Search in sources :

Example 51 with ApiEntity

use of io.gravitee.rest.api.model.api.ApiEntity in project gravitee-management-rest-api by gravitee-io.

the class PromotionServiceTest method shouldProcessAcceptedPromotionCreateApi.

@Test
public void shouldProcessAcceptedPromotionCreateApi() throws Exception {
    when(promotionRepository.findById(any())).thenReturn(Optional.of(getAPromotion()));
    when(environmentService.findByCockpitId(any())).thenReturn(new EnvironmentEntity());
    when(permissionService.hasPermission(any(), any(), any())).thenReturn(true);
    Page<Promotion> promotionPage = new Page<>(emptyList(), 0, 1, 1);
    when(promotionRepository.search(any(), any(), any())).thenReturn(promotionPage);
    when(apiDuplicatorService.createWithImportedDefinition(any(), any(), any(), any())).thenReturn(new ApiEntity());
    CockpitReply<PromotionEntity> cockpitReply = new CockpitReply<>(null, CockpitReplyStatus.SUCCEEDED);
    when(cockpitService.processPromotion(any())).thenReturn(cockpitReply);
    when(promotionRepository.update(any())).thenReturn(getAPromotion());
    promotionService.processPromotion(PROMOTION_ID, true, USER_ID);
    verify(apiDuplicatorService, times(1)).createWithImportedDefinition(any(), eq(USER_ID), any(), any());
    verify(promotionRepository, times(1)).update(any());
}
Also used : CockpitReply(io.gravitee.rest.api.service.cockpit.services.CockpitReply) EnvironmentEntity(io.gravitee.rest.api.model.EnvironmentEntity) ApiEntity(io.gravitee.rest.api.model.api.ApiEntity) Page(io.gravitee.common.data.domain.Page) Promotion(io.gravitee.repository.management.model.Promotion) Test(org.junit.Test)

Example 52 with ApiEntity

use of io.gravitee.rest.api.model.api.ApiEntity in project gravitee-management-rest-api by gravitee-io.

the class PromotionServiceTest method shouldProcessAcceptedPromotionUpdateApi.

@Test
public void shouldProcessAcceptedPromotionUpdateApi() throws Exception {
    when(promotionRepository.findById(any())).thenReturn(Optional.of(getAPromotion()));
    when(environmentService.findByCockpitId(any())).thenReturn(new EnvironmentEntity());
    when(permissionService.hasPermission(any(), any(), any())).thenReturn(true);
    Page<Promotion> promotionPage = new Page<>(singletonList(getAPromotion()), 0, 1, 1);
    when(promotionRepository.search(any(), any(), any())).thenReturn(promotionPage);
    when(apiDuplicatorService.updateWithImportedDefinition(any(), any(), any(), any(), any())).thenReturn(new ApiEntity());
    when(apiService.exists(any())).thenReturn(true);
    ApiEntity existingApi = new ApiEntity();
    existingApi.setId("api#existing");
    when(apiService.findById(any())).thenReturn(existingApi);
    CockpitReply<PromotionEntity> cockpitReply = new CockpitReply<>(null, CockpitReplyStatus.SUCCEEDED);
    when(cockpitService.processPromotion(any())).thenReturn(cockpitReply);
    when(promotionRepository.update(any())).thenReturn(getAPromotion());
    promotionService.processPromotion(PROMOTION_ID, true, USER_ID);
    verify(apiDuplicatorService, times(1)).updateWithImportedDefinition(any(), any(), eq(USER_ID), any(), any());
    verify(promotionRepository, times(1)).update(any());
}
Also used : CockpitReply(io.gravitee.rest.api.service.cockpit.services.CockpitReply) EnvironmentEntity(io.gravitee.rest.api.model.EnvironmentEntity) ApiEntity(io.gravitee.rest.api.model.api.ApiEntity) Page(io.gravitee.common.data.domain.Page) Promotion(io.gravitee.repository.management.model.Promotion) Test(org.junit.Test)

Example 53 with ApiEntity

use of io.gravitee.rest.api.model.api.ApiEntity in project gravitee-management-rest-api by gravitee-io.

the class ApiEventsResource method searchApiEvents.

@GET
@Path("search")
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get API's events", notes = "User must have the API_EVENT[READ] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Page of API events", response = Page.class), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = RolePermission.API_EVENT, acls = RolePermissionAction.READ) })
public Page<EventEntity> searchApiEvents(@ApiParam @BeanParam EventSearchParam eventSearchParam) {
    ApiEntity apiEntity = apiService.findById(api);
    Map<String, Object> properties = new HashMap<>();
    properties.put(Event.EventProperties.API_ID.getValue(), Arrays.asList(api));
    final Page<EventEntity> apiEvents = eventService.search(eventSearchParam.getEventTypeListParam().getEventTypes(), properties, eventSearchParam.getFrom(), eventSearchParam.getTo(), eventSearchParam.getPage(), eventSearchParam.getSize());
    apiEvents.getContent().forEach(event -> {
        Map<String, String> properties1 = event.getProperties();
        // Remove payload content from response since it's not required anymore
        event.setPayload(null);
        // complete event with API info
        properties1.put("api_name", apiEntity.getName());
        properties1.put("api_version", apiEntity.getVersion());
    });
    return apiEvents;
}
Also used : HashMap(java.util.HashMap) EventEntity(io.gravitee.rest.api.model.EventEntity) ApiEntity(io.gravitee.rest.api.model.api.ApiEntity) Permissions(io.gravitee.rest.api.management.rest.security.Permissions)

Example 54 with ApiEntity

use of io.gravitee.rest.api.model.api.ApiEntity in project gravitee-management-rest-api by gravitee-io.

the class ApiPageResource method getApiPage.

@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get a page", notes = "User must have the READ permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Page"), @ApiResponse(code = 500, message = "Internal server error") })
public PageEntity getApiPage(@HeaderParam("Accept-Language") String acceptLang, @QueryParam("portal") boolean portal, @QueryParam("translated") boolean translated) {
    final String acceptedLocale = HttpHeadersUtil.getFirstAcceptedLocaleName(acceptLang);
    final ApiEntity apiEntity = apiService.findById(api);
    if (Visibility.PUBLIC.equals(apiEntity.getVisibility()) || hasPermission(RolePermission.API_DOCUMENTATION, api, RolePermissionAction.READ)) {
        PageEntity pageEntity = pageService.findById(page, translated ? acceptedLocale : null);
        // check if the page is used as GeneralCondition by an active Plan
        // and update the PageEntity to transfer the information to the FrontEnd
        pageEntity.setGeneralConditions(pageService.isPageUsedAsGeneralConditions(pageEntity, api));
        if (portal) {
            pageService.transformSwagger(pageEntity, api);
            if (!isAuthenticated() && pageEntity.getMetadata() != null) {
                pageEntity.getMetadata().clear();
            }
        }
        if (isDisplayable(apiEntity, pageEntity)) {
            if (pageEntity.getContentType() != null) {
                String content = pageEntity.getContent();
                try {
                    pageService.validateSafeContent(pageEntity, api);
                } catch (SwaggerDescriptorException contentException) {
                    pageEntity.setMessages(singletonList(contentException.getMessage()));
                } finally {
                    pageEntity.setContent(content);
                }
            }
            return pageEntity;
        } else {
            throw new UnauthorizedAccessException();
        }
    }
    throw new ForbiddenAccessException();
}
Also used : PageEntity(io.gravitee.rest.api.model.PageEntity) UpdatePageEntity(io.gravitee.rest.api.model.UpdatePageEntity) ApiEntity(io.gravitee.rest.api.model.api.ApiEntity)

Example 55 with ApiEntity

use of io.gravitee.rest.api.model.api.ApiEntity in project gravitee-management-rest-api by gravitee-io.

the class PermissionsFilter method filter.

protected void filter(Permissions permissions, ContainerRequestContext requestContext) {
    if (permissions != null && permissions.value().length > 0) {
        Principal principal = securityContext.getUserPrincipal();
        if (principal != null) {
            String username = principal.getName();
            for (Permission permission : permissions.value()) {
                Map<String, char[]> memberPermissions;
                switch(permission.value().getScope()) {
                    case ORGANIZATION:
                        memberPermissions = membershipService.getUserMemberPermissions(MembershipReferenceType.ORGANIZATION, GraviteeContext.getCurrentOrganization(), username);
                        if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
                            return;
                        }
                        break;
                    case ENVIRONMENT:
                        memberPermissions = membershipService.getUserMemberPermissions(MembershipReferenceType.ENVIRONMENT, GraviteeContext.getCurrentEnvironment(), username);
                        if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
                            return;
                        }
                        break;
                    case APPLICATION:
                        ApplicationEntity application = getApplication(requestContext);
                        memberPermissions = membershipService.getUserMemberPermissions(application, username);
                        if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
                            return;
                        }
                        break;
                    case API:
                        ApiEntity api = getApi(requestContext);
                        memberPermissions = membershipService.getUserMemberPermissions(api, username);
                        if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
                            return;
                        }
                        break;
                    case GROUP:
                        GroupEntity group = getGroup(requestContext);
                        memberPermissions = membershipService.getUserMemberPermissions(group, username);
                        if (roleService.hasPermission(memberPermissions, permission.value().getPermission(), permission.acls())) {
                            return;
                        }
                        break;
                    default:
                        sendSecurityError();
                }
            }
        }
        sendSecurityError();
    }
}
Also used : ApplicationEntity(io.gravitee.rest.api.model.ApplicationEntity) GroupEntity(io.gravitee.rest.api.model.GroupEntity) Permission(io.gravitee.rest.api.management.rest.security.Permission) ApiEntity(io.gravitee.rest.api.model.api.ApiEntity) Principal(java.security.Principal)

Aggregations

ApiEntity (io.gravitee.rest.api.model.api.ApiEntity)273 Test (org.junit.Test)180 Response (javax.ws.rs.core.Response)65 Before (org.junit.Before)46 ApiQuery (io.gravitee.rest.api.model.api.ApiQuery)35 Error (io.gravitee.rest.api.portal.rest.model.Error)32 java.util (java.util)30 Collectors (java.util.stream.Collectors)27 Mockito.doReturn (org.mockito.Mockito.doReturn)27 Mockito (org.mockito.Mockito)25 ArgumentMatchers (org.mockito.ArgumentMatchers)24 UpdateApiEntity (io.gravitee.rest.api.model.api.UpdateApiEntity)23 Assert (org.junit.Assert)22 Collections.singletonList (java.util.Collections.singletonList)21 TechnicalException (io.gravitee.repository.exceptions.TechnicalException)20 IOException (java.io.IOException)20 HttpStatusCode (io.gravitee.common.http.HttpStatusCode)19 Entity (javax.ws.rs.client.Entity)19 HashSet (java.util.HashSet)18 Api (io.gravitee.repository.management.model.Api)17