use of io.gravitee.am.identityprovider.api.User in project gravitee-access-management by gravitee-io.
the class NewsletterResource method subscribeNewsletter.
@POST
@Path("/_subscribe")
@ApiOperation(value = "Subscribe to the newsletter the authenticated user")
@ApiResponses({ @ApiResponse(code = 200, message = "Updated user", response = User.class), @ApiResponse(code = 400, message = "Invalid user profile"), @ApiResponse(code = 404, message = "User not found"), @ApiResponse(code = 500, message = "Internal server error") })
public void subscribeNewsletter(@ApiParam(name = "email", required = true) @Valid @NotNull final EmailValue emailValue, @Suspended final AsyncResponse response) {
final User authenticatedUser = getAuthenticatedUser();
// Get the organization the current user is logged on.
String organizationId = (String) authenticatedUser.getAdditionalInformation().getOrDefault(Claims.organization, Organization.DEFAULT);
userService.findById(ReferenceType.ORGANIZATION, organizationId, authenticatedUser.getId()).flatMap(user -> {
user.setEmail(emailValue.getEmail());
user.setNewsletter(true);
return userService.update(user);
}).doOnSuccess(endUser -> {
Map<String, Object> object = new HashMap<>();
object.put("email", endUser.getEmail());
newsletterService.subscribe(object);
}).subscribe(response::resume, response::resume);
}
use of io.gravitee.am.identityprovider.api.User in project gravitee-access-management by gravitee-io.
the class UserNotificationsResource method markAsRead.
@POST
@Path("/{notificationId}/acknowledge")
@Consumes(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Mark User notification as read")
@ApiResponses({ @ApiResponse(code = 204, message = "User notification has been marked as read"), @ApiResponse(code = 500, message = "Internal server error") })
public void markAsRead(@PathParam("notificationId") String notificationId, @Suspended final AsyncResponse response) {
// All users have rights to read notifications
if (!isAuthenticated()) {
response.resume(new ForbiddenException());
return;
}
final User authenticatedUser = getAuthenticatedUser();
notificationService.markAsRead(authenticatedUser, notificationId).subscribe(() -> response.resume(Response.noContent()), response::resume);
}
use of io.gravitee.am.identityprovider.api.User in project gravitee-access-management by gravitee-io.
the class AuditsResource method list.
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "List audit logs for the organization", notes = "User must have the ORGANIZATION_AUDIT[LIST] permission on the specified organization. " + "Except if user has ORGANIZATION_AUDIT[READ] permission on the organization, each returned audit is filtered and contains only basic information such as id, date, event, actor, target and status.")
@ApiResponses({ @ApiResponse(code = 200, message = "List audit logs for the platform", response = Audit.class, responseContainer = "List"), @ApiResponse(code = 500, message = "Internal server error") })
public void list(@PathParam("organizationId") String organizationId, @BeanParam AuditParam param, @Suspended final AsyncResponse response) {
AuditReportableCriteria.Builder queryBuilder = new AuditReportableCriteria.Builder().from(param.getFrom()).to(param.getTo()).status(param.getStatus()).user(param.getUser());
if (param.getType() != null) {
queryBuilder.types(Collections.singletonList(param.getType()));
}
User authenticatedUser = getAuthenticatedUser();
checkPermission(ReferenceType.ORGANIZATION, organizationId, Permission.ORGANIZATION_AUDIT, Acl.LIST).andThen(auditService.search(ReferenceType.ORGANIZATION, organizationId, queryBuilder.build(), param.getPage(), param.getSize()).flatMap(auditPage -> hasPermission(authenticatedUser, ReferenceType.ORGANIZATION, organizationId, Permission.ORGANIZATION_AUDIT, Acl.READ).map(hasPermission -> {
if (hasPermission) {
return auditPage;
} else {
return new Page<>(auditPage.getData().stream().map(FilterUtils::filterAuditInfos).collect(Collectors.toList()), auditPage.getCurrentPage(), auditPage.getTotalCount());
}
}))).subscribe(response::resume, response::resume);
}
use of io.gravitee.am.identityprovider.api.User in project gravitee-access-management by gravitee-io.
the class EntrypointResource method delete.
@DELETE
@ApiOperation(value = "Delete the sharding entrypoint", notes = "User must have the ORGANIZATION_ENTRYPOINT[DELETE] permission on the specified organization")
@ApiResponses({ @ApiResponse(code = 204, message = "Sharding entrypoint successfully deleted"), @ApiResponse(code = 500, message = "Internal server error") })
public void delete(@PathParam("organizationId") String organizationId, @PathParam("entrypointId") String entrypointId, @Suspended final AsyncResponse response) {
final User authenticatedUser = getAuthenticatedUser();
checkPermission(ReferenceType.ORGANIZATION, organizationId, Permission.ORGANIZATION_ENTRYPOINT, Acl.DELETE).andThen(entrypointService.delete(entrypointId, organizationId, authenticatedUser)).subscribe(() -> response.resume(Response.noContent().build()), response::resume);
}
use of io.gravitee.am.identityprovider.api.User in project gravitee-access-management by gravitee-io.
the class EnvironmentsResource method list.
@GET
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "List all the environments", notes = "User must have the ENVIRONMENT[LIST] permission on the specified organization " + "AND either ENVIRONMENT[READ] permission on each environment " + "or ENVIRONMENT[READ] permission on the specified organization." + "Each returned environment is filtered and contains only basic information such as id and name.")
@ApiResponses({ @ApiResponse(code = 200, message = "List all the environments of the organization", response = Environment.class, responseContainer = "List"), @ApiResponse(code = 500, message = "Internal server error") })
public void list(@PathParam("organizationId") String organizationId, @Suspended final AsyncResponse response) {
User authenticatedUser = getAuthenticatedUser();
checkPermission(ReferenceType.ORGANIZATION, organizationId, Permission.ENVIRONMENT, Acl.LIST).andThen(environmentService.findAll(organizationId)).flatMapMaybe(environment -> hasPermission(authenticatedUser, or(of(ReferenceType.ENVIRONMENT, environment.getId(), Permission.ENVIRONMENT, Acl.READ), of(ReferenceType.ORGANIZATION, organizationId, Permission.ENVIRONMENT, Acl.READ))).filter(Boolean::booleanValue).map(permit -> environment)).map(this::filterEnvironmentInfos).sorted((o1, o2) -> String.CASE_INSENSITIVE_ORDER.compare(o1.getName(), o2.getName())).toList().subscribe(response::resume, response::resume);
}
Aggregations