fix: remove request-body from delete endpoints of admin-ui plugin #2341…

… (#2342)
JanssenProject · Sep 9, 2022 · 1429a85 · 1429a85
1 parent fd0bb98
commit 1429a85
Show file tree

Hide file tree

Showing 3 changed files with 17 additions and 42 deletions.
diff --git a/...ns/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/model/auth/LicenseRequest.java b/...ns/admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/model/auth/LicenseRequest.java
@@ -2,33 +2,6 @@
 
 public class LicenseRequest {
     private String licenseKey;
-    private String validityPeriod;
-    private Integer maxActivations;
-    private Boolean licenseActive;
-
-    public String getValidityPeriod() {
-        return validityPeriod;
-    }
-
-    public void setValidityPeriod(String validityPeriod) {
-        this.validityPeriod = validityPeriod;
-    }
-
-    public Integer getMaxActivations() {
-        return maxActivations;
-    }
-
-    public void setMaxActivations(Integer maxActivations) {
-        this.maxActivations = maxActivations;
-    }
-
-    public Boolean getLicenseActive() {
-        return licenseActive;
-    }
-
-    public void setLicenseActive(Boolean licenseActive) {
-        this.licenseActive = licenseActive;
-    }
 
     public String getLicenseKey() {
         return licenseKey;
@@ -42,9 +15,6 @@ public void setLicenseKey(String licenseKey) {
     public String toString() {
         return "LicenseRequest{" +
                 "licenseKey='" + licenseKey + '\'' +
-                ", validityPeriod='" + validityPeriod + '\'' +
-                ", maxActivations=" + maxActivations +
-                ", licenseActive=" + licenseActive +
                 '}';
     }
 }
diff --git a/...n-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/rest/user/UserManagementResource.java b/...n-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/rest/user/UserManagementResource.java
@@ -15,13 +15,18 @@
 import jakarta.ws.rs.*;
 import jakarta.ws.rs.core.MediaType;
 import jakarta.ws.rs.core.Response;
+
 import java.util.List;
 
 @Path("/admin-ui/user")
 public class UserManagementResource {
 
     static final String ROLES = "/roles";
+    static final String ROLE_PATH_VARIABLE = "/{role}";
+    static final String ROLE_CONST = "role";
     static final String PERMISSIONS = "/permissions";
+    static final String PERMISSION_PATH_VARIABLE = "/{permission}";
+    static final String PERMISSION_CONST = "permission";
     static final String ROLE_PERMISSIONS_MAPPING = "/rolePermissionsMapping";
     static final String SCOPE_ROLE_READ = "https://jans.io/oauth/jans-auth-server/config/adminui/user/role.readonly";
     static final String SCOPE_ROLE_WRITE = "https://jans.io/oauth/jans-auth-server/config/adminui/user/role.write";
@@ -94,13 +99,13 @@ public Response editRole(@Valid @NotNull AdminRole roleArg) {
     }
 
     @DELETE
-    @Path(ROLES)
+    @Path(ROLES + ROLE_PATH_VARIABLE)
     @Produces(MediaType.APPLICATION_JSON)
     @ProtectedApi(scopes = SCOPE_ROLE_WRITE)
-    public Response deleteRole(@Valid @NotNull AdminRole roleArg) {
+    public Response deleteRole(@PathParam(ROLE_CONST) @NotNull String role) {
         try {
             log.info("Deleting Admin-UI role.");
-            List<AdminRole> roles = userManagementService.deleteRole(roleArg.getRole());
+            List<AdminRole> roles = userManagementService.deleteRole(role);
             log.info("Deleted Admin-UI role..");
             return Response.ok(roles).build();
         } catch (ApplicationException e) {
@@ -170,13 +175,13 @@ public Response editPermission(@Valid @NotNull AdminPermission permissionArg) {
     }
 
     @DELETE
-    @Path(PERMISSIONS)
+    @Path(PERMISSIONS + PERMISSION_PATH_VARIABLE)
     @Produces(MediaType.APPLICATION_JSON)
     @ProtectedApi(scopes = SCOPE_PERMISSION_WRITE)
-    public Response deletePermission(@Valid @NotNull AdminPermission permissionArg) {
+    public Response deletePermission(@PathParam(PERMISSION_CONST) @NotNull String permission) {
         try {
             log.info("Deleting Admin-UI permission.");
-            List<AdminPermission> permissions = userManagementService.deletePermission(permissionArg.getPermission());
+            List<AdminPermission> permissions = userManagementService.deletePermission(permission);
             log.info("Deleted Admin-UI permission..");
             return Response.ok(permissions).build();
         } catch (ApplicationException e) {
@@ -246,13 +251,13 @@ public Response mapPermissionsToRole(@Valid @NotNull RolePermissionMapping roleP
     }
 
     @DELETE
-    @Path(ROLE_PERMISSIONS_MAPPING)
+    @Path(ROLE_PERMISSIONS_MAPPING + ROLE_PATH_VARIABLE)
     @Produces(MediaType.APPLICATION_JSON)
     @ProtectedApi(scopes = SCOPE_ROLE_PERMISSION_MAPPING_WRITE)
-    public Response removePermissionsFromRole(@Valid @NotNull RolePermissionMapping rolePermissionMappingArg) {
+    public Response removePermissionsFromRole(@PathParam(ROLE_CONST) @NotNull String role) {
         try {
             log.info("Removing permissions to Admin-UI role.");
-            List<RolePermissionMapping> roleScopeMapping = userManagementService.removePermissionsFromRole(rolePermissionMappingArg);
+            List<RolePermissionMapping> roleScopeMapping = userManagementService.removePermissionsFromRole(role);
             log.info("Removed permissions to Admin-UI role..");
             return Response.ok(roleScopeMapping).build();
         } catch (ApplicationException e) {

diff --git a/...ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/user/UserManagementService.java b/...ui-plugin/src/main/java/io/jans/ca/plugin/adminui/service/user/UserManagementService.java
@@ -307,15 +307,15 @@ public List<RolePermissionMapping> mapPermissionsToRole(RolePermissionMapping ro
         }
     }
 
-    public List<RolePermissionMapping> removePermissionsFromRole(RolePermissionMapping rolePermissionMappingArg) throws ApplicationException {
+    public List<RolePermissionMapping> removePermissionsFromRole(String role) throws ApplicationException {
         try {
             AdminConf adminConf = entryManager.find(AdminConf.class, AppConstants.CONFIG_DN);
-            if (isFalse(getRoleObjByName(rolePermissionMappingArg.getRole()).getDeletable())) {
+            if (isFalse(getRoleObjByName(role).getDeletable())) {
                 log.error(ErrorResponse.ROLE_MARKED_UNDELETABLE.getDescription());
                 throw new ApplicationException(Response.Status.BAD_REQUEST.getStatusCode(), ErrorResponse.ROLE_MARKED_UNDELETABLE.getDescription());
             }
             List<RolePermissionMapping> roleScopeMapping = adminConf.getDynamic().getRolePermissionMapping()
-                    .stream().filter(ele -> !ele.getRole().equalsIgnoreCase(rolePermissionMappingArg.getRole()))
+                    .stream().filter(ele -> !ele.getRole().equalsIgnoreCase(role))
                     .collect(Collectors.toList());
             adminConf.getDynamic().setRolePermissionMapping(roleScopeMapping);
             entryManager.merge(adminConf);