use of org.graylog2.shared.security.RestPermissions.USERS_TOKENLIST in project graylog2-server by Graylog2.
the class UsersResource method listTokens.
@GET
@Path("{userId}/tokens")
@ApiOperation("Retrieves the list of access tokens for a user")
public TokenList listTokens(@ApiParam(name = "userId", required = true) @PathParam("userId") String userId) {
final User user = loadUserById(userId);
final String username = user.getName();
if (!isPermitted(USERS_TOKENLIST, username)) {
throw new ForbiddenException("Not allowed to list tokens for user " + username);
}
final ImmutableList.Builder<TokenSummary> tokenList = ImmutableList.builder();
for (AccessToken token : accessTokenService.loadAll(user.getName())) {
tokenList.add(TokenSummary.create(token.getId(), token.getName(), token.getLastAccess()));
}
return TokenList.create(tokenList.build());
}
Aggregations