diff --git a/redback-integrations/redback-integrations-security/src/main/java/org/apache/archiva/redback/integration/security/role/RedbackRoleConstants.java b/redback-integrations/redback-integrations-security/src/main/java/org/apache/archiva/redback/integration/security/role/RedbackRoleConstants.java
index b7241b96..d5b47c6f 100644
--- a/redback-integrations/redback-integrations-security/src/main/java/org/apache/archiva/redback/integration/security/role/RedbackRoleConstants.java
+++ b/redback-integrations/redback-integrations-security/src/main/java/org/apache/archiva/redback/integration/security/role/RedbackRoleConstants.java
@@ -60,6 +60,8 @@ public interface RedbackRoleConstants
public static final String USER_MANAGEMENT_USER_LIST_OPERATION = "user-management-user-list";
+ public static final String USER_MANAGEMENT_USER_VIEW_OPERATION = "user-management-user-view";
+
// operations against user assignment.
public static final String USER_MANAGEMENT_ROLE_GRANT_OPERATION = "user-management-role-grant";
diff --git a/redback-integrations/redback-integrations-security/src/main/resources/META-INF/redback/redback-core.xml b/redback-integrations/redback-integrations-security/src/main/resources/META-INF/redback/redback-core.xml
index 3168923f..2eddf19a 100644
--- a/redback-integrations/redback-integrations-security/src/main/resources/META-INF/redback/redback-core.xml
+++ b/redback-integrations/redback-integrations-security/src/main/resources/META-INF/redback/redback-core.xml
@@ -76,6 +76,12 @@
list users
true
+
+ user-management-user-view
+ user-management-user-view
+ view user information
+ true
+
user-management-role-grant
user-management-role-grant
@@ -195,6 +201,13 @@
global
true
+
+ access-user-data
+ Access User Data
+ user-management-user-view
+ global
+ true
+
@@ -210,6 +223,13 @@
username
true
+
+ view-user-by-username
+ View User Data by Username
+ user-management-user-view
+ username
+ true
+
diff --git a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java
index e8785a28..ee83204d 100644
--- a/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java
+++ b/redback-integrations/redback-rest/redback-rest-api/src/main/java/org/apache/archiva/redback/rest/api/services/v2/UserService.java
@@ -386,8 +386,8 @@ public interface UserService
throws RedbackServiceException;
/**
- *
- * @param resetPasswordRequest contains username for send a password reset email
+ * Asks for a password reset of the given User. Normally this results in a password reset email sent to the
+ * stored email address for the given user.
*/
@Path( "{userId}/password/reset" )
@POST
@@ -410,11 +410,11 @@ public interface UserService
@Path( "{userId}/permissions" )
@GET
@Produces( { MediaType.APPLICATION_JSON } )
- @RedbackAuthorization( permissions = RedbackRoleConstants.USER_MANAGEMENT_USER_LIST_OPERATION,
+ @RedbackAuthorization( permissions = RedbackRoleConstants.USER_MANAGEMENT_USER_VIEW_OPERATION,
resource = "{userId}")
@io.swagger.v3.oas.annotations.Operation( summary = "Returns a list of permissions assigned to the given user.",
security = {
- @SecurityRequirement( name = RedbackRoleConstants.USER_MANAGEMENT_USER_LIST_OPERATION )
+ @SecurityRequirement( name = RedbackRoleConstants.USER_MANAGEMENT_USER_VIEW_OPERATION )
},
responses = {
@ApiResponse( responseCode = "200",
diff --git a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java
index e017b462..8e400863 100644
--- a/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java
+++ b/redback-integrations/redback-rest/redback-rest-services/src/test/java/org/apache/archiva/redback/rest/services/v2/NativeUserServiceTest.java
@@ -1025,4 +1025,42 @@ public class NativeUserServiceTest extends AbstractNativeRestServices
.then( ).statusCode( 200 );
}
}
+
+
+ @Test
+ void getUserPermissions( )
+ {
+ String adminToken = getAdminToken( );
+ Map jsonAsMap = new HashMap<>( );
+ jsonAsMap.put( "user_id", "aragorn" );
+ jsonAsMap.put( "email", "aragorn@lordoftherings.org" );
+ jsonAsMap.put( "fullName", "Aragorn King of Gondor" );
+ jsonAsMap.put( "validated", true );
+ jsonAsMap.put( "password", "pAssw0rD" );
+ given( ).spec( getRequestSpec( adminToken ) ).contentType( JSON )
+ .body( jsonAsMap )
+ .when( )
+ .post( )
+ .then( ).statusCode( 201 );
+ try
+ {
+
+ String token = getUserToken( "aragorn", "pAssw0rD" );
+ Response response = given( ).spec( getRequestSpec( token ) ).contentType( JSON )
+ .when( )
+ .get( "aragorn/permissions" )
+ .prettyPeek()
+ .then( ).statusCode( 200 ).extract( ).response( );
+ assertEquals( 2, response.getBody( ).jsonPath().getList( "" ).size() );
+
+
+ }
+ finally
+ {
+ given( ).spec( getRequestSpec( adminToken ) ).contentType( JSON )
+ .delete( "aragorn" )
+ .then( ).statusCode( 200 );
+ }
+ }
+
}