1 package com.atlassian.plugins.rest.common.security.jersey;
2
3 import com.atlassian.plugins.rest.common.security.AuthorisationException;
4 import com.atlassian.plugins.rest.common.security.AuthenticationRequiredException;
5 import com.atlassian.sal.api.user.UserManager;
6 import com.sun.jersey.spi.container.ResourceFilter;
7 import com.sun.jersey.spi.container.ContainerRequestFilter;
8 import com.sun.jersey.spi.container.ContainerResponseFilter;
9 import com.sun.jersey.spi.container.ContainerRequest;
10 import com.google.common.base.Preconditions;
11
12 import javax.ws.rs.ext.Provider;
13
14
15
16
17
18
19 @Provider
20 public class SysadminOnlyResourceFilter implements ResourceFilter
21 {
22 private final UserManager userManager;
23
24 public SysadminOnlyResourceFilter(UserManager userManager)
25 {
26 this.userManager = Preconditions.checkNotNull(userManager);
27 }
28
29 public ContainerRequestFilter getRequestFilter()
30 {
31 return new ContainerRequestFilter()
32 {
33 public ContainerRequest filter(ContainerRequest containerRequest)
34 {
35 String username = userManager.getRemoteUsername();
36 if (username == null)
37 {
38 throw new AuthenticationRequiredException();
39 }
40 if (!userManager.isSystemAdmin(username))
41 {
42 throw new AuthorisationException();
43 }
44 return containerRequest;
45 }
46 };
47 }
48
49 public ContainerResponseFilter getResponseFilter()
50 {
51 return null;
52 }
53 }
54