Package org.opendaylight.aaa.shiro.idm

Class DomainHandler

java.lang.Object

org.opendaylight.aaa.shiro.idm.DomainHandler

@Path("/v1/domains")
public class DomainHandler
extends Object

REST application used to manipulate the H2 database domains table. The REST endpoint is /auth/v1/domains.

A wrapper script called idmtool is provided to manipulate AAA data.

Author:

[email protected]

Constructor Summary

Constructors

Constructor	Description
DomainHandler(IIDMStore iidMStore, ClaimCache claimCache)

Method Summary

Modifier and Type	Method	Description
javax.ws.rs.core.Response	createDomain(javax.ws.rs.core.UriInfo info, Domain domain)	Creates a domain.
javax.ws.rs.core.Response	createGrant(javax.ws.rs.core.UriInfo info, String domainId, String userId, Grant grant)	Creates a grant.
javax.ws.rs.core.Response	deleteDomain(javax.ws.rs.core.UriInfo info, String domainId)	Deletes a domain.
javax.ws.rs.core.Response	deleteGrant(javax.ws.rs.core.UriInfo info, String domainId, String userId, String roleId)	Delete a grant.
javax.ws.rs.core.Response	getDomain(String domainId)	Extracts the domain represented by domainId.
javax.ws.rs.core.Response	getDomains()	Extracts all domains.
javax.ws.rs.core.Response	getRoles(javax.ws.rs.core.UriInfo info, String domainId, String userId)	Get the grants for a user on a domain.
javax.ws.rs.core.Response	putDomain(javax.ws.rs.core.UriInfo info, Domain domain, String domainId)	Updates a domain.

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Details

DomainHandler

public DomainHandler(IIDMStore iidMStore,
 ClaimCache claimCache)

Method Details

getDomains

@GET
@Produces("application/json")
public javax.ws.rs.core.Response getDomains()

Extracts all domains.

Returns:

a response with all domains stored in the H2 database

getDomain

@GET
@Path("/{id}")
@Produces("application/json")
public javax.ws.rs.core.Response getDomain(@PathParam("id")
 String domainId)

Extracts the domain represented by domainId.

Parameters:

domainId - the string domain (i.e., "sdn")

Returns:

a response with the specified domain

createDomain

@POST
@Consumes("application/json")
@Produces("application/json")
public javax.ws.rs.core.Response createDomain(@Context
 javax.ws.rs.core.UriInfo info,
 Domain domain)

Creates a domain. The name attribute is required for domain creation. Enabled and description fields are optional. Optional fields default in the following manner: enabled: false description: An empty string ("").

Parameters:

info - passed from Jersey

domain - designated by the REST payload

Returns:

A response stating success or failure of domain creation.

putDomain

@PUT
@Path("/{id}")
@Consumes("application/json")
@Produces("application/json")
public javax.ws.rs.core.Response putDomain(@Context
 javax.ws.rs.core.UriInfo info,
 Domain domain,
 @PathParam("id")
 String domainId)

Updates a domain.

Parameters:

info - passed from Jersey

domain - the REST payload

domainId - the last part of the path, containing the specified domain id

Returns:

A response stating success or failure of domain update.

deleteDomain

@DELETE
@Path("/{id}")
public javax.ws.rs.core.Response deleteDomain(@Context
 javax.ws.rs.core.UriInfo info,
 @PathParam("id")
 String domainId)

Deletes a domain.

Parameters:

info - passed from Jersey

domainId - the last part of the path, containing the specified domain id

Returns:

A response stating success or failure of domain deletion.

createGrant

@POST
@Path("/{did}/users/{uid}/roles")
@Consumes("application/json")
@Produces("application/json")
public javax.ws.rs.core.Response createGrant(@Context
 javax.ws.rs.core.UriInfo info,
 @PathParam("did")
 String domainId,
 @PathParam("uid")
 String userId,
 Grant grant)

Creates a grant. A grant defines the role a particular user is given on a particular domain. For example, by default, AAA installs a grant for the "admin" user, granting permission to act with "admin" role on the "sdn" domain.

Parameters:

info - passed from Jersey

domainId - the domain the user is allowed to access

userId - the user that is allowed to access the domain

grant - the payload containing role access controls

Returns:

A response stating success or failure of grant creation.

getRoles

@GET
@Path("/{did}/users/{uid}/roles")
@Produces("application/json")
public javax.ws.rs.core.Response getRoles(@Context
 javax.ws.rs.core.UriInfo info,
 @PathParam("did")
 String domainId,
 @PathParam("uid")
 String userId)

Get the grants for a user on a domain.

Parameters:

info - passed from Jersey

domainId - the domain in question

userId - the user in question

Returns:

A response containing the grants for a user on a domain.

deleteGrant

@DELETE
@Path("/{did}/users/{uid}/roles/{rid}")
public javax.ws.rs.core.Response deleteGrant(@Context
 javax.ws.rs.core.UriInfo info,
 @PathParam("did")
 String domainId,
 @PathParam("uid")
 String userId,
 @PathParam("rid")
 String roleId)

Delete a grant.

Parameters:

info - passed from Jersey

domainId - the domain for the grant

userId - the user for the grant

roleId - the role for the grant

Returns:

A response stating success or failure of the grant deletion.