Search in sources :

Example 1 with Permissions

use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApplicationAnalyticsResource method getApplicationAnalyticsHits.

@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get application analytics", notes = "User must have the APPLICATION_ANALYTICS[READ] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Application analytics"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.APPLICATION_ANALYTICS, acls = RolePermissionAction.READ) })
public Response getApplicationAnalyticsHits(@BeanParam AnalyticsParam analyticsParam) {
    analyticsParam.validate();
    Analytics analytics = null;
    switch(analyticsParam.getTypeParam().getValue()) {
        case DATE_HISTO:
            analytics = executeDateHisto(application, analyticsParam);
            break;
        case GROUP_BY:
            analytics = executeGroupBy(application, analyticsParam);
            break;
        case COUNT:
            analytics = executeCount(application, analyticsParam);
            break;
        case STATS:
            analytics = executeStats(application, analyticsParam);
            break;
    }
    return Response.ok(analytics).build();
}
Also used : Analytics(io.gravitee.rest.api.model.analytics.Analytics) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Example 2 with Permissions

use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApplicationSubscribedResource method getApiSubscribed.

@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "List APIs subscribed by the application", notes = "User must have the APPLICATION_SUBSCRIPTION permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Paged result of subscribed APIs", response = ApplicationEntity.class, responseContainer = "List"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.APPLICATION_SUBSCRIPTION, acls = RolePermissionAction.READ) })
public Collection<SubscribedApi> getApiSubscribed() {
    SubscriptionQuery subscriptionQuery = new SubscriptionQuery();
    subscriptionQuery.setApplication(application);
    Collection<SubscriptionEntity> subscriptions = subscriptionService.search(subscriptionQuery);
    return subscriptions.stream().map(SubscriptionEntity::getApi).distinct().map(api -> apiService.findById(api)).map(apiEntity -> new SubscribedApi(apiEntity.getId(), apiEntity.getName())).sorted((o1, o2) -> String.CASE_INSENSITIVE_ORDER.compare(o1.getName(), o2.getName())).collect(Collectors.toList());
}
Also used : RolePermissionAction(io.gravitee.rest.api.model.permissions.RolePermissionAction) PathParam(javax.ws.rs.PathParam) Context(javax.ws.rs.core.Context) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) Collection(java.util.Collection) SubscriptionEntity(io.gravitee.rest.api.model.SubscriptionEntity) Collectors(java.util.stream.Collectors) ApiService(io.gravitee.rest.api.service.ApiService) Permission(io.gravitee.rest.api.management.rest.security.Permission) Inject(javax.inject.Inject) SubscriptionService(io.gravitee.rest.api.service.SubscriptionService) MediaType(io.gravitee.common.http.MediaType) ResourceContext(javax.ws.rs.container.ResourceContext) io.swagger.annotations(io.swagger.annotations) SubscriptionQuery(io.gravitee.rest.api.model.subscription.SubscriptionQuery) Permissions(io.gravitee.rest.api.management.rest.security.Permissions) ApplicationEntity(io.gravitee.rest.api.model.ApplicationEntity) RolePermission(io.gravitee.rest.api.model.permissions.RolePermission) SubscriptionEntity(io.gravitee.rest.api.model.SubscriptionEntity) SubscriptionQuery(io.gravitee.rest.api.model.subscription.SubscriptionQuery) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Example 3 with Permissions

use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApplicationsResource method createApplication.

/**
 * Create a new application for the authenticated user.
 *
 * @param application
 * @return
 */
@POST
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Create an application", notes = "User must have MANAGEMENT_APPLICATION[CREATE] permission to create an application.")
@ApiResponses({ @ApiResponse(code = 201, message = "Application successfully created", response = ApplicationEntity.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_APPLICATION, acls = RolePermissionAction.CREATE) })
public Response createApplication(@ApiParam(name = "application", required = true) @Valid @NotNull(message = "An application must be provided") final NewApplicationEntity application) {
    // To preserve backward compatibility, ensure that we have at least default settings for simple application type
    if (application.getSettings() == null || (application.getSettings().getoAuthClient() == null && application.getSettings().getApp() == null)) {
        ApplicationSettings settings = new ApplicationSettings();
        SimpleApplicationSettings simpleAppSettings = new SimpleApplicationSettings();
        simpleAppSettings.setType(application.getType());
        simpleAppSettings.setClientId(application.getClientId());
        settings.setApp(simpleAppSettings);
        application.setSettings(settings);
    }
    ApplicationEntity newApplication = applicationService.create(application, getAuthenticatedUser());
    if (newApplication != null) {
        return Response.created(this.getLocationHeader(newApplication.getId())).entity(newApplication).build();
    }
    return Response.serverError().build();
}
Also used : ApplicationSettings(io.gravitee.rest.api.model.application.ApplicationSettings) SimpleApplicationSettings(io.gravitee.rest.api.model.application.SimpleApplicationSettings) SimpleApplicationSettings(io.gravitee.rest.api.model.application.SimpleApplicationSettings) NewApplicationEntity(io.gravitee.rest.api.model.NewApplicationEntity) ApplicationEntity(io.gravitee.rest.api.model.ApplicationEntity) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Example 4 with Permissions

use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApiPageResource method updateApiPage.

@PUT
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Update a page", notes = "User must have the MANAGE_PAGES permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "Page successfully updated", response = PageEntity.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_DOCUMENTATION, acls = RolePermissionAction.UPDATE) })
public PageEntity updateApiPage(@ApiParam(name = "page", required = true) @Valid @NotNull UpdatePageEntity updatePageEntity) {
    PageEntity existingPage = pageService.findById(page);
    if (existingPage.getType().equals(PageType.SYSTEM_FOLDER.name())) {
        throw new PageSystemFolderActionException("Update");
    } else if (existingPage.getType().equals(PageType.MARKDOWN_TEMPLATE.name())) {
        throw new PageMarkdownTemplateActionException("Update");
    }
    updatePageEntity.setLastContributor(getAuthenticatedUser());
    return pageService.update(page, updatePageEntity);
}
Also used : PageEntity(io.gravitee.rest.api.model.PageEntity) UpdatePageEntity(io.gravitee.rest.api.model.UpdatePageEntity) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Example 5 with Permissions

use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class ApiPageResource method partialUpdateApiPage.

@PATCH
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Update a page", notes = "User must have the MANAGE_PAGES permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "Page successfully updated", response = PageEntity.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_DOCUMENTATION, acls = RolePermissionAction.UPDATE) })
public PageEntity partialUpdateApiPage(@ApiParam(name = "page") UpdatePageEntity updatePageEntity) {
    PageEntity existingPage = pageService.findById(page);
    if (existingPage.getType().equals(PageType.SYSTEM_FOLDER.name())) {
        throw new PageSystemFolderActionException("Update");
    } else if (existingPage.getType().equals(PageType.MARKDOWN_TEMPLATE.name())) {
        throw new PageMarkdownTemplateActionException("Update");
    }
    updatePageEntity.setLastContributor(getAuthenticatedUser());
    return pageService.update(page, updatePageEntity, true);
}
Also used : PageEntity(io.gravitee.rest.api.model.PageEntity) UpdatePageEntity(io.gravitee.rest.api.model.UpdatePageEntity) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Aggregations

Permissions (io.gravitee.rest.api.management.rest.security.Permissions)48 ApiOperation (io.swagger.annotations.ApiOperation)11 GET (javax.ws.rs.GET)7 Produces (javax.ws.rs.Produces)7 MediaEntity (io.gravitee.rest.api.model.MediaEntity)6 ApiEntity (io.gravitee.rest.api.model.api.ApiEntity)6 ApiResponses (io.swagger.annotations.ApiResponses)6 MediaType (io.gravitee.common.http.MediaType)5 Permission (io.gravitee.rest.api.management.rest.security.Permission)5 PageEntity (io.gravitee.rest.api.model.PageEntity)5 RolePermission (io.gravitee.rest.api.model.permissions.RolePermission)5 UpdatePageEntity (io.gravitee.rest.api.model.UpdatePageEntity)4 LogQuery (io.gravitee.rest.api.model.analytics.query.LogQuery)4 RolePermissionAction (io.gravitee.rest.api.model.permissions.RolePermissionAction)4 UploadUnauthorized (io.gravitee.rest.api.service.exceptions.UploadUnauthorized)4 Collectors (java.util.stream.Collectors)4 Inject (javax.inject.Inject)4 InvalidImageException (io.gravitee.rest.api.exception.InvalidImageException)3 PagedResult (io.gravitee.rest.api.management.rest.model.PagedResult)3 GroupEntity (io.gravitee.rest.api.model.GroupEntity)3