Package com.skava.auth.web

Class FeaturesPrivilegeMappingController

java.lang.Object
org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler
com.skava.core.security.CommonExceptionHandler
com.skava.core.errorhandler.ExceptionResponseProcessor
com.skava.auth.helper.AuthExceptionHandler
com.skava.auth.web.FeaturesPrivilegeMappingController
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.context.MessageSourceAware
@RestController @RequestMapping("/accesscontrol") public class FeaturesPrivilegeMappingController extends AuthExceptionHandler
This class act as a controller to handle the FeaturePrivilegeMapping manipulation.
List of operations handled by this controller are
  • FeaturePrivilegeMapping creation
  • Privilege retrieval by FeaturePrivilegeMapping identifier
  • FeaturePrivilegeMapping update
  • FeaturePrivilegeMapping delete
Version:
$Id: $Id
Author:
Infosys Equinox

  • Constructor Details

    • FeaturesPrivilegeMappingController

      @Autowired public FeaturesPrivilegeMappingController(AuthCommonServices authCommonServices)

    • FeaturesPrivilegeMappingController

      public FeaturesPrivilegeMappingController()
      The class constructor.

  • Method Details

    • createFeaturePrivilegeMapping

      @PostMapping("") @ResponseStatus(CREATED) @Audit(action="createFeaturesPrivilegeMapping", repository="featuresPrivilegeMappingRepository") @PreAuthorize("hasRoleByName(\'ROLE_AUTH_ADMIN\')") public org.springframework.http.ResponseEntity<Object> createFeaturePrivilegeMapping(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=true) @AuditField(field="AUTH_TOKEN") String authToken, @RequestBody @AuditField(field="FEATUREANDPRIVILEGEMAPPING") FeaturesPrivilegeMappingVO privilege)
      This service is used to create features and privilege map based on the given privilege data. FeaturesAndPrivilegeMap is the entity/resource of this microservice to hold authorization information for privilege based authorization.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      privilege - Indicates Privilege request contains the entire privilege data to be created
      Returns:
      Returns features and privilege map which was created.

    • updateFeaturesPrivilegeMapping

      @PutMapping("/{featureId}") @Audit(action="updateFeaturesPrivilegeMapping", repository="featuresPrivilegeMappingRepository") @PreAuthorize("hasRoleByName(\'ROLE_AUTH_ADMIN\')") public org.springframework.http.ResponseEntity<Object> updateFeaturesPrivilegeMapping(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=true) @AuditField(field="AUTH_TOKEN") String authToken, @PathVariable("featureId") @AuditField(field="FEATURE_PRIVILEGE_ID") long featureId, @RequestBody @AuditField(field="FEATUREANDPRIVILEGEMAPPING") FeaturesPrivilegeMappingVO privilege)
      This service is used to update features and privilege map based on the given featuresprivilegeId data. FeaturesAndPrivilegeMap is the entity/resource of this microservice to hold authorization information for privilege based authorization.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      privilege - Indicates Privilege request contains the entire privilege data to be created
      Returns:
      Returns features and privilege map which was created.

    • getDynamicPrivilegeById

      @GetMapping("/{featureId}") @Audit(action="getfeaturePrivilege", repository="featureAndPrivilegeMapRepository") @PreAuthorize("hasRoleByName(\'ROLE_AUTH_ADMIN\')") public org.springframework.http.ResponseEntity<Object> getDynamicPrivilegeById(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=true) @AuditField(field="AUTH_TOKEN") String authToken, @PathVariable("featureId") @AuditField(field="FEATURE_PRIVILEGE_ID") Long featureId)
      This service loads the feature privilege using the feature privilege ID.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      featurePrivilegeId - Indicates id of the feature privilege need to load from the system.
      Returns:
      Returns Feature Privilege based on the given id.

    • deleteFeaturePrivilegeMapping

      @DeleteMapping("/{featureId}") @PreAuthorize("hasRoleByName(\'ROLE_AUTH_ADMIN\')") public org.springframework.http.ResponseEntity<Object> deleteFeaturePrivilegeMapping(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @PathVariable("featureId") @AuditField(field="FEATURE_ID") Long featureId)
      This service is used to delete privilege for which feature id given in request. Privilege is the entity/resource of this microservice to hold authorization information for privilege based authorization.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      featureId - Indicates feature Id for which user attribute data to be deleted.
      Returns:
      Returns Object.