Ask Question
« General Questions on Nuxeo

[REST API] How to overwrite a webobject

Hi There,

I'm currently working on fixing the multi-tenant/LDAP issues. I did find a issue in the REST API and I want to fix this.

Is it possible to overwrite a webobject (in my case: UserRootObject.java) in Nuxeo?

Thanks in advance, Bauke Roo

Bauke Roo
Member (1.4K)   3   4   6 		02/09/2015 ( History)
0 votes
0 answers
2108 views
ANSWER
Vladimir Pasquier
Hello,

Can we have your feedback about this issue? Maybe we can create a JIRA for the Nuxeo team.

I think to override your WebObject you have to create a 'fragment' (there is an example in https://github.com/nuxeo/nuxeo/tree/master/nuxeo-features/nuxeo-webengine-features)

02/09/2015
Bauke Roo
Hi Vladimir,

Sure: I'm using Nuxeo 5.8 with LDAP + multi-tenant plugins. When searching for users in widgets or API also users from other tenants are found and displayed.

So far I've managed to fix :

  • the Operation: "UserGroup.Suggestion"
  • the UsersPageProvider.

Currently I'm looking into a fix for the REST API which still returns users from other tenants. I think that I need to overwrite the class: "UserRootObject" to do this.

However I haven't been able to do so yet.

I've created a new class:

package org.nuxeo.capgemini.jaxrs;

@WebObject(type = "users") @Produces({ MediaType.APPLICATION_JSON,

    MediaType.APPLICATION_JSON + "+nxentity" })

public class LDAPMultiTenantUserRootObject extends UserRootObject

But I don't know how the UserRootObject class should be ignored and my class should take it's place.

Did you mean by creating a fragment this line in the Manifest file: Nuxeo-WebModule: org.nuxeo.ecm.restapi.server.jaxrs.APIModule;name=api-extended;extends=api;package=org/nuxeo/capgemini/jaxrs;headless=true

02/09/2015
Vladimir Pasquier
Yes exactly, you could override also by adding the same WebObject name to your bean.

I still don't understand why you have fixed "UserGroup.Suggestion" and you're trying to fix "UserRootObject".

What were your issues?

02/10/2015
Bauke Roo
Hi Vladimir, Thanks I shall try this. The issue is when using both LDAP and multi-tenancy plugin, most parts work, however users can find users from other tenants. This is absolutely a no go for multi-tenancy environments. (user from tenant A finds users from tenants B and C) By changing the classes I mentioned before I add a filter containing the tenantId so users can not find users from other tenants anymore.
02/10/2015
Bauke Roo
When I'm done I'll share the code :-)
02/12/2015
Vladimir Pasquier
Thanks a lot!
02/12/2015
Bauke Roo
Hi Vladimir, I've added the code in a jira request I've made, hope you can use this :-)
02/27/2015
kartik sn
Hi Bauke,

Can you please share the code which could be used for a similar issue like the one above.

Thanks in advance, Kartik

08/19/2016
Follow
Tags
Linked Questions
Related Questions
Is it a BUG that explain groups members are not returned in admin center ?
Is there a JAXB-API installation bug in Nuxeo apt package?
Problem with nuxeo-template-rendering
REST API create document uploaded file won't bind
Error on batch/upload rest api with multiple servers
REST API : access to encrypted (or not) user passwords
Retrieve and post comments from a document using the REST API
REST API error nos doc type specified
How to set custom attribute to file when upload to nuxeo document?
Deleting content from the folder