GUAC-586: Add data source to user and permissions services.

guacamole/src/main/java/org/glyptodon/guacamole/net/basic/rest/user/UserRESTService.java

@@ -41,6 +41,7 @@ import javax.ws.rs.core.Context;
 import javax.ws.rs.core.MediaType;
 import org.glyptodon.guacamole.GuacamoleException;
 import org.glyptodon.guacamole.GuacamoleResourceNotFoundException;
+import org.glyptodon.guacamole.net.auth.AuthenticationProvider;
 import org.glyptodon.guacamole.net.auth.Credentials;
 import org.glyptodon.guacamole.net.auth.Directory;
 import org.glyptodon.guacamole.net.auth.User;
@@ -51,6 +52,7 @@ import org.glyptodon.guacamole.net.auth.permission.ObjectPermissionSet;
 import org.glyptodon.guacamole.net.auth.permission.Permission;
 import org.glyptodon.guacamole.net.auth.permission.SystemPermission;
 import org.glyptodon.guacamole.net.auth.permission.SystemPermissionSet;
+import org.glyptodon.guacamole.net.basic.GuacamoleSession;
 import org.glyptodon.guacamole.net.basic.rest.APIError;
 import org.glyptodon.guacamole.net.basic.rest.APIPatch;
 import static org.glyptodon.guacamole.net.basic.rest.APIPatch.Operation.add;
@@ -68,8 +70,9 @@ import org.slf4j.LoggerFactory;
  * A REST Service for handling user CRUD operations.
  * 
  * @author James Muehlner
+ * @author Michael Jumper
  */
-@Path("/users")
+@Path("/data/{dataSource}/users")
 @Produces(MediaType.APPLICATION_JSON)
 @Consumes(MediaType.APPLICATION_JSON)
 public class UserRESTService {
@@ -120,42 +123,44 @@ public class UserRESTService {
      */
     @Inject
     private ObjectRetrievalService retrievalService;
-    
+
     /**
-     * Gets a list of users in the system, filtering the returned list by the
+     * Gets a list of users in the given data source (UserContext), filtering
-     * given permission, if specified.
+     * the returned list by the given permission, if specified.
-     * 
+     *
      * @param authToken
      *     The authentication token that is used to authenticate the user
      *     performing the operation.
      *
+     * @param authProviderIdentifier
+     *     The index of the UserContext within the overall List of available
+     *     UserContexts in which the requested user is to be created.
+     *
      * @param permissions
      *     The set of permissions to filter with. A user must have one or more
-     *     of these permissions for a user to appear in the result. 
+     *     of these permissions for a user to appear in the result.
      *     If null, no filtering will be performed.
-     * 
+     *
      * @return
      *     A list of all visible users. If a permission was specified, this
      *     list will contain only those users for whom the current user has
      *     that permission.
-     * 
+     *
      * @throws GuacamoleException
      *     If an error is encountered while retrieving users.
      */
     @GET
     @AuthProviderRESTExposure
     public List<APIUser> getUsers(@QueryParam("token") String authToken,
+            @PathParam("dataSource") String authProviderIdentifier,
             @QueryParam("permission") List<ObjectPermission.Type> permissions)
             throws GuacamoleException {
 
-        UserContext userContext = authenticationService.getUserContext(authToken);
+        GuacamoleSession session = authenticationService.getGuacamoleSession(authToken);
-        User self = userContext.self();
+        UserContext userContext = retrievalService.retrieveUserContext(session, authProviderIdentifier);
-        
-        // Do not filter on permissions if no permissions are specified
-        if (permissions != null && permissions.isEmpty())
-            permissions = null;
 
         // An admin user has access to any user
+        User self = userContext.self();
         SystemPermissionSet systemPermissions = self.getSystemPermissions();
         boolean isAdmin = systemPermissions.hasPermission(SystemPermission.Type.ADMINISTER);
 
@@ -174,7 +179,6 @@ public class UserRESTService {
         for (User user : userDirectory.getAll(userIdentifiers))
             apiUsers.add(new APIUser(user));
 
-        // Return the converted user list
         return apiUsers;
 
     }
@@ -186,6 +190,10 @@ public class UserRESTService {
      *     The authentication token that is used to authenticate the user
      *     performing the operation.
      *
+     * @param authProviderIdentifier
+     *     The index of the UserContext within the overall List of available
+     *     UserContexts in which the requested user is to be created.
+     *
      * @param username
      *     The username of the user to retrieve.
      *
@@ -198,34 +206,49 @@ public class UserRESTService {
     @GET
     @Path("/{username}")
     @AuthProviderRESTExposure
-    public APIUser getUser(@QueryParam("token") String authToken, @PathParam("username") String username) 
+    public APIUser getUser(@QueryParam("token") String authToken,
+            @PathParam("dataSource") String authProviderIdentifier,
+            @PathParam("username") String username)
             throws GuacamoleException {
 
-        UserContext userContext = authenticationService.getUserContext(authToken);
+        GuacamoleSession session = authenticationService.getGuacamoleSession(authToken);
 
         // Retrieve the requested user
-        User user = retrievalService.retrieveUser(userContext, username);
+        User user = retrievalService.retrieveUser(session, authProviderIdentifier, username);
         return new APIUser(user);
 
     }
     
     /**
      * Creates a new user and returns the username.
-     * @param authToken The authentication token that is used to authenticate
+     *
-     *                  the user performing the operation.
+     * @param authToken
-     * @param user The new user to create.
+     *     The authentication token that is used to authenticate the user
-     * @throws GuacamoleException If a problem is encountered while creating the user.
+     *     performing the operation.
-     * 
+     *
-     * @return The username of the newly created user.
+     * @param authProviderIdentifier
+     *     The index of the UserContext within the overall List of available
+     *     UserContexts in which the requested user is to be created.
+     *
+     * @param user
+     *     The new user to create.
+     *
+     * @throws GuacamoleException
+     *     If a problem is encountered while creating the user.
+     *
+     * @return
+     *     The username of the newly created user.
      */
     @POST
     @Produces(MediaType.TEXT_PLAIN)
     @AuthProviderRESTExposure
-    public String createUser(@QueryParam("token") String authToken, APIUser user) 
+    public String createUser(@QueryParam("token") String authToken,
+            @PathParam("dataSource") String authProviderIdentifier, APIUser user)
             throws GuacamoleException {
 
-        UserContext userContext = authenticationService.getUserContext(authToken);
+        GuacamoleSession session = authenticationService.getGuacamoleSession(authToken);
-        
+        UserContext userContext = retrievalService.retrieveUserContext(session, authProviderIdentifier);
+
         // Get the directory
         Directory<User> userDirectory = userContext.getUserDirectory();
         
@@ -247,6 +270,10 @@ public class UserRESTService {
      *     The authentication token that is used to authenticate the user
      *     performing the operation.
      *
+     * @param authProviderIdentifier
+     *     The index of the UserContext within the overall List of available
+     *     UserContexts in which the requested user is to be found.
+     *
      * @param username
      *     The username of the user to update.
      *
@@ -260,11 +287,13 @@ public class UserRESTService {
     @Path("/{username}")
     @AuthProviderRESTExposure
     public void updateUser(@QueryParam("token") String authToken,
+            @PathParam("dataSource") String authProviderIdentifier,
             @PathParam("username") String username, APIUser user) 
             throws GuacamoleException {
 
-        UserContext userContext = authenticationService.getUserContext(authToken);
+        GuacamoleSession session = authenticationService.getGuacamoleSession(authToken);
-        
+        UserContext userContext = retrievalService.retrieveUserContext(session, authProviderIdentifier);
+
         // Get the directory
         Directory<User> userDirectory = userContext.getUserDirectory();
 
@@ -301,6 +330,10 @@ public class UserRESTService {
      *     The authentication token that is used to authenticate the user
      *     performing the operation.
      *
+     * @param authProviderIdentifier
+     *     The index of the UserContext within the overall List of available
+     *     UserContexts in which the requested user is to be found.
+     *
      * @param username
      *     The username of the user to update.
      *
@@ -318,12 +351,14 @@ public class UserRESTService {
     @Path("/{username}/password")
     @AuthProviderRESTExposure
     public void updatePassword(@QueryParam("token") String authToken,
-            @PathParam("username") String username, 
+            @PathParam("dataSource") String authProviderIdentifier,
+            @PathParam("username") String username,
             APIUserPasswordUpdate userPasswordUpdate,
             @Context HttpServletRequest request) throws GuacamoleException {
 
-        UserContext userContext = authenticationService.getUserContext(authToken);
+        GuacamoleSession session = authenticationService.getGuacamoleSession(authToken);
-        
+        UserContext userContext = retrievalService.retrieveUserContext(session, authProviderIdentifier);
+
         // Build credentials
         Credentials credentials = new Credentials();
         credentials.setUsername(username);
@@ -333,7 +368,8 @@ public class UserRESTService {
         
         // Verify that the old password was correct
         try {
-            if (userContext.getAuthenticationProvider().authenticateUser(credentials) == null) {
+            AuthenticationProvider authProvider = userContext.getAuthenticationProvider();
+            if (authProvider.authenticateUser(credentials) == null) {
                 throw new APIException(APIError.Type.PERMISSION_DENIED,
                         "Permission denied.");
             }
@@ -366,6 +402,10 @@ public class UserRESTService {
      *     The authentication token that is used to authenticate the user
      *     performing the operation.
      *
+     * @param authProviderIdentifier
+     *     The index of the UserContext within the overall List of available
+     *     UserContexts in which the requested user is to be found.
+     *
      * @param username
      *     The username of the user to delete.
      *
@@ -376,11 +416,13 @@ public class UserRESTService {
     @Path("/{username}")
     @AuthProviderRESTExposure
     public void deleteUser(@QueryParam("token") String authToken,
+            @PathParam("dataSource") String authProviderIdentifier,
             @PathParam("username") String username) 
             throws GuacamoleException {
 
-        UserContext userContext = authenticationService.getUserContext(authToken);
+        GuacamoleSession session = authenticationService.getGuacamoleSession(authToken);
-        
+        UserContext userContext = retrievalService.retrieveUserContext(session, authProviderIdentifier);
+
         // Get the directory
         Directory<User> userDirectory = userContext.getUserDirectory();
 
@@ -401,6 +443,10 @@ public class UserRESTService {
      *     The authentication token that is used to authenticate the user
      *     performing the operation.
      *
+     * @param authProviderIdentifier
+     *     The index of the UserContext within the overall List of available
+     *     UserContexts in which the requested user is to be found.
+     *
      * @param username
      *     The username of the user to retrieve permissions for.
      *
@@ -414,10 +460,12 @@ public class UserRESTService {
     @Path("/{username}/permissions")
     @AuthProviderRESTExposure
     public APIPermissionSet getPermissions(@QueryParam("token") String authToken,
+            @PathParam("dataSource") String authProviderIdentifier,
             @PathParam("username") String username) 
             throws GuacamoleException {
 
-        UserContext userContext = authenticationService.getUserContext(authToken);
+        GuacamoleSession session = authenticationService.getGuacamoleSession(authToken);
+        UserContext userContext = retrievalService.retrieveUserContext(session, authProviderIdentifier);
 
         User user;
 
@@ -489,7 +537,11 @@ public class UserRESTService {
      * @param authToken
      *     The authentication token that is used to authenticate the user
      *     performing the operation.
-     * 
+     *
+     * @param authProviderIdentifier
+     *     The index of the UserContext within the overall List of available
+     *     UserContexts in which the requested user is to be found.
+     *
      * @param username
      *     The username of the user to modify the permissions of.
      *
@@ -503,11 +555,13 @@ public class UserRESTService {
     @Path("/{username}/permissions")
     @AuthProviderRESTExposure
     public void patchPermissions(@QueryParam("token") String authToken,
+            @PathParam("dataSource") String authProviderIdentifier,
             @PathParam("username") String username,
             List<APIPatch<String>> patches) throws GuacamoleException {
 
-        UserContext userContext = authenticationService.getUserContext(authToken);
+        GuacamoleSession session = authenticationService.getGuacamoleSession(authToken);
-        
+        UserContext userContext = retrievalService.retrieveUserContext(session, authProviderIdentifier);
+
         // Get the user
         User user = userContext.getUserDirectory().get(username);
         if (user == null)

guacamole/src/main/webapp/app/index/config/indexRouteConfig.js

@@ -150,7 +150,7 @@ angular.module('index').config(['$routeProvider', '$locationProvider',
         })
 
         // User editor
-        .when('/manage/users/:id', {
+        .when('/manage/:dataSource/users/:id', {
             title         : 'APP.NAME',
             bodyClassName : 'manage',
             templateUrl   : 'app/manage/templates/manageUser.html',

guacamole/src/main/webapp/app/manage/controllers/manageUserController.js

@@ -53,6 +53,14 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto
         }
     };
 
+    /**
+     * The unique identifier of the data source containing the user being
+     * edited.
+     *
+     * @type String
+     */
+    var dataSource = $routeParams.dataSource;
+
     /**
      * The username of the user being edited.
      *
@@ -137,12 +145,12 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto
     });
 
     // Pull user data
-    userService.getUser(username).success(function userReceived(user) {
+    userService.getUser(dataSource, username).success(function userReceived(user) {
         $scope.user = user;
     });
 
     // Pull user permissions
-    permissionService.getPermissions(username).success(function gotPermissions(permissions) {
+    permissionService.getPermissions(dataSource, username).success(function gotPermissions(permissions) {
         $scope.permissionFlags = PermissionFlagSet.fromPermissionSet(permissions);
     });
 
@@ -152,8 +160,8 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto
         $scope.rootGroup = rootGroup;
     });
     
-    // Query the user's permissions for the current connection
+    // Query the user's permissions for the current user
-    permissionService.getPermissions(authenticationService.getCurrentUsername())
+    permissionService.getPermissions(dataSource, authenticationService.getCurrentUsername())
             .success(function permissionsReceived(permissions) {
 
         $scope.permissions = permissions;
@@ -508,11 +516,11 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto
         }
 
         // Save the user
-        userService.saveUser($scope.user)
+        userService.saveUser(dataSource, $scope.user)
         .success(function savedUser() {
 
             // Upon success, save any changed permissions
-            permissionService.patchPermissions($scope.user.username, permissionsAdded, permissionsRemoved)
+            permissionService.patchPermissions(dataSource, $scope.user.username, permissionsAdded, permissionsRemoved)
             .success(function patchedUserPermissions() {
                 $location.path('/settings/users');
             })
@@ -574,7 +582,7 @@ angular.module('manage').controller('manageUserController', ['$scope', '$injecto
     var deleteUserImmediately = function deleteUserImmediately() {
 
         // Delete the user 
-        userService.deleteUser($scope.user)
+        userService.deleteUser(dataSource, $scope.user)
         .success(function deletedUser() {
             $location.path('/settings/users');
         })

guacamole/src/main/webapp/app/rest/services/permissionService.js

@@ -41,6 +41,11 @@ angular.module('rest').factory('permissionService', ['$injector',
      * given user, returning a promise that provides an array of
      * @link{Permission} objects if successful.
      * 
+     * @param {String} dataSource
+     *     The unique identifier of the data source containing the user whose
+     *     permissions should be retrieved. This identifier corresponds to an
+     *     AuthenticationProvider within the Guacamole web application.
+     *
      * @param {String} userID
      *     The ID of the user to retrieve the permissions for.
      *                          
@@ -48,7 +53,7 @@ angular.module('rest').factory('permissionService', ['$injector',
      *     A promise which will resolve with a @link{PermissionSet} upon
      *     success.
      */
-    service.getPermissions = function getPermissions(userID) {
+    service.getPermissions = function getPermissions(dataSource, userID) {
 
         // Build HTTP parameters set
         var httpParameters = {
@@ -59,7 +64,7 @@ angular.module('rest').factory('permissionService', ['$injector',
         return $http({
             cache   : cacheService.users,
             method  : 'GET',
-            url     : 'api/users/' + encodeURIComponent(userID) + '/permissions',
+            url     : 'api/data/' + encodeURIComponent(dataSource) + '/users/' + encodeURIComponent(userID) + '/permissions',
             params  : httpParameters
         });
 
@@ -70,6 +75,11 @@ angular.module('rest').factory('permissionService', ['$injector',
      * returning a promise that can be used for processing the results of the
      * call.
      * 
+     * @param {String} dataSource
+     *     The unique identifier of the data source containing the user whose
+     *     permissions should be modified. This identifier corresponds to an
+     *     AuthenticationProvider within the Guacamole web application.
+     *
      * @param {String} userID
      *     The ID of the user to modify the permissions of.
      *                          
@@ -80,8 +90,8 @@ angular.module('rest').factory('permissionService', ['$injector',
      *     A promise for the HTTP call which will succeed if and only if the
      *     add operation is successful.
      */
-    service.addPermissions = function addPermissions(userID, permissions) {
+    service.addPermissions = function addPermissions(dataSource, userID, permissions) {
-        return service.patchPermissions(userID, permissions, null);
+        return service.patchPermissions(dataSource, userID, permissions, null);
     };
     
     /**
@@ -89,6 +99,11 @@ angular.module('rest').factory('permissionService', ['$injector',
      * returning a promise that can be used for processing the results of the
      * call.
      * 
+     * @param {String} dataSource
+     *     The unique identifier of the data source containing the user whose
+     *     permissions should be modified. This identifier corresponds to an
+     *     AuthenticationProvider within the Guacamole web application.
+     *
      * @param {String} userID
      *     The ID of the user to modify the permissions of.
      *                          
@@ -99,8 +114,8 @@ angular.module('rest').factory('permissionService', ['$injector',
      *     A promise for the HTTP call which will succeed if and only if the
      *     remove operation is successful.
      */
-    service.removePermissions = function removePermissions(userID, permissions) {
+    service.removePermissions = function removePermissions(dataSource, userID, permissions) {
-        return service.patchPermissions(userID, null, permissions);
+        return service.patchPermissions(dataSource, userID, null, permissions);
     };
 
     /**
@@ -186,6 +201,11 @@ angular.module('rest').factory('permissionService', ['$injector',
      * user, returning a promise that can be used for processing the results of
      * the call.
      * 
+     * @param {String} dataSource
+     *     The unique identifier of the data source containing the user whose
+     *     permissions should be modified. This identifier corresponds to an
+     *     AuthenticationProvider within the Guacamole web application.
+     *
      * @param {String} userID
      *     The ID of the user to modify the permissions of.
      *                          
@@ -199,7 +219,7 @@ angular.module('rest').factory('permissionService', ['$injector',
      *     A promise for the HTTP call which will succeed if and only if the
      *     patch operation is successful.
      */
-    service.patchPermissions = function patchPermissions(userID, permissionsToAdd, permissionsToRemove) {
+    service.patchPermissions = function patchPermissions(dataSource, userID, permissionsToAdd, permissionsToRemove) {
 
         var permissionPatch = [];
         
@@ -217,7 +237,7 @@ angular.module('rest').factory('permissionService', ['$injector',
         // Patch user permissions
         return $http({
             method  : 'PATCH', 
-            url     : 'api/users/' + encodeURIComponent(userID) + '/permissions',
+            url     : 'api/data/' + encodeURIComponent(dataSource) + '/users/' + encodeURIComponent(userID) + '/permissions',
             params  : httpParameters,
             data    : permissionPatch
         })

guacamole/src/main/webapp/app/rest/services/userService.js

@@ -41,6 +41,11 @@ angular.module('rest').factory('userService', ['$injector',
      * returning a promise that provides an array of @link{User} objects if
      * successful.
      * 
+     * @param {String} dataSource
+     *     The unique identifier of the data source containing the users to be
+     *     retrieved. This identifier corresponds to an AuthenticationProvider
+     *     within the Guacamole web application.
+     *
      * @param {String[]} [permissionTypes]
      *     The set of permissions to filter with. A user must have one or more
      *     of these permissions for a user to appear in the result. 
@@ -51,7 +56,7 @@ angular.module('rest').factory('userService', ['$injector',
      *     A promise which will resolve with an array of @link{User} objects
      *     upon success.
      */
-    service.getUsers = function getUsers(permissionTypes) {
+    service.getUsers = function getUsers(dataSource, permissionTypes) {
 
         // Build HTTP parameters set
         var httpParameters = {
@@ -66,7 +71,7 @@ angular.module('rest').factory('userService', ['$injector',
         return $http({
             cache   : cacheService.users,
             method  : 'GET',
-            url     : 'api/users',
+            url     : 'api/data/' + encodeURIComponent(dataSource) + '/users',
             params  : httpParameters
         });
 
@@ -76,14 +81,19 @@ angular.module('rest').factory('userService', ['$injector',
      * Makes a request to the REST API to get the user having the given
      * username, returning a promise that provides the corresponding
      * @link{User} if successful.
-     * 
+     *
+     * @param {String} dataSource
+     *     The unique identifier of the data source containing the user to be
+     *     retrieved. This identifier corresponds to an AuthenticationProvider
+     *     within the Guacamole web application.
+     *
      * @param {String} username
      *     The username of the user to retrieve.
      * 
      * @returns {Promise.<User>}
      *     A promise which will resolve with a @link{User} upon success.
      */
-    service.getUser = function getUser(username) {
+    service.getUser = function getUser(dataSource, username) {
 
         // Build HTTP parameters set
         var httpParameters = {
@@ -94,7 +104,7 @@ angular.module('rest').factory('userService', ['$injector',
         return $http({
             cache   : cacheService.users,
             method  : 'GET',
-            url     : 'api/users/' + encodeURIComponent(username),
+            url     : 'api/data/' + encodeURIComponent(dataSource) + '/users/' + encodeURIComponent(username),
             params  : httpParameters
         });
 
@@ -104,6 +114,11 @@ angular.module('rest').factory('userService', ['$injector',
      * Makes a request to the REST API to delete a user, returning a promise
      * that can be used for processing the results of the call.
      * 
+     * @param {String} dataSource
+     *     The unique identifier of the data source containing the user to be
+     *     deleted. This identifier corresponds to an AuthenticationProvider
+     *     within the Guacamole web application.
+     *
      * @param {User} user
      *     The user to delete.
      *                          
@@ -111,7 +126,7 @@ angular.module('rest').factory('userService', ['$injector',
      *     A promise for the HTTP call which will succeed if and only if the
      *     delete operation is successful.
      */
-    service.deleteUser = function deleteUser(user) {
+    service.deleteUser = function deleteUser(dataSource, user) {
 
         // Build HTTP parameters set
         var httpParameters = {
@@ -121,7 +136,7 @@ angular.module('rest').factory('userService', ['$injector',
         // Delete user
         return $http({
             method  : 'DELETE',
-            url     : 'api/users/' + encodeURIComponent(user.username),
+            url     : 'api/data/' + encodeURIComponent(dataSource) + '/users/' + encodeURIComponent(user.username),
             params  : httpParameters
         })
 
@@ -137,6 +152,11 @@ angular.module('rest').factory('userService', ['$injector',
      * Makes a request to the REST API to create a user, returning a promise
      * that can be used for processing the results of the call.
      * 
+     * @param {String} dataSource
+     *     The unique identifier of the data source in which the user should be
+     *     created. This identifier corresponds to an AuthenticationProvider
+     *     within the Guacamole web application.
+     *
      * @param {User} user
      *     The user to create.
      *                          
@@ -144,7 +164,7 @@ angular.module('rest').factory('userService', ['$injector',
      *     A promise for the HTTP call which will succeed if and only if the
      *     create operation is successful.
      */
-    service.createUser = function createUser(user) {
+    service.createUser = function createUser(dataSource, user) {
 
         // Build HTTP parameters set
         var httpParameters = {
@@ -154,7 +174,7 @@ angular.module('rest').factory('userService', ['$injector',
         // Create user
         return $http({
             method  : 'POST',
-            url     : 'api/users',
+            url     : 'api/data/' + encodeURIComponent(dataSource) + '/users',
             params  : httpParameters,
             data    : user
         })
@@ -170,6 +190,11 @@ angular.module('rest').factory('userService', ['$injector',
      * Makes a request to the REST API to save a user, returning a promise that
      * can be used for processing the results of the call.
      * 
+     * @param {String} dataSource
+     *     The unique identifier of the data source containing the user to be
+     *     updated. This identifier corresponds to an AuthenticationProvider
+     *     within the Guacamole web application.
+     *
      * @param {User} user
      *     The user to update.
      *                          
@@ -177,7 +202,7 @@ angular.module('rest').factory('userService', ['$injector',
      *     A promise for the HTTP call which will succeed if and only if the
      *     save operation is successful.
      */
-    service.saveUser = function saveUser(user) {
+    service.saveUser = function saveUser(dataSource, user) {
 
         // Build HTTP parameters set
         var httpParameters = {
@@ -187,7 +212,7 @@ angular.module('rest').factory('userService', ['$injector',
         // Update user
         return $http({
             method  : 'PUT',
-            url     : 'api/users/' + encodeURIComponent(user.username),
+            url     : 'api/data/' + encodeURIComponent(dataSource) + '/users/' + encodeURIComponent(user.username),
             params  : httpParameters,
             data    : user
         })
@@ -203,6 +228,11 @@ angular.module('rest').factory('userService', ['$injector',
      * Makes a request to the REST API to update the password for a user, 
      * returning a promise that can be used for processing the results of the call.
      * 
+     * @param {String} dataSource
+     *     The unique identifier of the data source containing the user to be
+     *     updated. This identifier corresponds to an AuthenticationProvider
+     *     within the Guacamole web application.
+     *
      * @param {String} username
      *     The username of the user to update.
      *     
@@ -216,7 +246,7 @@ angular.module('rest').factory('userService', ['$injector',
      *     A promise for the HTTP call which will succeed if and only if the
      *     password update operation is successful.
      */
-    service.updateUserPassword = function updateUserPassword(username, 
+    service.updateUserPassword = function updateUserPassword(dataSource, username,
             oldPassword, newPassword) {
 
         // Build HTTP parameters set
@@ -227,7 +257,7 @@ angular.module('rest').factory('userService', ['$injector',
         // Update user password
         return $http({
             method  : 'PUT',
-            url     : 'api/users/' + encodeURIComponent(username) + '/password',
+            url     : 'api/data/' + encodeURIComponent(dataSource) + '/users/' + encodeURIComponent(username) + '/password',
             params  : httpParameters,
             data    : new UserPasswordUpdate({
                 oldPassword : oldPassword,

guacamole/src/main/webapp/app/settings/directives/guacSettingsUsers.js

@@ -62,6 +62,15 @@ angular.module('settings').directive('guacSettingsUsers', [function guacSettings
                 }
             };
 
+            /**
+             * The data source from which the list of users should be pulled.
+             * For the time being, this is just the data source which
+             * authenticated the current user.
+             *
+             * @type String
+             */
+            $scope.dataSource = authenticationService.getDataSource();
+
             /**
              * All visible users.
              *
@@ -118,7 +127,7 @@ angular.module('settings').directive('guacSettingsUsers', [function guacSettings
             };
 
             // Retrieve current permissions
-            permissionService.getPermissions(currentUsername)
+            permissionService.getPermissions($scope.dataSource, currentUsername)
             .success(function permissionsRetrieved(permissions) {
 
                 $scope.permissions = permissions;
@@ -141,8 +150,10 @@ angular.module('settings').directive('guacSettingsUsers', [function guacSettings
             });
 
             // Retrieve all users for whom we have UPDATE or DELETE permission
-            userService.getUsers([PermissionSet.ObjectPermissionType.UPDATE, 
+            userService.getUsers($scope.dataSource, [
-                PermissionSet.ObjectPermissionType.DELETE])
+                PermissionSet.ObjectPermissionType.UPDATE,
+                PermissionSet.ObjectPermissionType.DELETE
+            ])
             .success(function usersReceived(users) {
 
                 // Display only other users, not self
@@ -164,7 +175,7 @@ angular.module('settings').directive('guacSettingsUsers', [function guacSettings
                 });
 
                 // Create specified user
-                userService.createUser(user)
+                userService.createUser($scope.dataSource, user)
 
                 // Add user to visible list upon success
                 .success(function userCreated() {

guacamole/src/main/webapp/app/settings/templates/settingsUsers.html

@@ -33,7 +33,7 @@
     <!-- List of users this user has access to -->
     <div class="user-list">
         <div ng-repeat="user in userPage" class="user list-item">
-            <a ng-href="#/manage/users/{{user.username}}">
+            <a ng-href="#/manage/{{dataSource}}/users/{{user.username}}">
                 <div class="caption">
                     <div class="icon user"></div>
                     <span class="name">{{user.username}}</span>