Add endpoint to update token alias

malte-hansen · malte-hansen · commit 93a4efbdff26 · 2026-04-21T15:57:01.000+02:00
diff --git a/src/main/java/net/explorviz/token/model/LandscapeToken.java b/src/main/java/net/explorviz/token/model/LandscapeToken.java
@@ -116,6 +116,11 @@ public String getAlias() {
     return this.alias;
   }
 
+  @BsonProperty("alias")
+  public void setAlias(final String alias) {
+    this.alias = alias;
+  }
+
 
   /**
    * The secret of the token that is required to write spans to it.
diff --git a/src/main/java/net/explorviz/token/resources/TokenResource.java b/src/main/java/net/explorviz/token/resources/TokenResource.java
@@ -8,6 +8,7 @@
 import jakarta.ws.rs.ForbiddenException;
 import jakarta.ws.rs.GET;
 import jakarta.ws.rs.NotFoundException;
+import jakarta.ws.rs.PATCH;
 import jakarta.ws.rs.POST;
 import jakarta.ws.rs.Path;
 import jakarta.ws.rs.PathParam;
@@ -106,6 +107,30 @@ public Response deleteToken(@PathParam("tid") final String tokenVal) {
 
   }
 
+  /**
+   * Endpoint to update the alias of a token.
+   *
+   * @param tokenVal     Value of the token which shall be updated.
+   * @param tokenUpdates Token object containing the new alias.
+   * @return Response with no content.
+   */
+  @PATCH
+  @Authenticated
+  @Produces(MediaType.APPLICATION_JSON)
+  public Response updateTokenAlias(@PathParam("tid") final String tokenVal,
+      final LandscapeToken tokenUpdates) {
+
+    final LandscapeToken token =
+        this.tokenService.getByValue(tokenVal).orElseThrow(NotFoundException::new);
+    final String uid = this.securityIdentity.getPrincipal().getName();
+    if (this.tokenAccessService.canUpdate(token, uid)) {
+      this.tokenService.updateAlias(token, tokenUpdates.getAlias());
+      return Response.noContent().build();
+    } else {
+      throw new ForbiddenException();
+    }
+  }
+
   /**
    * Endpoint to modify an access token, i.e. grant, remove, or clone access to it.
    *
diff --git a/src/main/java/net/explorviz/token/service/TokenAccessService.java b/src/main/java/net/explorviz/token/service/TokenAccessService.java
@@ -32,5 +32,14 @@ default boolean canDelete(final LandscapeToken token, final String userId) {
     return Arrays.asList(this.getPermissions(token, userId)).contains(TokenPermission.DELETE);
   }
 
-
+  /**
+   * Checks whether a user can update a landscape token.
+   *
+   * @param token  the token
+   * @param userId the id of the user
+   * @return {@code true} iff the user is allowed to update the token
+   */
+  default boolean canUpdate(final LandscapeToken token, final String userId) {
+    return Arrays.asList(this.getPermissions(token, userId)).contains(TokenPermission.UPDATE);
+  }
 }
diff --git a/src/main/java/net/explorviz/token/service/TokenAccessServiceImpl.java b/src/main/java/net/explorviz/token/service/TokenAccessServiceImpl.java
@@ -21,11 +21,13 @@ public class TokenAccessServiceImpl implements TokenAccessService {
   public TokenPermission[] getPermissions(final LandscapeToken token, final String userId) {
 
     if (!this.authEnabled.get()) {
-      return new TokenPermission[] {TokenPermission.DELETE, TokenPermission.READ};
+      return new TokenPermission[] {TokenPermission.DELETE, TokenPermission.READ,
+          TokenPermission.UPDATE};
     }
 
     if (token.getOwnerId().equals(userId)) {
-      return new TokenPermission[] {TokenPermission.READ, TokenPermission.DELETE};
+      return new TokenPermission[] {TokenPermission.READ, TokenPermission.DELETE,
+          TokenPermission.UPDATE};
     }
 
     return new TokenPermission[] {};
diff --git a/src/main/java/net/explorviz/token/service/TokenPermission.java b/src/main/java/net/explorviz/token/service/TokenPermission.java
@@ -4,5 +4,5 @@
  * Permissions of a user regarding a token.
  */
 public enum TokenPermission {
-  READ, DELETE
+  READ, DELETE, UPDATE
 }
diff --git a/src/main/java/net/explorviz/token/service/TokenService.java b/src/main/java/net/explorviz/token/service/TokenService.java
@@ -90,4 +90,12 @@ default LandscapeToken createNewToken(final String ownerId) {
    * @param alias   the alias of the cloned token
    */
   LandscapeToken cloneToken(String token, String ownerId, String alias);
+
+  /**
+   * Update the alias of a token.
+   *
+   * @param token    the token to update
+   * @param newAlias the new alias
+   */
+  void updateAlias(LandscapeToken token, String newAlias);
 }
diff --git a/src/main/java/net/explorviz/token/service/TokenServiceImpl.java b/src/main/java/net/explorviz/token/service/TokenServiceImpl.java
@@ -153,4 +153,10 @@ public void revokeAccess(final LandscapeToken token, final String userId) {
     this.repository.update("{ $pull: { sharedUsers: ?1 } } }, $set: { ownerId: '$ownerId'}", userId)
         .where(DELETE_FLAG_QUERY, token.getValue());
   }
+
+  @Override
+  public void updateAlias(final LandscapeToken token, final String newAlias) {
+    this.repository.update("{ $set: { alias: ?1 } }", newAlias)
+        .where(DELETE_FLAG_QUERY, token.getValue());
+  }
 }
diff --git a/src/main/resources/application.properties b/src/main/resources/application.properties
@@ -5,21 +5,19 @@ quarkus.devservices.enabled=false
 ##########
 ## HTTP ##
 ##########
-%dev.quarkus.http.port=8080
+quarkus.http.port=8080
+%dev.quarkus.http.port=8084
 %dev.quarkus.http.host=0.0.0.0
 quarkus.http.cors=true
 %dev.quarkus.http.cors.origins=/.*/
 quarkus.http.cors.origins=http://localhost:4200,http://localhost:8080,https://samoa.se.informatik.uni-kiel.de,https://explorviz.sustainkieker.kieker-monitoring.net
-quarkus.http.cors.methods=GET,PUT,POST,DELETE
+quarkus.http.cors.methods=GET,PUT,PATCH,POST,DELETE
 quarkus.http.cors.access-control-max-age=24H
 quarkus.http.cors.access-control-allow-credentials=true
 quarkus.http.test-port=8194
 
-## added for frontend erro 403 ##
-%dev.quarkus.http.cors.origins=/.*/
 quarkus.tls.trust-all=true
 #quarkus.http.cors.origins=http://localhost:4200
-quarkus.http.cors.methods=GET,PUT,POST, DELETE
 #quarkus.http.cors.headers=Access-Control-Allow-Origin
 
 ####################

Original file line number	Diff line number	Diff line change
`@@ -21,11 +21,13 @@ public class TokenAccessServiceImpl implements TokenAccessService {`
`21`	`21`	`public TokenPermission[] getPermissions(final LandscapeToken token, final String userId) {`
`22`	`22`
`23`	`23`	`if (!this.authEnabled.get()) {`
`24`		`- return new TokenPermission[] {TokenPermission.DELETE, TokenPermission.READ};`
	`24`	`+ return new TokenPermission[] {TokenPermission.DELETE, TokenPermission.READ,`
	`25`	`+ TokenPermission.UPDATE};`
`25`	`26`	`}`
`26`	`27`
`27`	`28`	`if (token.getOwnerId().equals(userId)) {`
`28`		`- return new TokenPermission[] {TokenPermission.READ, TokenPermission.DELETE};`
	`29`	`+ return new TokenPermission[] {TokenPermission.READ, TokenPermission.DELETE,`
	`30`	`+ TokenPermission.UPDATE};`
`29`	`31`	`}`
`30`	`32`
`31`	`33`	`return new TokenPermission[] {};`
Original file line number	Diff line number	Diff line change
`@@ -4,5 +4,5 @@`
`4`	`4`	`* Permissions of a user regarding a token.`
`5`	`5`	`*/`
`6`	`6`	`public enum TokenPermission {`
`7`		`- READ, DELETE`
	`7`	`+ READ, DELETE, UPDATE`
`8`	`8`	`}`
Original file line number	Diff line number	Diff line change
`@@ -153,4 +153,10 @@ public void revokeAccess(final LandscapeToken token, final String userId) {`
`153`	`153`	`this.repository.update("{ $pull: { sharedUsers: ?1 } } }, $set: { ownerId: '$ownerId'}", userId)`
`154`	`154`	`.where(DELETE_FLAG_QUERY, token.getValue());`
`155`	`155`	`}`
	`156`	`+`
	`157`	`+ @Override`
	`158`	`+ public void updateAlias(final LandscapeToken token, final String newAlias) {`
	`159`	`+ this.repository.update("{ $set: { alias: ?1 } }", newAlias)`
	`160`	`+ .where(DELETE_FLAG_QUERY, token.getValue());`
	`161`	`+ }`
`156`	`162`	`}`