package com.thinkbiganalytics.security.rest.controller;
/*-
* #%L
* thinkbig-security-controller
* %%
* Copyright (C) 2017 ThinkBig Analytics
* %%
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
* #L%
*/
import com.thinkbiganalytics.rest.model.RestResponseStatus;
import com.thinkbiganalytics.security.rest.model.UserPrincipal;
import com.thinkbiganalytics.security.service.user.UserService;
import org.springframework.stereotype.Component;
import java.io.UnsupportedEncodingException;
import java.net.URLDecoder;
import java.util.List;
import javax.annotation.Nonnull;
import javax.inject.Inject;
import javax.ws.rs.BadRequestException;
import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE;
import javax.ws.rs.GET;
import javax.ws.rs.NotFoundException;
import javax.ws.rs.POST;
import javax.ws.rs.Path;
import javax.ws.rs.PathParam;
import javax.ws.rs.Produces;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import io.swagger.annotations.Api;
import io.swagger.annotations.ApiOperation;
import io.swagger.annotations.ApiResponse;
import io.swagger.annotations.ApiResponses;
import io.swagger.annotations.SwaggerDefinition;
import io.swagger.annotations.Tag;
/**
* Endpoint for accessing Kylo users.
*/
@Api(tags = "Security - Users")
@Component
@Path("/v1/security/users")
@SwaggerDefinition(tags = @Tag(name = "Security - Users", description = "manages users"))
public class UsersController {
/**
* Service for accessing Kylo users
*/
@Inject
UserService userService;
/**
* Adds or updates a Kylo user.
*
* @param user the user
* @return the result
*/
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation("Adds or updates a Kylo user.")
@ApiResponses({
@ApiResponse(code = 204, message = "The user was added or updated."),
@ApiResponse(code = 500, message = "There was a problem adding or updating the user.", response = RestResponseStatus.class)
})
@Nonnull
public Response addUser(@Nonnull final UserPrincipal user) {
userService.updateUser(user);
return Response.noContent().build();
}
/**
* Deletes the specified user.
*
* @param userId the system name of the user
* @return the result
* @throws NotFoundException if the user does not exist
*/
@DELETE
@Path("{userId}")
@ApiOperation("Deletes the specified user.")
@ApiResponses({
@ApiResponse(code = 204, message = "The user was deleted."),
@ApiResponse(code = 404, message = "The user was not found.", response = RestResponseStatus.class),
@ApiResponse(code = 500, message = "There was a problem deleting the user.", response = RestResponseStatus.class)
})
@Nonnull
public Response deleteUser(@Nonnull @PathParam("userId") final String userId) {
if (userService.deleteUser(decodeUserId(userId))) {
return Response.noContent().build();
} else {
throw new NotFoundException();
}
}
/**
* Returns the specified user.
*
* @param userId the system name of the user
* @return the user
* @throws NotFoundException if the user does not exist
*/
@GET
@Path("{userId}")
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation("Returns the specified user.")
@ApiResponses({
@ApiResponse(code = 200, message = "The requested user.", response = UserPrincipal.class),
@ApiResponse(code = 404, message = "The user was not found.", response = RestResponseStatus.class),
@ApiResponse(code = 500, message = "There was a problem accessing the user.", response = RestResponseStatus.class)
})
@Nonnull
public Response getUser(@Nonnull @PathParam("userId") final String userId) {
final UserPrincipal user = userService.getUser(decodeUserId(userId)).orElseThrow(NotFoundException::new);
return Response.ok(user).build();
}
/**
* Returns a list of all users.
*
* @return all users
*/
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation("Returns a list of all users.")
@ApiResponses({
@ApiResponse(code = 200, message = "The list of users.", response = UserPrincipal.class, responseContainer = "List"),
@ApiResponse(code = 500, message = "There was a problem accessing the users.", response = RestResponseStatus.class)
})
@Nonnull
public Response getUsers() {
final List<UserPrincipal> users = userService.getUsers();
return Response.ok(users).build();
}
/**
* Decodes the specified user name. This should only be used on path parameters.
*
* @param userId the path parameter
* @return the system name of the user
*/
@Nonnull
private String decodeUserId(@Nonnull final String userId) {
try {
return URLDecoder.decode(userId, "UTF-8");
} catch (UnsupportedEncodingException e) {
throw new BadRequestException("Only UTF-8 encoding is supported.");
}
}
}