Examples with RequiresPermissions - org.apache.shiro.authz.annotation.RequiresPermissions

Example 21 with RequiresPermissions

use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.

the class SavedSearchesResource method update.

@PUT
@Path("/{searchId}")
@Timed
@RequiresPermissions(RestPermissions.SAVEDSEARCHES_EDIT)
@ApiOperation(value = "Update a saved search")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiResponses(value = { @ApiResponse(code = 404, message = "Saved search not found."), @ApiResponse(code = 400, message = "Invalid ObjectId."), @ApiResponse(code = 400, message = "Validation error") })
@AuditEvent(type = AuditEventTypes.SAVED_SEARCH_UPDATE)
public Map<String, Object> update(@ApiParam(name = "searchId", required = true) @PathParam("searchId") String searchId, @ApiParam(name = "JSON body", required = true) @Valid CreateSavedSearchRequest cr) throws NotFoundException, ValidationException {
    final SavedSearch search = savedSearchService.load(searchId);
    if (!isTitleTaken(searchId, cr.title())) {
        final String msg = "Cannot save search " + cr.title() + ". Title is already taken.";
        throw new BadRequestException(msg);
    }
    savedSearchService.update(search, cr.title(), cr.query());
    return search.asMap();
}

Also used : SavedSearch(org.graylog2.savedsearches.SavedSearch) BadRequestException(javax.ws.rs.BadRequestException) Path(javax.ws.rs.Path) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT) ApiResponses(io.swagger.annotations.ApiResponses)

Example 22 with RequiresPermissions

use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.

the class StreamOutputResource method add.

@POST
@Timed
@ApiOperation(value = "Associate outputs with a stream")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@RequiresPermissions(RestPermissions.STREAM_OUTPUTS_CREATE)
@ApiResponses(value = { @ApiResponse(code = 400, message = "Invalid output specification in input.") })
@AuditEvent(type = AuditEventTypes.STREAM_OUTPUT_ASSIGNMENT_CREATE)
public Response add(@ApiParam(name = "streamid", value = "The id of the stream whose outputs we want.", required = true) @PathParam("streamid") String streamid, @ApiParam(name = "JSON body", required = true) @Valid @NotNull AddOutputRequest aor) throws ValidationException, NotFoundException {
    final Stream stream = streamService.load(streamid);
    for (String outputId : aor.outputs()) {
        final Output output = outputService.load(outputId);
        streamService.addOutput(stream, output);
        clusterEventBus.post(StreamsChangedEvent.create(stream.getId()));
    }
    return Response.accepted().build();
}

Also used : Output(org.graylog2.plugin.streams.Output) Stream(org.graylog2.plugin.streams.Stream) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Example 23 with RequiresPermissions

use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.

the class StreamOutputResource method remove.

@DELETE
@Path("/{outputId}")
@Timed
@RequiresPermissions(RestPermissions.STREAM_OUTPUTS_DELETE)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Delete output of a stream")
@ApiResponses(value = { @ApiResponse(code = 404, message = "No such stream/output on this node.") })
@AuditEvent(type = AuditEventTypes.STREAM_OUTPUT_ASSIGNMENT_DELETE)
public void remove(@ApiParam(name = "streamid", value = "The id of the stream whose outputs we want.", required = true) @PathParam("streamid") String streamid, @ApiParam(name = "outputId", value = "The id of the output that should be deleted", required = true) @PathParam("outputId") String outputId) throws NotFoundException {
    final Stream stream = streamService.load(streamid);
    final Output output = outputService.load(outputId);
    streamService.removeOutput(stream, output);
    outputRegistry.removeOutput(output);
    clusterEventBus.post(StreamsChangedEvent.create(stream.getId()));
}

Also used : Output(org.graylog2.plugin.streams.Output) Stream(org.graylog2.plugin.streams.Stream) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Example 24 with RequiresPermissions

use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.

the class ClusterJournalResource method get.

@GET
@Timed
@ApiOperation(value = "Get message journal information of a given node")
@RequiresPermissions(RestPermissions.JOURNAL_READ)
public JournalSummaryResponse get(@ApiParam(name = "nodeId", value = "The id of the node to get message journal information.", required = true) @PathParam("nodeId") String nodeId) throws IOException, NodeNotFoundException {
    final Node targetNode = nodeService.byNodeId(nodeId);
    final RemoteJournalResource remoteJournalResource = remoteInterfaceProvider.get(targetNode, this.authenticationToken, RemoteJournalResource.class);
    final Response<JournalSummaryResponse> response = remoteJournalResource.get().execute();
    if (response.isSuccessful()) {
        return response.body();
    } else {
        LOG.warn("Unable to get message journal information on node {}: {}", nodeId, response.message());
        throw new WebApplicationException(response.message(), BAD_GATEWAY);
    }
}

Also used : RemoteJournalResource(org.graylog2.rest.resources.system.RemoteJournalResource) WebApplicationException(javax.ws.rs.WebApplicationException) Node(org.graylog2.cluster.Node) JournalSummaryResponse(org.graylog2.rest.resources.system.responses.JournalSummaryResponse) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) Timed(com.codahale.metrics.annotation.Timed) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation)

Example 25 with RequiresPermissions

use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.

the class ClusterLoadBalancerStatusResource method override.

@PUT
@Timed
@RequiresAuthentication
@RequiresPermissions(RestPermissions.LBSTATUS_CHANGE)
@ApiOperation(value = "Override load balancer status of this graylog-server node. Next lifecycle " + "change will override it again to its default. Set to ALIVE, DEAD, or THROTTLED.")
@Path("/override/{status}")
@NoAuditEvent("this is a proxy resource, the audit event will be emitted on the target node")
public void override(@ApiParam(name = "nodeId", value = "The id of the node whose LB status will be changed", required = true) @PathParam("nodeId") String nodeId, @ApiParam(name = "status") @PathParam("status") String status) throws IOException, NodeNotFoundException {
    final Node targetNode = nodeService.byNodeId(nodeId);
    RemoteLoadBalancerStatusResource remoteLoadBalancerStatusResource = remoteInterfaceProvider.get(targetNode, this.authenticationToken, RemoteLoadBalancerStatusResource.class);
    final Response response = remoteLoadBalancerStatusResource.override(status).execute();
    if (!response.isSuccessful()) {
        LOG.warn("Unable to override load balancer status on node {}: {}", nodeId, response.message());
        throw new WebApplicationException(response.message(), BAD_GATEWAY);
    }
}

Also used : Response(retrofit2.Response) WebApplicationException(javax.ws.rs.WebApplicationException) RemoteLoadBalancerStatusResource(org.graylog2.shared.rest.resources.system.RemoteLoadBalancerStatusResource) Node(org.graylog2.cluster.Node) Path(javax.ws.rs.Path) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) RequiresAuthentication(org.apache.shiro.authz.annotation.RequiresAuthentication) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) PUT(javax.ws.rs.PUT) NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent)

Aggregations

RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)45 ApiOperation (io.swagger.annotations.ApiOperation)42 Timed (com.codahale.metrics.annotation.Timed)30 Path (javax.ws.rs.Path)27 AuditEvent (org.graylog2.audit.jersey.AuditEvent)24 Produces (javax.ws.rs.Produces)23 GET (javax.ws.rs.GET)19 ApiResponses (io.swagger.annotations.ApiResponses)16 POST (javax.ws.rs.POST)16 BadRequestException (javax.ws.rs.BadRequestException)13 Consumes (javax.ws.rs.Consumes)12 URI (java.net.URI)9 NotFoundException (javax.ws.rs.NotFoundException)9 PUT (javax.ws.rs.PUT)8 NoAuditEvent (org.graylog2.audit.jersey.NoAuditEvent)7 User (org.graylog2.plugin.database.users.User)7 Output (org.graylog2.plugin.streams.Output)7 DELETE (javax.ws.rs.DELETE)6 InternalServerErrorException (javax.ws.rs.InternalServerErrorException)5 RequiresAuthentication (org.apache.shiro.authz.annotation.RequiresAuthentication)5