Skip to content

Commit

Permalink
Jans config api issue 3508 (#3509)
Browse files Browse the repository at this point in the history 
* feat: add admin-ui scopes in config-api-rs-protect.json #3508

* feat: add admin-ui scopes in config-api-rs-protect.json #3508
  • Loading branch information
@duttarnab
duttarnab authored Jan 4, 2023
1 parent 72bc862 commit 3fd84ee
Show file tree
Hide file tree
Showing 3 changed files with 359 additions and 22 deletions.
32 changes: 16 additions & 16 deletions ...admin-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/rest/license/LicenseResource.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -44,16 +44,16 @@ public class LicenseResource {
LicenseDetailsService licenseDetailsService;

@Operation(summary = "Check if admin-ui license is active", description = "Check if admin-ui license is active", operationId = "is-license-active", tags = {
"Admin UI - License" }, security = @SecurityRequirement(name = "oauth2", scopes = {
SCOPE_LICENSE_READ }))
"Admin UI - License"}, security = @SecurityRequirement(name = "oauth2", scopes = {
SCOPE_LICENSE_READ}))
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseApiResponse.class, description = "License response"))),
@ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseApiResponse.class, description = "License response"))),
@ApiResponse(responseCode = "401", description = "Unauthorized"),
@ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseApiResponse.class, description = "License response"))) })
@ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseApiResponse.class, description = "License response")))})
@GET
@Path(IS_ACTIVE)
@ProtectedApi(scopes = { SCOPE_LICENSE_READ })
@ProtectedApi(scopes = {SCOPE_LICENSE_READ}, groupScopes = {SCOPE_LICENSE_WRITE})
@Produces(MediaType.APPLICATION_JSON)
public Response isActive() {
LicenseApiResponse licenseResponse = null;
Expand All @@ -69,17 +69,17 @@ public Response isActive() {
}

@Operation(summary = "Activate license using license-key", description = "Activate license using license-key", operationId = "activate-adminui-license", tags = {
"Admin UI - License" }, security = @SecurityRequirement(name = "oauth2", scopes = {
SCOPE_LICENSE_WRITE }))
"Admin UI - License"}, security = @SecurityRequirement(name = "oauth2", scopes = {
SCOPE_LICENSE_WRITE}))
@RequestBody(description = "LicenseRequest object", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseRequest.class)))
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseApiResponse.class, description = "License response"))),
@ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseApiResponse.class, description = "License response"))),
@ApiResponse(responseCode = "401", description = "Unauthorized"),
@ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseApiResponse.class, description = "License response"))) })
@ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseApiResponse.class, description = "License response")))})
@POST
@Path(ACTIVATE_LICENSE)
@ProtectedApi(scopes = { SCOPE_LICENSE_WRITE })
@ProtectedApi(scopes = {SCOPE_LICENSE_WRITE})
@Produces(MediaType.APPLICATION_JSON)
public Response activateLicense(@Valid @NotNull LicenseRequest licenseRequest) {
LicenseApiResponse licenseResponse = null;
Expand All @@ -95,17 +95,17 @@ public Response activateLicense(@Valid @NotNull LicenseRequest licenseRequest) {
}

@Operation(summary = "Save license api credentials", description = "Save license api credentials", operationId = "save-license-api-credentials", tags = {
"Admin UI - License" }, security = @SecurityRequirement(name = "oauth2", scopes = {
SCOPE_LICENSE_WRITE }))
"Admin UI - License"}, security = @SecurityRequirement(name = "oauth2", scopes = {
SCOPE_LICENSE_WRITE}))
@RequestBody(description = "LicenseSpringCredentials object", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseSpringCredentials.class)))
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseApiResponse.class, description = "License response"))),
@ApiResponse(responseCode = "400", description = "Bad Request", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseApiResponse.class, description = "License response"))),
@ApiResponse(responseCode = "401", description = "Unauthorized"),
@ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseApiResponse.class, description = "License response"))) })
@ApiResponse(responseCode = "500", description = "InternalServerError", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseApiResponse.class, description = "License response")))})
@POST
@Path(SAVE_API_CREDENTIALS)
@ProtectedApi(scopes = { SCOPE_LICENSE_WRITE })
@ProtectedApi(scopes = {SCOPE_LICENSE_WRITE})
@Produces(MediaType.APPLICATION_JSON)
public Response saveLicenseCredentials(@Valid @NotNull LicenseSpringCredentials licenseSpringCredentials) {
LicenseApiResponse licenseResponse = null;
Expand All @@ -121,16 +121,16 @@ public Response saveLicenseCredentials(@Valid @NotNull LicenseSpringCredentials
}

@Operation(summary = "Get admin ui license details", description = "Get admin ui license details", operationId = "get-adminui-license", tags = {
"Admin UI - License" }, security = @SecurityRequirement(name = "oauth2", scopes = {
SCOPE_LICENSE_READ }))
"Admin UI - License"}, security = @SecurityRequirement(name = "oauth2", scopes = {
SCOPE_LICENSE_READ}))
@ApiResponses(value = {
@ApiResponse(responseCode = "200", description = "Ok", content = @Content(mediaType = MediaType.APPLICATION_JSON, schema = @Schema(implementation = LicenseResponse.class, description = "License Response"))),
@ApiResponse(responseCode = "400", description = "Bad Request"),
@ApiResponse(responseCode = "401", description = "Unauthorized"),
@ApiResponse(responseCode = "500", description = "InternalServerError") })
@ApiResponse(responseCode = "500", description = "InternalServerError")})
@GET
@Path(LICENSE_DETAILS)
@ProtectedApi(scopes = { SCOPE_LICENSE_READ })
@ProtectedApi(scopes = {SCOPE_LICENSE_READ}, groupScopes = {SCOPE_LICENSE_WRITE})
@Produces(MediaType.APPLICATION_JSON)
public Response getLicenseDetails() {
try {
Expand Down
12 changes: 6 additions & 6 deletions ...n-ui-plugin/src/main/java/io/jans/ca/plugin/adminui/rest/user/UserManagementResource.java
View file
Original file line number Diff line number Diff line change
Expand Up @@ -62,7 +62,7 @@ public class UserManagementResource {
@GET
@Path(ROLES)
@Produces(MediaType.APPLICATION_JSON)
@ProtectedApi(scopes = SCOPE_ROLE_READ)
@ProtectedApi(scopes = {SCOPE_ROLE_READ}, groupScopes = {SCOPE_ROLE_WRITE})
public Response getAllRoles() {
try {
log.info("Get all Admin-UI roles.");
Expand Down Expand Up @@ -145,7 +145,7 @@ public Response editRole(@Valid @NotNull AdminRole roleArg) {
@GET
@Path(ROLES + ROLE_PATH_VARIABLE)
@Produces(MediaType.APPLICATION_JSON)
@ProtectedApi(scopes = SCOPE_ROLE_READ)
@ProtectedApi(scopes = {SCOPE_ROLE_READ}, groupScopes = {SCOPE_ROLE_WRITE})
public Response getRole(@PathParam(ROLE_CONST) @NotNull String adminUIRole) {
try {
log.info("Get all Admin-UI roles.");
Expand Down Expand Up @@ -199,7 +199,7 @@ public Response deleteRole(@PathParam(ROLE_CONST) @NotNull String adminUIRole) {
@GET
@Path(PERMISSIONS)
@Produces(MediaType.APPLICATION_JSON)
@ProtectedApi(scopes = SCOPE_PERMISSION_READ)
@ProtectedApi(scopes = {SCOPE_PERMISSION_READ}, groupScopes = {SCOPE_PERMISSION_WRITE})
public Response getAllPermissions() {
try {
log.info("Get all Admin-UI permissions.");
Expand Down Expand Up @@ -282,7 +282,7 @@ public Response editPermission(@Valid @NotNull AdminPermission permissionArg) {
@GET
@Path(PERMISSIONS + PERMISSION_PATH_VARIABLE)
@Produces(MediaType.APPLICATION_JSON)
@ProtectedApi(scopes = SCOPE_PERMISSION_READ)
@ProtectedApi(scopes = {SCOPE_PERMISSION_READ}, groupScopes = {SCOPE_PERMISSION_WRITE})
public Response getPermission(@PathParam(PERMISSION_CONST) @NotNull String adminUIPermission) {
try {
log.info("Get Admin-UI permission.");
Expand Down Expand Up @@ -336,7 +336,7 @@ public Response deletePermission(@PathParam(PERMISSION_CONST) @NotNull String ad
@GET
@Path(ROLE_PERMISSIONS_MAPPING)
@Produces(MediaType.APPLICATION_JSON)
@ProtectedApi(scopes = SCOPE_ROLE_PERMISSION_MAPPING_READ)
@ProtectedApi(scopes = {SCOPE_ROLE_PERMISSION_MAPPING_READ}, groupScopes = {SCOPE_ROLE_PERMISSION_MAPPING_WRITE})
public Response getAllAdminUIRolePermissionsMapping() {
try {
log.info("Get all Admin-UI role-permissions mapping.");
Expand Down Expand Up @@ -419,7 +419,7 @@ public Response mapPermissionsToRole(@Valid @NotNull RolePermissionMapping roleP
@GET
@Path(ROLE_PERMISSIONS_MAPPING + ROLE_PATH_VARIABLE)
@Produces(MediaType.APPLICATION_JSON)
@ProtectedApi(scopes = SCOPE_ROLE_PERMISSION_MAPPING_READ)
@ProtectedApi(scopes = {SCOPE_ROLE_PERMISSION_MAPPING_READ}, groupScopes = {SCOPE_ROLE_PERMISSION_MAPPING_WRITE})
public Response getAdminUIRolePermissionsMapping(@PathParam(ROLE_CONST) @NotNull String adminUIRole) {
try {
log.info("Get Admin-UI role-permissions mapping by role-name.");
Expand Down
Loading

0 comments on commit 3fd84ee

Please sign in to comment.