Search in sources :

Example 1 with InternalRoleAccess

use of com.redhat.cloud.notifications.models.InternalRoleAccess in project notifications-backend by RedHatInsights.

the class InternalPermissionResource method getPermissions.

@GET
@Path("/me")
@Produces(MediaType.APPLICATION_JSON)
// Overrides admin permission
@RolesAllowed(ConsoleIdentityProvider.RBAC_INTERNAL_USER)
public InternalUserPermissions getPermissions() {
    InternalUserPermissions permissions = new InternalUserPermissions();
    if (securityIdentity.hasRole(ConsoleIdentityProvider.RBAC_INTERNAL_ADMIN)) {
        permissions.setAdmin(true);
        return permissions;
    }
    String privateRolePrefix = InternalRoleAccess.INTERNAL_ROLE_PREFIX;
    Set<String> roles = securityIdentity.getRoles().stream().filter(s -> s.startsWith(privateRolePrefix)).map(s -> s.substring(privateRolePrefix.length())).collect(Collectors.toSet());
    permissions.getRoles().addAll(roles);
    List<InternalRoleAccess> accessList = internalRoleAccessRepository.getByRoles(roles);
    for (InternalRoleAccess access : accessList) {
        permissions.addApplication(access.getApplicationId(), access.getApplication().getDisplayName());
    }
    return permissions;
}
Also used : PathParam(javax.ws.rs.PathParam) RolesAllowed(javax.annotation.security.RolesAllowed) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) Path(javax.ws.rs.Path) API_INTERNAL(com.redhat.cloud.notifications.Constants.API_INTERNAL) Inject(javax.inject.Inject) Valid(javax.validation.Valid) MediaType(javax.ws.rs.core.MediaType) InternalUserPermissions(com.redhat.cloud.notifications.routers.internal.models.InternalUserPermissions) Consumes(javax.ws.rs.Consumes) SecurityIdentity(io.quarkus.security.identity.SecurityIdentity) InternalRoleAccess(com.redhat.cloud.notifications.models.InternalRoleAccess) ConsoleIdentityProvider(com.redhat.cloud.notifications.auth.ConsoleIdentityProvider) DELETE(javax.ws.rs.DELETE) Application(com.redhat.cloud.notifications.models.Application) ApplicationRepository(com.redhat.cloud.notifications.db.repositories.ApplicationRepository) POST(javax.ws.rs.POST) Set(java.util.Set) UUID(java.util.UUID) InternalRoleAccessRepository(com.redhat.cloud.notifications.db.repositories.InternalRoleAccessRepository) Collectors(java.util.stream.Collectors) AddAccessRequest(com.redhat.cloud.notifications.routers.internal.models.AddAccessRequest) List(java.util.List) InternalApplicationUserPermission(com.redhat.cloud.notifications.routers.internal.models.InternalApplicationUserPermission) InternalUserPermissions(com.redhat.cloud.notifications.routers.internal.models.InternalUserPermissions) InternalRoleAccess(com.redhat.cloud.notifications.models.InternalRoleAccess) Path(javax.ws.rs.Path) RolesAllowed(javax.annotation.security.RolesAllowed) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET)

Example 2 with InternalRoleAccess

use of com.redhat.cloud.notifications.models.InternalRoleAccess in project notifications-backend by RedHatInsights.

the class InternalResource method createApplication.

@POST
@Path("/applications")
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
@Transactional
@RolesAllowed(ConsoleIdentityProvider.RBAC_INTERNAL_USER)
public Application createApplication(@Context SecurityContext sec, @NotNull @Valid AddApplicationRequest request) {
    securityContextUtil.hasPermissionForRole(sec, request.ownerRole);
    Application app = new Application();
    app.setBundleId(request.bundleId);
    app.setDisplayName(request.displayName);
    app.setName(request.name);
    app = applicationRepository.createApp(app);
    if (request.ownerRole != null) {
        InternalRoleAccess access = new InternalRoleAccess();
        access.setRole(request.ownerRole);
        access.setApplicationId(app.getId());
        access.setApplication(app);
        internalRoleAccessRepository.addAccess(access);
    }
    return app;
}
Also used : InternalRoleAccess(com.redhat.cloud.notifications.models.InternalRoleAccess) Application(com.redhat.cloud.notifications.models.Application) Path(javax.ws.rs.Path) RolesAllowed(javax.annotation.security.RolesAllowed) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces) Transactional(javax.transaction.Transactional)

Example 3 with InternalRoleAccess

use of com.redhat.cloud.notifications.models.InternalRoleAccess in project notifications-backend by RedHatInsights.

the class InternalPermissionResource method addAccess.

@POST
@Path("/")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public InternalRoleAccess addAccess(@Valid AddAccessRequest addAccessRequest) {
    InternalRoleAccess access = new InternalRoleAccess();
    Application application = applicationRepository.getApplication(addAccessRequest.applicationId);
    access.setApplicationId(addAccessRequest.applicationId);
    access.setRole(addAccessRequest.role);
    access.setApplication(application);
    return internalRoleAccessRepository.addAccess(access);
}
Also used : InternalRoleAccess(com.redhat.cloud.notifications.models.InternalRoleAccess) Application(com.redhat.cloud.notifications.models.Application) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Consumes(javax.ws.rs.Consumes) Produces(javax.ws.rs.Produces)

Aggregations

Application (com.redhat.cloud.notifications.models.Application)3 InternalRoleAccess (com.redhat.cloud.notifications.models.InternalRoleAccess)3 Consumes (javax.ws.rs.Consumes)3 POST (javax.ws.rs.POST)3 Path (javax.ws.rs.Path)3 Produces (javax.ws.rs.Produces)3 RolesAllowed (javax.annotation.security.RolesAllowed)2 API_INTERNAL (com.redhat.cloud.notifications.Constants.API_INTERNAL)1 ConsoleIdentityProvider (com.redhat.cloud.notifications.auth.ConsoleIdentityProvider)1 ApplicationRepository (com.redhat.cloud.notifications.db.repositories.ApplicationRepository)1 InternalRoleAccessRepository (com.redhat.cloud.notifications.db.repositories.InternalRoleAccessRepository)1 AddAccessRequest (com.redhat.cloud.notifications.routers.internal.models.AddAccessRequest)1 InternalApplicationUserPermission (com.redhat.cloud.notifications.routers.internal.models.InternalApplicationUserPermission)1 InternalUserPermissions (com.redhat.cloud.notifications.routers.internal.models.InternalUserPermissions)1 SecurityIdentity (io.quarkus.security.identity.SecurityIdentity)1 List (java.util.List)1 Set (java.util.Set)1 UUID (java.util.UUID)1 Collectors (java.util.stream.Collectors)1 Inject (javax.inject.Inject)1