Package com.skava.auth.web

Class RoleController

java.lang.Object
org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler
com.skava.core.security.CommonExceptionHandler
com.skava.core.errorhandler.ExceptionResponseProcessor
com.skava.auth.helper.AuthExceptionHandler
com.skava.auth.web.RoleController
All Implemented Interfaces:
org.springframework.beans.factory.Aware, org.springframework.context.MessageSourceAware
@RestController @RequestMapping("/roles") public class RoleController extends AuthExceptionHandler
The Class act as a handler to handle role manipulation.
List of operations handled by this controller are,
  • Role creation
  • Role retrieval by role and collection identifier
  • Role retrieval by collection identifier and search criteria
  • Role update
  • Add Role to the users
  • Remove Role of the users
  • Retrieve the user's identifier who have requested role
  • Add Privilege sets to the Role
  • Remove Privilege sets from the Role
  • Retrieve the privilege sets which are available in requested Role
Author:
Infosys Equinox

  • Field Summary

    Fields
    Modifier and Type
    Field
    Description
    static final String
    CRLF_PATTERN
    The Constant CRLF_PATTERN Regex.

    Fields inherited from class com.skava.auth.helper.AuthExceptionHandler

    CONST_API_VERSION_DEFAULT, DEFAULT_LIMIT, X_TOTAL_COUNT

    Fields inherited from class org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler

    logger, PAGE_NOT_FOUND_LOG_CATEGORY, pageNotFoundLogger

  • Constructor Summary

    Constructors
    Constructor
    Description
    RoleController()
    The class constructor.

  • Method Summary

    Modifier and Type
    Method
    Description
    org.springframework.http.ResponseEntity<Object>
    addPrivilegeSets(String version, String authToken, long storeId, Long roleId, List<Long> privilegeSetIds, Long collectionId)
    This service is used to associate privilege sets to role based on role identifier and list of privilege set identifiers.
    org.springframework.http.ResponseEntity<Object>
    createRole(String version, String authToken, long storeId, RoleVO request, Long businessId, Long collectionId)
    This service is used to create role.
    org.springframework.http.ResponseEntity<Object>
    deleteRole(String version, String authToken, long storeId, Long roleId, Long businessId, Long collectionId)
    This service is used to delete role based on role identifier and collection identifier.
    org.springframework.http.ResponseEntity<Object>
    getAllRoles(String version, String authToken, long storeId, Integer offset, Integer limit, Integer page, Integer size, String filter, String sort, boolean loadPrivileges, Long businessId, Long collectionId)
    This service is used to retrieve all the roles based on collection identifier and search criteria.
    org.springframework.http.ResponseEntity<Object>
    getPrivilegeSets(String version, String authToken, long storeId, Long roleId, Long collectionId)
    This service is used to retrieve privilege sets which are all available in the requested role.
    org.springframework.http.ResponseEntity<Object>
    getRoleById(String version, String authToken, long storeId, Long businessId, Long roleId, boolean isLoadDependency, boolean loadPrivileges, Long collectionId)
    This service is used to retrieve role information from the system using given role and collection identifier.
    org.springframework.http.ResponseEntity<Object>
    modifyRole(String version, String authToken, long storeId, Long roleId, RoleVO request, Long collectionId)
    This service is used to update role details based on collection identifier and role identifier.
    org.springframework.http.ResponseEntity<Object>
    removePrivilegeSets(String version, String authToken, long storeId, Long roleId, List<Long> privilegeSetIds, Long collectionId)
    This service is used to remove role and privilege set's association based on given role and list of privilege set identifiers.Role is the entity of this microservice to hold set of privilegesets.
    org.springframework.http.ResponseEntity<Object>
    replaceRole(String version, String authToken, long storeId, Long roleId, RoleVO request, Long businessId, Long collectionId)
    This service is used to update role details based on collection identifier and role identifier.

    Methods inherited from class com.skava.auth.helper.AuthExceptionHandler

    getValidationResponse, handleAccessDeniedException, handleResourceNotFoundException, handleRunTimeException

    Methods inherited from class com.skava.core.errorhandler.ExceptionResponseProcessor

    getExceptionResponse, handleExceptionInternal, handleMethodArgumentNotValid

    Methods inherited from class com.skava.core.security.CommonExceptionHandler

    handleExceptionInternal, handleInternalException

    Methods inherited from class org.springframework.web.servlet.mvc.method.annotation.ResponseEntityExceptionHandler

    createProblemDetail, createResponseEntity, getMessageSource, handleAsyncRequestNotUsableException, handleAsyncRequestTimeoutException, handleConversionNotSupported, handleErrorResponseException, handleException, handleHandlerMethodValidationException, handleHttpMediaTypeNotAcceptable, handleHttpMediaTypeNotSupported, handleHttpMessageNotReadable, handleHttpMessageNotWritable, handleHttpRequestMethodNotSupported, handleMaxUploadSizeExceededException, handleMethodValidationException, handleMissingPathVariable, handleMissingServletRequestParameter, handleMissingServletRequestPart, handleNoHandlerFoundException, handleNoResourceFoundException, handleServletRequestBindingException, handleTypeMismatch, setMessageSource

    Methods inherited from class java.lang.Object

    clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

  • Field Details

  • Constructor Details

    • RoleController

      public RoleController()
      The class constructor.

  • Method Details

    • createRole

      @PostMapping("") @ResponseStatus(CREATED) @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/create/roles\', \'auth\', #collectionId) or hasPrivilegeForBusinessById(\'auth/create/roles\', #businessId)") @Audit(action="createRole", repository="roleRepository") public org.springframework.http.ResponseEntity<Object> createRole(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @AuditField(field="ROLE") @RequestBody RoleVO request, @RequestParam(value="businessId",required=false,defaultValue="0") @AuditField(field="BUSINESS_ID") Long businessId, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId)
      This service is used to create role. Role is the entity/resource to hold the any number of privilege sets. This can be associated with user through direct association. Each role can be associated with any number of users.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      request - a Role object. Role is the entity/resource which the container to hold the any number of privilege sets. This can be associated with user through direct association. Each role can be associated with any number of users.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      Returns:
      Returns Role which was created.

    • getRoleById

      @GetMapping("/{roleId}") @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/view/roles\', \'auth\', #collectionId) or hasPrivilegeForBusinessById(\'auth/view/roles\', #businessId)") @Audit(action="getRole", repository="roleRepository") public org.springframework.http.ResponseEntity<Object> getRoleById(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @RequestParam(value="businessId",required=false,defaultValue="0") @AuditField(field="BUSINESS_ID") Long businessId, @PathVariable("roleId") @AuditField(field="ROLE_ID") Long roleId, @RequestParam(value="isLoadDependency",required=false,defaultValue="false") boolean isLoadDependency, @RequestParam(value="loadPrivileges",required=false,defaultValue="false") boolean loadPrivileges, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId)
      This service is used to retrieve role information from the system using given role and collection identifier. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets. This service can also load related privilegesets and privilges based on isLoadDependency flag.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      roleId - a Long object. This field holds a valid role identifiers of this microservice for role retrieval from system. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      isLoadDependency - Boolean value which indicates whether to display all dependents of the role or not.
      loadPrivileges - a flag to load privileges of the role.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      Returns:
      Returns Role based on the role id given.

    • getAllRoles

      @GetMapping(value="", headers={"X-Collection-Id","x-auth-token"}) @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasRoleForServiceAndCollection(\'ROLE_REG_USER\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/viewall/roles\', \'auth\', #collectionId) or hasPrivilegeForBusinessById(\'auth/viewall/roles\', #businessId)") @Audit(action="getRoles", repository="roleRepository") public org.springframework.http.ResponseEntity<Object> getAllRoles(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @RequestParam(value="offset",required=false) @AuditField(field="OFFSET") Integer offset, @RequestParam(value="limit",required=false) @AuditField(field="LIMIT") Integer limit, @RequestParam(value="page",required=false) @AuditField(field="PAGE") Integer page, @RequestParam(value="size",required=false) @AuditField(field="SIZE") Integer size, @RequestParam(value="filter",required=false) @AuditField(field="FILTER") String filter, @RequestParam(value="sort",required=false) @AuditField(field="SORT") String sort, @RequestParam(value="loadPrivileges",required=false,defaultValue="false") boolean loadPrivileges, @RequestParam(value="businessId",required=false,defaultValue="0") @AuditField(field="BUSINESS_ID") Long businessId, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId)
      This service is used to retrieve all the roles based on collection identifier and search criteria. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      page - a Long object. The page number to be retrieved where the size of the page must be specified by the size/offset/pageSize parameter. First page starts with value "0".
      size - a Long object. The number of documents being retrieved on the corresponding page specified by page parameter.
      filter - a String object. This field holds the simple query criteria (can be multiple) based on the available fields to limit returned results. Syntax of this parameter is FIELDNAME OP VALUE
      Example 1: field1:value, field2:value
      Example 2: field1>value
      where:
      • FIELDNAME is the entity's attribute name as represented in the response object
      • OP is the operation - Possible values includes
        • LIKE (:) - Loads everything similar (like operation) to the given value.
        • GREATERTHAN (>) - for integer values - loads rows whose column(field) value is greater than the given value
        • LESSTHAN (<) - for integer values - loads rows whose column value is lesser than the given value
      • VALUE is the value against which the operation has to be performed on the field
      Kindly note:
      • filters parameter can have multiple objects.
      • When multiple attributes are used in filter AND behavior is applied.
      loadPrivileges - a flag to load privileges of the role.
      businessId - a Long object. Holds a valid business identifier. A Business is typically a customer who has signed up with Infosys Equinox to launch a commerce store or a digital experience. An Infosys Equinox Commerce Instance can have multiple Businesses under which there can be multiple stores - Logical entity which binds all the services together to bring in an storefront experience.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      offset - offset
      limit - limit
      sort - sort
      Returns:
      Returns list of roles.

    • replaceRole

      @PutMapping("/{roleId}") @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/update/roles\', \'auth\', #collectionId) or hasPrivilegeForBusinessById(\'auth/update/roles\', #businessId)") @Audit(action="replaceRole", repository="roleRepository") public org.springframework.http.ResponseEntity<Object> replaceRole(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @PathVariable("roleId") @AuditField(field="ROLE_ID") Long roleId, @RequestBody @AuditField(field="ROLE") RoleVO request, @RequestParam(value="businessId",required=false,defaultValue="0") @AuditField(field="BUSINESS_ID") Long businessId, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId)
      This service is used to update role details based on collection identifier and role identifier. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      roleId - a Long object. This field holds a valid role identifiers of this microservice for role update in system. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      request - a Role object. Role is the entity/resource which the container to hold the any number of privilege sets. This can be associated with user through direct association. Each role can be associated with any number of users.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      Returns:
      Returns Role object.

    • modifyRole

      @PatchMapping("/{roleId}") @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/update/roles\', \'auth\', #collectionId)") @Audit(action="updateRole", repository="roleRepository") public org.springframework.http.ResponseEntity<Object> modifyRole(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @PathVariable("roleId") @AuditField(field="ROLE_ID") Long roleId, @RequestBody @AuditField(field="ROLE") RoleVO request, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId)
      This service is used to update role details based on collection identifier and role identifier. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      roleId - a Long object. This field holds a valid role identifiers of this microservice for role update in system. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      request - a Role object. Role is the entity/resource which the container to hold the any number of privilege sets. This can be associated with user through direct association. Each role can be associated with any number of users.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      Returns:
      Returns Role object.

    • deleteRole

      @DeleteMapping("/{roleId}") @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/delete/roles\', \'auth\', #collectionId) or hasPrivilegeForBusinessById(\'auth/delete/roles\', #businessId)") @Audit(action="deleteRole", repository="roleRepository") public org.springframework.http.ResponseEntity<Object> deleteRole(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @PathVariable("roleId") @AuditField(field="ROLE_ID") Long roleId, @RequestParam(value="businessId",required=false,defaultValue="0") @AuditField(field="BUSINESS_ID") Long businessId, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId)
      This service is used to delete role based on role identifier and collection identifier. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      roleId - a Long object. This field holds a valid role identifiers of this microservice for role removal from system. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      Returns:
      Returns Object.

    • addPrivilegeSets

      @PostMapping("/{roleId}/privilegesets") @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/update/roles\', \'auth\', #collectionId)") @Audit(action="addPrivilegeSetsToRole", repository="roleRepository") public org.springframework.http.ResponseEntity<Object> addPrivilegeSets(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @PathVariable("roleId") @AuditField(field="ROLE_ID") Long roleId, @RequestBody @AuditField(field="PRIVILEGE_SET_IDS") List<Long> privilegeSetIds, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId)
      This service is used to associate privilege sets to role based on role identifier and list of privilege set identifiers. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      roleId - a Long object. This field holds a valid role identifiers of this microservice for associate privilege set in system. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      privilegeSetIds - a List of Long objects. This field holds the valid privilege set identifiers list. Privilege set is the entity of this microservice to hold set of privileges. Each privilge set can have a any number of privileges.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      Returns:
      Returns Object.

    • getPrivilegeSets

      @GetMapping("/{roleId}/privilegesets") @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/view/roles\', \'auth\', #collectionId)") @Audit(action="getPrivilegeSetsOfRole", repository="roleRepository") public org.springframework.http.ResponseEntity<Object> getPrivilegeSets(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @PathVariable("roleId") @AuditField(field="ROLE_ID") Long roleId, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId)
      This service is used to retrieve privilege sets which are all available in the requested role. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      roleId - a Long object. This field holds a valid role identifiers of this microservice for associated privilege set retrieval from system. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      Returns:
      Returns List of privilege sets.

    • removePrivilegeSets

      @DeleteMapping("/{roleId}/privilegesets") @PreAuthorize("hasRoleForServiceAndCollection(\'ROLE_AUTH_ADMIN\', \'auth\', #collectionId) or hasPrivilegeForServiceAndCollection(\'auth/update/roles\', \'auth\', #collectionId)") @Audit(action="removePrivilegeSetsOfRole", repository="roleRepository") public org.springframework.http.ResponseEntity<Object> removePrivilegeSets(@RequestHeader(value="x-version",required=false,defaultValue="8.19.7") @AuditField(field="VERSION") String version, @RequestHeader(value="x-auth-token",required=false) @AuditField(field="AUTH_TOKEN") String authToken, @RequestHeader(value="x-store-id",required=false,defaultValue="0") @AuditField(field="STORE_ID") long storeId, @PathVariable("roleId") @AuditField(field="ROLE_ID") Long roleId, @RequestBody @AuditField(field="PRIVILEGE_SET_IDS") List<Long> privilegeSetIds, @RequestHeader(value="X-Collection-Id",required=true,defaultValue="0") @AuditField(field="COLLECTION_ID") Long collectionId)
      This service is used to remove role and privilege set's association based on given role and list of privilege set identifiers.Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      Parameters:
      version - It hold the value of version number of API. Using this parameter we can access the different version of the API. It is currently unused.
      authToken - a String object. This field holds a valid authorization token generated using the Authorization microservice for an user. Auth token (JWT format) represents claims containing roles and privileges of the user accessing this API. JSON Web Token (JWT) is an open standard (RFC 7519) that defines a compact and self-contained way for securely transmitting information between parties as a JSON object. Since the token is a required field for this API it has to be generated before hand by invoking the /auth/sessions API provided by Authorization microservice. The output is three Base64 strings separated by dots that can be easily passed in HTML and HTTP environments, while being more compact when compared to XML-based standards such as SAML. Thus generated token has to be passed to this service and the request will be processed only if the following conditions are met:
      • Token validation against the secret key
      • Expiry time should be in the future
      • Necessary privileges are available for the user to perform the action on the subjected resource
      .
      storeId - Refers to the unique identifier of the store.
      roleId - a Long object. This field holds a valid role identifiers of this microservice for privilege set association retrieval from system. Role is the entity of this microservice to hold set of privilegesets. Each role can have a any number of privilegesets.
      privilegeSetIds - a List of Long objects. This field holds the valid privilege set identifiers list. Privilege set is the entity of this microservice to hold set of privileges. Each privilge set can have a any number of privileges.
      collectionId - a Long object. This field holds a valid collection identifier of this microservice and requested operation will be performed on this collection identifier. Collection is the top most entity of a microservice under which all the other entities/resources reside. Each collection represents an instance of the microservice with configured properties and these properties can be modified to bring in a different behavior per collection of the same microservice. Store association is the process of associating a microservice collection to a store along with its respective sub-entity. This way storefront can fetch/store the required information from that respective association.
      Returns:
      Returns Object.