@RequestMapping(value = "/idm/groups/{groupId}", method = RequestMethod.GET, produces = {"application/json"}) public GroupRepresentation getGroupInformation(@PathVariable String groupId) { Group group = groupService.getGroup(groupId); if (group != null) { return new GroupRepresentation(group); } else { throw new NotFoundException(); } }
@RequestMapping(value = "/rest/users/{userId}", method = RequestMethod.GET, produces = "application/json") public UserRepresentation getUser(@PathVariable String userId, HttpServletResponse response) { User user = remoteIdmService.getUser(userId); if (user == null) { throw new NotFoundException("User with id: " + userId + " does not exist or is inactive"); } return new UserRepresentation(user); }
@RequestMapping(value = "/idm/tokens/{tokenId}", method = RequestMethod.GET, produces = { "application/json" }) public TokenRepresentation getToken(@PathVariable String tokenId) { Token token = tokenService.findTokenById(tokenId); if (token == null) { throw new NotFoundException(); } else { return new TokenRepresentation(token); } }
@RequestMapping(value = "/rest/workflow-groups/{groupId}", method = RequestMethod.GET) public GroupRepresentation getGroup(@PathVariable String groupId, HttpServletResponse response) { Group group = remoteIdmService.getGroup(groupId); if (group == null) { throw new NotFoundException("Group with id: " + groupId + " does not exist or is inactive"); } return new GroupRepresentation(group); }
@RequestMapping(value = "/rest/models/{modelId}/parent-relations", method = RequestMethod.GET, produces = "application/json") public List<ModelInformation> getModelRelations(@PathVariable String modelId) { Model model = modelService.getModel(modelId); if (model == null) { throw new NotFoundException(); } return modelRelationService.findParentModels(modelId); }
@RequestMapping(value = "/profile-picture", method = RequestMethod.GET) public void getProfilePicture(HttpServletResponse response) { try { Pair<String, InputStream> picture = profileService.getProfilePicture(); if (picture == null) { throw new NotFoundException(); } response.setContentType(picture.getLeft()); ServletOutputStream servletOutputStream = response.getOutputStream(); byte[] buffer = new byte[32384]; while (true) { int count = picture.getRight().read(buffer); if (count == -1) break; servletOutputStream.write(buffer, 0, count); } // Flush and close stream servletOutputStream.flush(); servletOutputStream.close(); } catch (Exception e) { throw new InternalServerErrorException("Could not get profile picture", e); } }
public void deleteGroup(String groupId) { Group group = identityService.createGroupQuery().groupId(groupId).singleResult(); if (group == null) { throw new NotFoundException(); } identityService.deleteGroup(groupId); }
public void deleteGroupMember(String groupId, String userId) { verifyGroupMemberExists(groupId, userId); Group group = identityService.createGroupQuery().groupId(groupId).singleResult(); if (group == null) { throw new NotFoundException(); } User user = identityService.createUserQuery().userId(userId).singleResult(); if (user == null) { throw new NotFoundException(); } identityService.deleteMembership(userId, groupId); }
public void addGroupMember(String groupId, String userId) { verifyGroupMemberExists(groupId, userId); Group group = identityService.createGroupQuery().groupId(groupId).singleResult(); if (group == null) { throw new NotFoundException(); } User user = identityService.createUserQuery().userId(userId).singleResult(); if (user == null) { throw new NotFoundException(); } identityService.createMembership(userId, groupId); }
public Group updateGroupName(String groupId, String name) { if (StringUtils.isBlank(name)) { throw new BadRequestException("Group name required"); } Group group = identityService.createGroupQuery().groupId(groupId).singleResult(); if (group == null) { throw new NotFoundException(); } group.setName(name); identityService.saveGroup(group); return group; }
public void changePassword(String originalPassword, String newPassword) { User user = identityService.createUserQuery().userId(SecurityUtils.getCurrentUserId()).singleResult(); if (!user.getPassword().equals(originalPassword)) { throw new NotFoundException(); } user.setPassword(newPassword); identityService.updateUserPassword(user); }
public void getRawContent(String contentId, HttpServletResponse response) { ContentItem contentItem = contentService.createContentItemQuery().id(contentId).singleResult(); if (contentItem == null) { throw new NotFoundException("No content found with id: " + contentId); } if (!contentItem.isContentAvailable()) { throw new NotFoundException("Raw content not yet available for id: " + contentId); } if (!permissionService.canDownloadContent(SecurityUtils.getCurrentUserObject(), contentItem)) { throw new NotPermittedException("You are not allowed to read the content with id: " + contentId); } // Set correct mine-type if (contentItem.getMimeType() != null) { response.setContentType(contentItem.getMimeType()); } // Write content response try (InputStream inputstream = contentService.getContentItemData(contentId)) { IOUtils.copy(inputstream, response.getOutputStream()); } catch (IOException e) { throw new InternalServerErrorException("Error while writing raw content data for content: " + contentId, e); } }
@RequestMapping(value = "/idm/users/{userId}", method = RequestMethod.GET, produces = {"application/json"}) public UserRepresentation getUserInformation(@PathVariable String userId) { UserInformation userInformation = userService.getUserInformation(userId); if (userInformation != null) { UserRepresentation userRepresentation = new UserRepresentation(userInformation.getUser()); if (userInformation.getGroups() != null) { for (Group group : userInformation.getGroups()) { userRepresentation.getGroups().add(new GroupRepresentation(group)); } } if (userInformation.getPrivileges() != null) { for (String privilege : userInformation.getPrivileges()) { userRepresentation.getPrivileges().add(privilege); } } return userRepresentation; } else { throw new NotFoundException(); } }
@Override public UserInformation getUserInformation(String userId) { User user = identityService.createUserQuery().userId(userId).singleResult(); if (user == null) { throw new NotFoundException(); } List<Privilege> userPrivileges = identityService.createPrivilegeQuery().userId(userId).list(); Set<String> privilegeNames = new HashSet<>(); for (Privilege userPrivilege : userPrivileges) { privilegeNames.add(userPrivilege.getName()); } List<Group> groups = identityService.createGroupQuery().groupMember(userId).list(); if (groups.size() > 0) { List<String> groupIds = new ArrayList<>(); for (Group group : groups) { groupIds.add(group.getId()); } List<Privilege> groupPrivileges = identityService.createPrivilegeQuery().groupIds(groupIds).list(); for (Privilege groupPrivilege : groupPrivileges) { privilegeNames.add(groupPrivilege.getName()); } } return new UserInformation(user, groups, new ArrayList<>(privilegeNames)); }
public ContentItemRepresentation getContent(String contentId) { ContentItem contentItem = contentService.createContentItemQuery().id(contentId).singleResult(); if (contentItem == null) { throw new NotFoundException("No content found with id: " + contentId); } if (!permissionService.canDownloadContent(SecurityUtils.getCurrentUserObject(), contentItem)) { throw new NotPermittedException("You are not allowed to view the content with id: " + contentId); } return createContentItemResponse(contentItem); }
protected void verifyGroupMemberExists(String groupId, String userId) { // Check existence Group group = identityService.createGroupQuery().groupId(groupId).singleResult(); User user = identityService.createUserQuery().userId(userId).singleResult(); for (User groupMember : identityService.createUserQuery().memberOfGroup(groupId).list()) { if (groupMember.getId().equals(userId)) { user = groupMember; } } if (group == null || user == null) { throw new NotFoundException(); } }
public ContentItemRepresentation createContentItemOnTask(String taskId, ContentItemRepresentation contentItem) { User user = SecurityUtils.getCurrentUserObject(); Task task = taskService.createTaskQuery().taskId(taskId).singleResult(); if (task == null) { throw new NotFoundException("Task not found or already completed: " + taskId); } if (!permissionService.canAddRelatedContentToTask(user, taskId)) { throw new NotPermittedException("You are not allowed to read the task with id: " + taskId); } return addContentItem(contentItem, taskId, task.getProcessInstanceId(), true); }
public ContentItemRepresentation createContentItemOnTask(String taskId, MultipartFile file) { User user = SecurityUtils.getCurrentUserObject(); Task task = taskService.createTaskQuery().taskId(taskId).singleResult(); if (task == null) { throw new NotFoundException("Task not found or already completed: " + taskId); } if (!permissionService.canAddRelatedContentToTask(user, taskId)) { throw new NotPermittedException("You are not allowed to read the task with id: " + taskId); } return uploadFile(user, file, taskId, task.getProcessInstanceId(), null); }
@RequestMapping(value = "/rest/admin/privileges/{privilegeId}", method = RequestMethod.GET) public PrivilegeRepresentation getPrivilege(@PathVariable String privilegeId) { Privilege privilege = privilegeService.findPrivilege(privilegeId); if (privilege != null) { PrivilegeRepresentation privilegeRepresentation = new PrivilegeRepresentation(); privilegeRepresentation.setId(privilege.getId()); privilegeRepresentation.setName(privilege.getName()); List<User> users = privilegeService.findUsersWithPrivilege(privilegeId); for (User user : users) { privilegeRepresentation.addUser(new UserRepresentation(user)); } List<Group> groups = privilegeService.findGroupsWithPrivilege(privilegeId); for (Group group : groups) { privilegeRepresentation.addGroup(new GroupRepresentation(group)); } return privilegeRepresentation; } else { throw new NotFoundException(); } }
public void deleteContent(String contentId, HttpServletResponse response) { ContentItem contentItem = contentService.createContentItemQuery().id(contentId).singleResult(); if (contentItem == null) { throw new NotFoundException("No content found with id: " + contentId); } if (!permissionService.hasWritePermissionOnRelatedContent(SecurityUtils.getCurrentUserObject(), contentItem)) { throw new NotPermittedException("You are not allowed to delete the content with id: " + contentId); } if (contentItem.getField() != null) { // Not allowed to delete content that has been added as part of a form throw new NotPermittedException("You are not allowed to delete the content with id: " + contentId); } contentService.deleteContentItem(contentItem.getId()); }