use of io.gravitee.rest.api.model.api.ApiEntity in project gravitee-management-rest-api by gravitee-io.
the class PromotionServiceTest method shouldProcessAcceptedPromotionCreateApi.
@Test
public void shouldProcessAcceptedPromotionCreateApi() throws Exception {
when(promotionRepository.findById(any())).thenReturn(Optional.of(getAPromotion()));
when(environmentService.findByCockpitId(any())).thenReturn(new EnvironmentEntity());
when(permissionService.hasPermission(any(), any(), any())).thenReturn(true);
Page<Promotion> promotionPage = new Page<>(emptyList(), 0, 1, 1);
when(promotionRepository.search(any(), any(), any())).thenReturn(promotionPage);
when(apiDuplicatorService.createWithImportedDefinition(any(), any(), any(), any())).thenReturn(new ApiEntity());
CockpitReply<PromotionEntity> cockpitReply = new CockpitReply<>(null, CockpitReplyStatus.SUCCEEDED);
when(cockpitService.processPromotion(any())).thenReturn(cockpitReply);
when(promotionRepository.update(any())).thenReturn(getAPromotion());
promotionService.processPromotion(PROMOTION_ID, true, USER_ID);
verify(apiDuplicatorService, times(1)).createWithImportedDefinition(any(), eq(USER_ID), any(), any());
verify(promotionRepository, times(1)).update(any());
}
use of io.gravitee.rest.api.model.api.ApiEntity in project gravitee-management-rest-api by gravitee-io.
the class PromotionServiceTest method shouldProcessAcceptedPromotionUpdateApi.
@Test
public void shouldProcessAcceptedPromotionUpdateApi() throws Exception {
when(promotionRepository.findById(any())).thenReturn(Optional.of(getAPromotion()));
when(environmentService.findByCockpitId(any())).thenReturn(new EnvironmentEntity());
when(permissionService.hasPermission(any(), any(), any())).thenReturn(true);
Page<Promotion> promotionPage = new Page<>(singletonList(getAPromotion()), 0, 1, 1);
when(promotionRepository.search(any(), any(), any())).thenReturn(promotionPage);
when(apiDuplicatorService.updateWithImportedDefinition(any(), any(), any(), any(), any())).thenReturn(new ApiEntity());
when(apiService.exists(any())).thenReturn(true);
ApiEntity existingApi = new ApiEntity();
existingApi.setId("api#existing");
when(apiService.findById(any())).thenReturn(existingApi);
CockpitReply<PromotionEntity> cockpitReply = new CockpitReply<>(null, CockpitReplyStatus.SUCCEEDED);
when(cockpitService.processPromotion(any())).thenReturn(cockpitReply);
when(promotionRepository.update(any())).thenReturn(getAPromotion());
promotionService.processPromotion(PROMOTION_ID, true, USER_ID);
verify(apiDuplicatorService, times(1)).updateWithImportedDefinition(any(), any(), eq(USER_ID), any(), any());
verify(promotionRepository, times(1)).update(any());
}
use of io.gravitee.rest.api.model.api.ApiEntity in project gravitee-management-rest-api by gravitee-io.
the class ApiEventsResource method searchApiEvents.
@GET
@Path("search")
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get API's events", notes = "User must have the API_EVENT[READ] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Page of API events", response = Page.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_EVENT, acls = RolePermissionAction.READ) })
public Page<EventEntity> searchApiEvents(@ApiParam @BeanParam EventSearchParam eventSearchParam) {
ApiEntity apiEntity = apiService.findById(api);
Map<String, Object> properties = new HashMap<>();
properties.put(Event.EventProperties.API_ID.getValue(), Arrays.asList(api));
final Page<EventEntity> apiEvents = eventService.search(eventSearchParam.getEventTypeListParam().getEventTypes(), properties, eventSearchParam.getFrom(), eventSearchParam.getTo(), eventSearchParam.getPage(), eventSearchParam.getSize());
apiEvents.getContent().forEach(event -> {
Map<String, String> properties1 = event.getProperties();
// Remove payload content from response since it's not required anymore
event.setPayload(null);
// complete event with API info
properties1.put("api_name", apiEntity.getName());
properties1.put("api_version", apiEntity.getVersion());
});
return apiEvents;
}
use of io.gravitee.rest.api.model.api.ApiEntity in project gravitee-management-rest-api by gravitee-io.
the class ApiPageResource method getApiPage.
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get a page", notes = "User must have the READ permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Page"), @ApiResponse(code = 500, message = "Internal server error") })
public PageEntity getApiPage(@HeaderParam("Accept-Language") String acceptLang, @QueryParam("portal") boolean portal, @QueryParam("translated") boolean translated) {
final String acceptedLocale = HttpHeadersUtil.getFirstAcceptedLocaleName(acceptLang);
final ApiEntity apiEntity = apiService.findById(api);
if (Visibility.PUBLIC.equals(apiEntity.getVisibility()) || hasPermission(RolePermission.API_DOCUMENTATION, api, RolePermissionAction.READ)) {
PageEntity pageEntity = pageService.findById(page, translated ? acceptedLocale : null);
// check if the page is used as GeneralCondition by an active Plan
// and update the PageEntity to transfer the information to the FrontEnd
pageEntity.setGeneralConditions(pageService.isPageUsedAsGeneralConditions(pageEntity, api));
if (portal) {
pageService.transformSwagger(pageEntity, api);
if (!isAuthenticated() && pageEntity.getMetadata() != null) {
pageEntity.getMetadata().clear();
}
}
if (isDisplayable(apiEntity, pageEntity)) {
if (pageEntity.getContentType() != null) {
String content = pageEntity.getContent();
try {
pageService.validateSafeContent(pageEntity, api);
} catch (SwaggerDescriptorException contentException) {
pageEntity.setMessages(singletonList(contentException.getMessage()));
} finally {
pageEntity.setContent(content);
}
}
return pageEntity;
} else {
throw new UnauthorizedAccessException();
}
}
throw new ForbiddenAccessException();
}
use of io.gravitee.rest.api.model.api.ApiEntity in project gravitee-management-rest-api by gravitee-io.
the class PermissionsFilter method filter.
protected void filter(Permissions permissions, ContainerRequestContext requestContext) {
if (permissions != null && permissions.value().length > 0) {
Principal principal = securityContext.getUserPrincipal();
if (principal != null) {
String username = principal.getName();
for (Permission permission : permissions.value()) {
Map<String, char[]> memberPermissions;
switch(permission.value().getScope()) {
case ORGANIZATION:
memberPermissions = membershipService.getUserMemberPermissions(MembershipReferenceType.ORGANIZATION, GraviteeContext.getCurrentOrganization(), username);
if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
return;
}
break;
case ENVIRONMENT:
memberPermissions = membershipService.getUserMemberPermissions(MembershipReferenceType.ENVIRONMENT, GraviteeContext.getCurrentEnvironment(), username);
if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
return;
}
break;
case APPLICATION:
ApplicationEntity application = getApplication(requestContext);
memberPermissions = membershipService.getUserMemberPermissions(application, username);
if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
return;
}
break;
case API:
ApiEntity api = getApi(requestContext);
memberPermissions = membershipService.getUserMemberPermissions(api, username);
if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
return;
}
break;
case GROUP:
GroupEntity group = getGroup(requestContext);
memberPermissions = membershipService.getUserMemberPermissions(group, username);
if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
return;
}
break;
default:
sendSecurityError();
}
}
}
sendSecurityError();
}
}
Aggregations