@PUT public Response update( @QueryParam("principal") String principal, @QueryParam("type") @DefaultValue("USER") String typeStr, @QueryParam("role") @DefaultValue("READER") String role, @QueryParam("file") @DefaultValue("true") boolean file) { if (principal == null) return Response.status(Response.Status.BAD_REQUEST).build(); checkPermission(); SubjectAcl.Type type = SubjectAcl.Type.valueOf(typeStr.toUpperCase()); String actions = PermissionsUtils.asActions(isDraft() ? role.toUpperCase() : "READER"); subjectAclService.addSubjectPermission(type, principal, resource, actions, instance); if (file) { subjectAclService.addSubjectPermission(type, principal, fileResource, actions, fileInstance); } return Response.noContent().build(); }
@GET public List<AclDto> get() { checkPermission(); return subjectAclService .findByResourceInstance(resource, instance) .stream() .map( a -> AclDto.newBuilder() .setType(a.getType().name()) .setPrincipal(a.getPrincipal()) .setResource(resource) .setRole(PermissionsUtils.asRole(a.getActions())) .setInstance(FileUtils.decode(instance)) .build()) .collect(Collectors.toList()); }