use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiMetadataResource method createApiMetadata.
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Create an API metadata", notes = "User must have the API_METADATA[CREATE] permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "A new API metadata", response = ApiMetadataEntity.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_METADATA, acls = RolePermissionAction.CREATE) })
public Response createApiMetadata(@Valid @NotNull final NewApiMetadataEntity metadata) {
// prevent creation of a metadata on an another API
metadata.setApiId(api);
final ApiMetadataEntity apiMetadataEntity = metadataService.create(metadata);
ApiEntity apiEntity = apiService.fetchMetadataForApi(apiService.findById(api));
searchEngineService.index(apiEntity, false);
return Response.created(this.getLocationHeader(apiMetadataEntity.getKey())).entity(apiMetadataEntity).build();
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiPageMediaResource method getApiPageMedia.
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Retrieve all media for an API page", notes = "User must have the API_DOCUMENTATION[READ] permission to use this service")
@Permissions({ @Permission(value = RolePermission.API_DOCUMENTATION, acls = RolePermissionAction.READ) })
public Response getApiPageMedia() {
final PageEntity currentPage = pageService.findById(page);
List<MediaEntity> pageMedia = mediaService.findAllWithoutContent(currentPage.getAttachedMedia(), api);
if (pageMedia != null && !pageMedia.isEmpty()) {
return Response.ok(pageMedia).build();
}
return Response.noContent().build();
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiLogsResource method getApiLogs.
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get API logs")
@ApiResponses({ @ApiResponse(code = 200, message = "API logs"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_LOG, acls = RolePermissionAction.READ) })
public SearchLogResponse getApiLogs(@BeanParam LogsParam param) {
param.validate();
LogQuery logQuery = new LogQuery();
logQuery.setQuery(param.getQuery());
logQuery.setPage(param.getPage());
logQuery.setSize(param.getSize());
logQuery.setFrom(param.getFrom());
logQuery.setTo(param.getTo());
logQuery.setField(param.getField());
logQuery.setOrder(param.isOrder());
return logsService.findByApi(api, logQuery);
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiAuditResource method getApiAuditEvents.
@Path("/events")
@GET
@ApiOperation(value = "List available audit event type for API", notes = "User must have the API_AUDIT[READ] permission to use this service")
@Produces(MediaType.APPLICATION_JSON)
@Permissions({ @Permission(value = RolePermission.API_AUDIT, acls = RolePermissionAction.READ) })
public Response getApiAuditEvents() {
if (events.isEmpty()) {
Set<Class<? extends Audit.ApiAuditEvent>> subTypesOf = new Reflections("io.gravitee.repository.management.model").getSubTypesOf(Audit.ApiAuditEvent.class);
for (Class<? extends Audit.ApiAuditEvent> clazz : subTypesOf) {
if (clazz.isEnum()) {
events.addAll(Arrays.asList(clazz.getEnumConstants()));
}
}
events.sort(Comparator.comparing(Audit.AuditEvent::name));
}
return Response.ok(events).build();
}
use of io.gravitee.rest.api.management.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiPagesResource method createApiPage.
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Create a page", notes = "User must have the MANAGE_PAGES permission to use this service")
@ApiResponses({ @ApiResponse(code = 201, message = "Page successfully created", response = PageEntity.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_DOCUMENTATION, acls = RolePermissionAction.CREATE) })
public Response createApiPage(@ApiParam(name = "page", required = true) @Valid @NotNull NewPageEntity newPageEntity) {
if (newPageEntity.getType().equals(PageType.SYSTEM_FOLDER)) {
throw new PageSystemFolderActionException("Create");
} else if (newPageEntity.getType().equals(PageType.MARKDOWN_TEMPLATE)) {
throw new PageMarkdownTemplateActionException("Create");
}
int order = pageService.findMaxApiPageOrderByApi(api) + 1;
newPageEntity.setOrder(order);
newPageEntity.setLastContributor(getAuthenticatedUser());
PageEntity newPage = pageService.createPage(api, newPageEntity, GraviteeContext.getCurrentEnvironment());
if (newPage != null) {
return Response.created(this.getLocationHeader(newPage.getId())).entity(newPage).build();
}
return Response.serverError().build();
}
Aggregations