AuthorizationActionResource.java example

Explorer
pentaho-platform-master
/*!
 * This program is free software; you can redistribute it and/or modify it under the
 * terms of the GNU Lesser General Public License, version 2.1 as published by the Free Software
 * Foundation.
 *
 * You should have received a copy of the GNU Lesser General Public License along with this
 * program; if not, you can obtain a copy at http://www.gnu.org/licenses/old-licenses/lgpl-2.1.html
 * or from the Free Software Foundation, Inc.,
 * 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301 USA.
 *
 * This program is distributed in the hope that it will be useful, but WITHOUT ANY WARRANTY;
 * without even the implied warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.
 * See the GNU Lesser General Public License for more details.
 *
 * Copyright (c) 2002-2016 Pentaho Corporation..  All rights reserved.
 */

package org.pentaho.platform.web.http.api.resources;

import java.util.List;

import javax.ws.rs.GET;
import javax.ws.rs.Path;
import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;

import org.codehaus.enunciate.jaxrs.ResponseCode;
import org.codehaus.enunciate.jaxrs.StatusCodes;
import org.pentaho.platform.api.engine.IAuthorizationAction;
import org.pentaho.platform.web.http.api.resources.services.AuthorizationActionService;

/**
 * Resource deals with the Authorization Action in the BA Platform. This service validates if a current user is authorized to perform a specific action.
 */
@Path ( "/authorization/action" )
public class AuthorizationActionResource {

  private AuthorizationActionService authorizationActionService;

  public AuthorizationActionResource( List<IAuthorizationAction> authActionList ) {
    this.authorizationActionService = new AuthorizationActionService( authActionList );
  }

  public AuthorizationActionResource() {
    this.authorizationActionService = new AuthorizationActionService();
  }

  /**
   * Validates if a current user is authorized to perform a specific action.
   *
   * <p><b>Example Request:</b><br />
   *    GET pentaho/api/authorization/action/isauthorized
   * </p>
   *
   * @param authAction Authorization Action to be validated for the current user.
   *
   * @return A boolean response based on the current user being authorized to perform a specific action within the system.
   *
   * <p><b>Example Response:</b></p>
   * <pre function="syntax.xml">
   *     false
   * </pre>
   */
  @GET
  @Path ( "/isauthorized" )
  @Produces ( { MediaType.TEXT_PLAIN } )
  @StatusCodes ( {
      @ResponseCode ( code = 200, condition = "Returns a boolean response." )
    } )
  public Response validateAuth( @QueryParam ( "authAction" ) String authAction ) {
    return Response.ok( ( String.valueOf( getAuthorizationActionService().validateAuth( authAction ) ) ) ).build();
  }

  /* useful for unit test mocks */
  protected AuthorizationActionService getAuthorizationActionService() {
    return authorizationActionService;
  }
}