org.eclipse.mdm.nucleus/org.eclipse.mdm.businessobjects/src/main/java/org/eclipse/mdm/businessobjects/boundary/UserResource.java - mdmbl/org.eclipse.mdm - Git at Google

 /********************************************************************************
  * Copyright (c) 2015-2020 Contributors to the Eclipse Foundation
  *
  * See the NOTICE file(s) distributed with this work for additional
  * information regarding copyright ownership.
  *
  * This program and the accompanying materials are made available under the
  * terms of the Eclipse Public License v. 2.0 which is available at
  * http://www.eclipse.org/legal/epl-2.0.
  *
  * SPDX-License-Identifier: EPL-2.0
  *
  ********************************************************************************/

 package org.eclipse.mdm.businessobjects.boundary;

 import java.util.ArrayList;
 import java.util.List;

 import javax.annotation.security.PermitAll;
 import javax.ws.rs.GET;
 import javax.ws.rs.Path;
 import javax.ws.rs.Produces;
 import javax.ws.rs.QueryParam;
 import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
 import javax.ws.rs.core.Response;
 import javax.ws.rs.core.SecurityContext;

 import org.eclipse.mdm.businessobjects.entity.User;

 import com.google.common.base.Splitter;

 import io.swagger.v3.oas.annotations.Operation;
 import io.swagger.v3.oas.annotations.Parameter;
 import io.swagger.v3.oas.annotations.media.Content;
 import io.swagger.v3.oas.annotations.media.Schema;
 import io.swagger.v3.oas.annotations.responses.ApiResponse;
 import io.swagger.v3.oas.annotations.tags.Tag;

 @Tag(name = "User")
 @Path("/user")
 @PermitAll
 public class UserResource {

 	@Context
 	public SecurityContext securityContext;

 	@GET
 	@Path("/current")
 	@Operation(summary = "Read authenticated user information", description = "Read the current user name and which of the given roles the user has.", responses = {
 			@ApiResponse(description = "The authenticated user.", content = @Content(schema = @Schema(implementation = User.class))),
 			@ApiResponse(responseCode = "400", description = "Error") })
 	@Produces(MediaType.APPLICATION_JSON)
 	public Response currentUser(
 			@Parameter(description = "Comma separated list of roles. This method checks, if the user belongs to each role. If the user does not belong to a role or the role is not queried, it will not be returned.", required = true) @QueryParam("roles") String roles) {
 		/*
 		 * There is no reliable way in getting the (possibly mapped) roles of a user.
 		 * Thus the check if a user is in a role is only against the given list of
 		 * roles.
 		 */
 		List<String> roleList = new ArrayList<>();
 		if (roles != null) {
 			for (String role : Splitter.on(",").trimResults().split(roles)) {
 				if (securityContext.isUserInRole(role)) {
 					roleList.add(role);
 				}
 			}
 		}

 		User user = new User();
 		user.setUsername(securityContext.getUserPrincipal().getName());
 		user.setRoles(roleList);
 		return Response.ok(user).build();
 	}
 }
	/********************************************************************************
	* Copyright (c) 2015-2020 Contributors to the Eclipse Foundation
	*
	* See the NOTICE file(s) distributed with this work for additional
	* information regarding copyright ownership.
	*
	* This program and the accompanying materials are made available under the
	* terms of the Eclipse Public License v. 2.0 which is available at
	* http://www.eclipse.org/legal/epl-2.0.
	*
	* SPDX-License-Identifier: EPL-2.0
	*
	********************************************************************************/

	package org.eclipse.mdm.businessobjects.boundary;

	import java.util.ArrayList;
	import java.util.List;

	import javax.annotation.security.PermitAll;
	import javax.ws.rs.GET;
	import javax.ws.rs.Path;
	import javax.ws.rs.Produces;
	import javax.ws.rs.QueryParam;
	import javax.ws.rs.core.Context;
	import javax.ws.rs.core.MediaType;
	import javax.ws.rs.core.Response;
	import javax.ws.rs.core.SecurityContext;

	import org.eclipse.mdm.businessobjects.entity.User;

	import com.google.common.base.Splitter;

	import io.swagger.v3.oas.annotations.Operation;
	import io.swagger.v3.oas.annotations.Parameter;
	import io.swagger.v3.oas.annotations.media.Content;
	import io.swagger.v3.oas.annotations.media.Schema;
	import io.swagger.v3.oas.annotations.responses.ApiResponse;
	import io.swagger.v3.oas.annotations.tags.Tag;

	@Tag(name = "User")
	@Path("/user")
	@PermitAll
	public class UserResource {

	@Context
	public SecurityContext securityContext;

	@GET
	@Path("/current")
	@Operation(summary = "Read authenticated user information", description = "Read the current user name and which of the given roles the user has.", responses = {
	@ApiResponse(description = "The authenticated user.", content = @Content(schema = @Schema(implementation = User.class))),
	@ApiResponse(responseCode = "400", description = "Error") })
	@Produces(MediaType.APPLICATION_JSON)
	public Response currentUser(
	@Parameter(description = "Comma separated list of roles. This method checks, if the user belongs to each role. If the user does not belong to a role or the role is not queried, it will not be returned.", required = true) @QueryParam("roles") String roles) {
	/*
	* There is no reliable way in getting the (possibly mapped) roles of a user.
	* Thus the check if a user is in a role is only against the given list of
	* roles.
	*/
	List<String> roleList = new ArrayList<>();
	if (roles != null) {
	for (String role : Splitter.on(",").trimResults().split(roles)) {
	if (securityContext.isUserInRole(role)) {
	roleList.add(role);
	}
	}
	}

	User user = new User();
	user.setUsername(securityContext.getUserPrincipal().getName());
	user.setRoles(roleList);
	return Response.ok(user).build();
	}
	}