public ProjectPermissionIRequestParameter(ApiKeyService apiKeyService, Method method) { final ApiOperation annotation = method.getAnnotation(ApiOperation.class); Authorization[] authorizations = annotation == null ? new Authorization[0] : Arrays.stream(annotation.authorizations()).filter(auth -> !auth.value().equals("")).toArray(value -> new Authorization[value]); if (authorizations.length == 0) { throw new IllegalStateException(method.toGenericString() + ": The permission check component requires endpoints to have authorizations definition in @ApiOperation. " + "Use @IgnorePermissionCheck to bypass security check in method " + method.toString()); } if (annotation != null && !annotation.consumes().isEmpty() && !annotation.consumes().equals("application/json")) { throw new IllegalStateException("The permission check component requires endpoint to consume application/json. " + "Use @IgnorePermissionCheck to bypass security check in method " + method.toString()); } Api clazzOperation = method.getDeclaringClass().getAnnotation(Api.class); if (authorizations.length == 0 && (clazzOperation == null || clazzOperation.authorizations().length == 0)) { throw new IllegalArgumentException(String.format("Authorization for method %s is not defined. " + "You must use @IgnorePermissionCheck if the endpoint doesn't need permission check", method.toString())); } if (authorizations.length != 1) { throw new IllegalArgumentException(); } type = ApiKeyService.AccessKeyType.fromKey(authorizations[0].value()); this.apiKeyService = apiKeyService; }
@Override @ApiOperation(value = "Realtime mailbox notification service", notes = "Websocket service for sending and receiving mail noti fication", response = WSMessage.class, request = String.class, responseContainer = "List", authorizations = {@Authorization(value = "write_key"), @Authorization(value = "read_key")} ) public void onMessage(ChannelHandlerContext ctx, String data) { Integer jsonStart = data.indexOf("\n"); Operation op = Operation.valueOf(data.substring(0, jsonStart)); String jsonStr = data.substring(jsonStart); switch (op) { case msg: try { UserMessage message = JsonHelper.readSafe(jsonStr, UserMessage.class); storage.send(ctx.attr(PROJECT_ID).get(), ctx.attr(USER_ID).get(), message.toUser, message.parent, message.content, Instant.now()); } catch (IOException e) { ctx.close(); } break; case typing: break; } }
ApiOperation annotation = method.getAnnotation(ApiOperation.class); if (annotation != null && annotation.authorizations() != null && annotation.authorizations().length > 0) { String value = annotation.authorizations()[0].value(); if (value != null && !value.isEmpty()) { operation.response(FORBIDDEN.code(), new Response()
@ApiOperation(value = "Export recipe", response = Recipe.class, authorizations = @Authorization(value = "master_key") ) @GET @Path("/export") public void exportRecipe(@HeaderParam("Accept") String contentType, @Named("project") RequestContext context, RakamHttpRequest request) throws JsonProcessingException { request.bodyHandler(s -> { Recipe export = installer.export(context.project); ExportType exportType = Arrays.stream(ExportType.values()) .filter(f -> f.contentType.equals(contentType)) .findAny() .orElse(YAML); ByteBuf buffer; try { buffer = Unpooled.wrappedBuffer(exportType.mapper.writeValueAsBytes(export)); } catch (JsonProcessingException e) { throw Throwables.propagate(e); } DefaultFullHttpResponse response = new DefaultFullHttpResponse(HTTP_1_1, OK, buffer); response.headers().add(CONTENT_TYPE, exportType.contentType); if (request.headers().contains(ORIGIN)) { response.headers().set(ACCESS_CONTROL_ALLOW_ORIGIN, request.headers().get(ORIGIN)); } request.response(response).end(); }); }
@ApiOperation(value = "Install recipe", authorizations = @Authorization(value = "master_key"), response = SuccessMessage.class
List<SecurityRequirement> securities = new ArrayList<>(); for (Authorization auth : apiOperation.authorizations()) { if (auth.value() != null && !"".equals(auth.value())) { SecurityRequirement security = new SecurityRequirement(); security.requirement(auth.value()); security.setName(auth.value()); security.addScope(auth.value()); securities.add(security);