RolePermissions.java

/*
 * To change this template, choose Tools | Templates
 * and open the template in the editor.
 */
package com.intel.mtwilson.user.management.client.jaxrs;

import com.intel.mtwilson.jaxrs2.client.MtWilsonClient;
import com.intel.mtwilson.user.management.rest.v2.model.RolePermissionCollection;
import com.intel.mtwilson.user.management.rest.v2.model.RolePermissionFilterCriteria;
import com.intel.mtwilson.user.management.rest.v2.model.RolePermission;
import java.net.URL;
import java.util.HashMap;
import java.util.Properties;
import javax.ws.rs.WebApplicationException;
import javax.ws.rs.client.Entity;
import javax.ws.rs.core.MediaType;
import javax.ws.rs.core.Response;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class RolePermissions extends MtWilsonClient {
    
    Logger log = LoggerFactory.getLogger(getClass().getName());

    public RolePermissions(URL url) throws Exception{
        super(url);
    }

    public RolePermissions(Properties properties) throws Exception {
        super(properties);
    }
    
     /**
     * Creates an new Role Permission mapping in the system. Permissions have 3 parts : Domain, Action and Selection.
     * Domains are basically resources on which the permissions would apply (Ex: Oems, Mles, etc). Action is basically
     * create, store, retrieve, search and delete. There can be sometimes special actions based on the resources like
     * import & export in case of certificates. Multiple actions for a single domain can be separated by comma.
     * Selection : This is currently not being used. By default it would be set to "*". This is for future purpose where
     * user's can specify certain conditions which if evaluates to true would get the required permissions.
     * User can provide "*" as the option for any combination of domain, action and selection. * indicates everything. 
     * Example: An administrator would have * for all the 3 options.
     * @param rolePermission - RolePermission object that needs to be created. 
     * @return Created RolePermission object.
     * @since Mt.Wilson 2.0
     * @mtwRequiresPermissions role_permissions:create
     * @mtwContentTypeReturned JSON/XML/YAML
     * @mtwMethodType POST
     * @mtwSampleRestCall
     * <pre>
     * https://server.com:8181/mtwilson/v2/roles/05f80052-2642-480a-8504-880e27ce8b57/permissions
     * Input: {"permit_domain":"user_mgmt","permit_action":"add,delete","permit_selection":"*"}
     * Output: {"id":"9b35b89c-c5f0-4ffb-8f94-a7f73eef8f76","role_id":"05f80052-2642-480a-8504-880e27ce8b57",
     * "permit_domain":"user_mgmt","permit_action":"add,delete","permit_selection":"*"}
     * </pre>
     * @mtwSampleApiCall
     * <pre>
     *  RolePermissions client = new RolePermissions(My.configuration().getClientProperties());
     *  RolePermission rolePermission = new RolePermission();
     *  rolePermission.setRoleId("05f80052-2642-480a-8504-880e27ce8b57");
     *  rolePermission.setPermitDomain("user_mgmt");
     *  rolePermission.setPermitAction("add,delete");
     *  rolePermission.setPermitSelection("*");
     *  RolePermission createRolePermission = client.createRolePermission(rolePermission);
     * </pre>
     */
    public RolePermission createRolePermission(RolePermission obj) {
        log.debug("target: {}", getTarget().getUri().toString());
        HashMap<String,Object> map = new HashMap<>();
        map.put("role_id", obj.getRoleId().toString());
        RolePermission newRolePermission = getTarget().path("roles/{role_id}/permissions").resolveTemplates(map)
                .request().accept(MediaType.APPLICATION_JSON).post(Entity.json(obj), RolePermission.class);
        return newRolePermission;
    }
    
    /**
     * Deletes the RolePermission(s) matching the specified search criteria. 
     * @param RolePermissionFilterCriteria object specifying the search criteria.
     * @return N/A
     * @since Mt.Wilson 2.0
     * @mtwRequiresPermissions role_permissions:delete
     * @mtwContentTypeReturned N/A
     * @mtwMethodType DELETE
     * @mtwSampleRestCall
     * <pre>
     * https://server.com:8181/mtwilson/v2/roles/05f80052-2642-480a-8504-880e27ce8b57/permissions?actionEqualTo=*
     * </pre>
     * @mtwSampleApiCall
     * <pre>
     *  RolePermissions client = new RolePermissions(My.configuration().getClientProperties());
     *  RolePermissionFilterCriteria criteria = new RolePermissionFilterCriteria();
     *  criteria.roleId = roleId;
     *  criteria.actionEqualTo = "*";
     *  client.deleteRolePermission(criteria);
     * </pre>
     */
    public void deleteRolePermission(RolePermissionFilterCriteria criteria) {
        log.debug("target: {}", getTarget().getUri().toString());
        HashMap<String,Object> map = new HashMap<>();
        map.put("role_id", criteria.roleId);
        Response obj = getTargetPathWithQueryParams("roles/{role_id}/permissions", criteria).resolveTemplates(map)
                .request(MediaType.APPLICATION_JSON).delete(); //getTarget().path("roles/{role_id}/permissions").resolveTemplates(map).request(MediaType.APPLICATION_JSON).delete();
        if( !obj.getStatusInfo().getFamily().equals(Response.Status.Family.SUCCESSFUL)) {
            throw new WebApplicationException("Delete role permission failed");
        }
    }
        
    /**
     * Searches for the RolePermission's with the specified set of criteria.
     * @param RolePermissionFilterCriteria object specifying the filter criteria. The search options include
     * id and rolePermissionNameEqualTo. Also, if the caller wants to retrieve the list of all the registered
     * rolePermissions, the filter option can be disabled by setting the filter criteria to false. By default
     * the filter criteria is true. [Ex: /v2/roles/{role_id}/permissions?filter=false retrieves the list of all the 
     * for the specified role]
     * @return RolePermissionCollection with the list of RolePermissions that meet the specified filter criteria
     * @since Mt.Wilson 2.0
     * @mtwRequiresPermissions role_permissions:search
     * @mtwContentTypeReturned JSON/XML/YAML
     * @mtwMethodType GET
     * @mtwSampleRestCall
     * <pre>
     * https://server.com:8181/mtwilson/v2/roles/05f80052-2642-480a-8504-880e27ce8b57/permissions?actionEqualTo=*
     * Output: {"role_permissions":[{"role_id":"05f80052-2642-480a-8504-880e27ce8b57","permit_domain":"user_mgmt",
     * "permit_action":"*","permit_selection":"*"}]}
     * </pre>
     * @mtwSampleApiCall
     * <pre>
     *  RolePermissions client = new RolePermissions(My.configuration().getClientProperties());
     *  RolePermissionFilterCriteria criteria = new RolePermissionFilterCriteria();
     *  criteria.roleId = UUID.valueOf("05f80052-2642-480a-8504-880e27ce8b57");
     *  criteria.actionEqualTo = "*";
     *  RolePermissionCollection rolePermissions = client.searchRolePermissions(criteria);
     * </pre>
     */
    public RolePermissionCollection searchRolePermissions(RolePermissionFilterCriteria criteria) {
        log.debug("target: {}", getTarget().getUri().toString());
        HashMap<String,Object> map = new HashMap<>();
        map.put("role_id", criteria.roleId);
        RolePermissionCollection rolePermissions = getTargetPathWithQueryParams("roles/{role_id}/permissions", criteria)
                .resolveTemplates(map).request(MediaType.APPLICATION_JSON).get(RolePermissionCollection.class);
        return rolePermissions;
    }
}