Examples with RequiresPermissions org.apache.shiro.authz.annotation.RequiresPermissions used on opensource projects

Search in sources :

Example 31 with RequiresPermissions

use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.

the class UsersResource method create.

@POST
@RequiresPermissions(RestPermissions.USERS_CREATE)
@ApiOperation("Create a new user account.")
@ApiResponses({ @ApiResponse(code = 400, message = "Missing or invalid user details.") })
@AuditEvent(type = AuditEventTypes.USER_CREATE)
public Response create(@ApiParam(name = "JSON body", value = "Must contain username, full_name, email, password and a list of permissions.", required = true) @Valid @NotNull CreateUserRequest cr) throws ValidationException {
    if (userService.load(cr.username()) != null) {
        final String msg = "Cannot create user " + cr.username() + ". Username is already taken.";
        LOG.error(msg);
        throw new BadRequestException(msg);
    }
    // Create user.
    User user = userService.create();
    user.setName(cr.username());
    user.setPassword(cr.password());
    user.setFullName(cr.fullName());
    user.setEmail(cr.email());
    user.setPermissions(cr.permissions());
    setUserRoles(cr.roles(), user);
    if (cr.timezone() != null) {
        user.setTimeZone(cr.timezone());
    }
    final Long sessionTimeoutMs = cr.sessionTimeoutMs();
    if (sessionTimeoutMs != null) {
        user.setSessionTimeoutMs(sessionTimeoutMs);
    }
    final Startpage startpage = cr.startpage();
    if (startpage != null) {
        user.setStartpage(startpage.type(), startpage.id());
    }
    final String id = userService.save(user);
    LOG.debug("Saved user {} with id {}", user.getName(), id);
    final URI userUri = getUriBuilderToSelf().path(UsersResource.class).path("{username}").build(user.getName());
    return Response.created(userUri).build();
}
Also used : User(org.graylog2.plugin.database.users.User) Startpage(org.graylog2.rest.models.users.requests.Startpage) BadRequestException(javax.ws.rs.BadRequestException) URI(java.net.URI) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) POST(javax.ws.rs.POST) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Example 32 with RequiresPermissions

use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.

the class UsersResource method generateNewToken.

@POST
@Path("{username}/tokens/{name}")
@RequiresPermissions(RestPermissions.USERS_TOKENCREATE)
@ApiOperation("Generates a new access token for a user")
@AuditEvent(type = AuditEventTypes.USER_ACCESS_TOKEN_CREATE)
public Token generateNewToken(@ApiParam(name = "username", required = true) @PathParam("username") String username, @ApiParam(name = "name", value = "Descriptive name for this token (e.g. 'cronjob') ", required = true) @PathParam("name") String name, @ApiParam(name = "JSON Body", value = "Placeholder because POST requests should have a body. Set to '{}', the content will be ignored.", defaultValue = "{}") String body) {
    final User user = _tokensCheckAndLoadUser(username);
    final AccessToken accessToken = accessTokenService.create(user.getName(), name);
    return Token.create(accessToken.getName(), accessToken.getToken(), accessToken.getLastAccess());
}
Also used : User(org.graylog2.plugin.database.users.User) AccessToken(org.graylog2.security.AccessToken) Path(javax.ws.rs.Path) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) POST(javax.ws.rs.POST) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent)

Example 33 with RequiresPermissions

use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.

the class UsersResource method editPermissions.

@PUT
@Path("{username}/permissions")
@RequiresPermissions(RestPermissions.USERS_PERMISSIONSEDIT)
@ApiOperation("Update a user's permission set.")
@ApiResponses({ @ApiResponse(code = 400, message = "Missing or invalid permission data.") })
@AuditEvent(type = AuditEventTypes.USER_PERMISSIONS_UPDATE)
public void editPermissions(@ApiParam(name = "username", value = "The name of the user to modify.", required = true) @PathParam("username") String username, @ApiParam(name = "JSON body", value = "The list of permissions to assign to the user.", required = true) @Valid @NotNull PermissionEditRequest permissionRequest) throws ValidationException {
    final User user = userService.load(username);
    if (user == null) {
        throw new NotFoundException("Couldn't find user " + username);
    }
    user.setPermissions(getEffectiveUserPermissions(user, permissionRequest.permissions()));
    userService.save(user);
}
Also used : User(org.graylog2.plugin.database.users.User) NotFoundException(javax.ws.rs.NotFoundException) Path(javax.ws.rs.Path) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) PUT(javax.ws.rs.PUT) ApiResponses(io.swagger.annotations.ApiResponses)

Example 34 with RequiresPermissions

use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.

the class UsersResource method deletePermissions.

@DELETE
@Path("{username}/permissions")
@RequiresPermissions(RestPermissions.USERS_PERMISSIONSEDIT)
@ApiOperation("Revoke all permissions for a user without deleting the account.")
@ApiResponses({ @ApiResponse(code = 500, message = "When saving the user failed.") })
@AuditEvent(type = AuditEventTypes.USER_PERMISSIONS_DELETE)
public void deletePermissions(@ApiParam(name = "username", value = "The name of the user to modify.", required = true) @PathParam("username") String username) throws ValidationException {
    final User user = userService.load(username);
    if (user == null) {
        throw new NotFoundException("Couldn't find user " + username);
    }
    user.setPermissions(Collections.emptyList());
    userService.save(user);
}
Also used : User(org.graylog2.plugin.database.users.User) NotFoundException(javax.ws.rs.NotFoundException) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Example 35 with RequiresPermissions

use of org.apache.shiro.authz.annotation.RequiresPermissions in project graylog2-server by Graylog2.

the class InputsResource method create.

@POST
@Timed
@ApiOperation(value = "Launch input on this node", response = InputCreated.class)
@ApiResponses(value = { @ApiResponse(code = 404, message = "No such input type registered"), @ApiResponse(code = 400, message = "Missing or invalid configuration"), @ApiResponse(code = 400, message = "Type is exclusive and already has input running") })
@RequiresPermissions(RestPermissions.INPUTS_CREATE)
@AuditEvent(type = AuditEventTypes.MESSAGE_INPUT_CREATE)
public Response create(@ApiParam(name = "JSON body", required = true) @Valid @NotNull InputCreateRequest lr) throws ValidationException {
    try {
        // TODO Configuration type values need to be checked. See ConfigurationMapConverter.convertValues()
        final MessageInput messageInput = messageInputFactory.create(lr, getCurrentUser().getName(), lr.node());
        messageInput.checkConfiguration();
        final Input input = this.inputService.create(messageInput.asMap());
        final String newId = inputService.save(input);
        final URI inputUri = getUriBuilderToSelf().path(InputsResource.class).path("{inputId}").build(newId);
        return Response.created(inputUri).entity(InputCreated.create(newId)).build();
    } catch (NoSuchInputTypeException e) {
        LOG.error("There is no such input type registered.", e);
        throw new NotFoundException("There is no such input type registered.", e);
    } catch (ConfigurationException e) {
        LOG.error("Missing or invalid input configuration.", e);
        throw new BadRequestException("Missing or invalid input configuration.", e);
    }
}
Also used : Input(org.graylog2.inputs.Input) MessageInput(org.graylog2.plugin.inputs.MessageInput) ConfigurationException(org.graylog2.plugin.configuration.ConfigurationException) MessageInput(org.graylog2.plugin.inputs.MessageInput) NoSuchInputTypeException(org.graylog2.shared.inputs.NoSuchInputTypeException) NotFoundException(javax.ws.rs.NotFoundException) BadRequestException(javax.ws.rs.BadRequestException) URI(java.net.URI) RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions) POST(javax.ws.rs.POST) Timed(com.codahale.metrics.annotation.Timed) ApiOperation(io.swagger.annotations.ApiOperation) AuditEvent(org.graylog2.audit.jersey.AuditEvent) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)45 ApiOperation (io.swagger.annotations.ApiOperation)42 Timed (com.codahale.metrics.annotation.Timed)30 Path (javax.ws.rs.Path)27 AuditEvent (org.graylog2.audit.jersey.AuditEvent)24 Produces (javax.ws.rs.Produces)23 GET (javax.ws.rs.GET)19 ApiResponses (io.swagger.annotations.ApiResponses)16 POST (javax.ws.rs.POST)16 BadRequestException (javax.ws.rs.BadRequestException)13 Consumes (javax.ws.rs.Consumes)12 URI (java.net.URI)9 NotFoundException (javax.ws.rs.NotFoundException)9 PUT (javax.ws.rs.PUT)8 NoAuditEvent (org.graylog2.audit.jersey.NoAuditEvent)7 User (org.graylog2.plugin.database.users.User)7 Output (org.graylog2.plugin.streams.Output)7 DELETE (javax.ws.rs.DELETE)6 InternalServerErrorException (javax.ws.rs.InternalServerErrorException)5 RequiresAuthentication (org.apache.shiro.authz.annotation.RequiresAuthentication)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial