@DELETE
public Response delete(
@QueryParam("principal") String principal, @QueryParam("type") String typeStr) {
checkPermission();
SubjectAcl.Type type = SubjectAcl.Type.valueOf(typeStr.toUpperCase());
subjectAclService.removeSubjectPermissions(type, principal, resource, instance);
subjectAclService.removeSubjectPermissions(type, principal, fileResource, fileInstance);
return Response.noContent().build();
}
@PUT
public Response update(
@QueryParam("principal") String principal,
@QueryParam("type") @DefaultValue("USER") String typeStr,
@QueryParam("role") @DefaultValue("READER") String role,
@QueryParam("file") @DefaultValue("true") boolean file) {
if (principal == null) return Response.status(Response.Status.BAD_REQUEST).build();
checkPermission();
SubjectAcl.Type type = SubjectAcl.Type.valueOf(typeStr.toUpperCase());
String actions = PermissionsUtils.asActions(isDraft() ? role.toUpperCase() : "READER");
subjectAclService.addSubjectPermission(type, principal, resource, actions, instance);
if (file) {
subjectAclService.addSubjectPermission(type, principal, fileResource, actions, fileInstance);
}
return Response.noContent().build();
}
@GET
public List<AclDto> get() {
checkPermission();
return subjectAclService
.findByResourceInstance(resource, instance)
.stream()
.map(
a ->
AclDto.newBuilder()
.setType(a.getType().name())
.setPrincipal(a.getPrincipal())
.setResource(resource)
.setRole(PermissionsUtils.asRole(a.getActions()))
.setInstance(FileUtils.decode(instance))
.build())
.collect(Collectors.toList());
}
private void checkPermission() {
String res = resource.startsWith("/draft") ? resource : "/draft" + resource;
subjectAclService.checkPermission(res, "EDIT", instance);
}