Fixing role filtering

This commit is contained in:
Luca Frosini 2022-04-01 18:37:45 +02:00
parent d40d320239
commit b90a3c97d4
1 changed files with 9 additions and 3 deletions

View File

@ -44,7 +44,9 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
@GET
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MEMBER, Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
/* Catalogue-Member is not added to VRE members and is assumed as the default role in the catalogue for the VRE members. So we can't enforce
* @AuthorizationControl(allowedRoles={Role.CATALOGUE_MEMBER, Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
*/
public String list(@QueryParam(GCatConstants.LIMIT_PARAMETER) @DefaultValue("10") int limit,
@QueryParam(GCatConstants.OFFSET_PARAMETER) @DefaultValue("0") int offset,
@QueryParam(GCatConstants.COUNT_PARAMETER) @DefaultValue("false") Boolean countOnly) {
@ -79,7 +81,9 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
@Path("/{" + ITEM_ID_PARAMETER + "}")
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_MEMBER, Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
/* Catalogue-Member is not added to VRE members and is assumed as the default role in the catalogue for the VRE members. So we can't enforce
* @AuthorizationControl(allowedRoles={Role.CATALOGUE_MEMBER, Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
*/
public String read(@PathParam(ITEM_ID_PARAMETER) String id) {
return super.read(id);
}
@ -141,6 +145,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
@DELETE
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response bulkDelete(@QueryParam(GCatConstants.PURGE_QUERY_PARAMETER) @DefaultValue("false") boolean purge) {
deleteAll(purge);
return Response.status(Status.ACCEPTED).build();
@ -149,6 +154,7 @@ public class Item extends REST<CKANPackage> implements org.gcube.gcat.api.interf
@PURGE
@Produces(GCatConstants.APPLICATION_JSON_CHARSET_UTF_8)
@Override
@AuthorizationControl(allowedRoles={Role.CATALOGUE_EDITOR, Role.CATALOGUE_ADMIN, Role.CATALOGUE_MANAGER}, exception=NotAuthorizedException.class)
public Response bulkPurge() {
return bulkDelete(true);
}