Commented annotations for role filtering refs #23103

This commit is contained in:
Luca Frosini 2022-04-12 11:48:12 +02:00
parent 4c427b3e26
commit a2c2c0044e
10 changed files with 72 additions and 73 deletions

View File

@ -11,7 +11,6 @@ This project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.htm
- Added Enunciate to automatically create REST APIs documentation [#23096] - Added Enunciate to automatically create REST APIs documentation [#23096]
- Fixed 'offset' parameter behaviuor in item listing [#22999] - Fixed 'offset' parameter behaviuor in item listing [#22999]
- Moderation message are sent using gcube messaging system via Social Service [#23117] - Moderation message are sent using gcube messaging system via Social Service [#23117]
- Added role filtering to REST API [23101]
- Remove enforcement on approved item for Catalogue-Editor added enforcement to email [#23154] - Remove enforcement on approved item for Catalogue-Editor added enforcement to email [#23154]
- ClientID requests are now properly supported [#21903] - ClientID requests are now properly supported [#21903]

10
pom.xml
View File

@ -64,11 +64,11 @@
<artifactId>gcat-api</artifactId> <artifactId>gcat-api</artifactId>
<version>[2.0.0,3.0.0-SNAPSHOT)</version> <version>[2.0.0,3.0.0-SNAPSHOT)</version>
</dependency> </dependency>
<dependency> <!-- <dependency> -->
<groupId>org.gcube.common</groupId> <!-- <groupId>org.gcube.common</groupId> -->
<artifactId>authorization-control-library</artifactId> <!-- <artifactId>authorization-control-library</artifactId> -->
<version>[1.0.0,2.0.0-SNAPSHOT)</version> <!-- <version>[1.0.0,2.0.0-SNAPSHOT)</version> -->
</dependency> <!-- </dependency> -->
<dependency> <dependency>
<groupId>org.gcube.common</groupId> <groupId>org.gcube.common</groupId>
<artifactId>authorization-utils</artifactId> <artifactId>authorization-utils</artifactId>

View File

@ -9,7 +9,7 @@ import javax.ws.rs.DefaultValue;
import javax.ws.rs.ForbiddenException; import javax.ws.rs.ForbiddenException;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.InternalServerErrorException; import javax.ws.rs.InternalServerErrorException;
import javax.ws.rs.NotAuthorizedException; //import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.POST; import javax.ws.rs.POST;
import javax.ws.rs.PUT; import javax.ws.rs.PUT;
import javax.ws.rs.Path; import javax.ws.rs.Path;
@ -24,7 +24,7 @@ import javax.xml.ws.WebServiceException;
import org.gcube.com.fasterxml.jackson.databind.ObjectMapper; import org.gcube.com.fasterxml.jackson.databind.ObjectMapper;
import org.gcube.com.fasterxml.jackson.databind.node.ObjectNode; import org.gcube.com.fasterxml.jackson.databind.node.ObjectNode;
import org.gcube.common.authorization.control.annotations.AuthorizationControl; //import org.gcube.common.authorization.control.annotations.AuthorizationControl;
import org.gcube.common.authorization.utils.manager.SecretManagerProvider; import org.gcube.common.authorization.utils.manager.SecretManagerProvider;
import org.gcube.gcat.annotation.PATCH; import org.gcube.gcat.annotation.PATCH;
import org.gcube.gcat.annotation.PURGE; import org.gcube.gcat.annotation.PURGE;
@ -99,7 +99,7 @@ public class Configuration extends BaseREST implements org.gcube.gcat.api.interf
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
@StatusCodes ({ @StatusCodes ({
@ResponseCode(code = 201, condition = "Catalogue configuration successfully created."), @ResponseCode(code = 201, condition = "Catalogue configuration successfully created."),
@ResponseCode(code = 401, condition = "Only Catalogue-Managers can create catalogue configuration."), @ResponseCode(code = 401, condition = "Only Catalogue-Managers can create catalogue configuration."),
@ -157,7 +157,7 @@ public class Configuration extends BaseREST implements org.gcube.gcat.api.interf
@GET @GET
@Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}") @Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}")
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
@StatusCodes ({ @StatusCodes ({
@ResponseCode(code = 200, condition = "Catalogue configuration successfully read."), @ResponseCode(code = 200, condition = "Catalogue configuration successfully read."),
@ResponseCode(code = 401, condition = "Only User with role Catalogue-Editors or above can read a catalogue configuration."), @ResponseCode(code = 401, condition = "Only User with role Catalogue-Editors or above can read a catalogue configuration."),
@ -201,7 +201,7 @@ public class Configuration extends BaseREST implements org.gcube.gcat.api.interf
@Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}") @Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}")
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
@StatusCodes ({ @StatusCodes ({
@ResponseCode(code = 200, condition = "Catalogue configuration successfully created/updated."), @ResponseCode(code = 200, condition = "Catalogue configuration successfully created/updated."),
@ResponseCode(code = 401, condition = "Only Catalogue-Managers can create/update catalogue configuration."), @ResponseCode(code = 401, condition = "Only Catalogue-Managers can create/update catalogue configuration."),
@ -243,7 +243,7 @@ public class Configuration extends BaseREST implements org.gcube.gcat.api.interf
@Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}") @Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}")
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
@StatusCodes ({ @StatusCodes ({
@ResponseCode(code = 200, condition = "Catalogue configuration successfully updated."), @ResponseCode(code = 200, condition = "Catalogue configuration successfully updated."),
@ResponseCode(code = 401, condition = "Only Catalogue-Managers can update catalogue configuration."), @ResponseCode(code = 401, condition = "Only Catalogue-Managers can update catalogue configuration."),
@ -302,7 +302,7 @@ public class Configuration extends BaseREST implements org.gcube.gcat.api.interf
@DELETE @DELETE
@Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}") @Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}")
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
@StatusCodes ({ @StatusCodes ({
@ResponseCode(code = 200, condition = "Catalogue configuration successfully deleted."), @ResponseCode(code = 200, condition = "Catalogue configuration successfully deleted."),
@ResponseCode(code = 401, condition = "Only Catalogue-Managers can delete catalogue configuration."), @ResponseCode(code = 401, condition = "Only Catalogue-Managers can delete catalogue configuration."),
@ -339,7 +339,7 @@ public class Configuration extends BaseREST implements org.gcube.gcat.api.interf
@PURGE @PURGE
@Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}") @Path("/{" + CONTEXT_FULLNAME_PARAMETER + "}")
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
@StatusCodes ({ @StatusCodes ({
@ResponseCode(code = 200, condition = "Catalogue configuration successfully deleted."), @ResponseCode(code = 200, condition = "Catalogue configuration successfully deleted."),
@ResponseCode(code = 401, condition = "Only Catalogue-Managers can delete catalogue configuration."), @ResponseCode(code = 401, condition = "Only Catalogue-Managers can delete catalogue configuration."),

View File

@ -4,7 +4,7 @@ import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE; import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue; import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.NotAuthorizedException; //import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.POST; import javax.ws.rs.POST;
import javax.ws.rs.PUT; import javax.ws.rs.PUT;
import javax.ws.rs.Path; import javax.ws.rs.Path;
@ -14,11 +14,11 @@ import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import javax.xml.ws.WebServiceException; import javax.xml.ws.WebServiceException;
import org.gcube.common.authorization.control.annotations.AuthorizationControl; //import org.gcube.common.authorization.control.annotations.AuthorizationControl;
import org.gcube.gcat.annotation.PATCH; import org.gcube.gcat.annotation.PATCH;
import org.gcube.gcat.annotation.PURGE; import org.gcube.gcat.annotation.PURGE;
import org.gcube.gcat.api.GCatConstants; import org.gcube.gcat.api.GCatConstants;
import org.gcube.gcat.api.roles.Role; //import org.gcube.gcat.api.roles.Role;
import org.gcube.gcat.persistence.ckan.CKANGroup; import org.gcube.gcat.persistence.ckan.CKANGroup;
/** /**
@ -44,7 +44,7 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
@GET @GET
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String list(@QueryParam(GCatConstants.LIMIT_PARAMETER) @DefaultValue("10") int limit, public String list(@QueryParam(GCatConstants.LIMIT_PARAMETER) @DefaultValue("10") int limit,
@QueryParam(GCatConstants.OFFSET_PARAMETER) @DefaultValue("0") int offset, @QueryParam(GCatConstants.OFFSET_PARAMETER) @DefaultValue("0") int offset,
@QueryParam(GCatConstants.COUNT_PARAMETER) @DefaultValue("false") Boolean countOnly) { @QueryParam(GCatConstants.COUNT_PARAMETER) @DefaultValue("false") Boolean countOnly) {
@ -69,7 +69,7 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response create(String json) { public Response create(String json) {
return super.create(json); return super.create(json);
} }
@ -78,7 +78,7 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
@Path("/{" + GROUP_ID_PARAMETER + "}") @Path("/{" + GROUP_ID_PARAMETER + "}")
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR}, exception=NotAuthorizedException.class)
public String read(@PathParam(GROUP_ID_PARAMETER) String id) { public String read(@PathParam(GROUP_ID_PARAMETER) String id) {
return super.read(id); return super.read(id);
} }
@ -88,7 +88,7 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String update(@PathParam(GROUP_ID_PARAMETER) String id, String json) { public String update(@PathParam(GROUP_ID_PARAMETER) String id, String json) {
return super.update(id, json); return super.update(id, json);
} }
@ -98,7 +98,7 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String patch(@PathParam(GROUP_ID_PARAMETER) String id, String json) { public String patch(@PathParam(GROUP_ID_PARAMETER) String id, String json) {
return super.patch(id, json); return super.patch(id, json);
} }
@ -106,7 +106,7 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
@DELETE @DELETE
@Path("/{" + GROUP_ID_PARAMETER + "}") @Path("/{" + GROUP_ID_PARAMETER + "}")
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response delete(@PathParam(GROUP_ID_PARAMETER) String id, public Response delete(@PathParam(GROUP_ID_PARAMETER) String id,
@QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") Boolean purge) { @QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") Boolean purge) {
return super.delete(id, purge); return super.delete(id, purge);
@ -115,13 +115,13 @@ public class Group extends REST<CKANGroup> implements org.gcube.gcat.api.interfa
@PURGE @PURGE
@Path("/{" + GROUP_ID_PARAMETER + "}") @Path("/{" + GROUP_ID_PARAMETER + "}")
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response purge(@PathParam(GROUP_ID_PARAMETER) String id) { public Response purge(@PathParam(GROUP_ID_PARAMETER) String id) {
return delete(id, true); return delete(id, true);
} }
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response delete(String name, boolean purge) { public Response delete(String name, boolean purge) {
return delete(name, new Boolean(purge)); return delete(name, new Boolean(purge));
} }

View File

@ -4,7 +4,7 @@ import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE; import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue; import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.NotAuthorizedException; //import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.POST; import javax.ws.rs.POST;
import javax.ws.rs.PUT; import javax.ws.rs.PUT;
import javax.ws.rs.Path; import javax.ws.rs.Path;
@ -16,12 +16,12 @@ import javax.ws.rs.core.Response.ResponseBuilder;
import javax.ws.rs.core.Response.Status; import javax.ws.rs.core.Response.Status;
import javax.xml.ws.WebServiceException; import javax.xml.ws.WebServiceException;
import org.gcube.common.authorization.control.annotations.AuthorizationControl; //import org.gcube.common.authorization.control.annotations.AuthorizationControl;
import org.gcube.gcat.annotation.PATCH; import org.gcube.gcat.annotation.PATCH;
import org.gcube.gcat.annotation.PURGE; import org.gcube.gcat.annotation.PURGE;
import org.gcube.gcat.api.GCatConstants; import org.gcube.gcat.api.GCatConstants;
import org.gcube.gcat.api.moderation.Moderated; //import org.gcube.gcat.api.moderation.Moderated;
import org.gcube.gcat.api.roles.Role; //import org.gcube.gcat.api.roles.Role;
import org.gcube.gcat.persistence.ckan.CKANPackage; import org.gcube.gcat.persistence.ckan.CKANPackage;
import org.slf4j.Logger; import org.slf4j.Logger;
import org.slf4j.LoggerFactory; import org.slf4j.LoggerFactory;
@ -72,7 +72,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response create(String json) { public Response create(String json) {
return super.create(json); return super.create(json);
} }
@ -93,7 +93,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String update(@PathParam(ITEM_ID_PARAMETER) String id, String json) { public String update(@PathParam(ITEM_ID_PARAMETER) String id, String json) {
return super.update(id, json); return super.update(id, json);
} }
@ -103,7 +103,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String patch(@PathParam(ITEM_ID_PARAMETER) String id, String json) { public String patch(@PathParam(ITEM_ID_PARAMETER) String id, String json) {
return super.patch(id, json); return super.patch(id, json);
} }
@ -111,7 +111,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
@DELETE @DELETE
@Path("/{" + ITEM_ID_PARAMETER + "}") @Path("/{" + ITEM_ID_PARAMETER + "}")
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response delete(@PathParam(ITEM_ID_PARAMETER) String id, public Response delete(@PathParam(ITEM_ID_PARAMETER) String id,
@QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") Boolean purge) { @QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") Boolean purge) {
return super.delete(id, purge); return super.delete(id, purge);
@ -120,7 +120,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
@PURGE @PURGE
@Path("/{" + ITEM_ID_PARAMETER + "}") @Path("/{" + ITEM_ID_PARAMETER + "}")
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response purge(@PathParam(ITEM_ID_PARAMETER) String id) { public Response purge(@PathParam(ITEM_ID_PARAMETER) String id) {
return super.purge(id); return super.purge(id);
} }
@ -145,7 +145,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
@DELETE @DELETE
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response bulkDelete(@QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") boolean purge) { public Response bulkDelete(@QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") boolean purge) {
deleteAll(purge); deleteAll(purge);
return Response.status(Status.ACCEPTED).build(); return Response.status(Status.ACCEPTED).build();
@ -154,7 +154,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
@PURGE @PURGE
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response bulkPurge() { public Response bulkPurge() {
return bulkDelete(true); return bulkDelete(true);
} }
@ -163,7 +163,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
@Path("/{" + ITEM_ID_PARAMETER + "}") @Path("/{" + ITEM_ID_PARAMETER + "}")
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER, Moderated.CATALOGUE_MODERATOR}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER, Moderated.CATALOGUE_MODERATOR}, exception=NotAuthorizedException.class)
public Response moderate(@PathParam(ITEM_ID_PARAMETER) String id, String json) { public Response moderate(@PathParam(ITEM_ID_PARAMETER) String id, String json) {
setCalledMethod("POST /" + COLLECTION_PARAMETER + "/{" + ID_PARAMETER + "}"); setCalledMethod("POST /" + COLLECTION_PARAMETER + "/{" + ID_PARAMETER + "}");
CKANPackage ckanPackage = getInstance(); CKANPackage ckanPackage = getInstance();

View File

@ -4,7 +4,7 @@ import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE; import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue; import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.NotAuthorizedException; //import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.POST; import javax.ws.rs.POST;
import javax.ws.rs.PUT; import javax.ws.rs.PUT;
import javax.ws.rs.Path; import javax.ws.rs.Path;
@ -14,11 +14,11 @@ import javax.ws.rs.QueryParam;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import javax.xml.ws.WebServiceException; import javax.xml.ws.WebServiceException;
import org.gcube.common.authorization.control.annotations.AuthorizationControl; //import org.gcube.common.authorization.control.annotations.AuthorizationControl;
import org.gcube.gcat.annotation.PATCH; import org.gcube.gcat.annotation.PATCH;
import org.gcube.gcat.annotation.PURGE; import org.gcube.gcat.annotation.PURGE;
import org.gcube.gcat.api.GCatConstants; import org.gcube.gcat.api.GCatConstants;
import org.gcube.gcat.api.roles.Role; //import org.gcube.gcat.api.roles.Role;
import org.gcube.gcat.persistence.ckan.CKANOrganization; import org.gcube.gcat.persistence.ckan.CKANOrganization;
/** /**
@ -45,7 +45,7 @@ public class Organization extends REST<CKANOrganization>
@GET @GET
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String list(@QueryParam(GCatConstants.LIMIT_PARAMETER) @DefaultValue("10") int limit, public String list(@QueryParam(GCatConstants.LIMIT_PARAMETER) @DefaultValue("10") int limit,
@QueryParam(GCatConstants.OFFSET_PARAMETER) @DefaultValue("0") int offset, @QueryParam(GCatConstants.OFFSET_PARAMETER) @DefaultValue("0") int offset,
@QueryParam(GCatConstants.COUNT_PARAMETER) @DefaultValue("false") Boolean countOnly) { @QueryParam(GCatConstants.COUNT_PARAMETER) @DefaultValue("false") Boolean countOnly) {
@ -70,7 +70,7 @@ public class Organization extends REST<CKANOrganization>
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response create(String json) { public Response create(String json) {
return super.create(json); return super.create(json);
} }
@ -79,7 +79,7 @@ public class Organization extends REST<CKANOrganization>
@Path("/{" + ORGANIZATION_ID_PARAMETER + "}") @Path("/{" + ORGANIZATION_ID_PARAMETER + "}")
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String read(@PathParam(ORGANIZATION_ID_PARAMETER) String id) { public String read(@PathParam(ORGANIZATION_ID_PARAMETER) String id) {
return super.read(id); return super.read(id);
} }
@ -89,7 +89,7 @@ public class Organization extends REST<CKANOrganization>
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String update(@PathParam(ORGANIZATION_ID_PARAMETER) String id, String json) { public String update(@PathParam(ORGANIZATION_ID_PARAMETER) String id, String json) {
return super.update(id, json); return super.update(id, json);
} }
@ -99,7 +99,7 @@ public class Organization extends REST<CKANOrganization>
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String patch(@PathParam(ORGANIZATION_ID_PARAMETER) String id, String json) { public String patch(@PathParam(ORGANIZATION_ID_PARAMETER) String id, String json) {
return super.patch(id, json); return super.patch(id, json);
} }
@ -107,7 +107,7 @@ public class Organization extends REST<CKANOrganization>
@DELETE @DELETE
@Path("/{" + ORGANIZATION_ID_PARAMETER + "}") @Path("/{" + ORGANIZATION_ID_PARAMETER + "}")
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response delete(@PathParam(ORGANIZATION_ID_PARAMETER) String id, public Response delete(@PathParam(ORGANIZATION_ID_PARAMETER) String id,
@QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") Boolean purge) { @QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") Boolean purge) {
return super.delete(id, purge); return super.delete(id, purge);
@ -115,7 +115,7 @@ public class Organization extends REST<CKANOrganization>
@PURGE @PURGE
@Path("/{" + ORGANIZATION_ID_PARAMETER + "}") @Path("/{" + ORGANIZATION_ID_PARAMETER + "}")
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response purge(@PathParam(ORGANIZATION_ID_PARAMETER) String id) { public Response purge(@PathParam(ORGANIZATION_ID_PARAMETER) String id) {
return super.purge(id); return super.purge(id);
} }

View File

@ -9,7 +9,7 @@ import javax.ws.rs.HeaderParam;
import javax.ws.rs.HttpMethod; import javax.ws.rs.HttpMethod;
import javax.ws.rs.InternalServerErrorException; import javax.ws.rs.InternalServerErrorException;
import javax.ws.rs.NotAllowedException; import javax.ws.rs.NotAllowedException;
import javax.ws.rs.NotAuthorizedException; //import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.PUT; import javax.ws.rs.PUT;
import javax.ws.rs.Path; import javax.ws.rs.Path;
import javax.ws.rs.PathParam; import javax.ws.rs.PathParam;
@ -24,10 +24,10 @@ import javax.ws.rs.core.Response.Status;
import javax.ws.rs.core.UriInfo; import javax.ws.rs.core.UriInfo;
import org.gcube.com.fasterxml.jackson.databind.node.ArrayNode; import org.gcube.com.fasterxml.jackson.databind.node.ArrayNode;
import org.gcube.common.authorization.control.annotations.AuthorizationControl; //import org.gcube.common.authorization.control.annotations.AuthorizationControl;
import org.gcube.datacatalogue.metadatadiscovery.DataCalogueMetadataFormatReader; import org.gcube.datacatalogue.metadatadiscovery.DataCalogueMetadataFormatReader;
import org.gcube.gcat.api.GCatConstants; import org.gcube.gcat.api.GCatConstants;
import org.gcube.gcat.api.roles.Role; //import org.gcube.gcat.api.roles.Role;
import org.gcube.gcat.profile.ISProfile; import org.gcube.gcat.profile.ISProfile;
import org.xml.sax.SAXException; import org.xml.sax.SAXException;
@ -138,7 +138,7 @@ public class Profile extends BaseREST implements org.gcube.gcat.api.interfaces.P
@Path("/{" + PROFILE_NAME_PARAMETER + "}") @Path("/{" + PROFILE_NAME_PARAMETER + "}")
@Consumes(MediaType.APPLICATION_XML) @Consumes(MediaType.APPLICATION_XML)
@Produces(MediaType.APPLICATION_XML) @Produces(MediaType.APPLICATION_XML)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response createOrUpdate(@PathParam(PROFILE_NAME_PARAMETER) String name, String xml) { public Response createOrUpdate(@PathParam(PROFILE_NAME_PARAMETER) String name, String xml) {
setCalledMethod("PUT /" + PROFILES + "/{" + PROFILE_NAME_PARAMETER + "}"); setCalledMethod("PUT /" + PROFILES + "/{" + PROFILE_NAME_PARAMETER + "}");
try { try {
@ -169,7 +169,7 @@ public class Profile extends BaseREST implements org.gcube.gcat.api.interfaces.P
@DELETE @DELETE
@Path("/{" + PROFILE_NAME_PARAMETER + "}") @Path("/{" + PROFILE_NAME_PARAMETER + "}")
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response delete(@PathParam(PROFILE_NAME_PARAMETER) String name) { public Response delete(@PathParam(PROFILE_NAME_PARAMETER) String name) {
setCalledMethod("DELETE /" + PROFILES + "/{" + PROFILE_NAME_PARAMETER + "}"); setCalledMethod("DELETE /" + PROFILES + "/{" + PROFILE_NAME_PARAMETER + "}");
try { try {

View File

@ -3,7 +3,7 @@ package org.gcube.gcat.rest;
import javax.ws.rs.Consumes; import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE; import javax.ws.rs.DELETE;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.NotAuthorizedException; //import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.POST; import javax.ws.rs.POST;
import javax.ws.rs.PUT; import javax.ws.rs.PUT;
import javax.ws.rs.Path; import javax.ws.rs.Path;
@ -13,10 +13,10 @@ import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.ResponseBuilder; import javax.ws.rs.core.Response.ResponseBuilder;
import javax.ws.rs.core.Response.Status; import javax.ws.rs.core.Response.Status;
import org.gcube.common.authorization.control.annotations.AuthorizationControl; //import org.gcube.common.authorization.control.annotations.AuthorizationControl;
import org.gcube.gcat.annotation.PATCH; import org.gcube.gcat.annotation.PATCH;
import org.gcube.gcat.api.GCatConstants; import org.gcube.gcat.api.GCatConstants;
import org.gcube.gcat.api.roles.Role; //import org.gcube.gcat.api.roles.Role;
import org.gcube.gcat.persistence.ckan.CKANResource; import org.gcube.gcat.persistence.ckan.CKANResource;
/** /**
@ -45,7 +45,7 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
@POST @POST
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response create(@PathParam(ITEM_ID_PARAMETER) String itemID, String json) { public Response create(@PathParam(ITEM_ID_PARAMETER) String itemID, String json) {
setCalledMethod("POST /" + COLLECTION); setCalledMethod("POST /" + COLLECTION);
CKANResource ckanResource = new CKANResource(itemID); CKANResource ckanResource = new CKANResource(itemID);
@ -74,7 +74,7 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
@Path("/{" + RESOURCE_ID_PARAMETER + "}") @Path("/{" + RESOURCE_ID_PARAMETER + "}")
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String update(@PathParam(ITEM_ID_PARAMETER) String itemID, public String update(@PathParam(ITEM_ID_PARAMETER) String itemID,
@PathParam(RESOURCE_ID_PARAMETER) String resourceID, String json) { @PathParam(RESOURCE_ID_PARAMETER) String resourceID, String json) {
setCalledMethod("PUT /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}"); setCalledMethod("PUT /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}");
@ -87,7 +87,7 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
@Path("/{" + RESOURCE_ID_PARAMETER + "}") @Path("/{" + RESOURCE_ID_PARAMETER + "}")
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String patch(@PathParam(ITEM_ID_PARAMETER) String itemID, public String patch(@PathParam(ITEM_ID_PARAMETER) String itemID,
@PathParam(RESOURCE_ID_PARAMETER) String resourceID, String json) { @PathParam(RESOURCE_ID_PARAMETER) String resourceID, String json) {
setCalledMethod("PATCH /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}"); setCalledMethod("PATCH /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}");
@ -98,7 +98,7 @@ public class Resource extends BaseREST implements org.gcube.gcat.api.interfaces.
@DELETE @DELETE
@Path("/{" + RESOURCE_ID_PARAMETER + "}") @Path("/{" + RESOURCE_ID_PARAMETER + "}")
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response delete(@PathParam(ITEM_ID_PARAMETER) String itemID, public Response delete(@PathParam(ITEM_ID_PARAMETER) String itemID,
@PathParam(RESOURCE_ID_PARAMETER) String resourceID) { @PathParam(RESOURCE_ID_PARAMETER) String resourceID) {
setCalledMethod("DELETE /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}"); setCalledMethod("DELETE /" + COLLECTION + "/{" + RESOURCE_ID_PARAMETER + "}");

View File

@ -3,7 +3,7 @@ package org.gcube.gcat.rest;
import javax.ws.rs.DELETE; import javax.ws.rs.DELETE;
import javax.ws.rs.DefaultValue; import javax.ws.rs.DefaultValue;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.NotAuthorizedException; //import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.Path; import javax.ws.rs.Path;
import javax.ws.rs.Produces; import javax.ws.rs.Produces;
import javax.ws.rs.QueryParam; import javax.ws.rs.QueryParam;
@ -11,10 +11,10 @@ import javax.ws.rs.core.Response;
import javax.ws.rs.core.Response.Status; import javax.ws.rs.core.Response.Status;
import javax.xml.ws.WebServiceException; import javax.xml.ws.WebServiceException;
import org.gcube.common.authorization.control.annotations.AuthorizationControl; //import org.gcube.common.authorization.control.annotations.AuthorizationControl;
import org.gcube.gcat.annotation.PURGE; import org.gcube.gcat.annotation.PURGE;
import org.gcube.gcat.api.GCatConstants; import org.gcube.gcat.api.GCatConstants;
import org.gcube.gcat.api.roles.Role; //import org.gcube.gcat.api.roles.Role;
import org.gcube.gcat.persistence.ckan.CKANPackageTrash; import org.gcube.gcat.persistence.ckan.CKANPackageTrash;
/** /**
@ -27,7 +27,7 @@ public class Trash extends BaseREST implements org.gcube.gcat.api.interfaces.Tra
@GET @GET
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String list(@QueryParam(GCatConstants.OWN_ONLY_QUERY_PARAMETER) @DefaultValue("true") Boolean ownOnly) throws WebServiceException { public String list(@QueryParam(GCatConstants.OWN_ONLY_QUERY_PARAMETER) @DefaultValue("true") Boolean ownOnly) throws WebServiceException {
CKANPackageTrash ckanPackageTrash = new CKANPackageTrash(); CKANPackageTrash ckanPackageTrash = new CKANPackageTrash();
ckanPackageTrash.setOwnOnly(ownOnly); ckanPackageTrash.setOwnOnly(ownOnly);
@ -36,7 +36,7 @@ public class Trash extends BaseREST implements org.gcube.gcat.api.interfaces.Tra
@DELETE @DELETE
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response empty(@QueryParam(GCatConstants.OWN_ONLY_QUERY_PARAMETER) @DefaultValue("true") Boolean ownOnly) throws WebServiceException { public Response empty(@QueryParam(GCatConstants.OWN_ONLY_QUERY_PARAMETER) @DefaultValue("true") Boolean ownOnly) throws WebServiceException {
Thread thread = new Thread(new Runnable() { Thread thread = new Thread(new Runnable() {
@Override @Override
@ -51,7 +51,7 @@ public class Trash extends BaseREST implements org.gcube.gcat.api.interfaces.Tra
} }
@PURGE @PURGE
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response emptyViaPurge(@QueryParam(GCatConstants.OWN_ONLY_QUERY_PARAMETER) @DefaultValue("true") Boolean ownOnly) throws WebServiceException { public Response emptyViaPurge(@QueryParam(GCatConstants.OWN_ONLY_QUERY_PARAMETER) @DefaultValue("true") Boolean ownOnly) throws WebServiceException {
return empty(ownOnly); return empty(ownOnly);
} }

View File

@ -3,7 +3,7 @@ package org.gcube.gcat.rest;
import javax.ws.rs.Consumes; import javax.ws.rs.Consumes;
import javax.ws.rs.DELETE; import javax.ws.rs.DELETE;
import javax.ws.rs.GET; import javax.ws.rs.GET;
import javax.ws.rs.NotAuthorizedException; //import javax.ws.rs.NotAuthorizedException;
import javax.ws.rs.POST; import javax.ws.rs.POST;
import javax.ws.rs.PUT; import javax.ws.rs.PUT;
import javax.ws.rs.Path; import javax.ws.rs.Path;
@ -11,9 +11,9 @@ import javax.ws.rs.PathParam;
import javax.ws.rs.Produces; import javax.ws.rs.Produces;
import javax.ws.rs.core.Response; import javax.ws.rs.core.Response;
import org.gcube.common.authorization.control.annotations.AuthorizationControl; //import org.gcube.common.authorization.control.annotations.AuthorizationControl;
import org.gcube.gcat.api.GCatConstants; import org.gcube.gcat.api.GCatConstants;
import org.gcube.gcat.api.roles.Role; //import org.gcube.gcat.api.roles.Role;
import org.gcube.gcat.persistence.ckan.CKANUser; import org.gcube.gcat.persistence.ckan.CKANUser;
/** /**
@ -30,7 +30,7 @@ public class User extends REST<CKANUser> implements org.gcube.gcat.api.interface
@GET @GET
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String list() { public String list() {
return super.list(-1, -1); return super.list(-1, -1);
} }
@ -39,7 +39,7 @@ public class User extends REST<CKANUser> implements org.gcube.gcat.api.interface
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response create(String json) { public Response create(String json) {
return super.create(json); return super.create(json);
} }
@ -48,7 +48,7 @@ public class User extends REST<CKANUser> implements org.gcube.gcat.api.interface
@Path("/{" + USER_ID_PARAMETER + "}") @Path("/{" + USER_ID_PARAMETER + "}")
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String read(@PathParam(USER_ID_PARAMETER) String username) { public String read(@PathParam(USER_ID_PARAMETER) String username) {
return super.read(username); return super.read(username);
} }
@ -58,14 +58,14 @@ public class User extends REST<CKANUser> implements org.gcube.gcat.api.interface
@Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Consumes(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8) @Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override @Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public String update(@PathParam(USER_ID_PARAMETER) String username, String json) { public String update(@PathParam(USER_ID_PARAMETER) String username, String json) {
return super.update(username, json); return super.update(username, json);
} }
@DELETE @DELETE
@Path("/{" + USER_ID_PARAMETER + "}") @Path("/{" + USER_ID_PARAMETER + "}")
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class) // @AuthorizationControl(allowedRoles={Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response delete(@PathParam(USER_ID_PARAMETER) String username) { public Response delete(@PathParam(USER_ID_PARAMETER) String username) {
return super.delete(username, false); return super.delete(username, false);
} }