1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19 package org.mycore.mcr.acl.accesskey.restapi.v2;
20
21 import static org.mycore.mcr.acl.accesskey.restapi.v2.MCRRestAccessKeyHelper.PARAM_SECRET;
22 import static org.mycore.mcr.acl.accesskey.restapi.v2.MCRRestAccessKeyHelper.QUERY_PARAM_SECRET_ENCODING;
23 import static org.mycore.restapi.v2.MCRRestAuthorizationFilter.PARAM_DERID;
24 import static org.mycore.restapi.v2.MCRRestAuthorizationFilter.PARAM_MCRID;
25 import static org.mycore.restapi.v2.MCRRestUtils.TAG_MYCORE_DERIVATE;
26
27 import org.mycore.datamodel.metadata.MCRObjectID;
28 import org.mycore.mcr.acl.accesskey.model.MCRAccessKey;
29 import org.mycore.restapi.annotations.MCRApiDraft;
30 import org.mycore.restapi.annotations.MCRRequireTransaction;
31 import org.mycore.restapi.converter.MCRObjectIDParamConverterProvider;
32 import org.mycore.restapi.v2.access.MCRRestAPIACLPermission;
33 import org.mycore.restapi.v2.annotation.MCRRestRequiredPermission;
34
35 import io.swagger.v3.oas.annotations.Operation;
36 import io.swagger.v3.oas.annotations.headers.Header;
37 import io.swagger.v3.oas.annotations.media.ArraySchema;
38 import io.swagger.v3.oas.annotations.media.Content;
39 import io.swagger.v3.oas.annotations.media.Schema;
40 import io.swagger.v3.oas.annotations.parameters.RequestBody;
41 import io.swagger.v3.oas.annotations.responses.ApiResponse;
42 import io.swagger.v3.oas.annotations.tags.Tag;
43 import jakarta.ws.rs.Consumes;
44 import jakarta.ws.rs.DELETE;
45 import jakarta.ws.rs.DefaultValue;
46 import jakarta.ws.rs.GET;
47 import jakarta.ws.rs.POST;
48 import jakarta.ws.rs.PUT;
49 import jakarta.ws.rs.Path;
50 import jakarta.ws.rs.PathParam;
51 import jakarta.ws.rs.Produces;
52 import jakarta.ws.rs.QueryParam;
53 import jakarta.ws.rs.core.Context;
54 import jakarta.ws.rs.core.HttpHeaders;
55 import jakarta.ws.rs.core.MediaType;
56 import jakarta.ws.rs.core.Response;
57 import jakarta.ws.rs.core.UriInfo;
58
59 @MCRApiDraft("MCRAccessKey")
60 @Path("/objects/{" + PARAM_MCRID + "}/derivates/{" + PARAM_DERID + "}/accesskeys")
61 @Tag(name = TAG_MYCORE_DERIVATE)
62 public class MCRRestDerivateAccessKeys {
63
64 @Context
65 UriInfo uriInfo;
66
67 @GET
68 @Operation(
69 summary = "Lists all access keys for a derivate",
70 responses = {
71 @ApiResponse(responseCode = "200", content = { @Content(mediaType = MediaType.APPLICATION_JSON,
72 array = @ArraySchema(schema = @Schema(implementation = MCRAccessKey.class))) }),
73 @ApiResponse(responseCode = "" + MCRObjectIDParamConverterProvider.CODE_INVALID,
74 description = MCRObjectIDParamConverterProvider.MSG_INVALID,
75 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
76 @ApiResponse(responseCode = "401",
77 description = "You do not have create permission and need to authenticate first",
78 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
79 @ApiResponse(responseCode = "404", description = "Derivate or access key does not exist",
80 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
81 })
82 @Produces(MediaType.APPLICATION_JSON)
83 @MCRRestRequiredPermission(MCRRestAPIACLPermission.WRITE)
84 public Response listAccessKeysForDerivate(@PathParam(PARAM_DERID) final MCRObjectID derivateId,
85 @DefaultValue("0") @QueryParam("offset") final int offset,
86 @DefaultValue("128") @QueryParam("limit") final int limit) {
87 return MCRRestAccessKeyHelper.doListAccessKeys(derivateId, offset, limit);
88 }
89
90 @GET
91 @Path("/{" + PARAM_SECRET + "}")
92 @Operation(
93 summary = "Gets access key for a derivate",
94 responses = {
95 @ApiResponse(responseCode = "200", content = @Content(mediaType = MediaType.APPLICATION_JSON,
96 schema = @Schema(implementation = MCRAccessKey.class))),
97 @ApiResponse(responseCode = "" + MCRObjectIDParamConverterProvider.CODE_INVALID,
98 description = MCRObjectIDParamConverterProvider.MSG_INVALID,
99 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
100 @ApiResponse(responseCode = "401",
101 description = "You do not have create permission and need to authenticate first",
102 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
103 @ApiResponse(responseCode = "404", description = "Derivate or access key does not exist",
104 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
105 })
106 @Produces(MediaType.APPLICATION_JSON)
107 @MCRRestRequiredPermission(MCRRestAPIACLPermission.WRITE)
108 public Response getAccessKeyFromDerivate(@PathParam(PARAM_DERID) final MCRObjectID derivateId,
109 @PathParam(PARAM_SECRET) final String secret,
110 @QueryParam(QUERY_PARAM_SECRET_ENCODING) final String secretEncoding) {
111 return MCRRestAccessKeyHelper.doGetAccessKey(derivateId, secret, secretEncoding);
112 }
113
114 @POST
115 @Operation(
116 summary = "Creates an access key for a derivate",
117 responses = {
118 @ApiResponse(responseCode = "201", description = "Access key was successfully created",
119 headers = @Header(name = HttpHeaders.LOCATION)),
120 @ApiResponse(responseCode = "400", description = "Invalid ID or invalid access key",
121 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
122 @ApiResponse(responseCode = "401",
123 description = "You do not have create permission and need to authenticate first",
124 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
125 @ApiResponse(responseCode = "404", description = "Derivate does not exist",
126 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
127 })
128 @RequestBody(required = true,
129 content = @Content(mediaType = MediaType.APPLICATION_JSON,
130 schema = @Schema(implementation = MCRAccessKey.class)))
131 @Consumes(MediaType.APPLICATION_JSON)
132 @Produces(MediaType.APPLICATION_JSON)
133 @MCRRestRequiredPermission(MCRRestAPIACLPermission.WRITE)
134 @MCRRequireTransaction
135 public Response createAccessKeyForDerivate(@PathParam(PARAM_DERID) final MCRObjectID derivateId,
136 final String accessKeyJson) {
137 return MCRRestAccessKeyHelper.doCreateAccessKey(derivateId, accessKeyJson, uriInfo);
138 }
139
140 @PUT
141 @Path("/{" + PARAM_SECRET + "}")
142 @Operation(
143 summary = "Updates an access key for a derivate",
144 responses = {
145 @ApiResponse(responseCode = "204", description = "Access key was successfully updated"),
146 @ApiResponse(responseCode = "400", description = "Invalid ID or invalid access key",
147 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
148 @ApiResponse(responseCode = "401",
149 description = "You do not have create permission and need to authenticate first",
150 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
151 @ApiResponse(responseCode = "404", description = "Derivate or access key does not exist",
152 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
153 })
154 @RequestBody(required = true,
155 content = @Content(mediaType = MediaType.APPLICATION_JSON,
156 schema = @Schema(implementation = MCRAccessKey.class)))
157 @Consumes(MediaType.APPLICATION_JSON)
158 @Produces(MediaType.APPLICATION_JSON)
159 @MCRRestRequiredPermission(MCRRestAPIACLPermission.WRITE)
160 @MCRRequireTransaction
161 public Response updateAccessKeyFromDerivate(@PathParam(PARAM_DERID) final MCRObjectID derivateId,
162 @PathParam(PARAM_SECRET) final String encodedSecret, final String accessKeyJson,
163 @QueryParam(QUERY_PARAM_SECRET_ENCODING) final String secretEncoding) {
164 return MCRRestAccessKeyHelper.doUpdateAccessKey(derivateId, encodedSecret, accessKeyJson, secretEncoding);
165 }
166
167 @DELETE
168 @Path("/{" + PARAM_SECRET + "}")
169 @Operation(
170 summary = "Deletes an access key from a derivate",
171 responses = {
172 @ApiResponse(responseCode = "204", description = "Access key was successfully deleted"),
173 @ApiResponse(responseCode = "" + MCRObjectIDParamConverterProvider.CODE_INVALID,
174 description = MCRObjectIDParamConverterProvider.MSG_INVALID,
175 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
176 @ApiResponse(responseCode = "401",
177 description = "You do not have create permission and need to authenticate first",
178 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
179 @ApiResponse(responseCode = "404", description = "Derivate or access key does not exist",
180 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
181 })
182 @Produces(MediaType.APPLICATION_JSON)
183 @MCRRestRequiredPermission(MCRRestAPIACLPermission.WRITE)
184 @MCRRequireTransaction
185 public Response removeAccessKeyFromDerivate(@PathParam(PARAM_DERID) final MCRObjectID derivateId,
186 @PathParam(PARAM_SECRET) final String secret,
187 @QueryParam(QUERY_PARAM_SECRET_ENCODING) final String secretEncoding) {
188 return MCRRestAccessKeyHelper.doRemoveAccessKey(derivateId, secret, secretEncoding);
189 }
190 }