Example 1 with MemberRoleEntity
use of io.gravitee.management.model.MemberRoleEntity in project gravitee-management-rest-api by gravitee-io.
the class GroupMembersResource method addOrUpdateMember.
@POST
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Add or update a group member")
@ApiResponses({ @ApiResponse(code = 201, message = "Member has been added"), @ApiResponse(code = 200, message = "Member has been updated"), @ApiResponse(code = 400, message = "Membership is not valid"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.MANAGEMENT_GROUP, acls = RolePermissionAction.CREATE), @Permission(value = RolePermission.MANAGEMENT_GROUP, acls = RolePermissionAction.UPDATE) })
public Response addOrUpdateMember(@PathParam("group") String group, @Valid @NotNull final GroupMembership membership) {
// Check that group exists
groupService.findById(group);
RoleEntity previousApiRole = null, previousApplicationRole = null;
if (membership.getId() != null) {
previousApiRole = membershipService.getRole(MembershipReferenceType.GROUP, group, membership.getId(), RoleScope.API);
previousApplicationRole = membershipService.getRole(MembershipReferenceType.GROUP, group, membership.getId(), RoleScope.APPLICATION);
}
// Process add / update before delete to avoid having a user without role
if (membership.getRoles() != null && !membership.getRoles().isEmpty()) {
MemberRoleEntity apiRole = membership.getRoles().stream().filter(r -> r.getRoleScope().equals(io.gravitee.management.model.permissions.RoleScope.API) && !r.getRoleName().isEmpty()).findFirst().orElse(null);
MemberRoleEntity applicationRole = membership.getRoles().stream().filter(r -> r.getRoleScope().equals(io.gravitee.management.model.permissions.RoleScope.APPLICATION) && !r.getRoleName().isEmpty()).findFirst().orElse(null);
MemberEntity updatedMembership = null;
// Add / Update
if (apiRole != null) {
updatedMembership = membershipService.addOrUpdateMember(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, group), new MembershipService.MembershipUser(membership.getId(), membership.getReference()), new MembershipService.MembershipRole(RoleScope.API, apiRole.getRoleName()));
}
if (applicationRole != null) {
updatedMembership = membershipService.addOrUpdateMember(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, group), new MembershipService.MembershipUser(membership.getId(), membership.getReference()), new MembershipService.MembershipRole(RoleScope.APPLICATION, applicationRole.getRoleName()));
}
// Delete
if (apiRole == null && previousApiRole != null) {
membershipService.removeRole(MembershipReferenceType.GROUP, group, updatedMembership.getId(), RoleScope.API);
}
if (applicationRole == null && previousApplicationRole != null) {
membershipService.removeRole(MembershipReferenceType.GROUP, group, updatedMembership.getId(), RoleScope.APPLICATION);
}
}
return Response.ok().build();
}
Also used :
RoleEntity(io.gravitee.management.model.RoleEntity)
MemberRoleEntity(io.gravitee.management.model.MemberRoleEntity)
MemberRoleEntity(io.gravitee.management.model.MemberRoleEntity)
GroupMemberEntity(io.gravitee.management.model.GroupMemberEntity)
MemberEntity(io.gravitee.management.model.MemberEntity)
ApiOperation(io.swagger.annotations.ApiOperation)
Permissions(io.gravitee.management.rest.security.Permissions)
ApiResponses(io.swagger.annotations.ApiResponses)
Aggregations
GroupMemberEntity (io.gravitee.management.model.GroupMemberEntity)1
MemberEntity (io.gravitee.management.model.MemberEntity)1
MemberRoleEntity (io.gravitee.management.model.MemberRoleEntity)1
RoleEntity (io.gravitee.management.model.RoleEntity)1
Permissions (io.gravitee.management.rest.security.Permissions)1
ApiOperation (io.swagger.annotations.ApiOperation)1
ApiResponses (io.swagger.annotations.ApiResponses)1
