Search in sources :

Example 6 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApiAnalyticsResource method hits.

@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation("Get API analytics")
@Permissions({ @Permission(value = RolePermission.API_ANALYTICS, acls = RolePermissionAction.READ) })
public Response hits(@PathParam("api") String api, @BeanParam AnalyticsParam analyticsParam) {
    analyticsParam.validate();
    Analytics analytics = null;
    switch(analyticsParam.getType()) {
        case DATE_HISTO:
            analytics = executeDateHisto(api, analyticsParam);
            break;
        case GROUP_BY:
            analytics = executeGroupBy(api, analyticsParam);
            break;
        case COUNT:
            analytics = executeCount(api, analyticsParam);
            break;
    }
    return Response.ok(analytics).build();
}
Also used : Analytics(io.gravitee.management.model.analytics.Analytics) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) Permissions(io.gravitee.management.rest.security.Permissions)

Example 7 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApiAuditResource method list.

@GET
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Permissions({ @Permission(value = RolePermission.API_AUDIT, acls = RolePermissionAction.READ) })
public MetadataPage<AuditEntity> list(@PathParam("api") String api, @BeanParam AuditParam param) {
    AuditQuery query = new AuditQuery();
    query.setFrom(param.getFrom());
    query.setTo(param.getTo());
    query.setPage(param.getPage());
    query.setSize(param.getSize());
    query.setApiIds(Collections.singletonList(api));
    query.setApplicationIds(Collections.emptyList());
    query.setManagementLogsOnly(false);
    if (param.getEvent() != null) {
        query.setEvents(Collections.singletonList(param.getEvent()));
    }
    return auditService.search(query);
}
Also used : AuditQuery(io.gravitee.management.model.audit.AuditQuery) Permissions(io.gravitee.management.rest.security.Permissions)

Example 8 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApiHealthResource method healthcheckLogs.

@GET
@Path("logs")
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Health-check logs")
@ApiResponses({ @ApiResponse(code = 200, message = "API logs"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_HEALTH, acls = RolePermissionAction.READ) })
public SearchLogResponse healthcheckLogs(@PathParam("api") String api, @BeanParam LogsParam param) {
    param.validate();
    LogQuery logQuery = new LogQuery();
    logQuery.setQuery(param.getQuery());
    logQuery.setPage(param.getPage());
    logQuery.setSize(param.getSize());
    return healthCheckService.findByApi(api, logQuery);
}
Also used : LogQuery(io.gravitee.management.model.analytics.query.LogQuery) ApiOperation(io.swagger.annotations.ApiOperation) Permissions(io.gravitee.management.rest.security.Permissions) ApiResponses(io.swagger.annotations.ApiResponses)

Example 9 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApiKeysResource method updateApiKey.

@PUT
@Path("{key}")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Update an API Key", notes = "User must have the MANAGE_API_KEYS permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "API Key successfully updated", response = ApiKeyEntity.class), @ApiResponse(code = 400, message = "Bad plan format"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_SUBSCRIPTION, acls = RolePermissionAction.UPDATE) })
public Response updateApiKey(@PathParam("api") String api, @PathParam("key") String apiKey, @Valid @NotNull ApiKeyEntity apiKeyEntity) {
    if (apiKeyEntity.getKey() != null && !apiKey.equals(apiKeyEntity.getKey())) {
        return Response.status(Response.Status.BAD_REQUEST).entity("'apiKey' parameter does not correspond to the api-key to update").build();
    }
    // Force API Key
    apiKeyEntity.setKey(apiKey);
    ApiKeyEntity keyEntity = apiKeyService.update(apiKeyEntity);
    return Response.ok(keyEntity).build();
}
Also used : ApiKeyEntity(io.gravitee.management.model.ApiKeyEntity) ApiOperation(io.swagger.annotations.ApiOperation) Permissions(io.gravitee.management.rest.security.Permissions) ApiResponses(io.swagger.annotations.ApiResponses)

Example 10 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApiMembersResource method addOrUpdateApiMember.

@POST
@ApiOperation(value = "Add or update an API member", notes = "User must have the MANAGE_MEMBERS permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "Member has been added or updated successfully"), @ApiResponse(code = 400, message = "Membership parameter is not valid"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_MEMBER, acls = RolePermissionAction.CREATE), @Permission(value = RolePermission.API_MEMBER, acls = RolePermissionAction.UPDATE) })
public Response addOrUpdateApiMember(@PathParam("api") String api, @Valid @NotNull ApiMembership apiMembership) {
    if (PRIMARY_OWNER.name().equals(apiMembership.getRole())) {
        throw new SinglePrimaryOwnerException(RoleScope.API);
    }
    apiService.findById(api);
    MemberEntity membership = membershipService.addOrUpdateMember(new MembershipService.MembershipReference(MembershipReferenceType.API, api), new MembershipService.MembershipUser(apiMembership.getId(), apiMembership.getReference()), new MembershipService.MembershipRole(RoleScope.API, apiMembership.getRole()));
    return Response.created(URI.create("/apis/" + api + "/members/" + membership.getId())).build();
}
Also used : SinglePrimaryOwnerException(io.gravitee.management.service.exceptions.SinglePrimaryOwnerException) MembershipService(io.gravitee.management.service.MembershipService) MemberEntity(io.gravitee.management.model.MemberEntity) Permissions(io.gravitee.management.rest.security.Permissions)

Aggregations

Permissions (io.gravitee.management.rest.security.Permissions)21 ApiOperation (io.swagger.annotations.ApiOperation)9 ApiResponses (io.swagger.annotations.ApiResponses)7 GET (javax.ws.rs.GET)5 Produces (javax.ws.rs.Produces)5 MemberEntity (io.gravitee.management.model.MemberEntity)4 ApplicationEntity (io.gravitee.management.model.ApplicationEntity)3 Analytics (io.gravitee.management.model.analytics.Analytics)3 LogQuery (io.gravitee.management.model.analytics.query.LogQuery)3 SubscriptionQuery (io.gravitee.management.model.subscription.SubscriptionQuery)3 MediaType (io.gravitee.common.http.MediaType)2 ApiEntity (io.gravitee.management.model.ApiEntity)2 GroupMemberEntity (io.gravitee.management.model.GroupMemberEntity)2 AuditQuery (io.gravitee.management.model.audit.AuditQuery)2 RolePermission (io.gravitee.management.model.permissions.RolePermission)2 RolePermissionAction (io.gravitee.management.model.permissions.RolePermissionAction)2 PagedResult (io.gravitee.management.rest.model.PagedResult)2 Permission (io.gravitee.management.rest.security.Permission)2 ApplicationService (io.gravitee.management.service.ApplicationService)2 MembershipService (io.gravitee.management.service.MembershipService)2