Example 1 with READ
use of io.gravitee.rest.api.model.permissions.RolePermissionAction.READ in project gravitee-management-rest-api by gravitee-io.
the class ApiPlansResource method getApiPlansByApiId.
@GET
@Produces(MediaType.APPLICATION_JSON)
@RequirePortalAuth
public Response getApiPlansByApiId(@PathParam("apiId") String apiId, @BeanParam PaginationParam paginationParam) {
String username = getAuthenticatedUserOrNull();
final ApiQuery apiQuery = new ApiQuery();
apiQuery.setIds(Collections.singletonList(apiId));
Collection<ApiEntity> userApis = apiService.findPublishedByUser(username, apiQuery);
if (userApis.stream().anyMatch(a -> a.getId().equals(apiId))) {
ApiEntity apiEntity = apiService.findById(apiId);
if (Visibility.PUBLIC.equals(apiEntity.getVisibility()) || hasPermission(API_PLAN, apiId, READ)) {
List<Plan> plans = planService.findByApi(apiId).stream().filter(plan -> PlanStatus.PUBLISHED.equals(plan.getStatus())).filter(plan -> groupService.isUserAuthorizedToAccessApiData(apiEntity, plan.getExcludedGroups(), username)).sorted(Comparator.comparingInt(PlanEntity::getOrder)).map(p -> planMapper.convert(p)).collect(Collectors.toList());
return createListResponse(plans, paginationParam);
} else {
return createListResponse(emptyList(), paginationParam);
}
}
throw new ApiNotFoundException(apiId);
}
Also used :
PlanMapper(io.gravitee.rest.api.portal.rest.mapper.PlanMapper)
PathParam(javax.ws.rs.PathParam)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Plan(io.gravitee.rest.api.portal.rest.model.Plan)
RequirePortalAuth(io.gravitee.rest.api.portal.rest.security.RequirePortalAuth)
PlanStatus(io.gravitee.rest.api.model.PlanStatus)
Inject(javax.inject.Inject)
PaginationParam(io.gravitee.rest.api.portal.rest.resource.param.PaginationParam)
API_PLAN(io.gravitee.rest.api.model.permissions.RolePermission.API_PLAN)
ApiQuery(io.gravitee.rest.api.model.api.ApiQuery)
READ(io.gravitee.rest.api.model.permissions.RolePermissionAction.READ)
ApiEntity(io.gravitee.rest.api.model.api.ApiEntity)
GroupService(io.gravitee.rest.api.service.GroupService)
Collections.emptyList(java.util.Collections.emptyList)
Collection(java.util.Collection)
PlanEntity(io.gravitee.rest.api.model.PlanEntity)
ApiNotFoundException(io.gravitee.rest.api.service.exceptions.ApiNotFoundException)
Collectors(java.util.stream.Collectors)
BeanParam(javax.ws.rs.BeanParam)
List(java.util.List)
MediaType(io.gravitee.common.http.MediaType)
Response(javax.ws.rs.core.Response)
Visibility(io.gravitee.rest.api.model.Visibility)
PlanService(io.gravitee.rest.api.service.PlanService)
Comparator(java.util.Comparator)
Collections(java.util.Collections)
ApiQuery(io.gravitee.rest.api.model.api.ApiQuery)
ApiNotFoundException(io.gravitee.rest.api.service.exceptions.ApiNotFoundException)
ApiEntity(io.gravitee.rest.api.model.api.ApiEntity)
Plan(io.gravitee.rest.api.portal.rest.model.Plan)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
RequirePortalAuth(io.gravitee.rest.api.portal.rest.security.RequirePortalAuth)
Example 2 with READ
use of io.gravitee.rest.api.model.permissions.RolePermissionAction.READ in project gravitee-management-rest-api by gravitee-io.
the class PlatformAnalyticsResource method getPlatformAnalytics.
@GET
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get platform analytics", notes = "User must have the MANAGEMENT_PLATFORM[READ] permission to use this service")
@ApiResponses({ @ApiResponse(code = 200, message = "Platform analytics"), @ApiResponse(code = 500, message = "Internal server error") })
@Permissions({ @Permission(value = ENVIRONMENT_PLATFORM, acls = READ) })
public Response getPlatformAnalytics(@BeanParam AnalyticsParam analyticsParam) {
analyticsParam.validate();
Analytics analytics = null;
// add filter by Apis or Applications
String extraFilter = null;
if (!isAdmin()) {
String fieldName;
List<String> ids;
if ("application".equals(analyticsParam.getField())) {
fieldName = "application";
ids = applicationService.findByUser(getAuthenticatedUser()).stream().filter(app -> permissionService.hasPermission(APPLICATION_ANALYTICS, app.getId(), READ)).map(ApplicationListItem::getId).collect(Collectors.toList());
} else {
fieldName = "api";
ids = apiService.findByUser(getAuthenticatedUser(), null, false).stream().filter(api -> permissionService.hasPermission(API_ANALYTICS, api.getId(), READ)).map(ApiEntity::getId).collect(Collectors.toList());
}
if (ids.isEmpty()) {
return Response.noContent().build();
}
extraFilter = getExtraFilter(fieldName, ids);
}
if (analyticsParam.getQuery() != null) {
analyticsParam.setQuery(analyticsParam.getQuery().replaceAll("\\?", "1"));
}
switch(analyticsParam.getTypeParam().getValue()) {
case DATE_HISTO:
analytics = executeDateHisto(analyticsParam, extraFilter);
break;
case GROUP_BY:
analytics = executeGroupBy(analyticsParam, extraFilter);
break;
case COUNT:
analytics = executeCount(analyticsParam, extraFilter);
break;
case STATS:
analytics = executeStats(analyticsParam, extraFilter);
break;
}
return Response.ok(analytics).build();
}
Also used :
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
ApiResponses(io.swagger.annotations.ApiResponses)
Function(java.util.function.Function)
ApiService(io.gravitee.rest.api.service.ApiService)
Inject(javax.inject.Inject)
ApiOperation(io.swagger.annotations.ApiOperation)
Aggregation(io.gravitee.rest.api.management.rest.resource.param.Aggregation)
Map(java.util.Map)
PermissionService(io.gravitee.rest.api.service.PermissionService)
Analytics(io.gravitee.rest.api.model.analytics.Analytics)
Api(io.swagger.annotations.Api)
io.gravitee.rest.api.model.analytics.query(io.gravitee.rest.api.model.analytics.query)
ApplicationListItem(io.gravitee.rest.api.model.application.ApplicationListItem)
READ(io.gravitee.rest.api.model.permissions.RolePermissionAction.READ)
ApiEntity(io.gravitee.rest.api.model.api.ApiEntity)
Collectors(java.util.stream.Collectors)
BeanParam(javax.ws.rs.BeanParam)
Permission(io.gravitee.rest.api.management.rest.security.Permission)
List(java.util.List)
MediaType(io.gravitee.common.http.MediaType)
Response(javax.ws.rs.core.Response)
ApiResponse(io.swagger.annotations.ApiResponse)
AnalyticsParam(io.gravitee.rest.api.management.rest.resource.param.AnalyticsParam)
ApplicationService(io.gravitee.rest.api.service.ApplicationService)
Range(io.gravitee.rest.api.management.rest.resource.param.Range)
AnalyticsService(io.gravitee.rest.api.service.AnalyticsService)
Permissions(io.gravitee.rest.api.management.rest.security.Permissions)
RolePermission(io.gravitee.rest.api.model.permissions.RolePermission)
ApplicationListItem(io.gravitee.rest.api.model.application.ApplicationListItem)
ApiEntity(io.gravitee.rest.api.model.api.ApiEntity)
Analytics(io.gravitee.rest.api.model.analytics.Analytics)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
ApiOperation(io.swagger.annotations.ApiOperation)
Permissions(io.gravitee.rest.api.management.rest.security.Permissions)
ApiResponses(io.swagger.annotations.ApiResponses)
Aggregations
MediaType (io.gravitee.common.http.MediaType)2
ApiEntity (io.gravitee.rest.api.model.api.ApiEntity)2
READ (io.gravitee.rest.api.model.permissions.RolePermissionAction.READ)2
List (java.util.List)2
Collectors (java.util.stream.Collectors)2
Inject (javax.inject.Inject)2
BeanParam (javax.ws.rs.BeanParam)2
GET (javax.ws.rs.GET)2
Produces (javax.ws.rs.Produces)2
Response (javax.ws.rs.core.Response)2
Aggregation (io.gravitee.rest.api.management.rest.resource.param.Aggregation)1
AnalyticsParam (io.gravitee.rest.api.management.rest.resource.param.AnalyticsParam)1
Range (io.gravitee.rest.api.management.rest.resource.param.Range)1
Permission (io.gravitee.rest.api.management.rest.security.Permission)1
Permissions (io.gravitee.rest.api.management.rest.security.Permissions)1
PlanEntity (io.gravitee.rest.api.model.PlanEntity)1
PlanStatus (io.gravitee.rest.api.model.PlanStatus)1
Visibility (io.gravitee.rest.api.model.Visibility)1
Analytics (io.gravitee.rest.api.model.analytics.Analytics)1
io.gravitee.rest.api.model.analytics.query (io.gravitee.rest.api.model.analytics.query)1
