3 * Copyright (c) 2013 Cisco Systems, Inc. and others. All rights reserved.
5 * This program and the accompanying materials are made available under the
6 * terms of the Eclipse Public License v1.0 which accompanies this distribution,
7 * and is available at http://www.eclipse.org/legal/epl-v10.html
10 package org.opendaylight.controller.web;
12 import java.util.List;
14 import org.opendaylight.controller.sal.authorization.UserLevel;
15 import org.opendaylight.controller.sal.utils.ServiceHelper;
16 import org.opendaylight.controller.sal.utils.Status;
17 import org.opendaylight.controller.usermanager.IUserManager;
18 import org.opendaylight.controller.usermanager.internal.UserConfig;
19 import org.springframework.security.core.context.SecurityContextHolder;
20 import org.springframework.stereotype.Controller;
21 import org.springframework.web.bind.annotation.PathVariable;
22 import org.springframework.web.bind.annotation.RequestMapping;
23 import org.springframework.web.bind.annotation.RequestMethod;
24 import org.springframework.web.bind.annotation.RequestParam;
25 import org.springframework.web.bind.annotation.ResponseBody;
27 import com.google.gson.Gson;
30 @RequestMapping("/admin")
31 public class OneWebAdmin {
32 @RequestMapping("/users")
34 public List<UserConfig> getUsers() {
35 IUserManager userManager = (IUserManager) ServiceHelper
36 .getGlobalInstance(IUserManager.class, this);
37 if (userManager == null) {
41 List<UserConfig> userConfList = userManager.getLocalUserList();
47 * Password in clear text, moving to HTTP/SSL soon
49 @RequestMapping(value = "/users", method = RequestMethod.POST)
51 public String saveLocalUserConfig(
52 @RequestParam(required = true) String json,
53 @RequestParam(required = true) String action) {
55 IUserManager userManager = (IUserManager) ServiceHelper
56 .getGlobalInstance(IUserManager.class, this);
57 if (userManager == null) {
58 return "Internal Error";
61 if (!authorize(userManager, UserLevel.NETWORKADMIN)) {
62 return "Operation not permitted";
65 Gson gson = new Gson();
66 UserConfig config = gson.fromJson(json, UserConfig.class);
68 Status result = (action.equals("add")) ?
69 userManager.addLocalUser(config)
70 : userManager.removeLocalUser(config);
72 return result.getDescription();
75 @RequestMapping(value = "/users/{username}", method = RequestMethod.POST)
77 public String removeLocalUser(@PathVariable("username") String userName) {
78 if(SecurityContextHolder.getContext().getAuthentication()
79 .getName().equals(userName)) {
80 return "Invalid Request: User cannot delete itself";
83 IUserManager userManager = (IUserManager) ServiceHelper
84 .getGlobalInstance(IUserManager.class, this);
85 if (userManager == null) {
86 return "Internal Error";
89 if (!authorize(userManager, UserLevel.NETWORKADMIN)) {
90 return "Operation not permitted";
93 return userManager.removeLocalUser(userName).getDescription();
97 * Is the operation permitted for the given level
101 private boolean authorize(IUserManager userManager, UserLevel level) {
102 String username = SecurityContextHolder.getContext().getAuthentication().getName();
103 UserLevel userLevel = userManager.getUserLevel(username);
104 return userLevel.toNumber() <= level.toNumber();