use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class AuditResource method getAuditEvents.
@Path("/events")
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "List available audit event type for platform", notes = "User must have the MANAGEMENT_AUDIT[READ] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "List of audits", response = Audit.AuditEvent.class, responseContainer = "List"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_AUDIT, acls = RolePermissionAction.READ) })
public Response getAuditEvents() {
if (events.isEmpty()) {
Set<Class<? extends Audit.AuditEvent>> subTypesOf = new Reflections("io.gravitee.repository.management.model").getSubTypesOf(Audit.AuditEvent.class);
for (Class<? extends Audit.AuditEvent> clazz : subTypesOf) {
if (clazz.isEnum()) {
events.addAll(Arrays.asList(clazz.getEnumConstants()));
}
}
events.sort(Comparator.comparing(Audit.AuditEvent::name));
}
return Response.ok(events).build();
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class CategoryResource method updateCategory.
@PUT
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Update the category", notes = "User must have the PORTAL_CATEGORY[UPDATE] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Category successfully updated", response = CategoryEntity.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_CATEGORY, acls = RolePermissionAction.UPDATE) })
public Response updateCategory(@Valid @NotNull final UpdateCategoryEntity category) {
try {
ImageUtils.verify(category.getPicture());
ImageUtils.verify(category.getBackground());
} catch (InvalidImageException e) {
throw new BadRequestException("Invalid image format");
}
CategoryEntity categoryEntity = categoryService.update(categoryId, category);
setPictures(categoryEntity, false);
return Response.ok(categoryEntity).build();
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class PortalPageMediaResource method getPortalPageMedia.
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Retrieve all media for a Portal page", notes = "User must have the ENVIRONMENT_DOCUMENTATION[READ] permission to use this service")
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_DOCUMENTATION, acls = RolePermissionAction.READ) })
public Response getPortalPageMedia() {
final PageEntity currentPage = pageService.findById(page);
List<MediaEntity> pageMedia = mediaService.findAllWithoutContent(currentPage.getAttachedMedia());
if (pageMedia != null && !pageMedia.isEmpty()) {
return Response.ok(pageMedia).build();
}
return Response.noContent().build();
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class PortalPageMediaResource method attachPortalPageMedia.
@POST
@ApiOperation(value = "Attach a media to a portal page ", notes = "User must have the ENVIRONMENT_DOCUMENTATION[UPDATE] permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "Media successfully added", response = PageEntity.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_DOCUMENTATION, acls = RolePermissionAction.UPDATE) })
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_JSON)
public Response attachPortalPageMedia(@Context final HttpServletRequest request, @FormDataParam("file") InputStream uploadedInputStream, @FormDataParam("file") FormDataContentDisposition fileDetail, @FormDataParam("file") final FormDataBodyPart body, @FormDataParam("fileName") String fileName) throws IOException {
final String mediaId;
if (request.getContentLength() > this.mediaService.getMediaMaxSize()) {
throw new UploadUnauthorized("Max size is " + this.mediaService.getMediaMaxSize() + "bytes. Actual size is " + request.getContentLength() + "bytes.");
}
final String originalFileName = fileDetail.getFileName();
MediaEntity mediaEntity = new MediaEntity();
mediaEntity.setSize(fileDetail.getSize());
mediaEntity.setType(body.getMediaType().getType());
mediaEntity.setSubType(body.getMediaType().getSubtype());
mediaEntity.setData(IOUtils.toByteArray(uploadedInputStream));
mediaEntity.setFileName(originalFileName);
mediaId = mediaService.savePortalMedia(mediaEntity);
pageService.attachMedia(page, mediaId, fileName == null ? originalFileName : fileName);
// remove data before sending entity
mediaEntity.setData(null);
return Response.ok(mediaEntity).build();
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class PlatformLogsResource method getPlatformLogs.
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get platform logs", notes = "User must have the MANAGEMENT_PLATFORM[READ] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Platform logs", response = SearchLogResponse.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_PLATFORM, acls = RolePermissionAction.READ) })
public SearchLogResponse getPlatformLogs(@BeanParam LogsParam param) {
param.validate();
LogQuery logQuery = new LogQuery();
logQuery.setQuery(param.getQuery());
logQuery.setPage(param.getPage());
logQuery.setSize(param.getSize());
logQuery.setFrom(param.getFrom());
logQuery.setTo(param.getTo());
logQuery.setField(param.getField());
logQuery.setOrder(param.isOrder());
return logsService.findPlatform(logQuery);
}
Aggregations