@Override public Response<String> apply(CacheResource rsrc, Input input) throws AuthException { if (WEB_SESSIONS.equals(rsrc.getName()) && !self.get().getCapabilities().canMaintainServer()) { throw new AuthException(String.format("only site maintainers can flush %s", WEB_SESSIONS)); } rsrc.getCache().invalidateAll(); return Response.ok(""); }