use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class PoliciesResource method getSwaggerPolicy.
@GET
@Path("swagger")
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "List policies which are handling Swagger / OAI definition", notes = "These policies are used when importing an OAI to create an API")
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_API, acls = RolePermissionAction.READ) })
public List<PolicyListItem> getSwaggerPolicy() {
return policyOperationVisitorManager.getPolicyVisitors().stream().filter(operationVisitor -> operationVisitor.display()).map(operationVisitor -> {
PolicyListItem item = new PolicyListItem();
item.setId(operationVisitor.getId());
item.setName(operationVisitor.getName());
return item;
}).sorted(Comparator.comparing(PolicyListItem::getName)).collect(Collectors.toList());
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class DictionaryResource method doLifecycleAction.
@POST
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Manage the dictionary's lifecycle", notes = "User must have the DICTIONARY[LIFECYCLE] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Dictionary state updated"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_DICTIONARY, acls = RolePermissionAction.UPDATE) })
public Response doLifecycleAction(@Context HttpHeaders headers, @ApiParam(required = true, allowableValues = "START, STOP") @QueryParam("action") LifecycleActionParam action, @PathParam("dictionary") String dictionary) {
DictionaryEntity dictionaryEntity = dictionaryService.findById(dictionary);
if (dictionaryEntity.getType() == DictionaryType.DYNAMIC) {
switch(action.getAction()) {
case START:
checkLifecycle(dictionaryEntity, action.getAction());
dictionaryEntity = dictionaryService.start(dictionary);
break;
case STOP:
checkLifecycle(dictionaryEntity, action.getAction());
dictionaryEntity = dictionaryService.stop(dictionary);
break;
default:
dictionaryEntity = null;
break;
}
return Response.ok(dictionaryEntity).tag(Long.toString(dictionaryEntity.getUpdatedAt().getTime())).lastModified(dictionaryEntity.getUpdatedAt()).build();
}
return Response.status(Response.Status.BAD_REQUEST).entity("A manual dictionary can not be started/stopped manually").build();
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class UserResource method getUserMemberships.
@GET
@Path("/memberships")
@Produces(APPLICATION_JSON)
@ApiOperation(value = "List of memberships the user belongs to", notes = "User must have the ORGANIZATION_USERS[READ] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "List of user memberships"), @ApiResponse(code = 404, message = "User not found"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions(@Permission(value = RolePermission.ORGANIZATION_USERS, acls = RolePermissionAction.READ))
public UserMembershipList getUserMemberships(@QueryParam("type") String sType) {
MembershipReferenceType type = null;
if (sType != null) {
type = MembershipReferenceType.valueOf(sType.toUpperCase());
}
List<UserMembership> userMemberships = membershipService.findUserMembership(type, userId);
Metadata metadata = membershipService.findUserMembershipMetadata(userMemberships, type);
UserMembershipList userMembershipList = new UserMembershipList();
userMembershipList.setMemberships(userMemberships);
userMembershipList.setMetadata(metadata.getMetadata());
return userMembershipList;
}
Aggregations