Search in sources :

Example 1 with USERS_TOKENLIST

use of org.graylog2.shared.security.RestPermissions.USERS_TOKENLIST in project graylog2-server by Graylog2.

the class UsersResource method listTokens.

@GET
@Path("{userId}/tokens")
@ApiOperation("Retrieves the list of access tokens for a user")
public TokenList listTokens(@ApiParam(name = "userId", required = true) @PathParam("userId") String userId) {
    final User user = loadUserById(userId);
    final String username = user.getName();
    if (!isPermitted(USERS_TOKENLIST, username)) {
        throw new ForbiddenException("Not allowed to list tokens for user " + username);
    }
    final ImmutableList.Builder<TokenSummary> tokenList = ImmutableList.builder();
    for (AccessToken token : accessTokenService.loadAll(user.getName())) {
        tokenList.add(TokenSummary.create(token.getId(), token.getName(), token.getLastAccess()));
    }
    return TokenList.create(tokenList.build());
}
Also used : ForbiddenException(javax.ws.rs.ForbiddenException) User(org.graylog2.plugin.database.users.User) ImmutableList(com.google.common.collect.ImmutableList) AccessToken(org.graylog2.security.AccessToken) TokenSummary(org.graylog2.rest.models.users.responses.TokenSummary) Path(javax.ws.rs.Path) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation)

Aggregations

ImmutableList (com.google.common.collect.ImmutableList)1 ApiOperation (io.swagger.annotations.ApiOperation)1 ForbiddenException (javax.ws.rs.ForbiddenException)1 GET (javax.ws.rs.GET)1 Path (javax.ws.rs.Path)1 User (org.graylog2.plugin.database.users.User)1 TokenSummary (org.graylog2.rest.models.users.responses.TokenSummary)1 AccessToken (org.graylog2.security.AccessToken)1