From 350830f345accca140acbbc8d31fce3a02d14f4c Mon Sep 17 00:00:00 2001 From: Eric Wittmann Date: Tue, 12 Nov 2024 17:10:22 -0500 Subject: [PATCH] chore(annotations): Reviewed annotations in the REST layer (#5512) * Reviewed annotations in the REST layer. Added any missing annotations and fixed any incorrect ones * Fixed one @Authorized setting in the ccompat api --- .../v7/impl/CompatibilityResourceImpl.java | 2 +- .../registry/rest/v3/AdminResourceImpl.java | 7 +++---- .../registry/rest/v3/GroupsResourceImpl.java | 18 +++++++++++++++++- .../registry/rest/v3/IdsResourceImpl.java | 6 ++++-- 4 files changed, 25 insertions(+), 8 deletions(-) diff --git a/app/src/main/java/io/apicurio/registry/ccompat/rest/v7/impl/CompatibilityResourceImpl.java b/app/src/main/java/io/apicurio/registry/ccompat/rest/v7/impl/CompatibilityResourceImpl.java index efc06e6ab0..d9b1b16f7a 100644 --- a/app/src/main/java/io/apicurio/registry/ccompat/rest/v7/impl/CompatibilityResourceImpl.java +++ b/app/src/main/java/io/apicurio/registry/ccompat/rest/v7/impl/CompatibilityResourceImpl.java @@ -63,7 +63,7 @@ public CompatibilityCheckResponse testCompatibilityBySubjectName(String subject, } @Override - @Authorized(style = AuthorizedStyle.ArtifactOnly, level = AuthorizedLevel.Write) + @Authorized(style = AuthorizedStyle.ArtifactOnly, level = AuthorizedLevel.Read) public CompatibilityCheckResponse testCompatibilityByVersion(String subject, String versionString, SchemaContent request, Boolean verbose, String groupId) throws Exception { final boolean fverbose = verbose == null ? Boolean.FALSE : verbose; diff --git a/app/src/main/java/io/apicurio/registry/rest/v3/AdminResourceImpl.java b/app/src/main/java/io/apicurio/registry/rest/v3/AdminResourceImpl.java index e6e6f2a6d1..3a0d7d0156 100644 --- a/app/src/main/java/io/apicurio/registry/rest/v3/AdminResourceImpl.java +++ b/app/src/main/java/io/apicurio/registry/rest/v3/AdminResourceImpl.java @@ -80,6 +80,7 @@ import static io.apicurio.common.apps.logging.audit.AuditingConstants.KEY_FOR_BROWSER; import static io.apicurio.common.apps.logging.audit.AuditingConstants.KEY_NAME; import static io.apicurio.common.apps.logging.audit.AuditingConstants.KEY_PRINCIPAL_ID; +import static io.apicurio.common.apps.logging.audit.AuditingConstants.KEY_PROPERTY_CONFIGURATION; import static io.apicurio.common.apps.logging.audit.AuditingConstants.KEY_ROLE_MAPPING; import static io.apicurio.common.apps.logging.audit.AuditingConstants.KEY_RULE; import static io.apicurio.common.apps.logging.audit.AuditingConstants.KEY_RULE_TYPE; @@ -146,6 +147,7 @@ public List listArtifactTypes() { } @Override + @Audited @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin) public SnapshotMetaData triggerSnapshot() { storage.triggerSnapshotCreation(); @@ -477,6 +479,7 @@ public ConfigurationProperty getConfigProperty(String propertyName) { * io.apicurio.registry.rest.v3.beans.UpdateConfigurationProperty) */ @Override + @Audited(extractParameters = { "0", KEY_NAME, "1", KEY_PROPERTY_CONFIGURATION }) @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Admin) public void updateConfigProperty(String propertyName, UpdateConfigurationProperty data) { DynamicConfigPropertyDef propertyDef = resolveConfigProperty(propertyName); @@ -501,10 +504,6 @@ public void resetConfigProperty(String propertyName) { storage.deleteConfigProperty(propertyName); } - private static boolean isNullOrTrue(Boolean value) { - return value == null || value; - } - private String createDownloadHref(String downloadId) { return "/apis/registry/v3/downloads/" + downloadId; } diff --git a/app/src/main/java/io/apicurio/registry/rest/v3/GroupsResourceImpl.java b/app/src/main/java/io/apicurio/registry/rest/v3/GroupsResourceImpl.java index 49fc658ee9..c49a86e1ca 100644 --- a/app/src/main/java/io/apicurio/registry/rest/v3/GroupsResourceImpl.java +++ b/app/src/main/java/io/apicurio/registry/rest/v3/GroupsResourceImpl.java @@ -156,6 +156,7 @@ public enum RegistryHashAlgorithm { * java.lang.String, java.lang.String, io.apicurio.registry.types.ReferenceType) */ @Override + @Authorized(style = AuthorizedStyle.GroupAndArtifact, level = AuthorizedLevel.Read) public List getArtifactVersionReferences(String groupId, String artifactId, String versionExpression, ReferenceType refType) { @@ -244,6 +245,7 @@ public GroupMetaData getGroupById(String groupId) { } @Override + @Audited(extractParameters = { "0", KEY_GROUP_ID }) @Authorized(style = AuthorizedStyle.GroupOnly, level = AuthorizedLevel.Write) public void deleteGroupById(String groupId) { if (!restConfig.isGroupDeletionEnabled()) { @@ -259,6 +261,7 @@ public void deleteGroupById(String groupId) { * io.apicurio.registry.rest.v3.beans.EditableGroupMetaData) */ @Override + @Audited(extractParameters = { "0", KEY_GROUP_ID }) @Authorized(style = AuthorizedStyle.GroupOnly, level = AuthorizedLevel.Write) public void updateGroupById(String groupId, EditableGroupMetaData data) { requireParameter("groupId", groupId); @@ -295,6 +298,7 @@ public GroupSearchResults listGroups(BigInteger limit, BigInteger offset, SortOr } @Override + @Audited @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Write) public GroupMetaData createGroup(CreateGroup data) { GroupMetaDataDto.GroupMetaDataDtoBuilder group = GroupMetaDataDto.builder().groupId(data.getGroupId()) @@ -309,6 +313,7 @@ public GroupMetaData createGroup(CreateGroup data) { } @Override + @Authorized(style = AuthorizedStyle.GroupOnly, level = AuthorizedLevel.Read) public List listGroupRules(String groupId) { requireParameter("groupId", groupId); @@ -316,6 +321,8 @@ public List listGroupRules(String groupId) { } @Override + @Audited(extractParameters = { "0", KEY_GROUP_ID, "1", KEY_RULE }) + @Authorized(style = AuthorizedStyle.GroupOnly, level = AuthorizedLevel.Write) public void createGroupRule(String groupId, CreateRule data) { requireParameter("groupId", groupId); requireParameter("ruleType", data.getRuleType()); @@ -340,6 +347,8 @@ public void createGroupRule(String groupId, CreateRule data) { } @Override + @Audited(extractParameters = { "0", KEY_GROUP_ID, "1", KEY_RULE_TYPE, "2", KEY_RULE }) + @Authorized(style = AuthorizedStyle.GroupOnly, level = AuthorizedLevel.Write) public Rule updateGroupRuleConfig(String groupId, RuleType ruleType, Rule data) { requireParameter("groupId", groupId); requireParameter("ruleType", ruleType); @@ -354,6 +363,8 @@ public Rule updateGroupRuleConfig(String groupId, RuleType ruleType, Rule data) } @Override + @Audited(extractParameters = { "0", KEY_GROUP_ID }) + @Authorized(style = AuthorizedStyle.GroupOnly, level = AuthorizedLevel.Write) public void deleteGroupRules(String groupId) { requireParameter("groupId", groupId); @@ -361,6 +372,7 @@ public void deleteGroupRules(String groupId) { } @Override + @Authorized(style = AuthorizedStyle.GroupOnly, level = AuthorizedLevel.Read) public Rule getGroupRuleConfig(String groupId, RuleType ruleType) { requireParameter("groupId", groupId); requireParameter("ruleType", ruleType); @@ -374,6 +386,8 @@ public Rule getGroupRuleConfig(String groupId, RuleType ruleType) { } @Override + @Audited(extractParameters = { "0", KEY_GROUP_ID, "1", KEY_RULE_TYPE }) + @Authorized(style = AuthorizedStyle.GroupOnly, level = AuthorizedLevel.Write) public void deleteGroupRule(String groupId, RuleType rule) { requireParameter("groupId", groupId); requireParameter("rule", rule); @@ -528,6 +542,7 @@ public Response getArtifactVersionContent(String groupId, String artifactId, Str } @Override + @Audited(extractParameters = { "0", KEY_GROUP_ID, "1", KEY_ARTIFACT_ID, "2", KEY_VERSION }) @Authorized(style = AuthorizedStyle.GroupAndArtifact, level = AuthorizedLevel.Write) public void updateArtifactVersionContent(String groupId, String artifactId, String versionExpression, VersionContent data) { @@ -574,6 +589,7 @@ public void updateArtifactVersionContent(String groupId, String artifactId, Stri * java.lang.String, java.lang.String) */ @Override + @Audited(extractParameters = { "0", KEY_GROUP_ID, "1", KEY_ARTIFACT_ID, "2", KEY_VERSION }) @Authorized(style = AuthorizedStyle.GroupAndArtifact, level = AuthorizedLevel.Write) public void deleteArtifactVersion(String groupId, String artifactId, String version) { if (!restConfig.isArtifactVersionDeletionEnabled()) { @@ -654,7 +670,7 @@ public WrappedVersionState getArtifactVersionState(String groupId, String artifa @Override @Audited(extractParameters = { "0", KEY_GROUP_ID, "1", KEY_ARTIFACT_ID, "2", KEY_VERSION, "3", "dryRun" }) - @Authorized(style = AuthorizedStyle.GroupAndArtifact, level = AuthorizedLevel.Write) + @Authorized(style = AuthorizedStyle.GroupAndArtifact, level = AuthorizedLevel.Write, dryRunParam = 3) public void updateArtifactVersionState(String groupId, String artifactId, String versionExpression, Boolean dryRun, WrappedVersionState data) { requireParameter("groupId", groupId); diff --git a/app/src/main/java/io/apicurio/registry/rest/v3/IdsResourceImpl.java b/app/src/main/java/io/apicurio/registry/rest/v3/IdsResourceImpl.java index f360f70747..67e7219bc3 100644 --- a/app/src/main/java/io/apicurio/registry/rest/v3/IdsResourceImpl.java +++ b/app/src/main/java/io/apicurio/registry/rest/v3/IdsResourceImpl.java @@ -58,8 +58,7 @@ public Response getContentById(long contentId) { } /** - * @see io.apicurio.registry.rest.v3.IdsResource#getContentByGlobalId(long, - * io.apicurio.registry.rest.v3.beans.HandleReferencesType) + * @see io.apicurio.registry.rest.v3.IdsResource#getContentByGlobalId(long, HandleReferencesType, Boolean) */ @Override @Authorized(style = AuthorizedStyle.GlobalId, level = AuthorizedLevel.Read) @@ -105,6 +104,7 @@ public Response getContentByHash(String contentHash) { * @see io.apicurio.registry.rest.v3.IdsResource#referencesByContentHash(java.lang.String) */ @Override + @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Read) public List referencesByContentHash(String contentHash) { return common.getReferencesByContentHash(contentHash); } @@ -113,6 +113,7 @@ public List referencesByContentHash(String contentHash) { * @see io.apicurio.registry.rest.v3.IdsResource#referencesByContentId(long) */ @Override + @Authorized(style = AuthorizedStyle.None, level = AuthorizedLevel.Read) public List referencesByContentId(long contentId) { ContentWrapperDto artifact = storage.getContentById(contentId); return artifact.getReferences().stream().map(V3ApiUtil::referenceDtoToReference) @@ -124,6 +125,7 @@ public List referencesByContentId(long contentId) { * io.apicurio.registry.types.ReferenceType) */ @Override + @Authorized(style = AuthorizedStyle.GlobalId, level = AuthorizedLevel.Read) public List referencesByGlobalId(long globalId, ReferenceType refType) { if (refType == ReferenceType.OUTBOUND || refType == null) { StoredArtifactVersionDto artifact = storage.getArtifactVersionContent(globalId);