View Javadoc
1   /*
2    * This file is part of ***  M y C o R e  ***
3    * See http://www.mycore.de/ for details.
4    *
5    * MyCoRe is free software: you can redistribute it and/or modify
6    * it under the terms of the GNU General Public License as published by
7    * the Free Software Foundation, either version 3 of the License, or
8    * (at your option) any later version.
9    *
10   * MyCoRe is distributed in the hope that it will be useful,
11   * but WITHOUT ANY WARRANTY; without even the implied warranty of
12   * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
13   * GNU General Public License for more details.
14   *
15   * You should have received a copy of the GNU General Public License
16   * along with MyCoRe.  If not, see <http://www.gnu.org/licenses/>.
17   */
18  
19  package org.mycore.mcr.acl.accesskey.restapi.v2;
20  
21  import static org.mycore.mcr.acl.accesskey.restapi.v2.MCRRestAccessKeyHelper.PARAM_SECRET;
22  import static org.mycore.mcr.acl.accesskey.restapi.v2.MCRRestAccessKeyHelper.QUERY_PARAM_SECRET_ENCODING;
23  import static org.mycore.restapi.v2.MCRRestAuthorizationFilter.PARAM_DERID;
24  import static org.mycore.restapi.v2.MCRRestAuthorizationFilter.PARAM_MCRID;
25  import static org.mycore.restapi.v2.MCRRestUtils.TAG_MYCORE_DERIVATE;
26  
27  import org.mycore.datamodel.metadata.MCRObjectID;
28  import org.mycore.mcr.acl.accesskey.model.MCRAccessKey;
29  import org.mycore.restapi.annotations.MCRApiDraft;
30  import org.mycore.restapi.annotations.MCRRequireTransaction;
31  import org.mycore.restapi.converter.MCRObjectIDParamConverterProvider;
32  import org.mycore.restapi.v2.access.MCRRestAPIACLPermission;
33  import org.mycore.restapi.v2.annotation.MCRRestRequiredPermission;
34  
35  import io.swagger.v3.oas.annotations.Operation;
36  import io.swagger.v3.oas.annotations.headers.Header;
37  import io.swagger.v3.oas.annotations.media.ArraySchema;
38  import io.swagger.v3.oas.annotations.media.Content;
39  import io.swagger.v3.oas.annotations.media.Schema;
40  import io.swagger.v3.oas.annotations.parameters.RequestBody;
41  import io.swagger.v3.oas.annotations.responses.ApiResponse;
42  import io.swagger.v3.oas.annotations.tags.Tag;
43  import jakarta.ws.rs.Consumes;
44  import jakarta.ws.rs.DELETE;
45  import jakarta.ws.rs.DefaultValue;
46  import jakarta.ws.rs.GET;
47  import jakarta.ws.rs.POST;
48  import jakarta.ws.rs.PUT;
49  import jakarta.ws.rs.Path;
50  import jakarta.ws.rs.PathParam;
51  import jakarta.ws.rs.Produces;
52  import jakarta.ws.rs.QueryParam;
53  import jakarta.ws.rs.core.Context;
54  import jakarta.ws.rs.core.HttpHeaders;
55  import jakarta.ws.rs.core.MediaType;
56  import jakarta.ws.rs.core.Response;
57  import jakarta.ws.rs.core.UriInfo;
58  
59  @MCRApiDraft("MCRAccessKey")
60  @Path("/objects/{" + PARAM_MCRID + "}/derivates/{" + PARAM_DERID + "}/accesskeys")
61  @Tag(name = TAG_MYCORE_DERIVATE)
62  public class MCRRestDerivateAccessKeys {
63  
64      @Context
65      UriInfo uriInfo;
66  
67      @GET
68      @Operation(
69          summary = "Lists all access keys for a derivate",
70          responses = {
71              @ApiResponse(responseCode = "200", content = { @Content(mediaType = MediaType.APPLICATION_JSON,
72                  array = @ArraySchema(schema = @Schema(implementation = MCRAccessKey.class))) }),
73              @ApiResponse(responseCode = "" + MCRObjectIDParamConverterProvider.CODE_INVALID, // 400
74                  description = MCRObjectIDParamConverterProvider.MSG_INVALID,
75                  content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
76              @ApiResponse(responseCode = "401",
77                  description = "You do not have create permission and need to authenticate first",
78                  content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
79              @ApiResponse(responseCode = "404", description = "Derivate or access key does not exist",
80                  content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
81          })
82      @Produces(MediaType.APPLICATION_JSON)
83      @MCRRestRequiredPermission(MCRRestAPIACLPermission.WRITE)
84      public Response listAccessKeysForDerivate(@PathParam(PARAM_DERID) final MCRObjectID derivateId,
85          @DefaultValue("0") @QueryParam("offset") final int offset,
86          @DefaultValue("128") @QueryParam("limit") final int limit) {
87          return MCRRestAccessKeyHelper.doListAccessKeys(derivateId, offset, limit);
88      }
89  
90      @GET
91      @Path("/{" + PARAM_SECRET + "}")
92      @Operation(
93          summary = "Gets access key for a derivate",
94          responses = {
95              @ApiResponse(responseCode = "200", content = @Content(mediaType = MediaType.APPLICATION_JSON,
96                  schema = @Schema(implementation = MCRAccessKey.class))),
97              @ApiResponse(responseCode = "" + MCRObjectIDParamConverterProvider.CODE_INVALID, // 400
98                  description = MCRObjectIDParamConverterProvider.MSG_INVALID,
99                  content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
100             @ApiResponse(responseCode = "401",
101                 description = "You do not have create permission and need to authenticate first",
102                 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
103             @ApiResponse(responseCode = "404", description = "Derivate or access key does not exist",
104                 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
105         })
106     @Produces(MediaType.APPLICATION_JSON)
107     @MCRRestRequiredPermission(MCRRestAPIACLPermission.WRITE)
108     public Response getAccessKeyFromDerivate(@PathParam(PARAM_DERID) final MCRObjectID derivateId,
109         @PathParam(PARAM_SECRET) final String secret,
110         @QueryParam(QUERY_PARAM_SECRET_ENCODING) final String secretEncoding) {
111         return MCRRestAccessKeyHelper.doGetAccessKey(derivateId, secret, secretEncoding);
112     }
113 
114     @POST
115     @Operation(
116         summary = "Creates an access key for a derivate",
117         responses = {
118             @ApiResponse(responseCode = "201", description = "Access key was successfully created",
119                 headers = @Header(name = HttpHeaders.LOCATION)),
120             @ApiResponse(responseCode = "400", description = "Invalid ID or invalid access key",
121                 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
122             @ApiResponse(responseCode = "401",
123                 description = "You do not have create permission and need to authenticate first",
124                 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
125             @ApiResponse(responseCode = "404", description = "Derivate does not exist",
126                 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
127         })
128     @RequestBody(required = true,
129         content = @Content(mediaType = MediaType.APPLICATION_JSON,
130             schema = @Schema(implementation = MCRAccessKey.class)))
131     @Consumes(MediaType.APPLICATION_JSON)
132     @Produces(MediaType.APPLICATION_JSON)
133     @MCRRestRequiredPermission(MCRRestAPIACLPermission.WRITE)
134     @MCRRequireTransaction
135     public Response createAccessKeyForDerivate(@PathParam(PARAM_DERID) final MCRObjectID derivateId,
136         final String accessKeyJson) {
137         return MCRRestAccessKeyHelper.doCreateAccessKey(derivateId, accessKeyJson, uriInfo);
138     }
139 
140     @PUT
141     @Path("/{" + PARAM_SECRET + "}")
142     @Operation(
143         summary = "Updates an access key for a derivate",
144         responses = {
145             @ApiResponse(responseCode = "204", description = "Access key was successfully updated"),
146             @ApiResponse(responseCode = "400", description = "Invalid ID or invalid access key",
147                 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
148             @ApiResponse(responseCode = "401",
149                 description = "You do not have create permission and need to authenticate first",
150                 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
151             @ApiResponse(responseCode = "404", description = "Derivate or access key does not exist",
152                 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
153         })
154     @RequestBody(required = true,
155         content = @Content(mediaType = MediaType.APPLICATION_JSON,
156             schema = @Schema(implementation = MCRAccessKey.class)))
157     @Consumes(MediaType.APPLICATION_JSON)
158     @Produces(MediaType.APPLICATION_JSON)
159     @MCRRestRequiredPermission(MCRRestAPIACLPermission.WRITE)
160     @MCRRequireTransaction
161     public Response updateAccessKeyFromDerivate(@PathParam(PARAM_DERID) final MCRObjectID derivateId,
162         @PathParam(PARAM_SECRET) final String encodedSecret, final String accessKeyJson,
163         @QueryParam(QUERY_PARAM_SECRET_ENCODING) final String secretEncoding) {
164         return MCRRestAccessKeyHelper.doUpdateAccessKey(derivateId, encodedSecret, accessKeyJson, secretEncoding);
165     }
166 
167     @DELETE
168     @Path("/{" + PARAM_SECRET + "}")
169     @Operation(
170         summary = "Deletes an access key from a derivate",
171         responses = {
172             @ApiResponse(responseCode = "204", description = "Access key was successfully deleted"),
173             @ApiResponse(responseCode = "" + MCRObjectIDParamConverterProvider.CODE_INVALID, // 400
174                 description = MCRObjectIDParamConverterProvider.MSG_INVALID,
175                 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
176             @ApiResponse(responseCode = "401",
177                 description = "You do not have create permission and need to authenticate first",
178                 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
179             @ApiResponse(responseCode = "404", description = "Derivate or access key does not exist",
180                 content = { @Content(mediaType = MediaType.APPLICATION_JSON) }),
181         })
182     @Produces(MediaType.APPLICATION_JSON)
183     @MCRRestRequiredPermission(MCRRestAPIACLPermission.WRITE)
184     @MCRRequireTransaction
185     public Response removeAccessKeyFromDerivate(@PathParam(PARAM_DERID) final MCRObjectID derivateId,
186         @PathParam(PARAM_SECRET) final String secret,
187         @QueryParam(QUERY_PARAM_SECRET_ENCODING) final String secretEncoding) {
188         return MCRRestAccessKeyHelper.doRemoveAccessKey(derivateId, secret, secretEncoding);
189     }
190 }