Search in sources :

Example 11 with Permissions

use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class AuditResource method getAuditEvents.

@Path("/events")
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "List available audit event type for platform", notes = "User must have the MANAGEMENT_AUDIT[READ] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "List of audits", response = Audit.AuditEvent.class, responseContainer = "List"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_AUDIT, acls = RolePermissionAction.READ) })
public Response getAuditEvents() {
    if (events.isEmpty()) {
        Set<Class<? extends Audit.AuditEvent>> subTypesOf = new Reflections("io.gravitee.repository.management.model").getSubTypesOf(Audit.AuditEvent.class);
        for (Class<? extends Audit.AuditEvent> clazz : subTypesOf) {
            if (clazz.isEnum()) {
                events.addAll(Arrays.asList(clazz.getEnumConstants()));
            }
        }
        events.sort(Comparator.comparing(Audit.AuditEvent::name));
    }
    return Response.ok(events).build();
}
Also used : Audit(io.gravitee.repository.management.model.Audit) Reflections(org.reflections.Reflections) ApiOperation(io.swagger.annotations.ApiOperation) Permissions(io.gravitee.rest.api.management.rest.security.Permissions) ApiResponses(io.swagger.annotations.ApiResponses)

Example 12 with Permissions

use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class CategoryResource method updateCategory.

@PUT
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Update the category", notes = "User must have the PORTAL_CATEGORY[UPDATE] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Category successfully updated", response = CategoryEntity.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_CATEGORY, acls = RolePermissionAction.UPDATE) })
public Response updateCategory(@Valid @NotNull final UpdateCategoryEntity category) {
    try {
        ImageUtils.verify(category.getPicture());
        ImageUtils.verify(category.getBackground());
    } catch (InvalidImageException e) {
        throw new BadRequestException("Invalid image format");
    }
    CategoryEntity categoryEntity = categoryService.update(categoryId, category);
    setPictures(categoryEntity, false);
    return Response.ok(categoryEntity).build();
}
Also used : InvalidImageException(io.gravitee.rest.api.exception.InvalidImageException) CategoryEntity(io.gravitee.rest.api.model.CategoryEntity) UpdateCategoryEntity(io.gravitee.rest.api.model.UpdateCategoryEntity) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Example 13 with Permissions

use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class PortalPageMediaResource method getPortalPageMedia.

@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Retrieve all media for a Portal page", notes = "User must have the ENVIRONMENT_DOCUMENTATION[READ] permission to use this service")
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_DOCUMENTATION, acls = RolePermissionAction.READ) })
public Response getPortalPageMedia() {
    final PageEntity currentPage = pageService.findById(page);
    List<MediaEntity> pageMedia = mediaService.findAllWithoutContent(currentPage.getAttachedMedia());
    if (pageMedia != null && !pageMedia.isEmpty()) {
        return Response.ok(pageMedia).build();
    }
    return Response.noContent().build();
}
Also used : PageEntity(io.gravitee.rest.api.model.PageEntity) MediaEntity(io.gravitee.rest.api.model.MediaEntity) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Example 14 with Permissions

use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class PortalPageMediaResource method attachPortalPageMedia.

@POST
@ApiOperation(value = "Attach a media to a portal page ", notes = "User must have the ENVIRONMENT_DOCUMENTATION[UPDATE] permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "Media successfully added", response = PageEntity.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_DOCUMENTATION, acls = RolePermissionAction.UPDATE) })
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_JSON)
public Response attachPortalPageMedia(@Context final HttpServletRequest request, @FormDataParam("file") InputStream uploadedInputStream, @FormDataParam("file") FormDataContentDisposition fileDetail, @FormDataParam("file") final FormDataBodyPart body, @FormDataParam("fileName") String fileName) throws IOException {
    final String mediaId;
    if (request.getContentLength() > this.mediaService.getMediaMaxSize()) {
        throw new UploadUnauthorized("Max size is " + this.mediaService.getMediaMaxSize() + "bytes. Actual size is " + request.getContentLength() + "bytes.");
    }
    final String originalFileName = fileDetail.getFileName();
    MediaEntity mediaEntity = new MediaEntity();
    mediaEntity.setSize(fileDetail.getSize());
    mediaEntity.setType(body.getMediaType().getType());
    mediaEntity.setSubType(body.getMediaType().getSubtype());
    mediaEntity.setData(IOUtils.toByteArray(uploadedInputStream));
    mediaEntity.setFileName(originalFileName);
    mediaId = mediaService.savePortalMedia(mediaEntity);
    pageService.attachMedia(page, mediaId, fileName == null ? originalFileName : fileName);
    // remove data before sending entity
    mediaEntity.setData(null);
    return Response.ok(mediaEntity).build();
}
Also used : UploadUnauthorized(io.gravitee.rest.api.service.exceptions.UploadUnauthorized) MediaEntity(io.gravitee.rest.api.model.MediaEntity) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Example 15 with Permissions

use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.

the class PlatformLogsResource method getPlatformLogs.

@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get platform logs", notes = "User must have the MANAGEMENT_PLATFORM[READ] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Platform logs", response = SearchLogResponse.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.ENVIRONMENT_PLATFORM, acls = RolePermissionAction.READ) })
public SearchLogResponse getPlatformLogs(@BeanParam LogsParam param) {
    param.validate();
    LogQuery logQuery = new LogQuery();
    logQuery.setQuery(param.getQuery());
    logQuery.setPage(param.getPage());
    logQuery.setSize(param.getSize());
    logQuery.setFrom(param.getFrom());
    logQuery.setTo(param.getTo());
    logQuery.setField(param.getField());
    logQuery.setOrder(param.isOrder());
    return logsService.findPlatform(logQuery);
}
Also used : LogQuery(io.gravitee.rest.api.model.analytics.query.LogQuery) ApiOperation(io.swagger.annotations.ApiOperation) Permissions(io.gravitee.rest.api.management.rest.security.Permissions) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

Permissions (io.gravitee.rest.api.management.rest.security.Permissions)48 ApiOperation (io.swagger.annotations.ApiOperation)11 GET (javax.ws.rs.GET)7 Produces (javax.ws.rs.Produces)7 MediaEntity (io.gravitee.rest.api.model.MediaEntity)6 ApiEntity (io.gravitee.rest.api.model.api.ApiEntity)6 ApiResponses (io.swagger.annotations.ApiResponses)6 MediaType (io.gravitee.common.http.MediaType)5 Permission (io.gravitee.rest.api.management.rest.security.Permission)5 PageEntity (io.gravitee.rest.api.model.PageEntity)5 RolePermission (io.gravitee.rest.api.model.permissions.RolePermission)5 UpdatePageEntity (io.gravitee.rest.api.model.UpdatePageEntity)4 LogQuery (io.gravitee.rest.api.model.analytics.query.LogQuery)4 RolePermissionAction (io.gravitee.rest.api.model.permissions.RolePermissionAction)4 UploadUnauthorized (io.gravitee.rest.api.service.exceptions.UploadUnauthorized)4 Collectors (java.util.stream.Collectors)4 Inject (javax.inject.Inject)4 InvalidImageException (io.gravitee.rest.api.exception.InvalidImageException)3 PagedResult (io.gravitee.rest.api.management.rest.model.PagedResult)3 GroupEntity (io.gravitee.rest.api.model.GroupEntity)3