Github user jmuehlner commented on a diff in the pull request:
https://github.com/apache/incubator-guacamole-client/pull/26#discussion_r70559396
--- Diff:
guacamole/src/main/java/org/apache/guacamole/rest/directory/DirectoryResource.java
---
@@ -0,0 +1,265 @@
+/*
+ * Licensed to the Apache Software Foundation (ASF) under one
+ * or more contributor license agreements. See the NOTICE file
+ * distributed with this work for additional information
+ * regarding copyright ownership. The ASF licenses this file
+ * to you under the Apache License, Version 2.0 (the
+ * "License"); you may not use this file except in compliance
+ * with the License. You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing,
+ * software distributed under the License is distributed on an
+ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ * KIND, either express or implied. See the License for the
+ * specific language governing permissions and limitations
+ * under the License.
+ */
+
+package org.apache.guacamole.rest.directory;
+
+import com.google.inject.assistedinject.Assisted;
+import com.google.inject.assistedinject.AssistedInject;
+import java.util.Collection;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import javax.ws.rs.Consumes;
+import javax.ws.rs.GET;
+import javax.ws.rs.POST;
+import javax.ws.rs.Path;
+import javax.ws.rs.PathParam;
+import javax.ws.rs.Produces;
+import javax.ws.rs.QueryParam;
+import javax.ws.rs.core.MediaType;
+import org.apache.guacamole.GuacamoleClientException;
+import org.apache.guacamole.GuacamoleException;
+import org.apache.guacamole.GuacamoleResourceNotFoundException;
+import org.apache.guacamole.GuacamoleUnsupportedException;
+import org.apache.guacamole.net.auth.Directory;
+import org.apache.guacamole.net.auth.Identifiable;
+import org.apache.guacamole.net.auth.User;
+import org.apache.guacamole.net.auth.UserContext;
+import org.apache.guacamole.net.auth.permission.ObjectPermission;
+import org.apache.guacamole.net.auth.permission.ObjectPermissionSet;
+import org.apache.guacamole.net.auth.permission.SystemPermission;
+import org.apache.guacamole.net.auth.permission.SystemPermissionSet;
+import org.apache.guacamole.rest.APIPatch;
+import org.apache.guacamole.rest.PATCH;
+
+/**
+ * A REST resource which abstracts the operations available on all
Guacamole
+ * Directory implementations, such as the creation of new objects, or
listing
+ * of existing objects. A DirectoryResource functions as the parent of any
+ * number of child DirectoryObjectResources, which are created with the
factory
+ * provided at the time of this object's construction.
+ *
+ * @author Michael Jumper
+ * @param <InternalType>
+ * The type of object contained within the Directory that this
+ * DirectoryResource exposes. To avoid coupling the REST API too
tightly to
+ * the extension API, these objects are not directly serialized or
+ * deserialized when handling REST requests.
+ *
+ * @param <ExternalType>
+ * The type of object used in interchange (ie: serialized/deserialized
as
+ * JSON) between REST clients and this DirectoryResource when
representing
+ * the InternalType.
+ */
+@Produces(MediaType.APPLICATION_JSON)
+@Consumes(MediaType.APPLICATION_JSON)
+public class DirectoryResource<InternalType extends Identifiable,
ExternalType> {
+
+ /**
+ * The UserContext associated with the Directory being exposed by this
+ * DirectoryResource.
+ */
+ private final UserContext userContext;
+
+ /**
+ * The Directory being exposed by this DirectoryResource.
+ */
+ private final Directory<InternalType> directory;
+
+ /**
+ * A DirectoryObjectTranslator implementation which handles the type of
+ * objects contained within the Directory exposed by this
DirectoryResource.
+ */
+ private final DirectoryObjectTranslator<InternalType, ExternalType>
translator;
+
+ /**
+ * A factory which can be used to create instances of resources
representing
+ * individual objects contained within the Directory exposed by this
+ * DirectoryResource.
+ */
+ private final DirectoryObjectResourceFactory<InternalType,
ExternalType> resourceFactory;
+
+ /**
+ * Creates a new DirectoryResource which exposes the operations
available
+ * for the given Directory.
+ *
+ * @param userContext
+ * The UserContext associated with the given Directory.
+ *
+ * @param directory
+ * The Directory being exposed by this DirectoryResource.
+ *
+ * @param translator
+ * A DirectoryObjectTranslator implementation which handles the
type of
+ * objects contained within the given Directory.
+ *
+ * @param resourceFactory
+ * A factory which can be used to create instances of resources
+ * representing individual objects contained within the given
Directory.
+ */
+ @AssistedInject
+ public DirectoryResource(@Assisted UserContext userContext,
+ @Assisted Directory<InternalType> directory,
+ DirectoryObjectTranslator<InternalType, ExternalType>
translator,
+ DirectoryObjectResourceFactory<InternalType, ExternalType>
resourceFactory) {
+ this.userContext = userContext;
+ this.directory = directory;
+ this.translator = translator;
+ this.resourceFactory = resourceFactory;
+ }
+
+ /**
+ * Returns a map of all objects available within this
DirectoryResource,
+ * filtering the returned map by the given permission, if specified.
+ *
+ * @param permissions
+ * The set of permissions to filter with. A user must have one or
more
+ * of these permissions for a user to appear in the result.
+ * If null, no filtering will be performed.
+ *
+ * @return
+ * A map of all visible objects. If a permission was specified,
this
+ * map will contain only those objects for which the current user
has
+ * that permission.
+ *
+ * @throws GuacamoleException
+ * If an error is encountered while retrieving the objects.
+ */
+ @GET
+ public Map<String, ExternalType> getObjects(
+ @QueryParam("permission") List<ObjectPermission.Type>
permissions)
+ throws GuacamoleException {
+
+ // An admin user has access to all objects
+ User self = userContext.self();
+ SystemPermissionSet systemPermissions =
self.getSystemPermissions();
+ boolean isAdmin =
systemPermissions.hasPermission(SystemPermission.Type.ADMINISTER);
+
+ // Filter objects, if requested
+ Collection<String> identifiers = directory.getIdentifiers();
+ if (!isAdmin && permissions != null && !permissions.isEmpty()) {
+ ObjectPermissionSet objectPermissions =
self.getUserPermissions();
+ identifiers =
objectPermissions.getAccessibleObjects(permissions, identifiers);
+ }
+
+ Map<String, ExternalType> apiObjects = new HashMap<String,
ExternalType>();
--- End diff --
For consistency, should maybe comment this section too?
---
If your project is set up for it, you can reply to this email and have your
reply appear on GitHub as well. If your project does not have this feature
enabled and wishes so, or if the feature is enabled but not working, please
contact infrastructure at infrastruct...@apache.org or file a JIRA ticket
with INFRA.
---
