44 lines
1.4 KiB
Java
44 lines
1.4 KiB
Java
package org.gcube.service.helloworld.services;
|
|
|
|
import javax.ws.rs.GET;
|
|
import javax.ws.rs.Path;
|
|
import javax.ws.rs.Produces;
|
|
import javax.ws.rs.core.MediaType;
|
|
|
|
import org.gcube.common.authorization.control.annotations.AuthorizationControl;
|
|
import org.gcube.common.security.providers.SecretManagerProvider;
|
|
import org.gcube.common.security.secrets.Secret;
|
|
import org.gcube.smartgears.utils.InnerMethodName;
|
|
|
|
@Path("auth")
|
|
public class AuthorizedMethods {
|
|
|
|
private static final String ALLOWED_ROLE = "myRole";
|
|
private static final String ALLOWED_ROLE_ORG = "OrganizationMember";
|
|
|
|
@AuthorizationControl(allowedRoles={ALLOWED_ROLE_ORG})
|
|
@GET
|
|
@Path("org_member")
|
|
@Produces(MediaType.TEXT_PLAIN)
|
|
public String authorizedOrg() {
|
|
InnerMethodName.set("auth");
|
|
Secret secret = SecretManagerProvider.get();
|
|
String userId = secret.getOwner().getId();
|
|
String context = secret.getContext();
|
|
return String.format("User %s in context %s is authorized to execute this method because he has the correct role", userId,context);
|
|
}
|
|
|
|
@AuthorizationControl(allowedRoles={ALLOWED_ROLE})
|
|
@GET
|
|
@Path("")
|
|
@Produces(MediaType.TEXT_PLAIN)
|
|
public String authorized() {
|
|
InnerMethodName.set("auth");
|
|
Secret secret = SecretManagerProvider.get();
|
|
String userId = secret.getOwner().getId();
|
|
String context = secret.getContext();
|
|
return String.format("User %s in context %s is authorized to execute this method because he has the correct role", userId,context);
|
|
}
|
|
|
|
}
|