Example 1 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project jersey by jersey.
the class RolesAllowedDynamicFeature method configure.
@Override
public void configure(final ResourceInfo resourceInfo, final FeatureContext configuration) {
final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod());
// DenyAll on the method take precedence over RolesAllowed and PermitAll
if (am.isAnnotationPresent(DenyAll.class)) {
configuration.register(new RolesAllowedRequestFilter());
return;
}
// RolesAllowed on the method takes precedence over PermitAll
RolesAllowed ra = am.getAnnotation(RolesAllowed.class);
if (ra != null) {
configuration.register(new RolesAllowedRequestFilter(ra.value()));
return;
}
// PermitAll takes precedence over RolesAllowed on the class
if (am.isAnnotationPresent(PermitAll.class)) {
// Do nothing.
return;
}
// DenyAll can't be attached to classes
// RolesAllowed on the class takes precedence over PermitAll
ra = resourceInfo.getResourceClass().getAnnotation(RolesAllowed.class);
if (ra != null) {
configuration.register(new RolesAllowedRequestFilter(ra.value()));
}
}
Also used :
RolesAllowed(javax.annotation.security.RolesAllowed)
AnnotatedMethod(org.glassfish.jersey.server.model.AnnotatedMethod)
Example 2 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project jeeshop by remibantos.
the class Catalogs method modify.
@PUT
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed(ADMIN)
public Catalog modify(Catalog catalog) {
Catalog originalCatalog = entityManager.find(Catalog.class, catalog.getId());
checkNotNull(originalCatalog);
if (catalog.getRootCategoriesIds() != null) {
List<Category> newCategories = new ArrayList<>();
catalog.getRootCategoriesIds().forEach(categoryId -> newCategories.add(entityManager.find(Category.class, categoryId)));
catalog.setRootCategories(newCategories);
} else {
catalog.setRootCategories(originalCatalog.getRootCategories());
}
catalog.setPresentationByLocale(originalCatalog.getPresentationByLocale());
return entityManager.merge(catalog);
}
Also used :
Category(org.rembx.jeeshop.catalog.model.Category)
ArrayList(java.util.ArrayList)
Catalog(org.rembx.jeeshop.catalog.model.Catalog)
RolesAllowed(javax.annotation.security.RolesAllowed)
Example 3 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project jeeshop by remibantos.
the class Catalogs method findPresentationsLocales.
@GET
@Path("/{catalogId}/presentationslocales")
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed({ ADMIN, ADMIN_READONLY })
public Set<String> findPresentationsLocales(@PathParam("catalogId") @NotNull Long catalogId) {
Catalog catalog = entityManager.find(Catalog.class, catalogId);
checkNotNull(catalog);
return catalog.getPresentationByLocale().keySet();
}
Also used :
Catalog(org.rembx.jeeshop.catalog.model.Catalog)
RolesAllowed(javax.annotation.security.RolesAllowed)
Example 4 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project jeeshop by remibantos.
the class Orders method find.
@GET
@Path("/{orderId}")
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed({ ADMIN, ADMIN_READONLY, USER })
public Order find(@PathParam("orderId") @NotNull Long orderId, @QueryParam("enhanced") Boolean enhanced) {
Order order = entityManager.find(Order.class, orderId);
if (sessionContext.isCallerInRole(USER) && !sessionContext.isCallerInRole(ADMIN)) {
User authenticatedUser = userFinder.findByLogin(sessionContext.getCallerPrincipal().getName());
if (!order.getUser().equals(authenticatedUser)) {
throw new WebApplicationException(Response.Status.UNAUTHORIZED);
}
}
if (enhanced != null && enhanced) {
orderFinder.enhanceOrder(order);
}
checkNotNull(order);
return order;
}
Also used :
Order(org.rembx.jeeshop.order.model.Order)
User(org.rembx.jeeshop.user.model.User)
WebApplicationException(org.rembx.jeeshop.rest.WebApplicationException)
RolesAllowed(javax.annotation.security.RolesAllowed)
Example 5 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project Payara by payara.
the class CdiExtension method findRoles.
/**
* Find all the roles used by the <code>@RolesAllowed</code> annotation, so these can be programmatically
* declared later on.
*/
public <T> void findRoles(@Observes ProcessManagedBean<T> eventIn, BeanManager beanManager) {
// JDK8 u60 workaround
ProcessManagedBean<T> event = eventIn;
if (event instanceof ProcessSessionBean) {
// @RolesAllowed on session beans is already handled
return;
}
List<Annotated> annotatedElements = new ArrayList<>(event.getAnnotatedBeanClass().getMethods());
annotatedElements.add(event.getAnnotatedBeanClass());
for (Annotated annotated : annotatedElements) {
RolesAllowed rolesAllowed = annotated.getAnnotation(RolesAllowed.class);
if (rolesAllowed != null) {
roles.addAll(Arrays.asList(rolesAllowed.value()));
}
}
}
Also used :
Annotated(javax.enterprise.inject.spi.Annotated)
RolesAllowed(javax.annotation.security.RolesAllowed)
ArrayList(java.util.ArrayList)
ProcessSessionBean(javax.enterprise.inject.spi.ProcessSessionBean)
Aggregations
RolesAllowed (javax.annotation.security.RolesAllowed)143
Path (javax.ws.rs.Path)79
Produces (javax.ws.rs.Produces)66
Consumes (javax.ws.rs.Consumes)36
GET (javax.ws.rs.GET)34
POST (javax.ws.rs.POST)29
ApiOperation (io.swagger.annotations.ApiOperation)25
ApiResponses (io.swagger.annotations.ApiResponses)25
PUT (javax.ws.rs.PUT)21
Response (javax.ws.rs.core.Response)21
HashMap (java.util.HashMap)20
WebApplicationException (org.rembx.jeeshop.rest.WebApplicationException)19
ArrayList (java.util.ArrayList)18
Locale (java.util.Locale)15
IOException (java.io.IOException)14
DELETE (javax.ws.rs.DELETE)13
Transactional (javax.transaction.Transactional)10
Adapter (nl.nn.adapterframework.core.Adapter)9
IAdapter (nl.nn.adapterframework.core.IAdapter)9
ActiveItem (org.eclipse.smarthome.core.items.ActiveItem)9
