Fixing roles

2022-04-08 13:50:01 +02:00 · 2022-04-08 13:50:01 +02:00 · 51d1f11d56
parent bf179a44fd
commit 51d1f11d56
3 changed files with 6 additions and 4 deletions
--- a/src/main/java/org/gcube/gcat/rest/Organization.java
+++ b/src/main/java/org/gcube/gcat/rest/Organization.java
@ -45,6 +45,7 @@ public class Organization extends REST<CKANOrganization>
 	
 	@GET
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
+	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String list(@QueryParam(GCatConstants.LIMIT_PARAMETER) @DefaultValue("10") int limit,
 			@QueryParam(GCatConstants.OFFSET_PARAMETER) @DefaultValue("0") int offset, 
 			@QueryParam(GCatConstants.COUNT_PARAMETER) @DefaultValue("false") Boolean countOnly) {
@ -78,6 +79,7 @@ public class Organization extends REST<CKANOrganization>
 	@Path("/{" + ORGANIZATION_ID_PARAMETER + "}")
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
+	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String read(@PathParam(ORGANIZATION_ID_PARAMETER) String id) {
 		return super.read(id);
 	}
--- a/src/main/java/org/gcube/gcat/rest/Profile.java
+++ b/src/main/java/org/gcube/gcat/rest/Profile.java
@ -138,7 +138,7 @@ public class Profile extends BaseREST implements org.gcube.gcat.api.interfaces.P
 	@Path("/{" + PROFILE_NAME_PARAMETER + "}")
 	@Consumes(MediaType.APPLICATION_XML)
 	@Produces(MediaType.APPLICATION_XML)
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_ADMIN}, exception=NotAuthorizedException.class)
+	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response createOrUpdate(@PathParam(PROFILE_NAME_PARAMETER) String name, String xml) {
 		setCalledMethod("PUT /" + PROFILES + "/{" + PROFILE_NAME_PARAMETER + "}");
 		try {
@ -169,7 +169,7 @@ public class Profile extends BaseREST implements org.gcube.gcat.api.interfaces.P
 	
 	@DELETE
 	@Path("/{" + PROFILE_NAME_PARAMETER + "}")
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_ADMIN}, exception=NotAuthorizedException.class)
+	@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public Response delete(@PathParam(PROFILE_NAME_PARAMETER) String name) {
 		setCalledMethod("DELETE /" + PROFILES + "/{" + PROFILE_NAME_PARAMETER + "}");
 		try {
--- a/src/main/java/org/gcube/gcat/rest/User.java
+++ b/src/main/java/org/gcube/gcat/rest/User.java
@ -30,7 +30,7 @@ public class User extends REST<CKANUser> implements org.gcube.gcat.api.interface
 	
 	@GET
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_ADMIN}, exception=NotAuthorizedException.class)
+	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String list() {
 		return super.list(-1, -1);
 	}
@ -48,7 +48,7 @@ public class User extends REST<CKANUser> implements org.gcube.gcat.api.interface
 	@Path("/{" + USER_ID_PARAMETER + "}")
 	@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
 	@Override
-	@AuthorizationControl(allowedRoles={Role.CATALOGUE_ADMIN}, exception=NotAuthorizedException.class)
+	@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
 	public String read(@PathParam(USER_ID_PARAMETER) String username) {
 		return super.read(username);
 	}