source.dussan.org Git - archiva.git/blob

   1 package org.apache.archiva.rest.api.services.v2;/*
   2  * Licensed to the Apache Software Foundation (ASF) under one
   3  * or more contributor license agreements.  See the NOTICE file
   4  * distributed with this work for additional information
   5  * regarding copyright ownership.  The ASF licenses this file
   6  * to you under the Apache License, Version 2.0 (the
   7  * "License"); you may not use this file except in compliance
   8  * with the License.  You may obtain a copy of the License at
   9  *
  10  * http://www.apache.org/licenses/LICENSE-2.0
  11  * Unless required by applicable law or agreed to in writing,
  12  * software distributed under the License is distributed on an
  13  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  14  * KIND, either express or implied.  See the License for the
  15  * specific language governing permissions and limitations
  16  * under the License.
  17  */
  18
  19 import io.swagger.v3.oas.annotations.Operation;
  20 import io.swagger.v3.oas.annotations.Parameter;
  21 import io.swagger.v3.oas.annotations.Parameters;
  22 import io.swagger.v3.oas.annotations.enums.ParameterIn;
  23 import io.swagger.v3.oas.annotations.media.Content;
  24 import io.swagger.v3.oas.annotations.media.Schema;
  25 import io.swagger.v3.oas.annotations.parameters.RequestBody;
  26 import io.swagger.v3.oas.annotations.responses.ApiResponse;
  27 import io.swagger.v3.oas.annotations.security.SecurityRequirement;
  28 import io.swagger.v3.oas.annotations.tags.Tag;
  29 import org.apache.archiva.components.rest.model.PagedResult;
  30 import org.apache.archiva.components.rest.model.PropertyEntry;
  31 import org.apache.archiva.redback.authorization.RedbackAuthorization;
  32 import org.apache.archiva.rest.api.model.v2.BeanInformation;
  33 import org.apache.archiva.rest.api.model.v2.CacheConfiguration;
  34 import org.apache.archiva.rest.api.model.v2.LdapConfiguration;
  35 import org.apache.archiva.rest.api.model.v2.SecurityConfiguration;
  36 import org.apache.archiva.security.common.ArchivaRoleConstants;
  37
  38 import javax.ws.rs.Consumes;
  39 import javax.ws.rs.DefaultValue;
  40 import javax.ws.rs.GET;
  41 import javax.ws.rs.PUT;
  42 import javax.ws.rs.Path;
  43 import javax.ws.rs.PathParam;
  44 import javax.ws.rs.Produces;
  45 import javax.ws.rs.QueryParam;
  46 import javax.ws.rs.core.MediaType;
  47 import javax.ws.rs.core.Response;
  48 import java.util.List;
  49
  50 import static javax.ws.rs.core.MediaType.APPLICATION_JSON;
  51 import static org.apache.archiva.rest.api.services.v2.Configuration.DEFAULT_PAGE_LIMIT;
  52
  53 /**
  54  *
  55  * Service for configuration of redback and security related settings.
  56  *
  57  * @author Martin Stockhammer <martin_s@apache.org>
  58  * @since 3.0
  59  */
  60 @Path( "/security" )
  61 @Tag(name = "v2")
  62 @Tag(name = "v2/Security")
  63 @SecurityRequirement(name = "BearerAuth")
  64 public interface SecurityConfigurationService
  65 {
  66     @Path("config")
  67     @GET
  68     @Produces({ APPLICATION_JSON })
  69     @RedbackAuthorization(permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION)
  70     @Operation( summary = "Returns the security configuration that is currently active.",
  71         security = {
  72             @SecurityRequirement(
  73                 name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION
  74             )
  75         },
  76         responses = {
  77             @ApiResponse( responseCode = "200",
  78                 description = "If the configuration could be retrieved"
  79             ),
  80             @ApiResponse( responseCode = "403", description = "Authenticated user is not permitted to gather the information",
  81                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = ArchivaRestServiceException.class )) )
  82         }
  83     )
  84     SecurityConfiguration getConfiguration()
  85         throws ArchivaRestServiceException;
  86
  87     @Path("config")
  88     @PUT
  89     @Consumes({ APPLICATION_JSON })
  90     @RedbackAuthorization(permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION)
  91     @Operation( summary = "Updates the security configuration.",
  92         security = {
  93             @SecurityRequirement(
  94                 name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION
  95             )
  96         },
  97         responses = {
  98             @ApiResponse( responseCode = "200",
  99                 description = "If the configuration was updated"
 100             ),
 101             @ApiResponse( responseCode = "403", description = "Authenticated user is not permitted to update the configuration",
 102                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = ArchivaRestServiceException.class )) )
 103         }
 104     )
 105     Response updateConfiguration( SecurityConfiguration newConfiguration)
 106         throws ArchivaRestServiceException;
 107
 108
 109     @Path( "config/properties" )
 110     @GET
 111     @Produces( { APPLICATION_JSON } )
 112     @RedbackAuthorization( permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION )
 113     @Operation( summary = "Returns all configuration properties. The result is paged.",
 114         parameters = {
 115             @Parameter(name = "q", description = "Search term"),
 116             @Parameter(name = "offset", description = "The offset of the first element returned"),
 117             @Parameter(name = "limit", description = "Maximum number of items to return in the response"),
 118             @Parameter(name = "orderBy", description = "List of attribute used for sorting (key, value)"),
 119             @Parameter(name = "order", description = "The sort order. Either ascending (asc) or descending (desc)")
 120         },
 121         security = {
 122             @SecurityRequirement(
 123                 name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION
 124             )
 125         },
 126         responses = {
 127             @ApiResponse( responseCode = "200",
 128                 description = "If the list could be returned",
 129                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = PagedResult.class))
 130             ),
 131             @ApiResponse( responseCode = "403", description = "Authenticated user is not permitted to gather the information",
 132                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = ArchivaRestServiceException.class )) )
 133         }
 134     )
 135     PagedResult<PropertyEntry> getConfigurationProperties( @QueryParam("q") @DefaultValue( "" ) String searchTerm,
 136                                                            @QueryParam( "offset" ) @DefaultValue( "0" ) Integer offset,
 137                                                            @QueryParam( "limit" ) @DefaultValue( value = DEFAULT_PAGE_LIMIT ) Integer limit,
 138                                                            @QueryParam( "orderBy") @DefaultValue( "key" ) List<String> orderBy,
 139                                                            @QueryParam("order") @DefaultValue( "asc" ) String order ) throws ArchivaRestServiceException;
 140
 141     @Path("config/properties/{propertyName}")
 142     @GET
 143     @Produces({ APPLICATION_JSON })
 144     @RedbackAuthorization(permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION)
 145     @Operation( summary = "Returns a single configuration property value.",
 146         security = {
 147             @SecurityRequirement(
 148                 name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION
 149             )
 150         },
 151         parameters = {
 152             @Parameter(in = ParameterIn.PATH, name="propertyName", description = "The name of the property to update")
 153         },
 154         responses = {
 155             @ApiResponse( responseCode = "200",
 156                 description = "If the configuration could be retrieved"
 157             ),
 158             @ApiResponse( responseCode = "404", description = "The given property name does not exist",
 159                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = ArchivaRestServiceException.class )) ),
 160             @ApiResponse( responseCode = "403", description = "Authenticated user is not permitted to gather the information",
 161                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = ArchivaRestServiceException.class )) )
 162         }
 163     )
 164     PropertyEntry getConfigurationProperty( @PathParam ( "propertyName" )  String propertyName)
 165         throws ArchivaRestServiceException;
 166
 167
 168     @Path("config/properties/{propertyName}")
 169     @PUT
 170     @Consumes({ APPLICATION_JSON})
 171     @RedbackAuthorization(permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION)
 172     @Operation( summary = "Updates a single property value of the security configuration.",
 173         security = {
 174             @SecurityRequirement(
 175                 name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION
 176             )
 177         },
 178         parameters = {
 179             @Parameter(in = ParameterIn.PATH, name="propertyName", description = "The name of the property to update")
 180         },
 181         responses = {
 182             @ApiResponse( responseCode = "200",
 183                 description = "If the property value was updated."
 184             ),
 185             @ApiResponse( responseCode = "404", description = "The given property name does not exist",
 186                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = ArchivaRestServiceException.class )) ),
 187             @ApiResponse( responseCode = "403", description = "Authenticated user is not permitted to gather the information",
 188                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = ArchivaRestServiceException.class )) )
 189         }
 190     )
 191     Response updateConfigurationProperty( @PathParam ( "propertyName" )  String propertyName, PropertyEntry propertyValue)
 192         throws ArchivaRestServiceException;
 193
 194
 195     @Path("config/ldap")
 196     @GET
 197     @Produces({ APPLICATION_JSON })
 198     @RedbackAuthorization(permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION)
 199     @Operation( summary = "Returns the LDAP configuration that is currently active.",
 200         security = {
 201             @SecurityRequirement(
 202                 name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION
 203             )
 204         },
 205         responses = {
 206             @ApiResponse( responseCode = "200",
 207                 description = "If the configuration could be retrieved"
 208             ),
 209             @ApiResponse( responseCode = "403", description = "Authenticated user is not permitted to gather the information",
 210                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = ArchivaRestServiceException.class )) )
 211         }
 212     )
 213     LdapConfiguration getLdapConfiguration( ) throws ArchivaRestServiceException;
 214
 215     @Path("config/ldap")
 216     @PUT
 217     @Consumes({ APPLICATION_JSON })
 218     @RedbackAuthorization(permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION)
 219     @Operation( summary = "Updates the LDAP configuration that is currently active.",
 220         security = {
 221             @SecurityRequirement(
 222                 name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION
 223             )
 224         },
 225         responses = {
 226             @ApiResponse( responseCode = "200",
 227                 description = "If the configuration was updated"
 228             ),
 229             @ApiResponse( responseCode = "403", description = "Authenticated user is not permitted to update the information",
 230                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = ArchivaRestServiceException.class )) )
 231         }
 232     )
 233     Response updateLdapConfiguration( LdapConfiguration configuration ) throws ArchivaRestServiceException;
 234
 235     @Path("config/cache")
 236     @GET
 237     @Produces({ APPLICATION_JSON })
 238     @RedbackAuthorization(permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION)
 239     @Operation( summary = "Returns the cache configuration that is currently active.",
 240         security = {
 241             @SecurityRequirement(
 242                 name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION
 243             )
 244         },
 245         responses = {
 246             @ApiResponse( responseCode = "200",
 247                 description = "If the configuration could be retrieved"
 248             ),
 249             @ApiResponse( responseCode = "403", description = "Authenticated user is not permitted to gather the information",
 250                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = ArchivaRestServiceException.class )) )
 251         }
 252     )
 253     CacheConfiguration getCacheConfiguration( ) throws ArchivaRestServiceException;
 254
 255     @Path("config/cache")
 256     @PUT
 257     @Consumes({ APPLICATION_JSON })
 258     @RedbackAuthorization(permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION)
 259     @Operation( summary = "Updates the LDAP configuration that is currently active.",
 260         security = {
 261             @SecurityRequirement(
 262                 name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION
 263             )
 264         },
 265         responses = {
 266             @ApiResponse( responseCode = "200",
 267                 description = "If the configuration was updated"
 268             ),
 269             @ApiResponse( responseCode = "403", description = "Authenticated user is not permitted to update the information",
 270                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = ArchivaRestServiceException.class )) )
 271         }
 272     )
 273     Response updateCacheConfiguration( CacheConfiguration cacheConfiguration ) throws ArchivaRestServiceException;
 274
 275
 276     @Path("user_managers")
 277     @GET
 278     @Produces({ APPLICATION_JSON })
 279     @RedbackAuthorization(permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION)
 280     @Operation( summary = "Returns the available user manager implementations.",
 281         security = {
 282             @SecurityRequirement(
 283                 name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION
 284             )
 285         },
 286         responses = {
 287             @ApiResponse( responseCode = "200",
 288                 description = "If the list could be retrieved"
 289             ),
 290             @ApiResponse( responseCode = "403", description = "Authenticated user is not permitted to gather the information",
 291                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = ArchivaRestServiceException.class )) )
 292         }
 293     )
 294     List<BeanInformation> getAvailableUserManagers()
 295         throws ArchivaRestServiceException;
 296
 297     @Path("rbac_managers")
 298     @GET
 299     @Produces({ APPLICATION_JSON })
 300     @RedbackAuthorization(permissions = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION)
 301     @Operation( summary = "Returns the available RBAC manager implementations.",
 302         security = {
 303             @SecurityRequirement(
 304                 name = ArchivaRoleConstants.OPERATION_MANAGE_CONFIGURATION
 305             )
 306         },
 307         responses = {
 308             @ApiResponse( responseCode = "200",
 309                 description = "If the list could be retrieved"
 310             ),
 311             @ApiResponse( responseCode = "403", description = "Authenticated user is not permitted to gather the information",
 312                 content = @Content(mediaType = APPLICATION_JSON, schema = @Schema(implementation = ArchivaRestServiceException.class )) )
 313         }
 314     )
 315     List<BeanInformation> getAvailableRbacManagers()
 316         throws ArchivaRestServiceException;
 317
 318 }