use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiAnalyticsResource method getApiAnalyticsHits.
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get API analytics", notes = "User must have the API_ANALYTICS[READ] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "API analytics"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_ANALYTICS, acls = RolePermissionAction.READ) })
public Response getApiAnalyticsHits(@BeanParam AnalyticsParam analyticsParam) {
analyticsParam.validate();
Analytics analytics = null;
switch(analyticsParam.getType()) {
case DATE_HISTO:
analytics = executeDateHisto(api, analyticsParam);
break;
case GROUP_BY:
analytics = executeGroupBy(api, analyticsParam);
break;
case COUNT:
analytics = executeCount(api, analyticsParam);
break;
case STATS:
analytics = executeStats(api, analyticsParam);
break;
}
return Response.ok(analytics).build();
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiEventsResource method getApiEventsEvents.
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get API's events", notes = "User must have the MANAGE_LIFECYCLE permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "API's events"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_EVENT, acls = RolePermissionAction.READ) })
public List<EventEntity> getApiEventsEvents(@ApiParam @DefaultValue("all") @QueryParam("type") EventTypeListParam eventTypeListParam) {
final EventQuery query = new EventQuery();
query.setApi(api);
return eventService.search(query).stream().filter(event -> eventTypeListParam.getEventTypes().contains(event.getType())).sorted((e1, e2) -> e2.getCreatedAt().compareTo(e1.getCreatedAt())).collect(Collectors.toList());
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiKeysResource method updateApiKey.
@PUT
@Path("{key}")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Update an API Key", notes = "User must have the API_SUBSCRIPTION:UPDATE permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "API Key successfully updated", response = ApiKeyEntity.class), @ApiResponse(code = 400, message = "Bad plan format"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_SUBSCRIPTION, acls = RolePermissionAction.UPDATE) })
public Response updateApiKey(@PathParam("key") @ApiParam("The API key") String apiKey, @Valid @NotNull ApiKeyEntity apiKeyEntity) {
if (apiKeyEntity.getKey() != null && !apiKey.equals(apiKeyEntity.getKey())) {
return Response.status(Response.Status.BAD_REQUEST).entity("'apiKey' parameter does not correspond to the api-key to update").build();
}
// Force API Key
apiKeyEntity.setKey(apiKey);
ApiKeyEntity keyEntity = apiKeyService.update(apiKeyEntity);
return Response.ok(keyEntity).build();
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiMediaResource method uploadApiMediaImage.
@POST
@ApiOperation(value = "Create a media for an API", notes = "User must have the API_DOCUMENTATION[CREATE] permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "Media successfully created", response = PageEntity.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_DOCUMENTATION, acls = RolePermissionAction.CREATE) })
@Path("/upload")
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces("text/plain")
public Response uploadApiMediaImage(@FormDataParam("file") InputStream uploadedInputStream, @FormDataParam("file") FormDataContentDisposition fileDetail, @FormDataParam("file") final FormDataBodyPart body) throws IOException {
final String mediaId;
if (fileDetail.getSize() > this.mediaService.getMediaMaxSize()) {
throw new UploadUnauthorized("Max size achieved " + fileDetail.getSize());
} else {
MediaEntity mediaEntity = new MediaEntity();
mediaEntity.setSize(fileDetail.getSize());
mediaEntity.setType(body.getMediaType().getType());
mediaEntity.setSubType(body.getMediaType().getSubtype());
mediaEntity.setData(IOUtils.toByteArray(uploadedInputStream));
mediaEntity.setFileName(fileDetail.getFileName());
try {
ImageUtils.verify(body.getMediaType().getType(), body.getMediaType().getSubtype(), mediaEntity.getData());
} catch (InvalidImageException e) {
return Response.status(Response.Status.BAD_REQUEST).entity("Invalid image format").build();
}
mediaId = mediaService.saveApiMedia(api, mediaEntity);
}
return Response.status(200).entity(mediaId).build();
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiMetadataResource method deleteApiMetadata.
@DELETE
@Path("{metadata}")
@ApiOperation(value = "Delete a metadata", notes = "User must have the API_METADATA[DELETE] permission to use this service")
@ApiResponses({ @ApiResponse(code = 204, message = "Metadata successfully deleted"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_METADATA, acls = RolePermissionAction.DELETE) })
public Response deleteApiMetadata(@PathParam("metadata") String metadata) {
metadataService.delete(metadata, api);
ApiEntity apiEntity = apiService.fetchMetadataForApi(apiService.findById(api));
searchEngineService.index(apiEntity, false);
return Response.noContent().build();
}
Aggregations