Example 6 with UnauthorizedAccessException
use of io.gravitee.rest.api.service.exceptions.UnauthorizedAccessException in project gravitee-management-rest-api by gravitee-io.
the class ApiPageResource method getPageByApiIdAndPageId.
@GET
@Produces(MediaType.APPLICATION_JSON)
@RequirePortalAuth
public Response getPageByApiIdAndPageId(@HeaderParam("Accept-Language") String acceptLang, @PathParam("apiId") String apiId, @PathParam("pageId") String pageId, @QueryParam("include") List<String> include) {
final ApiQuery apiQuery = new ApiQuery();
apiQuery.setIds(Collections.singletonList(apiId));
if (accessControlService.canAccessApiFromPortal(apiId)) {
final String acceptedLocale = HttpHeadersUtil.getFirstAcceptedLocaleName(acceptLang);
PageEntity pageEntity = pageService.findById(pageId, acceptedLocale);
if (accessControlService.canAccessPageFromPortal(apiId, pageEntity)) {
pageService.transformSwagger(pageEntity, apiId);
if (!isAuthenticated() && pageEntity.getMetadata() != null) {
pageEntity.getMetadata().clear();
}
Page page = pageMapper.convert(uriInfo.getBaseUriBuilder(), apiId, pageEntity);
if (include.contains(INCLUDE_CONTENT)) {
page.setContent(pageEntity.getContent());
}
page.setLinks(pageMapper.computePageLinks(PortalApiLinkHelper.apiPagesURL(uriInfo.getBaseUriBuilder(), apiId, pageId), PortalApiLinkHelper.apiPagesURL(uriInfo.getBaseUriBuilder(), apiId, page.getParent())));
return Response.ok(page).build();
} else {
throw new UnauthorizedAccessException();
}
}
throw new ApiNotFoundException(apiId);
}
Also used :
PageEntity(io.gravitee.rest.api.model.PageEntity)
ApiQuery(io.gravitee.rest.api.model.api.ApiQuery)
UnauthorizedAccessException(io.gravitee.rest.api.service.exceptions.UnauthorizedAccessException)
ApiNotFoundException(io.gravitee.rest.api.service.exceptions.ApiNotFoundException)
Page(io.gravitee.rest.api.portal.rest.model.Page)
RequirePortalAuth(io.gravitee.rest.api.portal.rest.security.RequirePortalAuth)
Example 7 with UnauthorizedAccessException
use of io.gravitee.rest.api.service.exceptions.UnauthorizedAccessException in project gravitee-management-rest-api by gravitee-io.
the class PageResource method getPageByPageId.
@GET
@Produces(MediaType.APPLICATION_JSON)
@RequirePortalAuth
public Response getPageByPageId(@HeaderParam("Accept-Language") String acceptLang, @PathParam("pageId") String pageId, @QueryParam("include") List<String> include) {
final String acceptedLocale = HttpHeadersUtil.getFirstAcceptedLocaleName(acceptLang);
PageEntity pageEntity = pageService.findById(pageId, acceptedLocale);
if (accessControlService.canAccessPageFromPortal(pageEntity)) {
if (!isAuthenticated() && pageEntity.getMetadata() != null) {
pageEntity.getMetadata().clear();
}
pageService.transformWithTemplate(pageEntity, null);
Page page = pageMapper.convert(uriInfo.getBaseUriBuilder(), null, pageEntity);
if (include.contains(INCLUDE_CONTENT)) {
page.setContent(pageEntity.getContent());
}
page.setLinks(pageMapper.computePageLinks(PortalApiLinkHelper.pagesURL(uriInfo.getBaseUriBuilder(), pageId), PortalApiLinkHelper.pagesURL(uriInfo.getBaseUriBuilder(), page.getParent())));
return Response.ok(page).build();
} else {
throw new UnauthorizedAccessException();
}
}
Also used :
PageEntity(io.gravitee.rest.api.model.PageEntity)
UnauthorizedAccessException(io.gravitee.rest.api.service.exceptions.UnauthorizedAccessException)
Page(io.gravitee.rest.api.portal.rest.model.Page)
RequirePortalAuth(io.gravitee.rest.api.portal.rest.security.RequirePortalAuth)
Example 8 with UnauthorizedAccessException
use of io.gravitee.rest.api.service.exceptions.UnauthorizedAccessException in project gravitee-management-rest-api by gravitee-io.
the class ApiRatingResource method getApiRating.
@GET
@ApiOperation(value = "List ratings for an API")
@Produces(MediaType.APPLICATION_JSON)
public Page<RatingEntity> getApiRating(@Min(1) @QueryParam("pageNumber") int pageNumber, @QueryParam("pageSize") int pageSize) {
final ApiEntity apiEntity = apiService.findById(api);
if (PUBLIC.equals(apiEntity.getVisibility()) || hasPermission(RolePermission.API_RATING, api, RolePermissionAction.READ)) {
final Page<RatingEntity> ratingEntityPage = ratingService.findByApi(api, new PageableBuilder().pageNumber(pageNumber).pageSize(pageSize).build());
final List<RatingEntity> filteredRatings = ratingEntityPage.getContent().stream().map(ratingEntity -> filterPermission(api, ratingEntity)).collect(toList());
return new Page<>(filteredRatings, ratingEntityPage.getPageNumber(), (int) ratingEntityPage.getPageElements(), ratingEntityPage.getTotalElements());
} else {
throw new UnauthorizedAccessException();
}
}
Also used :
PUBLIC(io.gravitee.rest.api.model.Visibility.PUBLIC)
RolePermissionAction(io.gravitee.rest.api.model.permissions.RolePermissionAction)
ApiEntity(io.gravitee.rest.api.model.api.ApiEntity)
Page(io.gravitee.common.data.domain.Page)
RatingService(io.gravitee.rest.api.service.RatingService)
ApiParam(io.swagger.annotations.ApiParam)
Min(javax.validation.constraints.Min)
NotNull(javax.validation.constraints.NotNull)
Permission(io.gravitee.rest.api.management.rest.security.Permission)
UnauthorizedAccessException(io.gravitee.rest.api.service.exceptions.UnauthorizedAccessException)
Inject(javax.inject.Inject)
Valid(javax.validation.Valid)
ApiOperation(io.swagger.annotations.ApiOperation)
Collectors.toList(java.util.stream.Collectors.toList)
List(java.util.List)
MediaType(io.gravitee.common.http.MediaType)
javax.ws.rs(javax.ws.rs)
PageableBuilder(io.gravitee.repository.management.api.search.builder.PageableBuilder)
io.gravitee.rest.api.model(io.gravitee.rest.api.model)
Api(io.swagger.annotations.Api)
Permissions(io.gravitee.rest.api.management.rest.security.Permissions)
RolePermission(io.gravitee.rest.api.model.permissions.RolePermission)
UnauthorizedAccessException(io.gravitee.rest.api.service.exceptions.UnauthorizedAccessException)
ApiEntity(io.gravitee.rest.api.model.api.ApiEntity)
Page(io.gravitee.common.data.domain.Page)
PageableBuilder(io.gravitee.repository.management.api.search.builder.PageableBuilder)
ApiOperation(io.swagger.annotations.ApiOperation)
Aggregations
UnauthorizedAccessException (io.gravitee.rest.api.service.exceptions.UnauthorizedAccessException)8
PageEntity (io.gravitee.rest.api.model.PageEntity)3
RequirePortalAuth (io.gravitee.rest.api.portal.rest.security.RequirePortalAuth)3
CategoryEntity (io.gravitee.rest.api.model.CategoryEntity)2
UpdateCategoryEntity (io.gravitee.rest.api.model.UpdateCategoryEntity)2
ApiQuery (io.gravitee.rest.api.model.api.ApiQuery)2
Page (io.gravitee.rest.api.portal.rest.model.Page)2
ApiNotFoundException (io.gravitee.rest.api.service.exceptions.ApiNotFoundException)2
Page (io.gravitee.common.data.domain.Page)1
MediaType (io.gravitee.common.http.MediaType)1
TechnicalException (io.gravitee.repository.exceptions.TechnicalException)1
UserCriteria (io.gravitee.repository.management.api.search.UserCriteria)1
PageableBuilder (io.gravitee.repository.management.api.search.builder.PageableBuilder)1
Workflow (io.gravitee.repository.management.model.Workflow)1
Permission (io.gravitee.rest.api.management.rest.security.Permission)1
Permissions (io.gravitee.rest.api.management.rest.security.Permissions)1
io.gravitee.rest.api.model (io.gravitee.rest.api.model)1
PUBLIC (io.gravitee.rest.api.model.Visibility.PUBLIC)1
ApiEntity (io.gravitee.rest.api.model.api.ApiEntity)1
PageableImpl (io.gravitee.rest.api.model.common.PageableImpl)1
