public class UserRoleDaoResource extends AbstractJaxRSResource
TEXT_HTML
Constructor and Description |
---|
UserRoleDaoResource() |
UserRoleDaoResource(org.pentaho.platform.security.policy.rolebased.IRoleAuthorizationPolicyRoleBindingDao roleBindingDao,
org.pentaho.platform.api.mt.ITenantManager tenantMgr,
ArrayList<String> systemRoles,
String adminRole) |
UserRoleDaoResource(org.pentaho.platform.security.policy.rolebased.IRoleAuthorizationPolicyRoleBindingDao roleBindingDao,
org.pentaho.platform.api.mt.ITenantManager tenantMgr,
ArrayList<String> systemRoles,
String adminRole,
UserRoleDaoService service) |
Modifier and Type | Method and Description |
---|---|
javax.ws.rs.core.Response |
assignAllRolesToUser(String tenantPath,
String userName)
Associate all roles to the selected user
|
javax.ws.rs.core.Response |
assignAllUsersToRole(String tenantPath,
String roleName)
Associates all user to a particular role
|
javax.ws.rs.core.Response |
assignRolesToUser(String userName,
String roleNames)
Appends existing roles to an existing user passed to the system through query parameters.
|
javax.ws.rs.core.Response |
assignUserToRole(String tenantPath,
String userNames,
String roleName)
Associate list of users to the selected role
|
javax.ws.rs.core.Response |
changeUserPassword(ChangePasswordUser user)
Allows a user or any user that knows a users name and current password to change that users password.
|
javax.ws.rs.core.Response |
createRole(String roleName)
Creates a new role that that does not have any permissions assigned to it.
|
javax.ws.rs.core.Response |
createUser(User user)
Creates new user with the specified user name and password, this request is encapsulated inside a user object that has userName and password values.
|
javax.ws.rs.core.Response |
deleteRoles(String roleNames)
Delete role(s) from the platform.
|
javax.ws.rs.core.Response |
deleteUsers(String userNames)
Delete user(s) from the platform using a query parameter that takes a list of tab separated user names.
|
SystemRolesMap |
getRoleBindingStruct(String locale)
Retrieves the list of roles in the platform and the mapping for operation permissions, along with a list of operation permissions.
|
UserListWrapper |
getRoleMembers(String roleName)
Retrieves list of users for the selected role.
|
RoleListWrapper |
getRoles()
Returns the list of roles in the platform's repository.
|
RoleListWrapper |
getRolesForUser(String user)
Gets the roles for the given user.
|
UserListWrapper |
getUsers()
Returns the list of users in the platform's repository.
|
javax.ws.rs.core.Response |
removeAllRolesFromUser(String tenantPath,
String userName)
Remove all roles from the selected user
|
javax.ws.rs.core.Response |
removeAllUsersFromRole(String tenantPath,
String roleName)
Removes all users from a particular role
|
javax.ws.rs.core.Response |
removeRolesFromUser(String userName,
String roleNames)
Removes selected roles from an existing user passed to the system through query parameters.
|
javax.ws.rs.core.Response |
removeUserFromRole(String tenantPath,
String userNames,
String roleName)
Remove user(s) from a particular role
|
javax.ws.rs.core.Response |
setLogicalRoles(LogicalRoleAssignments roleAssignments)
Associate a particular role to a list of physical permissions available in the system.
|
javax.ws.rs.core.Response |
updatePassword(User user)
This is an administrative tool, that allows an administator the ability to change any users password by passing in the username and the new password.
|
setHttpHeaders
public UserRoleDaoResource()
public UserRoleDaoResource(org.pentaho.platform.security.policy.rolebased.IRoleAuthorizationPolicyRoleBindingDao roleBindingDao, org.pentaho.platform.api.mt.ITenantManager tenantMgr, ArrayList<String> systemRoles, String adminRole)
public UserRoleDaoResource(org.pentaho.platform.security.policy.rolebased.IRoleAuthorizationPolicyRoleBindingDao roleBindingDao, org.pentaho.platform.api.mt.ITenantManager tenantMgr, ArrayList<String> systemRoles, String adminRole, UserRoleDaoService service)
public UserListWrapper getUsers() throws javax.ws.rs.WebApplicationException
Example Request:
GET pentaho/api/userroledao/users
Example Response:
suzy pat tiffany admin
javax.ws.rs.WebApplicationException
public RoleListWrapper getRolesForUser(String user) throws Exception
Example Request:
GET pentaho/api/userroledao/userRoles?userName=suzy
user
- The username to get the roles for.Example Response:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><roleList><roles>Power User</roles></roleList>
Exception
public RoleListWrapper getRoles() throws Exception
Example Request:
GET pentaho/api/userroledao/roles
Example Response:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><roleList><roles>Administrator</roles><roles>Power User</roles><roles>Report Author</roles><roles>Business Analyst</roles></roleList>>
Exception
public UserListWrapper getRoleMembers(String roleName) throws Exception
Example Request:
GET pentaho/api/userroledao/roleMembers?roleName=Power%20User
roleName
- The role name to get the list of users associated with it.Example Response:
<?xml version="1.0" encoding="UTF-8" standalone="yes"?><userList><users>suzy</users><users>admin</users></userList>
Exception
public javax.ws.rs.core.Response assignRolesToUser(String userName, String roleNames)
Example Request:
PUT pentaho/api/userroledao/assignRoleToUser?userName=admin&roleNames=power%20user%09cto%09
userName
- The username that the list of roles will be appended toroleNames
- Rolenames must be associated to existing roles in a tab (\t) separated listpublic javax.ws.rs.core.Response removeRolesFromUser(String userName, String roleNames)
Example Request:
PUT pentaho/api/userroledao/removeRoleFromUser?userName=admin&roleNames=Business%20User%09Power%20User%09
userName
- The username that the list of roles will be removed from.roleNames
- Rolenames must be associated to existing roles in a tab (\t) separated list.public javax.ws.rs.core.Response assignAllRolesToUser(String tenantPath, String userName)
tenantPath
- (tenant path where the user exist, null of empty string assumes default tenant)userName
- (username)public javax.ws.rs.core.Response removeAllRolesFromUser(String tenantPath, String userName)
tenantPath
- (tenant path where the user exist, null of empty string assumes default tenant)userName
- (username)public javax.ws.rs.core.Response assignUserToRole(String tenantPath, String userNames, String roleName)
tenantPath
- (tenant path where the user exist, null of empty string assumes default tenant)userNames
- (list of tab (\t) separated user namesroleName
- (role name)public javax.ws.rs.core.Response removeUserFromRole(String tenantPath, String userNames, String roleName)
tenantPath
- (tenant path where the user exist, null of empty string assumes default tenant)userNames
- (list of tab (\t) separated user namesroleName
- (role name)public javax.ws.rs.core.Response assignAllUsersToRole(String tenantPath, String roleName)
tenantPath
- (tenant path where the user exist, null of empty string assumes default tenant)roleName
- (role name)public javax.ws.rs.core.Response removeAllUsersFromRole(String tenantPath, String roleName)
tenantPath
- (tenant path where the user exist, null of empty string assumes default tenant)roleName
- (role name)public javax.ws.rs.core.Response createUser(User user)
Example Request:
PUT pentaho/api/userroledao/createUser
Joe password
user
- A user is an object the system uses to pass along a userName and password in the format:
Joe password
public javax.ws.rs.core.Response changeUserPassword(ChangePasswordUser user)
Example Request:
PUT pentaho/api/userroledao/user
Joe newPassword oldPassword
ChangePasswordUser
- Encapsulates the fields required for a user to update their password. The object requires the name of the user whose password is being changed, the old password, and the new password.
A ChangePasswordUser object can be constructed as follows:
<>Joe newPassword oldPassword
public javax.ws.rs.core.Response createRole(String roleName)
Example Request:
PUT pentaho/api/userroledao/createRole?roleName=rName
roleName
- Name of the new role to create in the system.public javax.ws.rs.core.Response deleteRoles(String roleNames)
Example Request:
PUT pentaho/api/userroledao/deleteRoles?roleNames=role1%09
roleNames
- List of tab (\t) separated role names, must be valid roles.public javax.ws.rs.core.Response deleteUsers(String userNames)
Example Request:
PUT pentaho/api/userroledao/deleteUsers?userNames=user1%09user2%09
userNames
- (List of tab (\t) separated user names)public javax.ws.rs.core.Response updatePassword(User user)
Example Request:
PUT pentaho/api/userroledao/updatePassword
Joe password
user
- A user is an object the system uses to pass along a userName and password in the format:
Joe password
public SystemRolesMap getRoleBindingStruct(String locale)
Example Request:
GET pentaho/api/userroledao/logicalRoleMap?locale=en
locale
- The locale paramter is optional and determines the localized role name for a physical permission in the system roles map.Example Response:
<systemRolesMap> <assignments> <immutable>false</immutable> <logicalRoles>org.pentaho.scheduler.manage</logicalRoles> <logicalRoles>org.pentaho.security.publish</logicalRoles> <logicalRoles>org.pentaho.repository.create</logicalRoles> <logicalRoles>org.pentaho.repository.execute</logicalRoles> <roleName>Power User</roleName> </assignments> <assignments> <immutable>true</immutable> <logicalRoles>org.pentaho.repository.execute</logicalRoles> <logicalRoles> org.pentaho.platform.dataaccess.datasource.security.manage </logicalRoles> <logicalRoles>org.pentaho.repository.read</logicalRoles> <logicalRoles>org.pentaho.repository.create</logicalRoles> <logicalRoles>org.pentaho.scheduler.manage</logicalRoles> <logicalRoles>org.pentaho.security.administerSecurity</logicalRoles> <logicalRoles>org.pentaho.security.publish</logicalRoles> <roleName>Administrator</roleName> </assignments> <localizedRoleNames> <localizedName>Administer Security</localizedName> <roleName>org.pentaho.security.administerSecurity</roleName> </localizedRoleNames> <localizedRoleNames> <localizedName>Schedule Content</localizedName> <roleName>org.pentaho.scheduler.manage</roleName> </localizedRoleNames> <localizedRoleNames> <localizedName>Read Content</localizedName> <roleName>org.pentaho.repository.read</roleName> </localizedRoleNames> <localizedRoleNames> <localizedName>Publish Content</localizedName> <roleName>org.pentaho.security.publish</roleName> </localizedRoleNames> <localizedRoleNames> <localizedName>Create Content</localizedName> <roleName>org.pentaho.repository.create</roleName> </localizedRoleNames> <localizedRoleNames> <localizedName>Execute</localizedName> <roleName>org.pentaho.repository.execute</roleName> </localizedRoleNames> <localizedRoleNames> <localizedName>Manage Data Sources</localizedName> <roleName> org.pentaho.platform.dataaccess.datasource.security.manage </roleName> </localizedRoleNames> </systemRolesMap>
public javax.ws.rs.core.Response setLogicalRoles(LogicalRoleAssignments roleAssignments)
Example Request:
PUT /pentaho/api/userroledao/roleAssignments
<systemRolesMap> <assignments> <roleName>Report Author</roleName> <logicalRoles>org.pentaho.scheduler.manage</logicalRoles> <logicalRoles>org.pentaho.repository.read</logicalRoles> <logicalRoles>org.pentaho.security.publish</logicalRoles> <logicalRoles>org.pentaho.repository.create</logicalRoles> <logicalRoles>org.pentaho.repository.execute</logicalRoles> </assignments> </systemRolesMap>
roleAssignments
- Built from the Request payload, an example of the role assignments exists in the example request.