2013-07-27 18:33:20 +02:00
|
|
|
package com.sismics.docs.rest.resource;
|
|
|
|
|
2016-03-15 22:44:50 +01:00
|
|
|
import com.google.common.collect.Lists;
|
2013-07-27 18:33:20 +02:00
|
|
|
import com.sismics.docs.rest.constant.BaseFunction;
|
|
|
|
import com.sismics.rest.exception.ForbiddenClientException;
|
|
|
|
import com.sismics.security.IPrincipal;
|
|
|
|
import com.sismics.security.UserPrincipal;
|
2016-05-16 21:07:01 +02:00
|
|
|
import com.sismics.util.filter.SecurityFilter;
|
|
|
|
|
|
|
|
import javax.servlet.http.HttpServletRequest;
|
2021-01-25 22:40:58 +01:00
|
|
|
import javax.ws.rs.Consumes;
|
2016-05-16 21:07:01 +02:00
|
|
|
import javax.ws.rs.QueryParam;
|
|
|
|
import javax.ws.rs.core.Context;
|
2021-01-25 22:40:58 +01:00
|
|
|
import javax.ws.rs.core.MediaType;
|
2016-05-16 21:07:01 +02:00
|
|
|
import java.security.Principal;
|
|
|
|
import java.util.List;
|
|
|
|
import java.util.Set;
|
2013-07-27 18:33:20 +02:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Base class of REST resources.
|
|
|
|
*
|
|
|
|
* @author jtremeaux
|
|
|
|
*/
|
|
|
|
public abstract class BaseResource {
|
2016-05-10 23:30:28 +02:00
|
|
|
/**
|
|
|
|
* @apiDefine admin Admin
|
|
|
|
* Only the admin user can access this resource
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @apiDefine user Authenticated user
|
|
|
|
* All authenticated users can access this resource
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @apiDefine none Anonymous user
|
|
|
|
* This resource can be accessed anonymously
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @apiDefine server Server error
|
|
|
|
*/
|
|
|
|
|
|
|
|
/**
|
|
|
|
* @apiDefine client Client error
|
|
|
|
*/
|
|
|
|
|
2013-07-27 18:33:20 +02:00
|
|
|
/**
|
|
|
|
* Injects the HTTP request.
|
|
|
|
*/
|
|
|
|
@Context
|
|
|
|
protected HttpServletRequest request;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Application key.
|
|
|
|
*/
|
|
|
|
@QueryParam("app_key")
|
|
|
|
protected String appKey;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Principal of the authenticated user.
|
|
|
|
*/
|
|
|
|
protected IPrincipal principal;
|
|
|
|
|
|
|
|
/**
|
|
|
|
* This method is used to check if the user is authenticated.
|
|
|
|
*
|
|
|
|
* @return True if the user is authenticated and not anonymous
|
|
|
|
*/
|
|
|
|
protected boolean authenticate() {
|
2016-05-16 21:07:01 +02:00
|
|
|
Principal principal = (Principal) request.getAttribute(SecurityFilter.PRINCIPAL_ATTRIBUTE);
|
2018-10-16 19:04:04 +02:00
|
|
|
if (principal instanceof IPrincipal) {
|
2013-07-27 18:33:20 +02:00
|
|
|
this.principal = (IPrincipal) principal;
|
|
|
|
return !this.principal.isAnonymous();
|
|
|
|
} else {
|
|
|
|
return false;
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Checks if the user has a base function. Throw an exception if the check fails.
|
|
|
|
*
|
|
|
|
* @param baseFunction Base function to check
|
|
|
|
*/
|
2016-04-18 00:00:46 +02:00
|
|
|
void checkBaseFunction(BaseFunction baseFunction) {
|
2013-07-27 18:33:20 +02:00
|
|
|
if (!hasBaseFunction(baseFunction)) {
|
|
|
|
throw new ForbiddenClientException();
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
/**
|
|
|
|
* Checks if the user has a base function.
|
|
|
|
*
|
|
|
|
* @param baseFunction Base function to check
|
|
|
|
* @return True if the user has the base function
|
|
|
|
*/
|
2016-04-18 00:00:46 +02:00
|
|
|
boolean hasBaseFunction(BaseFunction baseFunction) {
|
2018-10-16 19:04:04 +02:00
|
|
|
if (!(principal instanceof UserPrincipal)) {
|
2013-07-27 18:33:20 +02:00
|
|
|
return false;
|
|
|
|
}
|
|
|
|
Set<String> baseFunctionSet = ((UserPrincipal) principal).getBaseFunctionSet();
|
|
|
|
return baseFunctionSet != null && baseFunctionSet.contains(baseFunction.name());
|
|
|
|
}
|
2016-03-15 22:44:50 +01:00
|
|
|
|
|
|
|
/**
|
|
|
|
* Returns a list of ACL target ID.
|
|
|
|
*
|
|
|
|
* @param shareId Share ID (optional)
|
|
|
|
* @return List of ACL target ID
|
|
|
|
*/
|
2016-04-18 00:00:46 +02:00
|
|
|
List<String> getTargetIdList(String shareId) {
|
2016-03-19 19:41:28 +01:00
|
|
|
List<String> targetIdList = Lists.newArrayList(principal.getGroupIdSet());
|
2016-03-15 22:44:50 +01:00
|
|
|
if (principal.getId() != null) {
|
|
|
|
targetIdList.add(principal.getId());
|
|
|
|
}
|
|
|
|
if (shareId != null) {
|
|
|
|
targetIdList.add(shareId);
|
|
|
|
}
|
|
|
|
return targetIdList;
|
|
|
|
}
|
2013-07-27 18:33:20 +02:00
|
|
|
}
|