-***************
-*** 29,35 ****
- import org.opendaylight.controller.switchmanager.SwitchConfig;
- import org.opendaylight.controller.usermanager.IUserManager;
- import org.opendaylight.controller.web.IOneWeb;
-- import org.springframework.security.core.context.SecurityContextHolder;
- import org.springframework.stereotype.Controller;
- import org.springframework.web.bind.annotation.PathVariable;
- import org.springframework.web.bind.annotation.RequestMapping;
---- 31,36 ----
- import org.opendaylight.controller.switchmanager.SwitchConfig;
- import org.opendaylight.controller.usermanager.IUserManager;
- import org.opendaylight.controller.web.IOneWeb;
- import org.springframework.stereotype.Controller;
- import org.springframework.web.bind.annotation.PathVariable;
- import org.springframework.web.bind.annotation.RequestMapping;
-***************
-*** 182,189 ****
- @RequestMapping(value = "/flow", method = RequestMethod.POST)
- @ResponseBody
- public String actionFlow(@RequestParam(required = true) String action,
-- @RequestParam(required = false) String body, @RequestParam(required = true) String nodeId) {
-- if (!authorize(UserLevel.NETWORKADMIN)) {
- return "Operation not authorized";
- }
-
---- 183,190 ----
- @RequestMapping(value = "/flow", method = RequestMethod.POST)
- @ResponseBody
- public String actionFlow(@RequestParam(required = true) String action,
-+ @RequestParam(required = false) String body, @RequestParam(required = true) String nodeId, HttpServletRequest request) {
-+ if (!authorize(UserLevel.NETWORKADMIN, request)) {
- return "Operation not authorized";
- }
-
-***************
-*** 206,213 ****
- @RequestMapping(value = "/flow/{nodeId}/{name}", method = RequestMethod.POST)
- @ResponseBody
- public String removeFlow(@PathVariable("nodeId") String nodeId, @PathVariable("name") String name,
-- @RequestParam(required = true) String action) {
-- if (!authorize(UserLevel.NETWORKADMIN)) { return "Operation not authorized"; }
-
- IForwardingRulesManager frm = (IForwardingRulesManager) ServiceHelper
- .getInstance(IForwardingRulesManager.class, "default", this);
---- 207,214 ----
- @RequestMapping(value = "/flow/{nodeId}/{name}", method = RequestMethod.POST)
- @ResponseBody
- public String removeFlow(@PathVariable("nodeId") String nodeId, @PathVariable("name") String name,
-+ @RequestParam(required = true) String action, HttpServletRequest request) {
-+ if (!authorize(UserLevel.NETWORKADMIN, request)) { return "Operation not authorized"; }
-
- IForwardingRulesManager frm = (IForwardingRulesManager) ServiceHelper
- .getInstance(IForwardingRulesManager.class, "default", this);
-***************
-*** 235,248 ****
- *
- * @param level
- */
-- private boolean authorize(UserLevel level) {
- IUserManager userManager = (IUserManager) ServiceHelper
- .getGlobalInstance(IUserManager.class, this);
- if (userManager == null) {
- return false;
- }
-
-- String username = SecurityContextHolder.getContext().getAuthentication().getName();
- UserLevel userLevel = userManager.getUserLevel(username);
- if (userLevel.toNumber() <= level.toNumber()) {
- return true;
---- 236,249 ----
- *
- * @param level
- */
-+ private boolean authorize(UserLevel level, HttpServletRequest request) {
- IUserManager userManager = (IUserManager) ServiceHelper
- .getGlobalInstance(IUserManager.class, this);
- if (userManager == null) {
- return false;
- }
-
-+ String username = request.getUserPrincipal().getName();
- UserLevel userLevel = userManager.getUserLevel(username);
- if (userLevel.toNumber() <= level.toNumber()) {
- return true;