use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiAnalyticsResource method hits.
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation("Get API analytics")
@Permissions({ @Permission(value = RolePermission.API_ANALYTICS, acls = RolePermissionAction.READ) })
public Response hits(@PathParam("api") String api, @BeanParam AnalyticsParam analyticsParam) {
analyticsParam.validate();
Analytics analytics = null;
switch(analyticsParam.getType()) {
case DATE_HISTO:
analytics = executeDateHisto(api, analyticsParam);
break;
case GROUP_BY:
analytics = executeGroupBy(api, analyticsParam);
break;
case COUNT:
analytics = executeCount(api, analyticsParam);
break;
}
return Response.ok(analytics).build();
}
use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiAuditResource method list.
@GET
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Permissions({ @Permission(value = RolePermission.API_AUDIT, acls = RolePermissionAction.READ) })
public MetadataPage<AuditEntity> list(@PathParam("api") String api, @BeanParam AuditParam param) {
AuditQuery query = new AuditQuery();
query.setFrom(param.getFrom());
query.setTo(param.getTo());
query.setPage(param.getPage());
query.setSize(param.getSize());
query.setApiIds(Collections.singletonList(api));
query.setApplicationIds(Collections.emptyList());
query.setManagementLogsOnly(false);
if (param.getEvent() != null) {
query.setEvents(Collections.singletonList(param.getEvent()));
}
return auditService.search(query);
}
use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiHealthResource method healthcheckLogs.
@GET
@Path("logs")
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Health-check logs")
@ApiResponses({ @ApiResponse(code = 200, message = "API logs"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_HEALTH, acls = RolePermissionAction.READ) })
public SearchLogResponse healthcheckLogs(@PathParam("api") String api, @BeanParam LogsParam param) {
param.validate();
LogQuery logQuery = new LogQuery();
logQuery.setQuery(param.getQuery());
logQuery.setPage(param.getPage());
logQuery.setSize(param.getSize());
return healthCheckService.findByApi(api, logQuery);
}
use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiKeysResource method updateApiKey.
@PUT
@Path("{key}")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Update an API Key", notes = "User must have the MANAGE_API_KEYS permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "API Key successfully updated", response = ApiKeyEntity.class), @ApiResponse(code = 400, message = "Bad plan format"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_SUBSCRIPTION, acls = RolePermissionAction.UPDATE) })
public Response updateApiKey(@PathParam("api") String api, @PathParam("key") String apiKey, @Valid @NotNull ApiKeyEntity apiKeyEntity) {
if (apiKeyEntity.getKey() != null && !apiKey.equals(apiKeyEntity.getKey())) {
return Response.status(Response.Status.BAD_REQUEST).entity("'apiKey' parameter does not correspond to the api-key to update").build();
}
// Force API Key
apiKeyEntity.setKey(apiKey);
ApiKeyEntity keyEntity = apiKeyService.update(apiKeyEntity);
return Response.ok(keyEntity).build();
}
use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiMembersResource method addOrUpdateApiMember.
@POST
@ApiOperation(value = "Add or update an API member", notes = "User must have the MANAGE_MEMBERS permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "Member has been added or updated successfully"), @ApiResponse(code = 400, message = "Membership parameter is not valid"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_MEMBER, acls = RolePermissionAction.CREATE), @Permission(value = RolePermission.API_MEMBER, acls = RolePermissionAction.UPDATE) })
public Response addOrUpdateApiMember(@PathParam("api") String api, @Valid @NotNull ApiMembership apiMembership) {
if (PRIMARY_OWNER.name().equals(apiMembership.getRole())) {
throw new SinglePrimaryOwnerException(RoleScope.API);
}
apiService.findById(api);
MemberEntity membership = membershipService.addOrUpdateMember(new MembershipService.MembershipReference(MembershipReferenceType.API, api), new MembershipService.MembershipUser(apiMembership.getId(), apiMembership.getReference()), new MembershipService.MembershipRole(RoleScope.API, apiMembership.getRole()));
return Response.created(URI.create("/apis/" + api + "/members/" + membership.getId())).build();
}
Aggregations