Example 1 with USERS_TOKENCREATE
use of org.graylog2.shared.security.RestPermissions.USERS_TOKENCREATE in project graylog2-server by Graylog2.
the class UsersResource method generateNewToken.
@POST
@Path("{userId}/tokens/{name}")
@ApiOperation("Generates a new access token for a user")
@AuditEvent(type = AuditEventTypes.USER_ACCESS_TOKEN_CREATE)
public Token generateNewToken(@ApiParam(name = "userId", required = true) @PathParam("userId") String userId, @ApiParam(name = "name", value = "Descriptive name for this token (e.g. 'cronjob') ", required = true) @PathParam("name") String name, @ApiParam(name = "JSON Body", value = "Placeholder because POST requests should have a body. Set to '{}', the content will be ignored.", defaultValue = "{}") String body) {
final User user = loadUserById(userId);
final String username = user.getName();
if (!isPermitted(USERS_TOKENCREATE, username)) {
throw new ForbiddenException("Not allowed to create tokens for user " + username);
}
final AccessToken accessToken = accessTokenService.create(user.getName(), name);
return Token.create(accessToken.getId(), accessToken.getName(), accessToken.getToken(), accessToken.getLastAccess());
}
Also used :
ForbiddenException(javax.ws.rs.ForbiddenException)
User(org.graylog2.plugin.database.users.User)
AccessToken(org.graylog2.security.AccessToken)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
ApiOperation(io.swagger.annotations.ApiOperation)
AuditEvent(org.graylog2.audit.jersey.AuditEvent)
Aggregations
ApiOperation (io.swagger.annotations.ApiOperation)1
ForbiddenException (javax.ws.rs.ForbiddenException)1
POST (javax.ws.rs.POST)1
Path (javax.ws.rs.Path)1
AuditEvent (org.graylog2.audit.jersey.AuditEvent)1
User (org.graylog2.plugin.database.users.User)1
AccessToken (org.graylog2.security.AccessToken)1
