Examples with Permissions io.gravitee.management.rest.security.Permissions used on opensource projects

Search in sources :

Example 16 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApplicationMembersResource method getPermissions.

@GET
@Path("/permissions")
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get application members", notes = "User must have the APPLICATION_MEMBER permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Application member's permissions", response = MemberEntity.class, responseContainer = "List"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.APPLICATION_MEMBER, acls = RolePermissionAction.READ) })
public Response getPermissions(@PathParam("application") String application) {
    Map<String, char[]> permissions = new HashMap<>();
    if (isAuthenticated()) {
        final String username = getAuthenticatedUser();
        final ApplicationEntity applicationEntity = applicationService.findById(application);
        if (isAdmin()) {
            final char[] rights = new char[] { CREATE.getId(), READ.getId(), UPDATE.getId(), DELETE.getId() };
            for (ApplicationPermission perm : ApplicationPermission.values()) {
                permissions.put(perm.getName(), rights);
            }
        } else {
            permissions = membershipService.getMemberPermissions(applicationEntity, username);
        }
    }
    return Response.ok(permissions).build();
}
Also used : HashMap(java.util.HashMap) ApplicationEntity(io.gravitee.management.model.ApplicationEntity) ApplicationPermission(io.gravitee.management.model.permissions.ApplicationPermission) Permissions(io.gravitee.management.rest.security.Permissions)

Example 17 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApplicationMembersResource method addOrUpdateApplicationMember.

@POST
@ApiOperation(value = "Add or update an application member", notes = "User must have the MANAGE_MEMBERS permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "Member has been added or updated successfully"), @ApiResponse(code = 400, message = "Membership parameter is not valid"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.APPLICATION_MEMBER, acls = RolePermissionAction.CREATE), @Permission(value = RolePermission.APPLICATION_MEMBER, acls = RolePermissionAction.UPDATE) })
public Response addOrUpdateApplicationMember(@PathParam("application") String application, @Valid @NotNull ApplicationMembership applicationMembership) {
    if (PRIMARY_OWNER.name().equals(applicationMembership.getRole())) {
        throw new SinglePrimaryOwnerException(RoleScope.APPLICATION);
    }
    applicationService.findById(application);
    MemberEntity membership = membershipService.addOrUpdateMember(new MembershipService.MembershipReference(MembershipReferenceType.APPLICATION, application), new MembershipService.MembershipUser(applicationMembership.getId(), applicationMembership.getReference()), new MembershipService.MembershipRole(RoleScope.APPLICATION, applicationMembership.getRole()));
    return Response.created(URI.create("/applications/" + application + "/members/" + membership.getId())).build();
}
Also used : SinglePrimaryOwnerException(io.gravitee.management.service.exceptions.SinglePrimaryOwnerException) MembershipService(io.gravitee.management.service.MembershipService) MemberEntity(io.gravitee.management.model.MemberEntity) Permissions(io.gravitee.management.rest.security.Permissions)

Example 18 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApplicationSubscriptionsResource method listApplicationSubscriptions.

@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "List subscriptions for the application", notes = "User must have the READ_SUBSCRIPTION permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Paged result of application's subscriptions", response = PagedResult.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.APPLICATION_SUBSCRIPTION, acls = RolePermissionAction.READ) })
public PagedResult<SubscriptionEntity> listApplicationSubscriptions(@BeanParam SubscriptionParam subscriptionParam, @Valid @BeanParam Pageable pageable) {
    // Transform query parameters to a subscription query
    SubscriptionQuery subscriptionQuery = subscriptionParam.toQuery();
    Page<SubscriptionEntity> subscriptions = subscriptionService.search(subscriptionQuery, pageable.toPageable());
    PagedResult<SubscriptionEntity> result = new PagedResult<>(subscriptions, pageable.getSize());
    result.setMetadata(subscriptionService.getMetadata(subscriptions.getContent()).getMetadata());
    return result;
}
Also used : SubscriptionQuery(io.gravitee.management.model.subscription.SubscriptionQuery) PagedResult(io.gravitee.management.rest.model.PagedResult) Permissions(io.gravitee.management.rest.security.Permissions)

Example 19 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApiSubscribersResource method listApiSubscribers.

@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "List subscribers for the API", notes = "User must have the MANAGE_SUBSCRIPTIONS permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Paged result of API subscribers", response = ApplicationEntity.class, responseContainer = "List"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_SUBSCRIPTION, acls = RolePermissionAction.READ) })
public Collection<ApplicationEntity> listApiSubscribers(@PathParam("api") String api) {
    SubscriptionQuery subscriptionQuery = new SubscriptionQuery();
    subscriptionQuery.setApi(api);
    Collection<SubscriptionEntity> subscriptions = subscriptionService.search(subscriptionQuery);
    return subscriptions.stream().map(SubscriptionEntity::getApplication).distinct().map(application -> applicationService.findById(application)).sorted((o1, o2) -> String.CASE_INSENSITIVE_ORDER.compare(o1.getName(), o2.getName())).collect(Collectors.toList());
}
Also used : SubscriptionQuery(io.gravitee.management.model.subscription.SubscriptionQuery) Permission(io.gravitee.management.rest.security.Permission) PathParam(javax.ws.rs.PathParam) Context(javax.ws.rs.core.Context) SubscriptionService(io.gravitee.management.service.SubscriptionService) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) Collection(java.util.Collection) RolePermission(io.gravitee.management.model.permissions.RolePermission) RolePermissionAction(io.gravitee.management.model.permissions.RolePermissionAction) ApplicationEntity(io.gravitee.management.model.ApplicationEntity) Permissions(io.gravitee.management.rest.security.Permissions) ApiResponses(io.swagger.annotations.ApiResponses) Function(java.util.function.Function) Collectors(java.util.stream.Collectors) ApplicationService(io.gravitee.management.service.ApplicationService) Inject(javax.inject.Inject) ApiOperation(io.swagger.annotations.ApiOperation) MediaType(io.gravitee.common.http.MediaType) ApiResponse(io.swagger.annotations.ApiResponse) ResourceContext(javax.ws.rs.container.ResourceContext) SubscriptionEntity(io.gravitee.management.model.SubscriptionEntity) Api(io.swagger.annotations.Api) SubscriptionEntity(io.gravitee.management.model.SubscriptionEntity) SubscriptionQuery(io.gravitee.management.model.subscription.SubscriptionQuery) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) Permissions(io.gravitee.management.rest.security.Permissions) ApiResponses(io.swagger.annotations.ApiResponses)

Example 20 with Permissions

use of io.gravitee.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApiSubscriptionsResource method createSubscription.

@POST
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Subscribe to a plan", notes = "User must have the MANAGE_SUBSCRIPTIONS permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "Subscription successfully created", response = Subscription.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_SUBSCRIPTION, acls = RolePermissionAction.CREATE) })
public Response createSubscription(@PathParam("api") String api, @ApiParam(name = "application", required = true) @NotNull @QueryParam("application") String application, @ApiParam(name = "plan", required = true) @NotNull @QueryParam("plan") String plan) {
    // Create subscription
    SubscriptionEntity subscription = subscriptionService.create(new NewSubscriptionEntity(plan, application));
    if (subscription.getStatus() == SubscriptionStatus.PENDING) {
        ProcessSubscriptionEntity process = new ProcessSubscriptionEntity();
        process.setId(subscription.getId());
        process.setAccepted(true);
        process.setStartingAt(new Date());
        subscription = subscriptionService.process(process, getAuthenticatedUser());
    }
    return Response.created(URI.create("/apis/" + api + "/subscriptions/" + subscription.getId())).entity(convert(subscription)).build();
}
Also used : Date(java.util.Date) Permissions(io.gravitee.management.rest.security.Permissions)

Aggregations

Permissions (io.gravitee.management.rest.security.Permissions)21 ApiOperation (io.swagger.annotations.ApiOperation)9 ApiResponses (io.swagger.annotations.ApiResponses)7 GET (javax.ws.rs.GET)5 Produces (javax.ws.rs.Produces)5 MemberEntity (io.gravitee.management.model.MemberEntity)4 ApplicationEntity (io.gravitee.management.model.ApplicationEntity)3 Analytics (io.gravitee.management.model.analytics.Analytics)3 LogQuery (io.gravitee.management.model.analytics.query.LogQuery)3 SubscriptionQuery (io.gravitee.management.model.subscription.SubscriptionQuery)3 MediaType (io.gravitee.common.http.MediaType)2 ApiEntity (io.gravitee.management.model.ApiEntity)2 GroupMemberEntity (io.gravitee.management.model.GroupMemberEntity)2 AuditQuery (io.gravitee.management.model.audit.AuditQuery)2 RolePermission (io.gravitee.management.model.permissions.RolePermission)2 RolePermissionAction (io.gravitee.management.model.permissions.RolePermissionAction)2 PagedResult (io.gravitee.management.rest.model.PagedResult)2 Permission (io.gravitee.management.rest.security.Permission)2 ApplicationService (io.gravitee.management.service.ApplicationService)2 MembershipService (io.gravitee.management.service.MembershipService)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial