import org.opendaylight.controller.sal.utils.Status;
import org.opendaylight.controller.sal.utils.StatusCode;
import org.opendaylight.controller.usermanager.IUserManager;
-import org.opendaylight.controller.usermanager.internal.UserConfig;
+import org.opendaylight.controller.usermanager.UserConfig;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.PathVariable;
import org.springframework.web.bind.annotation.RequestMapping;
@Controller
@RequestMapping("/admin")
public class DaylightWebAdmin {
+
+
+
@RequestMapping("/users")
@ResponseBody
public List<UserConfig> getUsers() {
Status result = (action.equals("add")) ? userManager
.addLocalUser(config) : userManager.removeLocalUser(config);
-
+ if(result.getCode().equals(StatusCode.SUCCESS)) {
+ String userAction=(action.equals("add")) ? "added":"removed";
+ DaylightWebUtil.auditlog("User", request.getUserPrincipal().getName(), userAction, config.getUser());
+ return "Success";
+ }
return result.getDescription();
}
return "Operation not permitted";
}
- return userManager.removeLocalUser(userName).getDescription();
+ Status result = userManager.removeLocalUser(userName);
+ if(result.getCode().equals(StatusCode.SUCCESS)) {
+ DaylightWebUtil.auditlog("User", request.getUserPrincipal().getName(), "removed", userName);
+ return "Success";
+ }
+ return result.getDescription();
}
-
+
@RequestMapping(value = "/users/password/{username}", method = RequestMethod.POST)
@ResponseBody
public Status changePassword(@PathVariable("username") String username, HttpServletRequest request,
if (userManager == null) {
return new Status(StatusCode.GONE, "User Manager not found");
}
-
+
if (!authorize(userManager, UserLevel.NETWORKADMIN, request)) {
return new Status(StatusCode.FORBIDDEN, "Operation not permitted");
}
-
+
if (newPassword.isEmpty()) {
return new Status(StatusCode.BADREQUEST, "Empty passwords not allowed");
}
-
+
Status status = userManager.changeLocalUserPassword(username, currentPassword, newPassword);
-
+ if(status.isSuccess()){
+ DaylightWebUtil.auditlog("User", request.getUserPrincipal().getName(), "changed password for", username);
+ }
return status;
}
/**
* Is the operation permitted for the given level
- *
+ *
* @param level
*/
private boolean authorize(IUserManager userManager, UserLevel level,