diff --git a/lib/taskana-core/src/main/java/pro/taskana/impl/TaskanaEngineImpl.java b/lib/taskana-core/src/main/java/pro/taskana/impl/TaskanaEngineImpl.java index 04dc9811d..4ec3d9572 100644 --- a/lib/taskana-core/src/main/java/pro/taskana/impl/TaskanaEngineImpl.java +++ b/lib/taskana-core/src/main/java/pro/taskana/impl/TaskanaEngineImpl.java @@ -252,7 +252,7 @@ public class TaskanaEngineImpl implements TaskanaEngine { * The roles that are checked for membership of the current user * @return true if the current user is a member of at least one of the specified groups */ - boolean isUserInRole(TaskanaRole... roles) { + public boolean isUserInRole(TaskanaRole... roles) { if (!getConfiguration().isSecurityEnabled()) { return true; } else { diff --git a/rest/taskana-rest-spring-example/src/test/java/pro/taskana/rest/TaskanaEngineControllerIntTest.java b/rest/taskana-rest-spring-example/src/test/java/pro/taskana/rest/TaskanaEngineControllerIntTest.java index e76bde675..e2d3695d1 100644 --- a/rest/taskana-rest-spring-example/src/test/java/pro/taskana/rest/TaskanaEngineControllerIntTest.java +++ b/rest/taskana-rest-spring-example/src/test/java/pro/taskana/rest/TaskanaEngineControllerIntTest.java @@ -1,5 +1,6 @@ package pro.taskana.rest; +import static org.junit.Assert.assertEquals; import static org.junit.Assert.assertFalse; import static org.junit.Assert.assertTrue; @@ -27,6 +28,9 @@ import org.springframework.web.client.RestTemplate; import com.fasterxml.jackson.databind.DeserializationFeature; import com.fasterxml.jackson.databind.ObjectMapper; +import pro.taskana.TaskanaRole; +import pro.taskana.rest.resource.TaskanaUserInfoResource; + @RunWith(SpringRunner.class) @SpringBootTest(webEnvironment = WebEnvironment.RANDOM_PORT) @Import(RestConfiguration.class) @@ -80,6 +84,22 @@ public class TaskanaEngineControllerIntTest { assertFalse(response.getBody().contains("UNKNOWN")); } + @Test + public void testGetCurrentUserInfo() { + RestTemplate template = getRestTemplate(); + HttpHeaders headers = new HttpHeaders(); + headers.add("Authorization", "Basic dGVhbWxlYWRfMTp0ZWFtbGVhZF8x"); + HttpEntity request = new HttpEntity(headers); + ResponseEntity response = template.exchange( + "http://127.0.0.1:" + port + "/v1/current-user-info", HttpMethod.GET, request, + new ParameterizedTypeReference() { + }); + assertEquals("teamlead_1", response.getBody().getUserId()); + assertTrue(response.getBody().getGroupIds().contains("businessadmin")); + assertTrue(response.getBody().getRoles().contains(TaskanaRole.BUSINESS_ADMIN)); + assertFalse(response.getBody().getRoles().contains(TaskanaRole.ADMIN)); + } + /** * Return a REST template which is capable of dealing with responses in HAL format * diff --git a/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/TaskanaEngineController.java b/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/TaskanaEngineController.java index 60b2ff8d2..53626c9f3 100644 --- a/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/TaskanaEngineController.java +++ b/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/TaskanaEngineController.java @@ -9,7 +9,11 @@ import org.springframework.http.ResponseEntity; import org.springframework.web.bind.annotation.GetMapping; import org.springframework.web.bind.annotation.RestController; +import pro.taskana.TaskanaRole; import pro.taskana.configuration.TaskanaEngineConfiguration; +import pro.taskana.impl.TaskanaEngineImpl; +import pro.taskana.rest.resource.TaskanaUserInfoResource; +import pro.taskana.security.CurrentUserContext; /** * Controller for TaskanaEngine related tasks. @@ -20,6 +24,9 @@ public class TaskanaEngineController { @Autowired TaskanaEngineConfiguration taskanaEngineConfiguration; + @Autowired + TaskanaEngineImpl taskanaEngineImpl; + @GetMapping(path = "/v1/domains", produces = {MediaType.APPLICATION_JSON_VALUE}) public ResponseEntity> getDomains() { return new ResponseEntity<>(taskanaEngineConfiguration.getDomains(), HttpStatus.OK); @@ -34,4 +41,18 @@ public class TaskanaEngineController { public ResponseEntity> getClassificationTypes() { return new ResponseEntity<>(taskanaEngineConfiguration.getClassificationTypes(), HttpStatus.OK); } + + @GetMapping(path = "/v1/current-user-info", produces = {MediaType.APPLICATION_JSON_VALUE}) + public ResponseEntity getCurrentUserInfo() { + TaskanaUserInfoResource resource = new TaskanaUserInfoResource(); + resource.setUserId(CurrentUserContext.getUserid()); + resource.setGroupIds(CurrentUserContext.getGroupIds()); + for (TaskanaRole role : taskanaEngineConfiguration.getRoleMap().keySet()) { + if (taskanaEngineImpl.isUserInRole(role)) { + resource.getRoles().add(role); + } + } + return new ResponseEntity<>(resource, HttpStatus.OK); + } + } diff --git a/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/resource/TaskanaUserInfoResource.java b/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/resource/TaskanaUserInfoResource.java new file mode 100644 index 000000000..5d59c1aa4 --- /dev/null +++ b/rest/taskana-rest-spring/src/main/java/pro/taskana/rest/resource/TaskanaUserInfoResource.java @@ -0,0 +1,43 @@ +package pro.taskana.rest.resource; + +import java.util.ArrayList; +import java.util.List; + +import org.springframework.hateoas.ResourceSupport; + +import pro.taskana.TaskanaRole; + +/** + * Resource class for user information. + */ +public class TaskanaUserInfoResource extends ResourceSupport { + + private String userId; + private List groupIds = new ArrayList<>(); + private List roles = new ArrayList<>(); + + public String getUserId() { + return userId; + } + + public void setUserId(String userId) { + this.userId = userId; + } + + public List getGroupIds() { + return groupIds; + } + + public void setGroupIds(List groupIds) { + this.groupIds = groupIds; + } + + public List getRoles() { + return roles; + } + + public void setRoles(List roles) { + this.roles = roles; + } + +}