Search in sources :

Example 1 with ApiPermission

use of io.gravitee.rest.api.model.permissions.ApiPermission in project gravitee-management-rest-api by gravitee-io.

the class ApiMembersResource method getApiMembersPermissions.

@GET
@Path("/permissions")
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get API members", notes = "User must have the MANAGE_MEMBERS permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "API member's permissions", response = MemberEntity.class, responseContainer = "List"), @ApiResponse(code = 500, message = "Internal server error") })
public Response getApiMembersPermissions() {
    final ApiEntity apiEntity = apiService.findById(api);
    Map<String, char[]> permissions = new HashMap<>();
    if (isAuthenticated()) {
        final String userId = getAuthenticatedUser();
        if (isAdmin()) {
            final char[] rights = new char[] { CREATE.getId(), READ.getId(), UPDATE.getId(), DELETE.getId() };
            for (ApiPermission perm : ApiPermission.values()) {
                permissions.put(perm.getName(), rights);
            }
        } else {
            permissions = membershipService.getUserMemberPermissions(apiEntity, userId);
        }
    }
    return Response.ok(permissions).build();
}
Also used : ApiPermission(io.gravitee.rest.api.model.permissions.ApiPermission) ApiEntity(io.gravitee.rest.api.model.api.ApiEntity)

Aggregations

ApiEntity (io.gravitee.rest.api.model.api.ApiEntity)1 ApiPermission (io.gravitee.rest.api.model.permissions.ApiPermission)1