use of io.gravitee.rest.api.service.exceptions.UnauthorizedAccessException in project gravitee-management-rest-api by gravitee-io.
the class ApiPageResource method getPageByApiIdAndPageId.
@GET
@Produces(MediaType.APPLICATION_JSON)
@RequirePortalAuth
public Response getPageByApiIdAndPageId(@HeaderParam("Accept-Language") String acceptLang, @PathParam("apiId") String apiId, @PathParam("pageId") String pageId, @QueryParam("include") List<String> include) {
final ApiQuery apiQuery = new ApiQuery();
apiQuery.setIds(Collections.singletonList(apiId));
if (accessControlService.canAccessApiFromPortal(apiId)) {
final String acceptedLocale = HttpHeadersUtil.getFirstAcceptedLocaleName(acceptLang);
PageEntity pageEntity = pageService.findById(pageId, acceptedLocale);
if (accessControlService.canAccessPageFromPortal(apiId, pageEntity)) {
pageService.transformSwagger(pageEntity, apiId);
if (!isAuthenticated() && pageEntity.getMetadata() != null) {
pageEntity.getMetadata().clear();
}
Page page = pageMapper.convert(uriInfo.getBaseUriBuilder(), apiId, pageEntity);
if (include.contains(INCLUDE_CONTENT)) {
page.setContent(pageEntity.getContent());
}
page.setLinks(pageMapper.computePageLinks(PortalApiLinkHelper.apiPagesURL(uriInfo.getBaseUriBuilder(), apiId, pageId), PortalApiLinkHelper.apiPagesURL(uriInfo.getBaseUriBuilder(), apiId, page.getParent())));
return Response.ok(page).build();
} else {
throw new UnauthorizedAccessException();
}
}
throw new ApiNotFoundException(apiId);
}
use of io.gravitee.rest.api.service.exceptions.UnauthorizedAccessException in project gravitee-management-rest-api by gravitee-io.
the class PageResource method getPageByPageId.
@GET
@Produces(MediaType.APPLICATION_JSON)
@RequirePortalAuth
public Response getPageByPageId(@HeaderParam("Accept-Language") String acceptLang, @PathParam("pageId") String pageId, @QueryParam("include") List<String> include) {
final String acceptedLocale = HttpHeadersUtil.getFirstAcceptedLocaleName(acceptLang);
PageEntity pageEntity = pageService.findById(pageId, acceptedLocale);
if (accessControlService.canAccessPageFromPortal(pageEntity)) {
if (!isAuthenticated() && pageEntity.getMetadata() != null) {
pageEntity.getMetadata().clear();
}
pageService.transformWithTemplate(pageEntity, null);
Page page = pageMapper.convert(uriInfo.getBaseUriBuilder(), null, pageEntity);
if (include.contains(INCLUDE_CONTENT)) {
page.setContent(pageEntity.getContent());
}
page.setLinks(pageMapper.computePageLinks(PortalApiLinkHelper.pagesURL(uriInfo.getBaseUriBuilder(), pageId), PortalApiLinkHelper.pagesURL(uriInfo.getBaseUriBuilder(), page.getParent())));
return Response.ok(page).build();
} else {
throw new UnauthorizedAccessException();
}
}
use of io.gravitee.rest.api.service.exceptions.UnauthorizedAccessException in project gravitee-management-rest-api by gravitee-io.
the class ApiRatingResource method getApiRating.
@GET
@ApiOperation(value = "List ratings for an API")
@Produces(MediaType.APPLICATION_JSON)
public Page<RatingEntity> getApiRating(@Min(1) @QueryParam("pageNumber") int pageNumber, @QueryParam("pageSize") int pageSize) {
final ApiEntity apiEntity = apiService.findById(api);
if (PUBLIC.equals(apiEntity.getVisibility()) || hasPermission(RolePermission.API_RATING, api, RolePermissionAction.READ)) {
final Page<RatingEntity> ratingEntityPage = ratingService.findByApi(api, new PageableBuilder().pageNumber(pageNumber).pageSize(pageSize).build());
final List<RatingEntity> filteredRatings = ratingEntityPage.getContent().stream().map(ratingEntity -> filterPermission(api, ratingEntity)).collect(toList());
return new Page<>(filteredRatings, ratingEntityPage.getPageNumber(), (int) ratingEntityPage.getPageElements(), ratingEntityPage.getTotalElements());
} else {
throw new UnauthorizedAccessException();
}
}
Aggregations