Search in sources :

Example 1 with ApiKeyEntity

use of io.gravitee.rest.api.model.ApiKeyEntity in project gravitee-management-rest-api by gravitee-io.

the class ApplicationSubscriptionsResource method revokeApiKeyForApplicationSubscription.

@DELETE
@Path("{subscription}/keys/{key}")
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Revoke an API key", notes = "User must have the MANAGE_API_KEYS permission to use this service")
@ApiResponses({ @ApiResponse(code = 204, message = "API key successfully revoked"), @ApiResponse(code = 400, message = "API Key does not correspond to the subscription"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.APPLICATION_SUBSCRIPTION, acls = RolePermissionAction.DELETE) })
public Response revokeApiKeyForApplicationSubscription(@PathParam("subscription") String subscription, @PathParam("key") String apiKey) {
    ApiKeyEntity apiKeyEntity = apiKeyService.findByKey(apiKey);
    if (apiKeyEntity.getSubscription() != null && !subscription.equals(apiKeyEntity.getSubscription())) {
        return Response.status(Response.Status.BAD_REQUEST).entity("'key' parameter does not correspond to the subscription").build();
    }
    apiKeyService.revoke(apiKey, true);
    return Response.status(Response.Status.NO_CONTENT).build();
}
Also used : ApiKeyEntity(io.gravitee.rest.api.model.ApiKeyEntity) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Example 2 with ApiKeyEntity

use of io.gravitee.rest.api.model.ApiKeyEntity in project gravitee-management-rest-api by gravitee-io.

the class ApiKeysResource method updateApiKey.

@PUT
@Path("{key}")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Update an API Key", notes = "User must have the API_SUBSCRIPTION:UPDATE permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "API Key successfully updated", response = ApiKeyEntity.class), @ApiResponse(code = 400, message = "Bad plan format"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_SUBSCRIPTION, acls = RolePermissionAction.UPDATE) })
public Response updateApiKey(@PathParam("key") @ApiParam("The API key") String apiKey, @Valid @NotNull ApiKeyEntity apiKeyEntity) {
    if (apiKeyEntity.getKey() != null && !apiKey.equals(apiKeyEntity.getKey())) {
        return Response.status(Response.Status.BAD_REQUEST).entity("'apiKey' parameter does not correspond to the api-key to update").build();
    }
    // Force API Key
    apiKeyEntity.setKey(apiKey);
    ApiKeyEntity keyEntity = apiKeyService.update(apiKeyEntity);
    return Response.ok(keyEntity).build();
}
Also used : ApiKeyEntity(io.gravitee.rest.api.model.ApiKeyEntity) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Example 3 with ApiKeyEntity

use of io.gravitee.rest.api.model.ApiKeyEntity in project gravitee-management-rest-api by gravitee-io.

the class KeyMapperTest method init.

@Before
public void init() {
    // init
    apiKeyEntity = new ApiKeyEntity();
    apiKeyEntity.setApplication(APPLICATION);
    apiKeyEntity.setCreatedAt(nowDate);
    apiKeyEntity.setExpireAt(nowDate);
    apiKeyEntity.setKey(KEY);
    apiKeyEntity.setPaused(false);
    apiKeyEntity.setPlan(PLAN);
    apiKeyEntity.setRevoked(false);
    apiKeyEntity.setRevokedAt(nowDate);
    apiKeyEntity.setSubscription(SUBSCRIPTION);
    apiKeyEntity.setUpdatedAt(nowDate);
    PlanEntity planEntity = new PlanEntity();
    planEntity.setApi(API);
    doReturn(planEntity).when(planService).findById(PLAN);
    doThrow(PlanNotFoundException.class).when(planService).findById(UNKNOWN_PLAN);
}
Also used : ApiKeyEntity(io.gravitee.rest.api.model.ApiKeyEntity) PlanEntity(io.gravitee.rest.api.model.PlanEntity) Before(org.junit.Before)

Example 4 with ApiKeyEntity

use of io.gravitee.rest.api.model.ApiKeyEntity in project gravitee-management-rest-api by gravitee-io.

the class SubscriptionKeysResource method revokeKeySubscription.

@POST
@Path("/{keyId}/_revoke")
@Produces(MediaType.APPLICATION_JSON)
public Response revokeKeySubscription(@PathParam("subscriptionId") String subscriptionId, @PathParam("keyId") String keyId) {
    SubscriptionEntity subscriptionEntity = subscriptionService.findById(subscriptionId);
    if (hasPermission(RolePermission.APPLICATION_SUBSCRIPTION, subscriptionEntity.getApplication(), RolePermissionAction.UPDATE) || hasPermission(RolePermission.API_SUBSCRIPTION, subscriptionEntity.getApi(), RolePermissionAction.UPDATE)) {
        ApiKeyEntity apiKeyEntity = apiKeyService.findByKey(keyId);
        if (apiKeyEntity.getSubscription() != null && !subscriptionId.equals(apiKeyEntity.getSubscription())) {
            return Response.status(Response.Status.BAD_REQUEST).entity("'keyId' parameter does not correspond to the subscription").build();
        }
        apiKeyService.revoke(keyId, true);
        return Response.noContent().build();
    }
    throw new ForbiddenAccessException();
}
Also used : ApiKeyEntity(io.gravitee.rest.api.model.ApiKeyEntity) SubscriptionEntity(io.gravitee.rest.api.model.SubscriptionEntity) ForbiddenAccessException(io.gravitee.rest.api.service.exceptions.ForbiddenAccessException)

Example 5 with ApiKeyEntity

use of io.gravitee.rest.api.model.ApiKeyEntity in project gravitee-management-rest-api by gravitee-io.

the class SubscriptionKeysResourceTest method init.

@Before
public void init() {
    resetAllMocks();
    apiKeyEntity = new ApiKeyEntity();
    apiKeyEntity.setKey(KEY);
    apiKeyEntity.setSubscription(SUBSCRIPTION);
    doReturn(apiKeyEntity).when(apiKeyService).renew(SUBSCRIPTION);
    doReturn(apiKeyEntity).when(apiKeyService).findByKey(KEY);
    doReturn(new Key().id(KEY)).when(keyMapper).convert(apiKeyEntity);
    SubscriptionEntity subscriptionEntity = new SubscriptionEntity();
    subscriptionEntity.setApi(API);
    subscriptionEntity.setApplication(APPLICATION);
    doReturn(subscriptionEntity).when(subscriptionService).findById(eq(SUBSCRIPTION));
    doReturn(true).when(permissionService).hasPermission(any(), any(), any());
}
Also used : ApiKeyEntity(io.gravitee.rest.api.model.ApiKeyEntity) SubscriptionEntity(io.gravitee.rest.api.model.SubscriptionEntity) Key(io.gravitee.rest.api.portal.rest.model.Key) Before(org.junit.Before)

Aggregations

ApiKeyEntity (io.gravitee.rest.api.model.ApiKeyEntity)9 SubscriptionEntity (io.gravitee.rest.api.model.SubscriptionEntity)3 Response (javax.ws.rs.core.Response)3 Before (org.junit.Before)3 Test (org.junit.Test)3 Permissions (io.gravitee.rest.api.management.rest.security.Permissions)2 Key (io.gravitee.rest.api.portal.rest.model.Key)2 NewSubscriptionEntity (io.gravitee.rest.api.model.NewSubscriptionEntity)1 PlanEntity (io.gravitee.rest.api.model.PlanEntity)1 Subscription (io.gravitee.rest.api.portal.rest.model.Subscription)1 ForbiddenAccessException (io.gravitee.rest.api.service.exceptions.ForbiddenAccessException)1