Search in sources :

Example 46 with Permissions

use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class PoliciesResource method getSwaggerPolicy.

@GET
@Path("swagger")
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "List policies which are handling Swagger / OAI definition", notes = "These policies are used when importing an OAI to create an API")
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_API, acls = RolePermissionAction.READ) })
public List<PolicyListItem> getSwaggerPolicy() {
    return policyOperationVisitorManager.getPolicyVisitors().stream().filter(operationVisitor -> operationVisitor.display()).map(operationVisitor -> {
        PolicyListItem item = new PolicyListItem();
        item.setId(operationVisitor.getId());
        item.setName(operationVisitor.getName());
        return item;
    }).sorted(Comparator.comparing(PolicyListItem::getName)).collect(Collectors.toList());
}
Also used : RolePermissionAction(io.gravitee.rest.api.model.permissions.RolePermissionAction) Context(javax.ws.rs.core.Context) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) PolicyDevelopmentEntity(io.gravitee.rest.api.model.PolicyDevelopmentEntity) Collection(java.util.Collection) Path(javax.ws.rs.Path) PolicyService(io.gravitee.rest.api.service.PolicyService) PolicyOperationVisitorManager(io.gravitee.rest.api.service.impl.swagger.policy.PolicyOperationVisitorManager) Collectors(java.util.stream.Collectors) Permission(io.gravitee.rest.api.management.rest.security.Permission) Inject(javax.inject.Inject) ApiOperation(io.swagger.annotations.ApiOperation) List(java.util.List) MediaType(io.gravitee.common.http.MediaType) Stream(java.util.stream.Stream) QueryParam(javax.ws.rs.QueryParam) ResourceContext(javax.ws.rs.container.ResourceContext) PolicyEntity(io.gravitee.rest.api.model.PolicyEntity) Api(io.swagger.annotations.Api) Comparator(java.util.Comparator) Permissions(io.gravitee.rest.api.management.rest.security.Permissions) PolicyListItem(io.gravitee.rest.api.model.PolicyListItem) RolePermission(io.gravitee.rest.api.model.permissions.RolePermission) PolicyListItem(io.gravitee.rest.api.model.PolicyListItem) Path(javax.ws.rs.Path) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) ApiOperation(io.swagger.annotations.ApiOperation) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Example 47 with Permissions

use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class DictionaryResource method doLifecycleAction.

@POST
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Manage the dictionary's lifecycle", notes = "User must have the DICTIONARY[LIFECYCLE] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Dictionary state updated"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_DICTIONARY, acls = RolePermissionAction.UPDATE) })
public Response doLifecycleAction(@Context HttpHeaders headers, @ApiParam(required = true, allowableValues = "START, STOP") @QueryParam("action") LifecycleActionParam action, @PathParam("dictionary") String dictionary) {
    DictionaryEntity dictionaryEntity = dictionaryService.findById(dictionary);
    if (dictionaryEntity.getType() == DictionaryType.DYNAMIC) {
        switch(action.getAction()) {
            case START:
                checkLifecycle(dictionaryEntity, action.getAction());
                dictionaryEntity = dictionaryService.start(dictionary);
                break;
            case STOP:
                checkLifecycle(dictionaryEntity, action.getAction());
                dictionaryEntity = dictionaryService.stop(dictionary);
                break;
            default:
                dictionaryEntity = null;
                break;
        }
        return Response.ok(dictionaryEntity).tag(Long.toString(dictionaryEntity.getUpdatedAt().getTime())).lastModified(dictionaryEntity.getUpdatedAt()).build();
    }
    return Response.status(Response.Status.BAD_REQUEST).entity("A manual dictionary can not be started/stopped manually").build();
}
Also used : UpdateDictionaryEntity(io.gravitee.rest.api.model.configuration.dictionary.UpdateDictionaryEntity) DictionaryEntity(io.gravitee.rest.api.model.configuration.dictionary.DictionaryEntity) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Example 48 with Permissions

use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class UserResource method getUserMemberships.

@GET
@Path("/memberships")
@Produces(APPLICATION_JSON)
@ApiOperation(value = "List of memberships the user belongs to", notes = "User must have the ORGANIZATION_USERS[READ] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "List of user memberships"), @ApiResponse(code = 404, message = "User not found"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions(@Permission(value = RolePermission.ORGANIZATION_USERS, acls = RolePermissionAction.READ))
public UserMembershipList getUserMemberships(@QueryParam("type") String sType) {
    MembershipReferenceType type = null;
    if (sType != null) {
        type = MembershipReferenceType.valueOf(sType.toUpperCase());
    }
    List<UserMembership> userMemberships = membershipService.findUserMembership(type, userId);
    Metadata metadata = membershipService.findUserMembershipMetadata(userMemberships, type);
    UserMembershipList userMembershipList = new UserMembershipList();
    userMembershipList.setMemberships(userMemberships);
    userMembershipList.setMetadata(metadata.getMetadata());
    return userMembershipList;
}
Also used : Metadata(io.gravitee.rest.api.model.pagedresult.Metadata) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Aggregations

Permissions (io.gravitee.rest.api.management.rest.security.Permissions)48 ApiOperation (io.swagger.annotations.ApiOperation)11 GET (javax.ws.rs.GET)7 Produces (javax.ws.rs.Produces)7 MediaEntity (io.gravitee.rest.api.model.MediaEntity)6 ApiEntity (io.gravitee.rest.api.model.api.ApiEntity)6 ApiResponses (io.swagger.annotations.ApiResponses)6 MediaType (io.gravitee.common.http.MediaType)5 Permission (io.gravitee.rest.api.management.rest.security.Permission)5 PageEntity (io.gravitee.rest.api.model.PageEntity)5 RolePermission (io.gravitee.rest.api.model.permissions.RolePermission)5 UpdatePageEntity (io.gravitee.rest.api.model.UpdatePageEntity)4 LogQuery (io.gravitee.rest.api.model.analytics.query.LogQuery)4 RolePermissionAction (io.gravitee.rest.api.model.permissions.RolePermissionAction)4 UploadUnauthorized (io.gravitee.rest.api.service.exceptions.UploadUnauthorized)4 Collectors (java.util.stream.Collectors)4 Inject (javax.inject.Inject)4 InvalidImageException (io.gravitee.rest.api.exception.InvalidImageException)3 PagedResult (io.gravitee.rest.api.management.rest.model.PagedResult)3 GroupEntity (io.gravitee.rest.api.model.GroupEntity)3