Hi everyone,
I am trying to add role management for openhab users. I have already implemented the function to add/remove/change a role in the karaf console and made a pull request to resolve this issue.
Now I can manage roles with the Karaf console. I’m going to implement, on the server side in the openhab-core project, multiple roles management, so that users have access to IoT devices based on their roles. To do this, I will try to filter the items sent to the client with the roles.
But I have a problem, I found the part of the code where the server sends to the client all the items, it’s in the ItemRessource.java file in the org.openhab.core.io.rest.core bundle at the location /org.openhab.core.io.rest.core/src/main/java/org/openhab/core/io/rest/core/internal/item/ItemResource.java in the getItems function put in the screenshot below :
So, what I want to do in the function above, is to get the user’s id to get their roles, or directly get the user’s roles, to know what items should be returned for the specific user.
I know that this function is called with the operationId in this case getItems provided by the swagger API because there is no @Path specified as I understood from the following links, 1, 2 and 3. If I find where this operationId is called, I can manage to add the user’s roles as an argument. Maybe I didn’t really understand how the @Operation annotation works, If you can explain this in more detail, or give me other better links this can help me a lot.
I know that in the client side in the project openhab-webui the items are requested in the file homecards-mixin.js at the location openhab-webui/bundles/org.openhab.ui/web/src/pages/home/homecards-mixin.js with the get method in the screenshot below :
This get method is implemented in the file api.js at the location openhab-webui/bundles/org.openhab.ui/web/src/js/openhab/api.js and I display the implementation below:
So when the client requests the items, it also puts its credential and sends it with JWT to check the integrity and authentication of the message (as you can see in the Framework7.request.setup function). Normally, it is possible to get the user’s credentials from the server side in the getItems function explained above, because when the client requests their items, it puts its credentials in the requestHeader.
Can anyone tell me how to get the user’s credentials when he makes a request to the server? In my case, when he requests his items.
And also explain to me how exactly the getItems function is called with the getItems operationId in the image above? How is the path handled in the case of @Operation annotation (to get a RESTfull web service)?
I know that the explanations are long, but I try to be as clear as possible.
I hoop someone can help me.
Thank you,
Nicolas Gennart.