userContext, user);
}
Also used : ForbiddenException(javax.ws.rs.ForbiddenException) User(org.graylog2.plugin.database.users.User) Path(javax.ws.rs.Path) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

ApiOperation (io.swagger.annotations.ApiOperation)4 GET (javax.ws.rs.GET)4 User (org.graylog2.plugin.database.users.User)4 Path (javax.ws.rs.Path)3 ApiResponses (io.swagger.annotations.ApiResponses)2 Date (java.util.Date)2 RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)2 WildcardPermission (org.apache.shiro.authz.permission.WildcardPermission)2 GRNPermission (org.graylog.security.permissions.GRNPermission)2 UserSummary (org.graylog2.rest.models.users.responses.UserSummary)2 MongoDbSession (org.graylog2.security.MongoDbSession)2 ForbiddenException (javax.ws.rs.ForbiddenException)1 NotFoundException (javax.ws.rs.NotFoundException)1 Role (org.graylog2.shared.users.Role)1