Examples with Permission io.gravitee.am.model.permissions.Permission used on opensource projects

Search in sources :

Example 21 with Permission

use of io.gravitee.am.model.permissions.Permission in project gravitee-access-management by gravitee-io.

the class CertificatesResource method list.

@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "List registered certificates for a security domain", notes = "User must have the DOMAIN_CERTIFICATE[LIST] permission on the specified domain " + "or DOMAIN_CERTIFICATE[LIST] permission on the specified environment " + "or DOMAIN_CERTIFICATE[LIST] permission on the specified organization. " + "Each returned certificate is filtered and contains only basic information such as id, name and type.")
@ApiResponses({ @ApiResponse(code = 200, message = "List registered certificates for a security domain", response = CertificateEntity.class, responseContainer = "Set"), @ApiResponse(code = 500, message = "Internal server error") })
public void list(@PathParam("organizationId") String organizationId, @PathParam("environmentId") String environmentId, @PathParam("domain") String domain, @QueryParam("use") String use, @Suspended final AsyncResponse response) {
    final int certificateExpiryThreshold = environment.getProperty("services.certificate.expiryThreshold", Integer.class, 14);
    checkAnyPermission(organizationId, environmentId, domain, Permission.DOMAIN_CERTIFICATE, Acl.LIST).andThen(domainService.findById(domain).switchIfEmpty(Maybe.error(new DomainNotFoundException(domain))).flatMapPublisher(__ -> certificateService.findByDomain(domain)).filter(c -> {
        if (!StringUtils.isEmpty(use)) {
            final JsonObject config = JsonObject.mapFrom(Json.decodeValue(c.getConfiguration(), HashMap.class));
            if (config != null && config.getJsonArray("use") != null) {
                return config.getJsonArray("use").contains(use);
            }
        }
        // no value, return true as sig should be the default
        return true;
    }).map(cert -> this.filterCertificateInfos(cert, certificateExpiryThreshold)).sorted((o1, o2) -> String.CASE_INSENSITIVE_ORDER.compare(o1.getName(), o2.getName())).toList().map(sortedCertificates -> Response.ok(sortedCertificates).build())).subscribe(response::resume, response::resume);
}
Also used : Certificate(io.gravitee.am.model.Certificate) Json(io.vertx.core.json.Json) CertificateServiceProxy(io.gravitee.am.management.service.CertificateServiceProxy) Permission(io.gravitee.am.model.permissions.Permission) Maybe(io.reactivex.Maybe) DomainService(io.gravitee.am.service.DomainService) Autowired(org.springframework.beans.factory.annotation.Autowired) HashMap(java.util.HashMap) AbstractResource(io.gravitee.am.management.handlers.management.api.resources.AbstractResource) InitializingBean(org.springframework.beans.factory.InitializingBean) Value(org.springframework.beans.factory.annotation.Value) Valid(javax.validation.Valid) Acl(io.gravitee.am.model.Acl) User(io.gravitee.am.identityprovider.api.User) CertificateStatus(io.gravitee.am.management.handlers.management.api.model.CertificateStatus) io.swagger.annotations(io.swagger.annotations) JsonObject(io.vertx.core.json.JsonObject) CertificateEntity(io.gravitee.am.management.handlers.management.api.model.CertificateEntity) URI(java.net.URI) Context(javax.ws.rs.core.Context) AsyncResponse(javax.ws.rs.container.AsyncResponse) DomainNotFoundException(io.gravitee.am.service.exception.DomainNotFoundException) NotNull(javax.validation.constraints.NotNull) Instant(java.time.Instant) Suspended(javax.ws.rs.container.Suspended) NewCertificate(io.gravitee.am.service.model.NewCertificate) MediaType(io.gravitee.common.http.MediaType) ChronoUnit(java.time.temporal.ChronoUnit) javax.ws.rs(javax.ws.rs) Response(javax.ws.rs.core.Response) Environment(org.springframework.core.env.Environment) ResourceContext(javax.ws.rs.container.ResourceContext) StringUtils(org.springframework.util.StringUtils) HashMap(java.util.HashMap) JsonObject(io.vertx.core.json.JsonObject) DomainNotFoundException(io.gravitee.am.service.exception.DomainNotFoundException)

Example 22 with Permission

use of io.gravitee.am.model.permissions.Permission in project gravitee-access-management by gravitee-io.

the class DomainResource method get.

@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get a security domain", notes = "User must have the DOMAIN[READ] permission on the specified domain, environment or organization. " + "Domain will be filtered according to permissions (READ on DOMAIN_USER_ACCOUNT, DOMAIN_IDENTITY_PROVIDER, DOMAIN_FORM, DOMAIN_LOGIN_SETTINGS, " + "DOMAIN_DCR, DOMAIN_SCIM, DOMAIN_SETTINGS)")
@ApiResponses({ @ApiResponse(code = 200, message = "Domain", response = Domain.class), @ApiResponse(code = 500, message = "Internal server error") })
public void get(@PathParam("organizationId") String organizationId, @PathParam("environmentId") String environmentId, @PathParam("domain") String domainId, @Suspended final AsyncResponse response) {
    final User authenticatedUser = getAuthenticatedUser();
    checkAnyPermission(organizationId, environmentId, domainId, Permission.DOMAIN, Acl.READ).andThen(domainService.findById(domainId).switchIfEmpty(Maybe.error(new DomainNotFoundException(domainId))).flatMapSingle(domain -> findAllPermissions(authenticatedUser, organizationId, environmentId, domainId).map(userPermissions -> filterDomainInfos(domain, userPermissions)))).subscribe(response::resume, response::resume);
}
Also used : Completable(io.reactivex.Completable) Permission(io.gravitee.am.model.permissions.Permission) Maybe(io.reactivex.Maybe) ApiParam(io.swagger.annotations.ApiParam) Autowired(org.springframework.beans.factory.annotation.Autowired) ApiResponses(io.swagger.annotations.ApiResponses) EntrypointService(io.gravitee.am.service.EntrypointService) PatchDomain(io.gravitee.am.service.model.PatchDomain) Valid(javax.validation.Valid) Acl(io.gravitee.am.model.Acl) ApiOperation(io.swagger.annotations.ApiOperation) Entrypoint(io.gravitee.am.model.Entrypoint) User(io.gravitee.am.identityprovider.api.User) AsyncResponse(javax.ws.rs.container.AsyncResponse) Set(java.util.Set) Domain(io.gravitee.am.model.Domain) DomainNotFoundException(io.gravitee.am.service.exception.DomainNotFoundException) NotNull(javax.validation.constraints.NotNull) Suspended(javax.ws.rs.container.Suspended) Collectors(java.util.stream.Collectors) List(java.util.List) MediaType(io.gravitee.common.http.MediaType) javax.ws.rs(javax.ws.rs) Response(javax.ws.rs.core.Response) ApiResponse(io.swagger.annotations.ApiResponse) User(io.gravitee.am.identityprovider.api.User) DomainNotFoundException(io.gravitee.am.service.exception.DomainNotFoundException) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 23 with Permission

use of io.gravitee.am.model.permissions.Permission in project gravitee-access-management by gravitee-io.

the class DomainResource method updateInternal.

private void updateInternal(String organizationId, String environmentId, String domainId, final PatchDomain patchDomain, final AsyncResponse response) {
    final User authenticatedUser = getAuthenticatedUser();
    Set<Permission> requiredPermissions = patchDomain.getRequiredPermissions();
    if (requiredPermissions.isEmpty()) {
        // If there is no require permission, it means there is nothing to update. This is not a valid request.
        response.resume(new BadRequestException("You need to specify at least one value to update."));
    } else {
        Completable.merge(requiredPermissions.stream().map(permission -> checkAnyPermission(organizationId, environmentId, domainId, permission, Acl.UPDATE)).collect(Collectors.toList())).andThen(domainService.patch(domainId, patchDomain, authenticatedUser).flatMap(domain -> findAllPermissions(authenticatedUser, organizationId, environmentId, domainId).map(userPermissions -> filterDomainInfos(domain, userPermissions)))).subscribe(response::resume, response::resume);
    }
}
Also used : Completable(io.reactivex.Completable) Permission(io.gravitee.am.model.permissions.Permission) Maybe(io.reactivex.Maybe) ApiParam(io.swagger.annotations.ApiParam) Autowired(org.springframework.beans.factory.annotation.Autowired) ApiResponses(io.swagger.annotations.ApiResponses) EntrypointService(io.gravitee.am.service.EntrypointService) PatchDomain(io.gravitee.am.service.model.PatchDomain) Valid(javax.validation.Valid) Acl(io.gravitee.am.model.Acl) ApiOperation(io.swagger.annotations.ApiOperation) Entrypoint(io.gravitee.am.model.Entrypoint) User(io.gravitee.am.identityprovider.api.User) AsyncResponse(javax.ws.rs.container.AsyncResponse) Set(java.util.Set) Domain(io.gravitee.am.model.Domain) DomainNotFoundException(io.gravitee.am.service.exception.DomainNotFoundException) NotNull(javax.validation.constraints.NotNull) Suspended(javax.ws.rs.container.Suspended) Collectors(java.util.stream.Collectors) List(java.util.List) MediaType(io.gravitee.common.http.MediaType) javax.ws.rs(javax.ws.rs) Response(javax.ws.rs.core.Response) ApiResponse(io.swagger.annotations.ApiResponse) User(io.gravitee.am.identityprovider.api.User) Permission(io.gravitee.am.model.permissions.Permission)

Example 24 with Permission

use of io.gravitee.am.model.permissions.Permission in project gravitee-access-management by gravitee-io.

the class MembersResource method addOrUpdateMember.

@POST
@Consumes(APPLICATION_JSON)
@Produces(APPLICATION_JSON)
@ApiOperation(value = "Add or update an organization member", notes = "User must have ORGANIZATION_MEMBER[READ] permission on the specified organization")
@ApiResponses({ @ApiResponse(code = 201, message = "Member has been added or updated successfully"), @ApiResponse(code = 400, message = "Membership parameter is not valid"), @ApiResponse(code = 500, message = "Internal server error") })
public void addOrUpdateMember(@PathParam("organizationId") String organizationId, @Valid @NotNull NewMembership newMembership, @Suspended final AsyncResponse response) {
    final User authenticatedUser = getAuthenticatedUser();
    final Membership membership = convert(newMembership);
    membership.setReferenceId(organizationId);
    membership.setReferenceType(ReferenceType.ORGANIZATION);
    checkPermission(ReferenceType.ORGANIZATION, organizationId, Permission.ORGANIZATION_MEMBER, Acl.CREATE).andThen(organizationService.findById(organizationId).flatMap(organization -> membershipService.addOrUpdate(organizationId, membership, authenticatedUser)).map(membership1 -> Response.created(URI.create("/organizations/" + organizationId + "/members/" + membership1.getId())).entity(membership1).build())).subscribe(response::resume, response::resume);
}
Also used : Permission(io.gravitee.am.model.permissions.Permission) Autowired(org.springframework.beans.factory.annotation.Autowired) MembershipListItem(io.gravitee.am.management.handlers.management.api.model.MembershipListItem) AbstractResource(io.gravitee.am.management.handlers.management.api.resources.AbstractResource) ApiResponses(io.swagger.annotations.ApiResponses) Valid(javax.validation.Valid) Acl(io.gravitee.am.model.Acl) ApiOperation(io.swagger.annotations.ApiOperation) User(io.gravitee.am.identityprovider.api.User) NewMembership(io.gravitee.am.service.model.NewMembership) ReferenceType(io.gravitee.am.model.ReferenceType) URI(java.net.URI) APPLICATION_JSON(javax.ws.rs.core.MediaType.APPLICATION_JSON) MembershipService(io.gravitee.am.service.MembershipService) Context(javax.ws.rs.core.Context) AsyncResponse(javax.ws.rs.container.AsyncResponse) Membership(io.gravitee.am.model.Membership) NotNull(javax.validation.constraints.NotNull) Suspended(javax.ws.rs.container.Suspended) MediaType(io.gravitee.common.http.MediaType) OrganizationService(io.gravitee.am.service.OrganizationService) javax.ws.rs(javax.ws.rs) Response(javax.ws.rs.core.Response) ApiResponse(io.swagger.annotations.ApiResponse) ResourceContext(javax.ws.rs.container.ResourceContext) User(io.gravitee.am.identityprovider.api.User) NewMembership(io.gravitee.am.service.model.NewMembership) Membership(io.gravitee.am.model.Membership) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 25 with Permission

use of io.gravitee.am.model.permissions.Permission in project gravitee-access-management by gravitee-io.

the class IdentityProviderResource method update.

@PUT
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Update an identity provider", notes = "User must have the DOMAIN_IDENTITY_PROVIDER[UPDATE] permission on the specified domain " + "or DOMAIN_IDENTITY_PROVIDER[UPDATE] permission on the specified environment " + "or DOMAIN_IDENTITY_PROVIDER[UPDATE] permission on the specified organization")
@ApiResponses({ @ApiResponse(code = 201, message = "Identity provider successfully updated", response = IdentityProvider.class), @ApiResponse(code = 500, message = "Internal server error") })
public void update(@PathParam("organizationId") String organizationId, @PathParam("environmentId") String environmentId, @PathParam("domain") String domain, @PathParam("identity") String identity, @ApiParam(name = "identity", required = true) @Valid @NotNull UpdateIdentityProvider updateIdentityProvider, @Suspended final AsyncResponse response) {
    final User authenticatedUser = getAuthenticatedUser();
    checkAnyPermission(organizationId, environmentId, domain, Permission.DOMAIN_IDENTITY_PROVIDER, Acl.UPDATE).andThen(domainService.findById(domain).switchIfEmpty(Maybe.error(new DomainNotFoundException(domain))).flatMapSingle(__ -> identityProviderService.update(domain, identity, updateIdentityProvider, authenticatedUser, false))).map(idp -> hideConfiguration(idp)).subscribe(response::resume, response::resume);
}
Also used : Permission(io.gravitee.am.model.permissions.Permission) Maybe(io.reactivex.Maybe) DomainService(io.gravitee.am.service.DomainService) ApiParam(io.swagger.annotations.ApiParam) Autowired(org.springframework.beans.factory.annotation.Autowired) IdentityProvider(io.gravitee.am.model.IdentityProvider) AbstractResource(io.gravitee.am.management.handlers.management.api.resources.AbstractResource) ApiResponses(io.swagger.annotations.ApiResponses) Valid(javax.validation.Valid) Acl(io.gravitee.am.model.Acl) ApiOperation(io.swagger.annotations.ApiOperation) User(io.gravitee.am.identityprovider.api.User) ReferenceType(io.gravitee.am.model.ReferenceType) IdentityProviderNotFoundException(io.gravitee.am.service.exception.IdentityProviderNotFoundException) Context(javax.ws.rs.core.Context) IdentityProviderServiceProxy(io.gravitee.am.management.service.IdentityProviderServiceProxy) AsyncResponse(javax.ws.rs.container.AsyncResponse) DomainNotFoundException(io.gravitee.am.service.exception.DomainNotFoundException) NotNull(javax.validation.constraints.NotNull) Suspended(javax.ws.rs.container.Suspended) UpdateIdentityProvider(io.gravitee.am.service.model.UpdateIdentityProvider) MediaType(io.gravitee.common.http.MediaType) javax.ws.rs(javax.ws.rs) Response(javax.ws.rs.core.Response) ApiResponse(io.swagger.annotations.ApiResponse) ResourceContext(javax.ws.rs.container.ResourceContext) User(io.gravitee.am.identityprovider.api.User) DomainNotFoundException(io.gravitee.am.service.exception.DomainNotFoundException) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

Permission (io.gravitee.am.model.permissions.Permission)56 Acl (io.gravitee.am.model.Acl)49 AsyncResponse (javax.ws.rs.container.AsyncResponse)49 Suspended (javax.ws.rs.container.Suspended)49 Autowired (org.springframework.beans.factory.annotation.Autowired)49 User (io.gravitee.am.identityprovider.api.User)47 MediaType (io.gravitee.common.http.MediaType)47 AbstractResource (io.gravitee.am.management.handlers.management.api.resources.AbstractResource)44 Response (javax.ws.rs.core.Response)41 javax.ws.rs (javax.ws.rs)40 Maybe (io.reactivex.Maybe)39 ResourceContext (javax.ws.rs.container.ResourceContext)39 Context (javax.ws.rs.core.Context)39 DomainService (io.gravitee.am.service.DomainService)38 DomainNotFoundException (io.gravitee.am.service.exception.DomainNotFoundException)37 Valid (javax.validation.Valid)36 NotNull (javax.validation.constraints.NotNull)36 ReferenceType (io.gravitee.am.model.ReferenceType)30 ApiOperation (io.swagger.annotations.ApiOperation)30 ApiResponses (io.swagger.annotations.ApiResponses)30
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial