Example 31 with Permissions
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiMetadataResource method createApiMetadata.
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Create an API metadata", notes = "User must have the API_METADATA[CREATE] permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "A new API metadata", response = ApiMetadataEntity.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_METADATA, acls = RolePermissionAction.CREATE) })
public Response createApiMetadata(@Valid @NotNull final NewApiMetadataEntity metadata) {
// prevent creation of a metadata on an another API
metadata.setApiId(api);
final ApiMetadataEntity apiMetadataEntity = metadataService.create(metadata);
ApiEntity apiEntity = apiService.fetchMetadataForApi(apiService.findById(api));
searchEngineService.index(apiEntity, false);
return Response.created(this.getLocationHeader(apiMetadataEntity.getKey())).entity(apiMetadataEntity).build();
}
Also used :
NewApiMetadataEntity(io.gravitee.rest.api.model.NewApiMetadataEntity)
UpdateApiMetadataEntity(io.gravitee.rest.api.model.UpdateApiMetadataEntity)
ApiMetadataEntity(io.gravitee.rest.api.model.ApiMetadataEntity)
ApiEntity(io.gravitee.rest.api.model.api.ApiEntity)
Permissions(io.gravitee.rest.api.management.rest.security.Permissions)
Example 32 with Permissions
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiPageMediaResource method getApiPageMedia.
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Retrieve all media for an API page", notes = "User must have the API_DOCUMENTATION[READ] permission to use this service")
@Permissions({ @Permission(value = RolePermission.API_DOCUMENTATION, acls = RolePermissionAction.READ) })
public Response getApiPageMedia() {
final PageEntity currentPage = pageService.findById(page);
List<MediaEntity> pageMedia = mediaService.findAllWithoutContent(currentPage.getAttachedMedia(), api);
if (pageMedia != null && !pageMedia.isEmpty()) {
return Response.ok(pageMedia).build();
}
return Response.noContent().build();
}
Also used :
PageEntity(io.gravitee.rest.api.model.PageEntity)
MediaEntity(io.gravitee.rest.api.model.MediaEntity)
Permissions(io.gravitee.rest.api.management.rest.security.Permissions)
Example 33 with Permissions
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiLogsResource method getApiLogs.
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get API logs")
@ApiResponses({ @ApiResponse(code = 200, message = "API logs"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_LOG, acls = RolePermissionAction.READ) })
public SearchLogResponse getApiLogs(@BeanParam LogsParam param) {
param.validate();
LogQuery logQuery = new LogQuery();
logQuery.setQuery(param.getQuery());
logQuery.setPage(param.getPage());
logQuery.setSize(param.getSize());
logQuery.setFrom(param.getFrom());
logQuery.setTo(param.getTo());
logQuery.setField(param.getField());
logQuery.setOrder(param.isOrder());
return logsService.findByApi(api, logQuery);
}
Also used :
LogQuery(io.gravitee.rest.api.model.analytics.query.LogQuery)
Permissions(io.gravitee.rest.api.management.rest.security.Permissions)
Example 34 with Permissions
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiAuditResource method getApiAuditEvents.
@Path("/events")
@GET
@ApiOperation(value = "List available audit event type for API", notes = "User must have the API_AUDIT[READ] permission to use this service")
@Produces(MediaType.APPLICATION_JSON)
@Permissions({ @Permission(value = RolePermission.API_AUDIT, acls = RolePermissionAction.READ) })
public Response getApiAuditEvents() {
if (events.isEmpty()) {
Set<Class<? extends Audit.ApiAuditEvent>> subTypesOf = new Reflections("io.gravitee.repository.management.model").getSubTypesOf(Audit.ApiAuditEvent.class);
for (Class<? extends Audit.ApiAuditEvent> clazz : subTypesOf) {
if (clazz.isEnum()) {
events.addAll(Arrays.asList(clazz.getEnumConstants()));
}
}
events.sort(Comparator.comparing(Audit.AuditEvent::name));
}
return Response.ok(events).build();
}
Also used :
Audit(io.gravitee.repository.management.model.Audit)
Reflections(org.reflections.Reflections)
ApiOperation(io.swagger.annotations.ApiOperation)
Permissions(io.gravitee.rest.api.management.rest.security.Permissions)
Example 35 with Permissions
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiPagesResource method createApiPage.
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Create a page", notes = "User must have the MANAGE_PAGES permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "Page successfully created", response = PageEntity.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_DOCUMENTATION, acls = RolePermissionAction.CREATE) })
public Response createApiPage(@ApiParam(name = "page", required = true) @Valid @NotNull NewPageEntity newPageEntity) {
if (newPageEntity.getType().equals(PageType.SYSTEM_FOLDER)) {
throw new PageSystemFolderActionException("Create");
} else if (newPageEntity.getType().equals(PageType.MARKDOWN_TEMPLATE)) {
throw new PageMarkdownTemplateActionException("Create");
}
int order = pageService.findMaxApiPageOrderByApi(api) + 1;
newPageEntity.setOrder(order);
newPageEntity.setLastContributor(getAuthenticatedUser());
PageEntity newPage = pageService.createPage(api, newPageEntity, GraviteeContext.getCurrentEnvironment());
if (newPage != null) {
return Response.created(this.getLocationHeader(newPage.getId())).entity(newPage).build();
}
return Response.serverError().build();
}
Also used :
PageSystemFolderActionException(io.gravitee.rest.api.service.exceptions.PageSystemFolderActionException)
PageMarkdownTemplateActionException(io.gravitee.rest.api.service.exceptions.PageMarkdownTemplateActionException)
Permissions(io.gravitee.rest.api.management.rest.security.Permissions)
Aggregations
Permissions (io.gravitee.rest.api.management.rest.security.Permissions)48
ApiOperation (io.swagger.annotations.ApiOperation)11
GET (javax.ws.rs.GET)7
Produces (javax.ws.rs.Produces)7
MediaEntity (io.gravitee.rest.api.model.MediaEntity)6
ApiEntity (io.gravitee.rest.api.model.api.ApiEntity)6
ApiResponses (io.swagger.annotations.ApiResponses)6
MediaType (io.gravitee.common.http.MediaType)5
Permission (io.gravitee.rest.api.management.rest.security.Permission)5
PageEntity (io.gravitee.rest.api.model.PageEntity)5
RolePermission (io.gravitee.rest.api.model.permissions.RolePermission)5
UpdatePageEntity (io.gravitee.rest.api.model.UpdatePageEntity)4
LogQuery (io.gravitee.rest.api.model.analytics.query.LogQuery)4
RolePermissionAction (io.gravitee.rest.api.model.permissions.RolePermissionAction)4
UploadUnauthorized (io.gravitee.rest.api.service.exceptions.UploadUnauthorized)4
Collectors (java.util.stream.Collectors)4
Inject (javax.inject.Inject)4
InvalidImageException (io.gravitee.rest.api.exception.InvalidImageException)3
PagedResult (io.gravitee.rest.api.management.rest.model.PagedResult)3
GroupEntity (io.gravitee.rest.api.model.GroupEntity)3
