Search in sources :

Example 1 with GroupDTO

use of alien4cloud.rest.orchestrator.model.GroupDTO in project alien4cloud by alien4cloud.

the class ServiceSecurityController method getAuthorizedGroups.

/**
 * List all groups authorised to access the location.
 *
 * @return list of all authorised groups.
 */
@ApiOperation(value = "List all groups authorized to access the service resource", notes = "Only user with ADMIN role can list authorized groups to the location.")
@RequestMapping(value = "/groups", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public RestResponse<List<GroupDTO>> getAuthorizedGroups(@PathVariable String serviceId) {
    ServiceResource service = serviceResourceService.getOrFail(serviceId);
    List<GroupDTO> groups = GroupDTO.convert(resourcePermissionService.getAuthorizedGroups(service));
    return RestResponseBuilder.<List<GroupDTO>>builder().data(groups).build();
}
Also used : GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO) ServiceResource(alien4cloud.model.service.ServiceResource) List(java.util.List) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 2 with GroupDTO

use of alien4cloud.rest.orchestrator.model.GroupDTO in project alien4cloud by alien4cloud.

the class ServiceSecurityController method grantAccessToGroups.

/**
 *****************************************************************************************************************************
 *
 * SECURITY ON GROUPS
 *
 ******************************************************************************************************************************
 */
/**
 * Grant access to the service resource to the groups (deploy on the location)
 *
 * @param serviceId The location's id.
 * @param groupIds The authorized groups.
 * @return A {@link Void} {@link RestResponse}.
 */
@ApiOperation(value = "Grant access to the service resource to the groups", notes = "Only user with ADMIN role can grant access to a group.")
@RequestMapping(value = "/groups", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<List<GroupDTO>> grantAccessToGroups(@PathVariable String serviceId, @RequestBody String[] groupIds) {
    ServiceResource service = serviceResourceService.getOrFail(serviceId);
    resourcePermissionService.grantPermission(service, Subject.GROUP, groupIds);
    List<GroupDTO> groups = GroupDTO.convert(resourcePermissionService.getAuthorizedGroups(service));
    return RestResponseBuilder.<List<GroupDTO>>builder().data(groups).build();
}
Also used : GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO) ServiceResource(alien4cloud.model.service.ServiceResource) List(java.util.List) Audit(alien4cloud.audit.annotation.Audit) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 3 with GroupDTO

use of alien4cloud.rest.orchestrator.model.GroupDTO in project alien4cloud by alien4cloud.

the class LocationSecurityController method revokeGroupAccess.

/**
 * Revoke the group's authorisation to access the location
 *
 * @param locationId The id of the location.
 * @param groupId The authorized group.
 * @return A {@link Void} {@link RestResponse}.
 */
@ApiOperation(value = "Revoke the group's authorisation to access the location", notes = "Only user with ADMIN role can revoke access to the location.")
@RequestMapping(value = "/groups/{groupId}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<List<GroupDTO>> revokeGroupAccess(@PathVariable String orchestratorId, @PathVariable String locationId, @PathVariable String groupId) {
    Location location = locationService.getLocation(orchestratorId, locationId);
    resourcePermissionService.revokePermission(location, Subject.GROUP, groupId);
    List<GroupDTO> groups = GroupDTO.convert(resourcePermissionService.getAuthorizedGroups(location));
    return RestResponseBuilder.<List<GroupDTO>>builder().data(groups).build();
}
Also used : GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO) List(java.util.List) Location(alien4cloud.model.orchestrators.locations.Location) Audit(alien4cloud.audit.annotation.Audit) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 4 with GroupDTO

use of alien4cloud.rest.orchestrator.model.GroupDTO in project alien4cloud by alien4cloud.

the class LocationSecurityController method getAuthorizedGroups.

/**
 * List all groups authorised to access the location.
 *
 * @return list of all authorised groups.
 */
@ApiOperation(value = "List all groups authorized to access the location", notes = "Only user with ADMIN role can list authorized groups to the location.")
@RequestMapping(value = "/groups", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public RestResponse<List<GroupDTO>> getAuthorizedGroups(@PathVariable String orchestratorId, @PathVariable String locationId) {
    Location location = locationService.getLocation(orchestratorId, locationId);
    List<GroupDTO> groups = GroupDTO.convert(resourcePermissionService.getAuthorizedGroups(location));
    return RestResponseBuilder.<List<GroupDTO>>builder().data(groups).build();
}
Also used : GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO) List(java.util.List) Location(alien4cloud.model.orchestrators.locations.Location) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 5 with GroupDTO

use of alien4cloud.rest.orchestrator.model.GroupDTO in project alien4cloud by alien4cloud.

the class AbstractLocationResourcesSecurityController method getAuthorizedGroups.

/**
 * List all groups authorised to access the location resource.
 *
 * @return list of all authorised groups.
 */
@ApiOperation(value = "List all groups authorized to access the location", notes = "Only user with ADMIN role can list authorized groups to the location.")
@RequestMapping(value = "/groups", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public RestResponse<List<GroupDTO>> getAuthorizedGroups(@PathVariable String orchestratorId, @PathVariable String locationId, @PathVariable String resourceId) {
    AbstractLocationResourceTemplate resourceTemplate = locationResourceService.getOrFail(resourceId);
    List<GroupDTO> groups = GroupDTO.convert(resourcePermissionService.getAuthorizedGroups(resourceTemplate));
    return RestResponseBuilder.<List<GroupDTO>>builder().data(groups).build();
}
Also used : GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO) AbstractLocationResourceTemplate(alien4cloud.model.orchestrators.locations.AbstractLocationResourceTemplate) List(java.util.List) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Aggregations

GroupDTO (alien4cloud.rest.orchestrator.model.GroupDTO)10 ApiOperation (io.swagger.annotations.ApiOperation)10 List (java.util.List)10 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)10 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)10 Audit (alien4cloud.audit.annotation.Audit)7 Location (alien4cloud.model.orchestrators.locations.Location)6 ApplicationEnvironmentService (alien4cloud.application.ApplicationEnvironmentService)3 ResourcePermissionService (alien4cloud.authorization.ResourcePermissionService)3 IGenericSearchDAO (alien4cloud.dao.IGenericSearchDAO)3 Application (alien4cloud.model.application.Application)3 ApplicationEnvironment (alien4cloud.model.application.ApplicationEnvironment)3 AbstractLocationResourceTemplate (alien4cloud.model.orchestrators.locations.AbstractLocationResourceTemplate)3 ServiceResource (alien4cloud.model.service.ServiceResource)3 LocationService (alien4cloud.orchestrators.locations.services.LocationService)3 RestResponse (alien4cloud.rest.model.RestResponse)3 RestResponseBuilder (alien4cloud.rest.model.RestResponseBuilder)3 ApplicationEnvironmentAuthorizationDTO (alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)3 ApplicationEnvironmentAuthorizationUpdateRequest (alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)3 UserDTO (alien4cloud.rest.orchestrator.model.UserDTO)3