Example 1 with RequiresPermissions
use of org.apache.shiro.authz.annotation.RequiresPermissions in project OpenAttestation by OpenAttestation.
the class MtWilsonImportTagCertificate method run.
@Override
@RequiresPermissions("tag_certificates:import")
public void run() {
log.debug("RPC:MtWilsonImportTagCertificate - Got request to deploy certificate with ID {}.", certificateId);
CertificateLocator locator = new CertificateLocator();
locator.id = certificateId;
try (CertificateDAO dao = TagJdbi.certificateDao()) {
Certificate obj = dao.findById(certificateId);
if (obj != null) {
log.debug("RPC:MtWilsonImportTagCertificate - Sha1 of the certificate about to be deployed is {}.", obj.getSha1());
AssetTagCertCreateRequest request = new AssetTagCertCreateRequest();
request.setCertificate(obj.getCertificate());
Global.mtwilson().importAssetTagCertificate(request);
log.info("RPC:MtWilsonImportTagCertificate - Certificate with id {} has been deployed successfully.");
} else {
log.error("RPC:MtWilsonImportTagCertificate - Specified Certificate with id {} is not valid.", certificateId);
throw new RepositoryInvalidInputException(locator);
}
} catch (RepositoryException re) {
throw re;
} catch (Exception ex) {
log.error("RPC:MtWilsonImportTagCertificate - Error during certificate deployment.", ex);
throw new RepositoryException(ex);
}
}
Also used :
CertificateLocator(com.intel.mtwilson.datatypes.CertificateLocator)
CertificateDAO(com.intel.mtwilson.tag.dao.jdbi.CertificateDAO)
AssetTagCertCreateRequest(com.intel.mtwilson.datatypes.AssetTagCertCreateRequest)
RepositoryException(com.intel.mtwilson.tag.repository.RepositoryException)
RepositoryInvalidInputException(com.intel.mtwilson.tag.repository.RepositoryInvalidInputException)
RepositoryInvalidInputException(com.intel.mtwilson.tag.repository.RepositoryInvalidInputException)
RepositoryException(com.intel.mtwilson.tag.repository.RepositoryException)
Certificate(com.intel.mtwilson.datatypes.Certificate)
RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions)
Example 2 with RequiresPermissions
use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.
the class StreamResource method create.
@POST
@Timed
@ApiOperation(value = "Create a stream")
@RequiresPermissions(RestPermissions.STREAMS_CREATE)
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@AuditEvent(type = AuditEventTypes.STREAM_CREATE)
public Response create(@ApiParam(name = "JSON body", required = true) final CreateStreamRequest cr) throws ValidationException {
// Create stream.
final Stream stream = streamService.create(cr, getCurrentUser().getName());
stream.setDisabled(true);
if (!stream.getIndexSet().getConfig().isWritable()) {
throw new BadRequestException("Assigned index set must be writable!");
}
final String id = streamService.save(stream);
final List<CreateStreamRuleRequest> rules = firstNonNull(cr.rules(), Collections.<CreateStreamRuleRequest>emptyList());
for (CreateStreamRuleRequest request : rules) {
StreamRule streamRule = streamRuleService.create(id, request);
streamRuleService.save(streamRule);
}
clusterEventBus.post(StreamsChangedEvent.create(stream.getId()));
final Map<String, String> result = ImmutableMap.of("stream_id", id);
final URI streamUri = getUriBuilderToSelf().path(StreamResource.class).path("{streamId}").build(id);
return Response.created(streamUri).entity(result).build();
}
Also used :
StreamRule(org.graylog2.plugin.streams.StreamRule)
CreateStreamRuleRequest(org.graylog2.rest.resources.streams.rules.requests.CreateStreamRuleRequest)
BadRequestException(javax.ws.rs.BadRequestException)
Stream(org.graylog2.plugin.streams.Stream)
URI(java.net.URI)
RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
Timed(com.codahale.metrics.annotation.Timed)
ApiOperation(io.swagger.annotations.ApiOperation)
NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent)
AuditEvent(org.graylog2.audit.jersey.AuditEvent)
Example 3 with RequiresPermissions
use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.
the class MessageResource method analyze.
@GET
@Path("/{index}/analyze")
@Timed
@ApiOperation(value = "Analyze a message string", notes = "Returns what tokens/terms a message string (message or full_message) is split to.")
@RequiresPermissions(RestPermissions.MESSAGES_ANALYZE)
@ApiResponses(value = { @ApiResponse(code = 404, message = "Specified index does not exist.") })
public MessageTokens analyze(@ApiParam(name = "index", value = "The index the message containing the string is stored in.", required = true) @PathParam("index") String index, @ApiParam(name = "analyzer", value = "The analyzer to use.") @QueryParam("analyzer") @Nullable String analyzer, @ApiParam(name = "string", value = "The string to analyze.", required = true) @QueryParam("string") @NotEmpty String string) {
final String indexAnalyzer = indexSetRegistry.getForIndex(index).map(indexSet -> indexSet.getConfig().indexAnalyzer()).orElse("standard");
final String messageAnalyzer = analyzer == null ? indexAnalyzer : analyzer;
try {
return MessageTokens.create(messages.analyze(string, index, messageAnalyzer));
} catch (IndexNotFoundException e) {
final String message = "Index " + index + " does not exist.";
LOG.error(message, e);
throw new NotFoundException(message);
}
}
Also used :
Configuration(org.graylog2.plugin.configuration.Configuration)
PathParam(javax.ws.rs.PathParam)
UUID(com.eaio.uuid.UUID)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Tools(org.graylog2.plugin.Tools)
LoggerFactory(org.slf4j.LoggerFactory)
Path(javax.ws.rs.Path)
ApiParam(io.swagger.annotations.ApiParam)
MessageTokens(org.graylog2.rest.models.messages.responses.MessageTokens)
Strings.isNullOrEmpty(com.google.common.base.Strings.isNullOrEmpty)
ApiResponses(io.swagger.annotations.ApiResponses)
CodecFactory(org.graylog2.inputs.codecs.CodecFactory)
MessageParseRequest(org.graylog2.rest.models.messages.requests.MessageParseRequest)
Inject(javax.inject.Inject)
ApiOperation(io.swagger.annotations.ApiOperation)
ResolvableInetSocketAddress(org.graylog2.plugin.ResolvableInetSocketAddress)
RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions)
MediaType(javax.ws.rs.core.MediaType)
QueryParam(javax.ws.rs.QueryParam)
ResultMessage(org.graylog2.indexer.results.ResultMessage)
Consumes(javax.ws.rs.Consumes)
IndexNotFoundException(org.elasticsearch.index.IndexNotFoundException)
Objects.requireNonNull(java.util.Objects.requireNonNull)
RawMessage(org.graylog2.plugin.journal.RawMessage)
Messages(org.graylog2.indexer.messages.Messages)
BadRequestException(javax.ws.rs.BadRequestException)
Api(io.swagger.annotations.Api)
IndexSetRegistry(org.graylog2.indexer.IndexSetRegistry)
Nullable(javax.annotation.Nullable)
NoAuditEvent(org.graylog2.audit.jersey.NoAuditEvent)
Logger(org.slf4j.Logger)
POST(javax.ws.rs.POST)
ForbiddenException(javax.ws.rs.ForbiddenException)
RestResource(org.graylog2.shared.rest.resources.RestResource)
InetSocketAddress(java.net.InetSocketAddress)
NotFoundException(javax.ws.rs.NotFoundException)
StandardCharsets(java.nio.charset.StandardCharsets)
Timed(com.codahale.metrics.annotation.Timed)
Codec(org.graylog2.plugin.inputs.codecs.Codec)
ApiResponse(io.swagger.annotations.ApiResponse)
RestPermissions(org.graylog2.shared.security.RestPermissions)
NotEmpty(org.hibernate.validator.constraints.NotEmpty)
InetAddresses(com.google.common.net.InetAddresses)
RequiresAuthentication(org.apache.shiro.authz.annotation.RequiresAuthentication)
Message(org.graylog2.plugin.Message)
DocumentNotFoundException(org.graylog2.indexer.messages.DocumentNotFoundException)
IndexNotFoundException(org.elasticsearch.index.IndexNotFoundException)
IndexNotFoundException(org.elasticsearch.index.IndexNotFoundException)
NotFoundException(javax.ws.rs.NotFoundException)
DocumentNotFoundException(org.graylog2.indexer.messages.DocumentNotFoundException)
Path(javax.ws.rs.Path)
RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions)
Timed(com.codahale.metrics.annotation.Timed)
GET(javax.ws.rs.GET)
ApiOperation(io.swagger.annotations.ApiOperation)
ApiResponses(io.swagger.annotations.ApiResponses)
Example 4 with RequiresPermissions
use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.
the class RolesResource method create.
@POST
@RequiresPermissions(RestPermissions.ROLES_CREATE)
@ApiOperation(value = "Create a new role", notes = "")
@AuditEvent(type = AuditEventTypes.ROLE_CREATE)
public Response create(@ApiParam(name = "JSON body", value = "The new role to create", required = true) @Valid @NotNull RoleResponse roleResponse) {
if (roleService.exists(roleResponse.name())) {
throw new BadRequestException("Role " + roleResponse.name() + " already exists.");
}
Role role = new RoleImpl();
role.setName(roleResponse.name());
role.setPermissions(roleResponse.permissions());
role.setDescription(roleResponse.description().orNull());
try {
role = roleService.save(role);
} catch (ValidationException e) {
log.error("Invalid role creation request.");
throw new BadRequestException(e);
}
final URI uri = getUriBuilderToSelf().path(RolesResource.class).path("{rolename}").build(role.getName());
return Response.created(uri).entity(RoleResponse.create(role.getName(), Optional.fromNullable(role.getDescription()), role.getPermissions(), role.isReadOnly())).build();
}
Also used :
Role(org.graylog2.shared.users.Role)
ValidationException(org.graylog2.plugin.database.ValidationException)
RoleImpl(org.graylog2.users.RoleImpl)
BadRequestException(javax.ws.rs.BadRequestException)
URI(java.net.URI)
RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions)
POST(javax.ws.rs.POST)
ApiOperation(io.swagger.annotations.ApiOperation)
AuditEvent(org.graylog2.audit.jersey.AuditEvent)
Example 5 with RequiresPermissions
use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.
the class RolesResource method listAll.
@GET
@RequiresPermissions(RestPermissions.ROLES_READ)
@ApiOperation(value = "List all roles", notes = "")
public RolesResponse listAll() throws NotFoundException {
final Set<Role> roles = roleService.loadAll();
Set<RoleResponse> roleResponses = Sets.newHashSet();
for (Role role : roles) {
roleResponses.add(RoleResponse.create(role.getName(), Optional.fromNullable(role.getDescription()), role.getPermissions(), role.isReadOnly()));
}
return RolesResponse.create(roleResponses);
}
Also used :
Role(org.graylog2.shared.users.Role)
RoleResponse(org.graylog2.rest.models.roles.responses.RoleResponse)
RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions)
GET(javax.ws.rs.GET)
ApiOperation(io.swagger.annotations.ApiOperation)
Aggregations
RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)45
ApiOperation (io.swagger.annotations.ApiOperation)42
Timed (com.codahale.metrics.annotation.Timed)30
Path (javax.ws.rs.Path)27
AuditEvent (org.graylog2.audit.jersey.AuditEvent)24
Produces (javax.ws.rs.Produces)23
GET (javax.ws.rs.GET)19
ApiResponses (io.swagger.annotations.ApiResponses)16
POST (javax.ws.rs.POST)16
BadRequestException (javax.ws.rs.BadRequestException)13
Consumes (javax.ws.rs.Consumes)12
URI (java.net.URI)9
NotFoundException (javax.ws.rs.NotFoundException)9
PUT (javax.ws.rs.PUT)8
NoAuditEvent (org.graylog2.audit.jersey.NoAuditEvent)7
User (org.graylog2.plugin.database.users.User)7
Output (org.graylog2.plugin.streams.Output)7
DELETE (javax.ws.rs.DELETE)6
InternalServerErrorException (javax.ws.rs.InternalServerErrorException)5
RequiresAuthentication (org.apache.shiro.authz.annotation.RequiresAuthentication)5
