Examples with Permissions io.gravitee.management.rest.security.Permissions used on opensource projects

Search in sources :

Example 1 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class PlatformEventsResource method listEvents.

@GET
@Produces(MediaType.APPLICATION_JSON)
@Permissions({ @Permission(value = RolePermission.MANAGEMENT_PLATFORM, acls = RolePermissionAction.READ) })
public Page<EventEntity> listEvents(@BeanParam EventSearchParam eventSearchParam) {
    eventSearchParam.validate();
    Map<String, Object> properties = new HashMap<>();
    if (eventSearchParam.getApiIdsParam() != null && eventSearchParam.getApiIdsParam().getIds() != null && !eventSearchParam.getApiIdsParam().getIds().isEmpty()) {
        properties.put(Event.EventProperties.API_ID.getValue(), eventSearchParam.getApiIdsParam().getIds());
    }
    Page<EventEntity> events = eventService.search(eventSearchParam.getEventTypeListParam().getEventTypes(), properties, eventSearchParam.getFrom(), eventSearchParam.getTo(), eventSearchParam.getPage(), eventSearchParam.getSize());
    events.getContent().forEach(event -> {
        Map<String, String> properties1 = event.getProperties();
        // Event relative to API
        if (properties1 != null && properties1.containsKey(Event.EventProperties.API_ID.getValue())) {
            // Remove payload content from response since it's not required anymore
            event.setPayload(null);
            // Retrieve additional data
            String apiId = properties1.get(Event.EventProperties.API_ID.getValue());
            ApiEntity api = apiService.findById(apiId);
            properties1.put("api_name", api.getName());
            properties1.put("api_version", api.getVersion());
        }
    });
    return events;
}
Also used : HashMap(java.util.HashMap) EventEntity(io.gravitee.management.model.EventEntity) ApiEntity(io.gravitee.management.model.ApiEntity) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) Permissions(io.gravitee.management.rest.security.Permissions)

Example 2 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class PortalPagesResource method createPage.

@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Create a page", notes = "User must be ADMIN to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "Page successfully created", response = PageEntity.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.PORTAL_DOCUMENTATION, acls = RolePermissionAction.CREATE) })
public Response createPage(@ApiParam(name = "page", required = true) @Valid @NotNull NewPageEntity newPageEntity) {
    int order = pageService.findMaxPortalPageOrder() + 1;
    newPageEntity.setOrder(order);
    newPageEntity.setLastContributor(getAuthenticatedUser());
    PageEntity newPage = pageService.createPortalPage(newPageEntity);
    if (newPage != null) {
        return Response.created(URI.create("/portal/pages/" + newPage.getId())).entity(newPage).build();
    }
    return Response.serverError().build();
}
Also used : UpdatePageEntity(io.gravitee.management.model.UpdatePageEntity) NewPageEntity(io.gravitee.management.model.NewPageEntity) PageEntity(io.gravitee.management.model.PageEntity) Permissions(io.gravitee.management.rest.security.Permissions)

Example 3 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApplicationSubscriptionsResource method createSubscription.

@POST
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Subscribe to a plan", notes = "User must have the MANAGE_SUBSCRIPTIONS permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "Subscription successfully created", response = Subscription.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.APPLICATION_SUBSCRIPTION, acls = RolePermissionAction.CREATE) })
public Response createSubscription(@PathParam("application") String application, @ApiParam(name = "plan", required = true) @NotNull @QueryParam("plan") String plan, NewSubscriptionEntity newSubscriptionEntity) {
    newSubscriptionEntity.setApplication(application);
    newSubscriptionEntity.setPlan(plan);
    Subscription subscription = convert(subscriptionService.create(newSubscriptionEntity));
    return Response.created(URI.create("/applications/" + application + "/subscriptions/" + subscription.getId())).entity(subscription).build();
}
Also used : Subscription(io.gravitee.management.rest.model.Subscription) Permissions(io.gravitee.management.rest.security.Permissions)

Example 4 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class AuditResource method list.

@GET
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Permissions({ @Permission(value = RolePermission.MANAGEMENT_AUDIT, acls = RolePermissionAction.READ) })
public MetadataPage<AuditEntity> list(@BeanParam AuditParam param) {
    AuditQuery query = new AuditQuery();
    query.setFrom(param.getFrom());
    query.setTo(param.getTo());
    query.setPage(param.getPage());
    query.setSize(param.getSize());
    if (param.isManagementLogsOnly()) {
        query.setManagementLogsOnly(true);
    } else {
        if (param.getApiId() != null) {
            query.setApiIds(Collections.singletonList(param.getApiId()));
        }
        if (param.getApplicationId() != null) {
            query.setApplicationIds(Collections.singletonList(param.getApplicationId()));
        }
    }
    if (param.getEvent() != null) {
        query.setEvents(Collections.singletonList(param.getEvent()));
    }
    return auditService.search(query);
}
Also used : AuditQuery(io.gravitee.management.model.audit.AuditQuery) Permissions(io.gravitee.management.rest.security.Permissions)

Example 5 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class GroupMembersResource method addOrUpdateMember.

@POST
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Add or update a group member")
@ApiResponses({ @ApiResponse(code = 201, message = "Member has been added"), @ApiResponse(code = 200, message = "Member has been updated"), @ApiResponse(code = 400, message = "Membership is not valid"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.MANAGEMENT_GROUP, acls = RolePermissionAction.CREATE), @Permission(value = RolePermission.MANAGEMENT_GROUP, acls = RolePermissionAction.UPDATE) })
public Response addOrUpdateMember(@PathParam("group") String group, @Valid @NotNull final GroupMembership membership) {
    // Check that group exists
    groupService.findById(group);
    RoleEntity previousApiRole = null, previousApplicationRole = null;
    if (membership.getId() != null) {
        previousApiRole = membershipService.getRole(MembershipReferenceType.GROUP, group, membership.getId(), RoleScope.API);
        previousApplicationRole = membershipService.getRole(MembershipReferenceType.GROUP, group, membership.getId(), RoleScope.APPLICATION);
    }
    // Process add / update before delete to avoid having a user without role
    if (membership.getRoles() != null && !membership.getRoles().isEmpty()) {
        MemberRoleEntity apiRole = membership.getRoles().stream().filter(r -> r.getRoleScope().equals(io.gravitee.management.model.permissions.RoleScope.API) && !r.getRoleName().isEmpty()).findFirst().orElse(null);
        MemberRoleEntity applicationRole = membership.getRoles().stream().filter(r -> r.getRoleScope().equals(io.gravitee.management.model.permissions.RoleScope.APPLICATION) && !r.getRoleName().isEmpty()).findFirst().orElse(null);
        MemberEntity updatedMembership = null;
        // Add / Update
        if (apiRole != null) {
            updatedMembership = membershipService.addOrUpdateMember(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, group), new MembershipService.MembershipUser(membership.getId(), membership.getReference()), new MembershipService.MembershipRole(RoleScope.API, apiRole.getRoleName()));
        }
        if (applicationRole != null) {
            updatedMembership = membershipService.addOrUpdateMember(new MembershipService.MembershipReference(MembershipReferenceType.GROUP, group), new MembershipService.MembershipUser(membership.getId(), membership.getReference()), new MembershipService.MembershipRole(RoleScope.APPLICATION, applicationRole.getRoleName()));
        }
        // Delete
        if (apiRole == null && previousApiRole != null) {
            membershipService.removeRole(MembershipReferenceType.GROUP, group, updatedMembership.getId(), RoleScope.API);
        }
        if (applicationRole == null && previousApplicationRole != null) {
            membershipService.removeRole(MembershipReferenceType.GROUP, group, updatedMembership.getId(), RoleScope.APPLICATION);
        }
    }
    return Response.ok().build();
}
Also used : RoleEntity(io.gravitee.management.model.RoleEntity) MemberRoleEntity(io.gravitee.management.model.MemberRoleEntity) MemberRoleEntity(io.gravitee.management.model.MemberRoleEntity) GroupMemberEntity(io.gravitee.management.model.GroupMemberEntity) MemberEntity(io.gravitee.management.model.MemberEntity) ApiOperation(io.swagger.annotations.ApiOperation) Permissions(io.gravitee.management.rest.security.Permissions) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

Permissions (io.gravitee.management.rest.security.Permissions)21 ApiOperation (io.swagger.annotations.ApiOperation)9 ApiResponses (io.swagger.annotations.ApiResponses)7 GET (javax.ws.rs.GET)5 Produces (javax.ws.rs.Produces)5 MemberEntity (io.gravitee.management.model.MemberEntity)4 ApplicationEntity (io.gravitee.management.model.ApplicationEntity)3 Analytics (io.gravitee.management.model.analytics.Analytics)3 LogQuery (io.gravitee.management.model.analytics.query.LogQuery)3 SubscriptionQuery (io.gravitee.management.model.subscription.SubscriptionQuery)3 MediaType (io.gravitee.common.http.MediaType)2 ApiEntity (io.gravitee.management.model.ApiEntity)2 GroupMemberEntity (io.gravitee.management.model.GroupMemberEntity)2 AuditQuery (io.gravitee.management.model.audit.AuditQuery)2 RolePermission (io.gravitee.management.model.permissions.RolePermission)2 RolePermissionAction (io.gravitee.management.model.permissions.RolePermissionAction)2 PagedResult (io.gravitee.management.rest.model.PagedResult)2 Permission (io.gravitee.management.rest.security.Permission)2 ApplicationService (io.gravitee.management.service.ApplicationService)2 MembershipService (io.gravitee.management.service.MembershipService)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial