use of io.gravitee.rest.api.portal.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiRatingsResource method createApiRating.
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Permissions({ @Permission(value = RolePermission.API_RATING, acls = RolePermissionAction.CREATE) })
public Response createApiRating(@PathParam("apiId") String apiId, @Valid RatingInput ratingInput) {
if (ratingInput == null) {
throw new BadRequestException("Input must not be null.");
}
final ApiQuery apiQuery = new ApiQuery();
apiQuery.setIds(Collections.singletonList(apiId));
Collection<ApiEntity> userApis = apiService.findPublishedByUser(getAuthenticatedUserOrNull(), apiQuery);
if (userApis.stream().anyMatch(a -> a.getId().equals(apiId))) {
NewRatingEntity rating = new NewRatingEntity();
rating.setApi(apiId);
rating.setComment(ratingInput.getComment());
rating.setTitle(ratingInput.getTitle());
rating.setRate(ratingInput.getValue().byteValue());
RatingEntity createdRating = ratingService.create(rating);
return Response.status(Status.CREATED).entity(ratingMapper.convert(createdRating, uriInfo)).build();
}
throw new ApiNotFoundException(apiId);
}
use of io.gravitee.rest.api.portal.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiRatingAnswerResource method deleteApiRatingAnswer.
@DELETE
@Produces(MediaType.APPLICATION_JSON)
@Permissions({ @Permission(value = RolePermission.API_RATING_ANSWER, acls = RolePermissionAction.DELETE) })
public Response deleteApiRatingAnswer(@PathParam("apiId") String apiId, @PathParam("ratingId") String ratingId, @PathParam("answerId") String answerId) {
final ApiQuery apiQuery = new ApiQuery();
apiQuery.setIds(Collections.singletonList(apiId));
Collection<ApiEntity> userApis = apiService.findPublishedByUser(getAuthenticatedUserOrNull(), apiQuery);
if (userApis.stream().anyMatch(a -> a.getId().equals(apiId))) {
RatingEntity ratingEntity = ratingService.findById(ratingId);
if (ratingEntity != null && ratingEntity.getApi().equals(apiId)) {
if (ratingEntity.getAnswers().stream().anyMatch(answer -> answer.getId().equals(answerId))) {
ratingService.deleteAnswer(ratingId, answerId);
return Response.status(Status.NO_CONTENT).build();
}
throw new RatingAnswerNotFoundException(answerId, ratingId, apiId);
}
throw new RatingNotFoundException(ratingId, apiId);
}
throw new ApiNotFoundException(apiId);
}
use of io.gravitee.rest.api.portal.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiRatingResource method deleteApiRating.
@DELETE
@Produces(MediaType.APPLICATION_JSON)
@Permissions({ @Permission(value = RolePermission.API_RATING, acls = RolePermissionAction.DELETE) })
public Response deleteApiRating(@PathParam("apiId") String apiId, @PathParam("ratingId") String ratingId) {
// FIXME: are we sure we need to fetch the api while the permission system alreay allowed the user to delete the rating ?
final ApiQuery apiQuery = new ApiQuery();
apiQuery.setIds(Collections.singletonList(apiId));
Collection<ApiEntity> userApis = apiService.findPublishedByUser(getAuthenticatedUserOrNull(), apiQuery);
if (userApis.stream().anyMatch(a -> a.getId().equals(apiId))) {
RatingEntity ratingEntity = ratingService.findById(ratingId);
if (ratingEntity != null && ratingEntity.getApi().equals(apiId)) {
ratingService.delete(ratingId);
return Response.status(Status.NO_CONTENT).build();
}
throw new RatingNotFoundException(ratingId, apiId);
}
throw new ApiNotFoundException(apiId);
}
use of io.gravitee.rest.api.portal.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApiRatingResource method updateApiRating.
@PUT
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Permissions({ @Permission(value = RolePermission.API_RATING, acls = RolePermissionAction.UPDATE) })
public Response updateApiRating(@PathParam("apiId") String apiId, @PathParam("ratingId") String ratingId, @Valid RatingInput ratingInput) {
if (ratingInput == null) {
throw new BadRequestException("Input must not be null.");
}
final ApiQuery apiQuery = new ApiQuery();
apiQuery.setIds(Collections.singletonList(apiId));
Collection<ApiEntity> userApis = apiService.findPublishedByUser(getAuthenticatedUserOrNull(), apiQuery);
if (userApis.stream().anyMatch(a -> a.getId().equals(apiId))) {
RatingEntity ratingEntity = ratingService.findById(ratingId);
if (ratingEntity != null && ratingEntity.getApi().equals(apiId)) {
UpdateRatingEntity rating = new UpdateRatingEntity();
rating.setId(ratingId);
rating.setApi(apiId);
rating.setComment(ratingInput.getComment());
rating.setTitle(ratingInput.getTitle());
rating.setRate(ratingInput.getValue().byteValue());
RatingEntity updatedRating = ratingService.update(rating);
return Response.status(Status.OK).entity(ratingMapper.convert(updatedRating, uriInfo)).build();
}
throw new RatingNotFoundException(ratingId, apiId);
}
throw new ApiNotFoundException(apiId);
}
use of io.gravitee.rest.api.portal.rest.security.Permissions in project gravitee-management-rest-api by gravitee-io.
the class ApplicationLogsResource method applicationLogs.
@GET
@Produces(MediaType.APPLICATION_JSON)
@Permissions({ @Permission(value = RolePermission.APPLICATION_LOG, acls = RolePermissionAction.READ) })
public Response applicationLogs(@PathParam("applicationId") String applicationId, @BeanParam PaginationParam paginationParam, @BeanParam LogsParam logsParam) {
// Does application exists ?
applicationService.findById(applicationId);
final SearchLogResponse<ApplicationRequestItem> searchLogResponse = getSearchLogResponse(applicationId, paginationParam, logsParam);
List<Log> logs = searchLogResponse.getLogs().stream().map(logMapper::convert).collect(Collectors.toList());
final Map<String, Object> metadataTotal = new HashMap<>();
metadataTotal.put(METADATA_DATA_TOTAL_KEY, searchLogResponse.getTotal());
final Map<String, Map<String, Object>> metadata = searchLogResponse.getMetadata() == null ? new HashMap() : new HashMap(searchLogResponse.getMetadata());
metadata.put(METADATA_DATA_KEY, metadataTotal);
// No pagination, because logsService did it already
return createListResponse(logs, paginationParam, metadata, false);
}
Aggregations