Examples with RolesAllowed javax.annotation.security.RolesAllowed used on opensource projects

Example 51 with RolesAllowed

use of javax.annotation.security.RolesAllowed in project jeeshop by remibantos.

the class MailTemplates method modify.

@PUT
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Transactional
@RolesAllowed(ADMIN)
public MailTemplate modify(MailTemplate mailTemplate) {
    MailTemplate existingMailTemplate = entityManager.find(MailTemplate.class, mailTemplate.getId());
    checkNotNull(existingMailTemplate);
    MailTemplate existingTplWithSameLocaleAndName = mailTemplateFinder.findByNameAndLocale(mailTemplate.getName(), mailTemplate.getLocale());
    if (existingTplWithSameLocaleAndName != null && !existingTplWithSameLocaleAndName.getId().equals(mailTemplate.getId())) {
        throw new WebApplicationException(Response.Status.CONFLICT);
    }
    mailTemplate.setCreationDate(existingMailTemplate.getCreationDate());
    return entityManager.merge(mailTemplate);
}

Example 52 with RolesAllowed

use of javax.annotation.security.RolesAllowed in project smarthome by eclipse.

the class ItemResource method getItems.

@GET
@RolesAllowed({ Role.USER, Role.ADMIN })
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get all available items.", response = EnrichedItemDTO.class, responseContainer = "List")
@ApiResponses(value = { @ApiResponse(code = 200, message = "OK", response = EnrichedItemDTO.class, responseContainer = "List") })
public Response getItems(@HeaderParam(HttpHeaders.ACCEPT_LANGUAGE) @ApiParam(value = "language") @Nullable String language, @QueryParam("type") @ApiParam(value = "item type filter", required = false) @Nullable String type, @QueryParam("tags") @ApiParam(value = "item tag filter", required = false) @Nullable String tags, @QueryParam("metadata") @ApiParam(value = "metadata selector", required = false) @Nullable String namespaceSelector, @DefaultValue("false") @QueryParam("recursive") @ApiParam(value = "get member items recursively", required = false) boolean recursive, @QueryParam("fields") @ApiParam(value = "limit output to the given fields (comma separated)", required = false) @Nullable String fields) {
    final Locale locale = localeService.getLocale(language);
    final Set<String> namespaces = splitAndFilterNamespaces(namespaceSelector, locale);
    logger.debug("Received HTTP GET request at '{}'", uriInfo.getPath());
    Stream<EnrichedItemDTO> itemStream = // 
    getItems(type, tags).stream().map(// 
    item -> EnrichedItemDTOMapper.map(item, recursive, null, uriInfo.getBaseUri(), locale)).peek(// 
    dto -> addMetadata(dto, namespaces, null)).peek(dto -> dto.editable = isEditable(dto.name));
    itemStream = dtoMapper.limitToFields(itemStream, fields);
    return Response.ok(new Stream2JSONInputStream(itemStream)).build();
}

Example 53 with RolesAllowed

use of javax.annotation.security.RolesAllowed in project smarthome by eclipse.

the class ThingResource method getAll.

@GET
@RolesAllowed({ Role.USER, Role.ADMIN })
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get all available things.", response = EnrichedThingDTO.class, responseContainer = "Set")
@ApiResponses(value = { @ApiResponse(code = 200, message = "OK", response = EnrichedThingDTO.class, responseContainer = "Set") })
public Response getAll(@HeaderParam(HttpHeaders.ACCEPT_LANGUAGE) @ApiParam(value = "language") String language) {
    final Locale locale = localeService.getLocale(language);
    Stream<EnrichedThingDTO> thingStream = thingRegistry.stream().map(t -> convertToEnrichedThingDTO(t, locale)).distinct();
    return Response.ok(new Stream2JSONInputStream(thingStream)).build();
}

Example 54 with RolesAllowed

use of javax.annotation.security.RolesAllowed in project smarthome by eclipse.

the class ThingResource method create.

/**
 * create a new Thing
 *
 * @param thingBean
 * @return Response holding the newly created Thing or error information
 */
@POST
@RolesAllowed({ Role.ADMIN })
@Consumes(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Creates a new thing and adds it to the registry.")
@ApiResponses(value = { @ApiResponse(code = 201, message = "Created", response = String.class), @ApiResponse(code = 400, message = "A uid must be provided, if no binding can create a thing of this type."), @ApiResponse(code = 409, message = "A thing with the same uid already exists.") })
public Response create(@HeaderParam(HttpHeaders.ACCEPT_LANGUAGE) @ApiParam(value = "language") String language, @ApiParam(value = "thing data", required = true) ThingDTO thingBean) {
    final Locale locale = localeService.getLocale(language);
    ThingUID thingUID = thingBean.UID == null ? null : new ThingUID(thingBean.UID);
    ThingTypeUID thingTypeUID = new ThingTypeUID(thingBean.thingTypeUID);
    if (thingUID != null) {
        // check if a thing with this UID already exists
        Thing thing = thingRegistry.get(thingUID);
        if (thing != null) {
            // report a conflict
            return getThingResponse(Status.CONFLICT, thing, locale, "Thing " + thingUID.toString() + " already exists!");
        }
    }
    ThingUID bridgeUID = null;
    if (thingBean.bridgeUID != null) {
        bridgeUID = new ThingUID(thingBean.bridgeUID);
    }
    // turn the ThingDTO's configuration into a Configuration
    Configuration configuration = new Configuration(normalizeConfiguration(thingBean.configuration, thingTypeUID, thingUID));
    normalizeChannels(thingBean, thingUID);
    Thing thing = thingRegistry.createThingOfType(thingTypeUID, thingUID, bridgeUID, thingBean.label, configuration);
    if (thing != null) {
        if (thingBean.properties != null) {
            for (Entry<String, String> entry : thingBean.properties.entrySet()) {
                thing.setProperty(entry.getKey(), entry.getValue());
            }
        }
        if (thingBean.channels != null) {
            List<Channel> channels = new ArrayList<>();
            for (ChannelDTO channelDTO : thingBean.channels) {
                channels.add(ChannelDTOMapper.map(channelDTO));
            }
            ThingHelper.addChannelsToThing(thing, channels);
        }
        if (thingBean.location != null) {
            thing.setLocation(thingBean.location);
        }
    } else if (thingUID != null) {
        // if there wasn't any ThingFactory capable of creating the thing,
        // we create the Thing exactly the way we received it, i.e. we
        // cannot take its thing type into account for automatically
        // populating channels and properties.
        thing = ThingDTOMapper.map(thingBean, thingTypeRegistry.getThingType(thingTypeUID) instanceof BridgeType);
    } else {
        return getThingResponse(Status.BAD_REQUEST, thing, locale, "A UID must be provided, since no binding can create the thing!");
    }
    thingRegistry.add(thing);
    return getThingResponse(Status.CREATED, thing, locale, null);
}

Example 55 with RolesAllowed

use of javax.annotation.security.RolesAllowed in project smarthome by eclipse.

the class ThingResource method getConfigStatus.

@GET
@RolesAllowed({ Role.USER, Role.ADMIN })
@Path("/{thingUID}/config/status")
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Gets thing's config status.")
@ApiResponses(value = { @ApiResponse(code = 200, message = "OK", response = String.class), @ApiResponse(code = 404, message = "Thing not found.") })
public Response getConfigStatus(@HeaderParam(HttpHeaders.ACCEPT_LANGUAGE) String language, @PathParam("thingUID") @ApiParam(value = "thing") String thingUID) throws IOException {
    ThingUID thingUIDObject = new ThingUID(thingUID);
    // Check if the Thing exists, 404 if not
    Thing thing = thingRegistry.get(thingUIDObject);
    if (null == thing) {
        logger.info("Received HTTP GET request for thing config status at '{}' for the unknown thing '{}'.", uriInfo.getPath(), thingUID);
        return getThingNotFoundResponse(thingUID);
    }
    ConfigStatusInfo info = configStatusService.getConfigStatus(thingUID, localeService.getLocale(language));
    if (info != null) {
        return Response.ok().entity(info.getConfigStatusMessages()).build();
    }
    return Response.ok().entity(Collections.EMPTY_SET).build();
}