Package com.skava.auth.web

Class PrivilegeSetController

java.lang.Object
org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler
com.skava.core.security.CommonExceptionHandler
com.skava.core.errorhandler.ExceptionResponseProcessor
com.skava.auth.helper.AuthExceptionHandler
com.skava.auth.web.PrivilegeSetController
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.context.MessageSourceAware
@RestController @RequestMapping("/privilegesets") public class PrivilegeSetController extends AuthExceptionHandler
This class act as a controller to handle the privilegeset's manipulation.
List of operations handled by this controller are
  • PrivilegeSet creation
  • PrivilegeSet retrieval by privilegeSet identifier
  • PrivilegeSet retrieval by collection identifier and search criteria
  • PrivilegeSet update
  • PrivilegeSet delete
  • PrivilegeSet's privileges inclusion
  • PrivilegeSet's privilege exclusion
  • PrivilegeSet's privilege retrieval
  • PrivilegeSet's privilege exclusion
Version:
$Id: $Id
Author:
Infosys Equinox

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    DEFAULT_LIMIT
     

    Fields inherited from class com.skava.auth.helper.AuthExceptionHandler

    CONST_API_VERSION_DEFAULT, X_TOTAL_COUNT

    Fields inherited from class org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler

    logger, PAGE_NOT_FOUND_LOG_CATEGORY, pageNotFoundLogger

  • Constructor Summary

    Constructors
    Constructor
    Description
    PrivilegeSetController()
    The class constructor.

  • Method Summary

    Modifier and Type
    Method
    Description
    org.springframework.http.ResponseEntity<Object>
    addPrivilegeToSet(String version, String authToken, long storeId, Long privilegeSetId, Set<PrivilegeCollectionMapRequest> collectionPrivilegesMap, Long collectionId, String locale)
    This service is used to add privilege to set.
    org.springframework.http.ResponseEntity<Object>
    createPrivilegeSet(String version, String authToken, long storeId, PrivilegeSetVO privilegeSet, Long collectionId, String locale)
    This service is used to create privilege set based on the given privilege set data.
    org.springframework.http.ResponseEntity<Object>
    deletePrivilegeFromSet(String version, String authToken, long storeId, Long privilegeSetId, Set<PrivilegeCollectionMapRequest> collectionPrivilegeMap, Long collectionId, String locale)
    This service is used to delete privilege from set.
    org.springframework.http.ResponseEntity<Object>
    deletePrivilegeSet(String version, String authToken, long storeId, Long privilegeSetId, Long collectionId, String locale)
    This service is used to delete privilege set.
    org.springframework.http.ResponseEntity<Object>
    getAllPrivilegeSets(String version, String authToken, long storeId, int page, int size, Long collectionId, String filter, String locale)
    This service is used to get all privilege sets based on the given page, size, collection id and filter parameters.
    org.springframework.http.ResponseEntity<Object>
    getPrivileges(String version, String authToken, long storeId, Long privilegeSetId, Long collectionId, String locale)
    This service is used to get the privileges of privilege set.
    org.springframework.http.ResponseEntity<Object>
    getPrivilegeSetById(String version, String authToken, long storeId, Long privilegeSetId, boolean isLoadDependency, Long collectionId, String locale)
    This service is used to get privilege set by id.
    org.springframework.http.ResponseEntity<Object>
    updatePrivilegeSet(String version, String authToken, long storeId, Long privilegeSetId, PrivilegeSetVO privilegeSetDetails, Long collectionId, String locale)
    This service is used to update privilege set.

    Methods inherited from class com.skava.auth.helper.AuthExceptionHandler

    getValidationResponse, handleAccessDeniedException, handleResourceNotFoundException, handleRunTimeException

    Methods inherited from class com.skava.core.errorhandler.ExceptionResponseProcessor

    getExceptionResponse, handleExceptionInternal, handleMethodArgumentNotValid

    Methods inherited from class com.skava.core.security.CommonExceptionHandler

    handleExceptionInternal, handleInternalException

    Methods inherited from class org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler

    createProblemDetail, createResponseEntity, getMessageSource, handleAsyncRequestNotUsableException, handleAsyncRequestTimeoutException, handleConversionNotSupported, handleErrorResponseException, handleException, handleHandlerMethodValidationException, handleHttpMediaTypeNotAcceptable, handleHttpMediaTypeNotSupported, handleHttpMessageNotReadable, handleHttpMessageNotWritable, handleHttpRequestMethodNotSupported, handleMaxUploadSizeExceededException, handleMethodValidationException, handleMissingPathVariable, handleMissingServletRequestParameter, handleMissingServletRequestPart, handleNoHandlerFoundException, handleNoResourceFoundException, handleServletRequestBindingException, handleTypeMismatch, setMessageSource

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

  • Constructor Details

    • PrivilegeSetController

      public PrivilegeSetController()
      The class constructor.

  • Method Details

    • getAllPrivilegeSets

      @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/viewall/privilegesets\', \'auth\', #collectionId)") @GetMapping("") @Audit(action="getPrivilegeSets", repository="privilegeSetRepository") public org.springframework.http.ResponseEntity<Object> getAllPrivilegeSets(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @RequestParam(value="offset",required=false,defaultValue="0") @AuditField(field="PAGE") int page, @RequestParam(value="limit",required=false,defaultValue="100") @AuditField(field="SIZE") int size, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId, @RequestParam(value="filter",required=false) @AuditField(field="FILTER") String filter, @RequestHeader(value="locale",required=false,defaultValue="en_US") @AuditField(field="LOCALE") String locale)
      This service is used to get all privilege sets based on the given page, size, collection id and filter parameters. PrivilegeSet is the entity/resource to handle set of privileges for role based on direct association with privilege and indirect association with the help of dynamic privilege.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      page - a Long object. The page number to be retrieved where the size of the page must be specified by the size/offset/pageSize parameter. First page starts with value "0".
      size - a Long object. The number of documents being retrieved on the corresponding page specified by page parameter.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      filter - a String object. This field holds the simple query criteria (can be multiple) based on the available fields to limit returned results. Syntax of this parameter is FIELDNAME OP VALUE
      Example 1: field1:value, field2:value
      Example 2: field1>value
      where:
      • FIELDNAME is the entity's attribute name as represented in the response object
      • OP is the operation - Possible values includes
        • LIKE (:) - Loads everything similar (like operation) to the given value.
        • GREATERTHAN (>) - for integer values - loads rows whose column(field) value is greater than the given value
        • LESSTHAN (<) - for integer values - loads rows whose column value is lesser than the given value
      • VALUE is the value against which the operation has to be performed on the field
      Kindly note:
      • filters parameter can have multiple objects.
      • When multiple attributes are used in filter AND behavior is applied.
      locale - a String object. API Response and error messages will be responded in the locale mentioned in this parameter. Locale needs to be mentioned in Java standard locale format.
      Returns:
      a List object. Returns list of Privilege sets.

    • createPrivilegeSet

      @PostMapping("") @ResponseStatus(CREATED) @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/create/privilegesets\', \'auth\', #collectionId)") @Audit(action="createPrivilegeSet", repository="privilegeSetRepository") public org.springframework.http.ResponseEntity<Object> createPrivilegeSet(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @RequestBody @AuditField(field="PRIVILEGE_SET") PrivilegeSetVO privilegeSet, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId, @RequestHeader(value="locale",required=false,defaultValue="en_US") @AuditField(field="LOCALE") String locale)
      This service is used to create privilege set based on the given privilege set data. PrivilegeSet is the entity/resource to handle set of privileges for role based on direct association with privilege and indirect association with the help of dynamic privilege.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      privilegeSet - a Long object. Indicates Privilege set request contains the entire user attribute data to be created.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      locale - a String object. API Response and error messages will be responded in the locale mentioned in this parameter. Locale needs to be mentioned in Java standard locale format.
      Returns:
      a PrivilegeSetVO object. Returns Privilege set which was created.

    • getPrivilegeSetById

      @GetMapping("/{privilegeSetId}") @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/view/privilegesets\', \'auth\', #collectionId)") @Audit(action="getPrivilegeSet", repository="privilegeSetRepository") public org.springframework.http.ResponseEntity<Object> getPrivilegeSetById(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @PathVariable("privilegeSetId") @AuditField(field="PRIVILEGE_SET_ID") Long privilegeSetId, @RequestParam(value="isLoadDependency",required=false,defaultValue="false") @AuditField(field="IS_LOAD_DEPENDENCY") boolean isLoadDependency, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId, @RequestHeader(value="locale",required=false,defaultValue="en_US") @AuditField(field="LOCALE") String locale)
      This service is used to get privilege set by id. PrivilegeSet is the entity/resource to handle set of privileges for role based on direct association with privilege and indirect association with the help of dynamic privilege.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      privilegeSetId - a Long object. Indicates the privilege set id.
      isLoadDependency - Boolean value which indicates whether to display all dependents of the privilege set or not.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      locale - a String object. API Response and error messages will be responded in the locale mentioned in this parameter. Locale needs to be mentioned in Java standard locale format.
      Returns:
      a PrivilegeSetVO object. Returns privilege set object.

    • updatePrivilegeSet

      @PutMapping("/{privilegeSetId}") @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/update/privilegesets\', \'auth\', #collectionId)") @Audit(action="replacePrivilegeSet", repository="privilegeSetRepository") public org.springframework.http.ResponseEntity<Object> updatePrivilegeSet(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @PathVariable("privilegeSetId") @AuditField(field="PRIVILEGE_SET_ID") Long privilegeSetId, @RequestBody @AuditField(field="PRIVILEGE_SET") PrivilegeSetVO privilegeSetDetails, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId, @RequestHeader(value="locale",required=false,defaultValue="en_US") @AuditField(field="LOCALE") String locale)
      This service is used to update privilege set. PrivilegeSet is the entity/resource to handle set of privileges for role based on direct association with privilege and indirect association with the help of dynamic privilege.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      privilegeSetId - a Long object. Indicates the privilege set id.
      privilegeSetDetails - a String object. Indicates Privilege set request contains the entire user attribute data to be updated.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      locale - a String object. API Response and error messages will be responded in the locale mentioned in this parameter. Locale needs to be mentioned in Java standard locale format.
      Returns:
      a PrivilegeSetVO object. Returns privilege set object.

    • deletePrivilegeSet

      @DeleteMapping("/{privilegeSetId}") @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/delete/privilegesets\', \'auth\', #collectionId)") @Audit(action="deletePrivilegeSet", repository="privilegeSetRepository") public org.springframework.http.ResponseEntity<Object> deletePrivilegeSet(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @PathVariable("privilegeSetId") @AuditField(field="PRIVILEGE_SET_ID") Long privilegeSetId, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId, @RequestHeader(value="locale",required=false,defaultValue="en_US") @AuditField(field="LOCALE") String locale)
      This service is used to delete privilege set. PrivilegeSet is the entity/resource to handle set of privileges for role based on direct association with privilege and indirect association with the help of dynamic privilege.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      privilegeSetId - a Long object. Indicates the privilege set id.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      locale - a String object. API Response and error messages will be responded in the locale mentioned in this parameter. Locale needs to be mentioned in Java standard locale format.
      Returns:
      a Object object. Returns Object.

    • addPrivilegeToSet

      @PostMapping("/{privilegeSetId}/privileges") @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/update/privilegesets\', \'auth\', #collectionId)") @Audit(action="addPrivilegesToPrivilegeSet", repository="privilegeSetRepository") public org.springframework.http.ResponseEntity<Object> addPrivilegeToSet(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @PathVariable("privilegeSetId") @AuditField(field="PRIVILEGE_SET_ID") Long privilegeSetId, @RequestBody(required=true) @AuditField(field="PRIVILEGE_COLLECTION_MAP") Set<PrivilegeCollectionMapRequest> collectionPrivilegesMap, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId, @RequestHeader(value="locale",required=false,defaultValue="en_US") @AuditField(field="LOCALE") String locale)
      This service is used to add privilege to set. PrivilegeSet is the entity/resource to handle set of privileges for role based on direct association with privilege and indirect association with the help of dynamic privilege.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      privilegeSetId - a Long object. Indicates the privilege set id.
      collectionPrivilegesMap - a String object. Indicates array of privilege set ids.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      locale - a String object. API Response and error messages will be responded in the locale mentioned in this parameter. Locale needs to be mentioned in Java standard locale format.
      Returns:
      a Object object. Returns Object.

    • deletePrivilegeFromSet

      @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/update/privilegesets\', \'auth\', #collectionId)") @DeleteMapping("/{privilegeSetId}/privileges") @Audit(action="removePrivilegesOfPrivilegeSet", repository="privilegeSetRepository") public org.springframework.http.ResponseEntity<Object> deletePrivilegeFromSet(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @PathVariable("privilegeSetId") @AuditField(field="PRIVILEGE_SET_ID") Long privilegeSetId, @RequestBody(required=true) @AuditField(field="PRIVILEGE_COLLECTION_MAP") Set<PrivilegeCollectionMapRequest> collectionPrivilegeMap, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId, @RequestHeader(value="locale",required=false,defaultValue="en_US") @AuditField(field="LOCALE") String locale)
      This service is used to delete privilege from set. PrivilegeSet is the entity/resource to handle set of privileges for role based on direct association with privilege and indirect association with the help of dynamic privilege.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      privilegeSetId - a Long object. Indicates the privilege set id.
      collectionPrivilegeMap - a String object. Indicates array of privilege ids.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      locale - a String object. API Response and error messages will be responded in the locale mentioned in this parameter. Locale needs to be mentioned in Java standard locale format.
      Returns:
      a Object object. Returns Object.

    • getPrivileges

      @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/view/privilegesets\', \'auth\', #collectionId)") @GetMapping("/{privilegeSetId}/privileges") @Audit(action="getPrivilegesOfPrivilegeSet", repository="privilegeSetRepository") public org.springframework.http.ResponseEntity<Object> getPrivileges(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @PathVariable("privilegeSetId") @AuditField(field="PRIVILEGE_SET_ID") Long privilegeSetId, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId, @RequestHeader(value="locale",required=false,defaultValue="en_US") @AuditField(field="LOCALE") String locale)
      This service is used to get the privileges of privilege set. PrivilegeSet is the entity/resource to handle set of privileges for role based on direct association with privilege and indirect association with the help of dynamic privilege.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      privilegeSetId - a Long object. Indicates the privilege set id.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      locale - a String object. API Response and error messages will be responded in the locale mentioned in this parameter. Locale needs to be mentioned in Java standard locale format.
      Returns:
      a List object. Returns list of privilege object.