下面列出了怎么用javax.annotation.security.RolesAllowed的API类实例代码及写法,或者点击链接到github查看源代码。
@Override
@RolesAllowed( "System-Management|Update" )
public void setNetworkSettings( final String publicUrl, final String publicSecurePort, final boolean useRhIp )
throws ConfigurationException
{
try
{
peerManager
.setPublicUrl( peerManager.getLocalPeer().getId(), publicUrl, Integer.parseInt( publicSecurePort ),
useRhIp );
}
catch ( Exception e )
{
throw new ConfigurationException( e );
}
}
SecurityInvocationHandler(SessionContext sessionContext, Method beanMethod) {
this.sessionContext = sessionContext;
RolesAllowed rolesAllowed = beanMethod
.getAnnotation(RolesAllowed.class);
// a somewhat nasty scenario: a bean is spied using Mockito, so the
// roles allowed annotations have to be retrieved from the superclass...
Class<?> declaringClass = beanMethod.getDeclaringClass();
Class<?> superclass = declaringClass.getSuperclass();
if (declaringClass.getName().contains("Mockito")
&& !superclass.equals(Object.class)) {
try {
Method method = superclass.getMethod(beanMethod.getName(),
beanMethod.getParameterTypes());
rolesAllowed = method.getAnnotation(RolesAllowed.class);
} catch (Exception e) {
e.printStackTrace();
}
}
if (rolesAllowed == null) {
this.rolesAllowed = new String[0];
} else {
this.rolesAllowed = rolesAllowed.value();
}
}
@RolesAllowed( { "Identity-Management|Write", "Identity-Management|Update" } )
@Override
public UserDelegate createUserDelegate( User user, String delegateUserId, boolean genKeyPair )
{
String id = "";
if ( StringUtils.isBlank( delegateUserId ) )
{
id = user.getId() + "-" + UUID.randomUUID();
}
UserDelegate userDelegate = new UserDelegateEntity();
userDelegate.setId( id );
userDelegate.setUserId( user.getId() );
identityDataService.persistUserDelegate( userDelegate );
if ( genKeyPair )
{
generateKeyPair( id, SecurityKeyType.USER_KEY.getId() );
}
return userDelegate;
}
/**
* Returns datatype IRIs in the imports closure for the ontology identified by the provided IDs.
*
* @param context the context of the request.
* @param recordIdStr the String representing the record Resource id. NOTE: Assumes id represents an IRI unless
* String begins with "_:".
* @param branchIdStr the String representing the Branch Resource id. NOTE: Assumes id represents an IRI unless
* String begins with "_:". NOTE: Optional param - if nothing is specified, it will get the
* master Branch.
* @param commitIdStr the String representing the Commit Resource id. NOTE: Assumes id represents an IRI unless
* String begins with "_:". NOTE: Optional param - if nothing is specified, it will get the head
* Commit. The provided commitId must be on the Branch identified by the provided branchId;
* otherwise, nothing will be returned.
* @return datatypes in the ontology identified by the provided IDs.
*/
@GET
@Path("{recordId}/imported-datatypes")
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed("user")
@ApiOperation("Gets the datatypes from the imported ontologies of the identified ontology.")
@ResourceId(type = ValueType.PATH, value = "recordId")
public Response getDatatypesInImportedOntologies(@Context ContainerRequestContext context,
@PathParam("recordId") String recordIdStr,
@QueryParam("branchId") String branchIdStr,
@QueryParam("commitId") String commitIdStr) {
try {
return doWithImportedOntologies(context, recordIdStr, branchIdStr, commitIdStr, this::getDatatypeIRIObject);
} catch (MobiException e) {
throw ErrorUtils.sendError(e, e.getMessage(), Response.Status.INTERNAL_SERVER_ERROR);
}
}
@GET
@Path("/verifyInjectedCustomString")
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed("Tester")
public JsonObject verifyInjectedCustomString(@QueryParam("value") String value) {
boolean pass = false;
String msg;
// iat
String customValue = customString.getString();
if(customValue == null || customValue.length() == 0) {
msg = "customString value is null or empty, FAIL";
}
else if(customValue.equals(value)) {
msg = "customString PASS";
pass = true;
}
else {
msg = String.format("customString: %s != %s", customValue, value);
}
JsonObject result = Json.createObjectBuilder()
.add("pass", pass)
.add("msg", msg)
.build();
return result;
}
@DELETE
@Timed
@Path("{id}")
@Consumes(APPLICATION_JSON)
@RolesAllowed({"admin", "$owner=$graph $action=vertex_delete"})
public void delete(@Context GraphManager manager,
@PathParam("graph") String graph,
@PathParam("id") String idValue) {
LOG.debug("Graph [{}] remove vertex by id '{}'", graph, idValue);
Id id = checkAndParseVertexId(idValue);
HugeGraph g = graph(manager, graph);
// TODO: add removeVertex(id) to improve
commit(g, () -> {
Iterator<Vertex> iter = g.vertices(id);
try {
E.checkArgument(iter.hasNext(),
"No such vertex with id: '%s'", idValue);
iter.next().remove();
} finally {
CloseableIterator.closeIterator(iter);
}
});
}
@RolesAllowed("CREATE")
@POST
public DirectoryAJAXResponse create(CreateDirectoryAJAXRequest createDirectoryAJAXRequest) {
DirectoryResponse parentDirectory = directoryService.get(createDirectoryAJAXRequest.parentId);
CreateDirectoryRequest instance = new CreateDirectoryRequest();
instance.path = parentDirectory.path.substring(0, parentDirectory.path.length() - 1) + createDirectoryAJAXRequest.path;
instance.parentId = createDirectoryAJAXRequest.parentId;
instance.description = createDirectoryAJAXRequest.description;
instance.ownerId = createDirectoryAJAXRequest.ownerId;
instance.ownerRoles = createDirectoryAJAXRequest.ownerRoles;
instance.groupId = createDirectoryAJAXRequest.groupId;
instance.groupRoles = createDirectoryAJAXRequest.groupRoles;
instance.othersRoles = createDirectoryAJAXRequest.othersRoles;
instance.requestBy = userInfo.username();
return response(directoryService.create(instance));
}
/**
* Returns annotation property IRIs in the ontology identified by the provided IDs.
*
* @param context the context of the request.
* @param recordIdStr the String representing the record Resource id. NOTE: Assumes id represents an IRI unless
* String begins with "_:".
* @param branchIdStr the String representing the Branch Resource id. NOTE: Assumes id represents an IRI unless
* String begins with "_:". NOTE: Optional param - if nothing is specified, it will get the
* master Branch.
* @param commitIdStr the String representing the Commit Resource id. NOTE: Assumes id represents an IRI unless
* String begins with "_:". NOTE: Optional param - if nothing is specified, it will get the head
* Commit. The provided commitId must be on the Branch identified by the provided branchId;
* otherwise, nothing will be returned.
* @return annotation properties in the ontology identified by the provided IDs.
*/
@GET
@Path("{recordId}/annotations")
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed("user")
@ApiOperation("Gets the annotations in the identified ontology.")
@ResourceId(type = ValueType.PATH, value = "recordId")
public Response getAnnotationsInOntology(@Context ContainerRequestContext context,
@PathParam("recordId") String recordIdStr,
@QueryParam("branchId") String branchIdStr,
@QueryParam("commitId") String commitIdStr) {
try {
ObjectNode result = doWithOntology(context, recordIdStr, branchIdStr, commitIdStr,
this::getAnnotationIRIObject, true);
return Response.ok(result.toString()).build();
} catch (MobiException e) {
throw ErrorUtils.sendError(e, e.getMessage(), Response.Status.INTERNAL_SERVER_ERROR);
}
}
@RolesAllowed(UserGroupMapping.REGULAR_USER_ROLE_ID)
@Override
public ChangeOrder updateChangeOrder(int pId, String pWorkspaceId, String description, int milestoneId, ChangeItemPriority priority, String assignee, ChangeItemCategory category) throws UserNotFoundException, UserNotActiveException, WorkspaceNotFoundException, ChangeOrderNotFoundException, AccessRightException, WorkspaceNotEnabledException, AccountNotFoundException, NotAllowedException {
User user = userManager.checkWorkspaceReadAccess(pWorkspaceId);
ChangeOrder changeOrder = loadChangeOrder(pId);
checkChangeItemWriteAccess(changeOrder, user);
changeOrder.setDescription(description);
changeOrder.setPriority(priority);
changeOrder.setCategory(category);
if (assignee != null && !assignee.isEmpty()) {
if (!userManager.isUserEnabled(assignee, pWorkspaceId)) {
throw new NotAllowedException("NotAllowedException71");
}
changeOrder.setAssignee(em.find(User.class, new UserKey(pWorkspaceId, assignee)));
} else {
changeOrder.setAssignee(null);
}
changeOrder.setMilestone(em.find(Milestone.class, milestoneId));
return changeOrder;
}
@POST
@Path("/disableDPM")
@ApiOperation(
value = "Disables DPM",
authorizations = @Authorization(value = "basic")
)
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed({AuthzRole.ADMIN, AuthzRole.ADMIN_REMOTE})
public Response disableDPM(@Context HttpServletRequest request) throws IOException {
// check if DPM enabled
if (!runtimeInfo.isDPMEnabled()) {
throw new RuntimeException("disableDPM is supported only when DPM is enabled");
}
// 1. Get DPM user auth token from request cookie
SSOPrincipal ssoPrincipal = (SSOPrincipal)request.getUserPrincipal();
String userAuthToken = ssoPrincipal.getTokenStr();
String organizationId = ssoPrincipal.getOrganizationId();
SchAdmin.disableDPM(userAuthToken, organizationId, new SchAdmin.Context(runtimeInfo, config));
return Response.ok().build();
}
@Path("/detachedstage")
@POST
@ApiOperation(value = "Validates given detached stage and performs any necessary upgrade.",
response = DetachedStageConfigurationJson.class,
authorizations = @Authorization(value = "basic")
)
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed({
AuthzRole.CREATOR, AuthzRole.ADMIN, AuthzRole.CREATOR_REMOTE, AuthzRole.ADMIN_REMOTE
})
public Response validateDetachedStage(
@ApiParam(name="stage", required = true) DetachedStageConfigurationJson detachedStage
) {
DetachedStageConfiguration stageConf = detachedStage.getDetachedStageConfiguration();
DetachedStageValidator validator = new DetachedStageValidator(stageLibrary, stageConf);
return Response.ok().entity(new DetachedStageConfigurationJson(validator.validate())).build();
}
@Path("/pipeline/{pipelineId}/committedOffsets")
@GET
@ApiOperation(value = "Return Committed Offsets. Note: Returned offset format will change between releases.",
response = SourceOffsetJson.class,
authorizations = @Authorization(value = "basic"))
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed({
AuthzRole.MANAGER,
AuthzRole.ADMIN,
AuthzRole.MANAGER_REMOTE,
AuthzRole.ADMIN_REMOTE
})
public Response getCommittedOffsets(
@PathParam("pipelineId") String pipelineId,
@QueryParam("rev") @DefaultValue("0") String rev
) throws PipelineException {
PipelineInfo pipelineInfo = store.getInfo(pipelineId);
RestAPIUtils.injectPipelineInMDC(pipelineInfo.getTitle(), pipelineInfo.getPipelineId());
Runner runner = manager.getRunner(pipelineId, rev);
return Response.ok()
.type(MediaType.APPLICATION_JSON)
.entity(BeanHelper.wrapSourceOffset(runner.getCommittedOffsets()))
.build();
}
@Override
public void configure(ResourceInfo resourceInfo, FeatureContext context) {
final AnnotatedMethod am = new AnnotatedMethod(resourceInfo.getResourceMethod());
final Annotation[][] parameterAnnotations = am.getParameterAnnotations();
if (am.isAnnotationPresent(RolesAllowed.class) || am.isAnnotationPresent(DenyAll.class) ||
am.isAnnotationPresent(PermitAll.class)) {
context.register(authFilter);
} else {
for (Annotation[] annotations : parameterAnnotations) {
for (Annotation annotation : annotations) {
if (annotation instanceof Auth) {
context.register(authFilter);
return;
}
}
}
}
}
@Override
@RolesAllowed({ "ORGANIZATION_ADMIN", "UNIT_ADMINISTRATOR" })
public boolean handleRemovingCurrentUserFromGroup() {
if (!userGroupService.handleRemovingCurrentUserFromGroup()) {
return false;
}
PlatformUser currentUser = dm.getCurrentUser();
if (currentUser.hasSubscriptionOwnerRole()) {
return true;
}
List<Subscription> subscriptions = slsl
.getSubscriptionsForOwner(currentUser);
for (Subscription subscription : subscriptions) {
ssl.removeSubscriptionOwner(subscription);
}
return true;
}
/**
* Returns the SKOS concept hierarchy for the ontology identified by the provided IDs as a JSON object with keys for
* a map of parent concept IRIs to arrays of children concept IRIs and a map of child concept IRIs to arrays of
* parent concept IRIs. Optionally can also have a key for a nested JSON-LD representation of the hierarchy.
*
* @param context the context of the request.
* @param recordIdStr the String representing the record Resource id. NOTE: Assumes id represents an IRI unless
* String begins with "_:".
* @param branchIdStr the String representing the Branch Resource id. NOTE: Assumes id represents an IRI unless
* String begins with "_:". NOTE: Optional param - if nothing is specified, it will get the
* master Branch.
* @param commitIdStr the String representing the Commit Resource id. NOTE: Assumes id represents an IRI unless
* String begins with "_:". NOTE: Optional param - if nothing is specified, it will get the head
* Commit. The provided commitId must be on the Branch identified by the provided branchId;
* otherwise, nothing will be returned.
* @param nested Whether to return the nested JSON-LD version of the hierarchy.
* @return A JSON object that represents the SKOS concept hierarchy for the ontology identified by the provided IDs.
*/
@GET
@Path("{recordId}/concept-hierarchies")
@Produces(MediaType.APPLICATION_JSON)
@RolesAllowed("user")
@ApiOperation("Gets the concept hierarchies for the identified ontology.")
@ResourceId(type = ValueType.PATH, value = "recordId")
public Response getConceptHierarchy(@Context ContainerRequestContext context,
@PathParam("recordId") String recordIdStr,
@QueryParam("branchId") String branchIdStr,
@QueryParam("commitId") String commitIdStr,
@DefaultValue("false") @QueryParam("nested") boolean nested) {
try {
Ontology ontology = getOntology(context, recordIdStr, branchIdStr, commitIdStr, true).orElseThrow(() ->
ErrorUtils.sendError("The ontology could not be found.", Response.Status.BAD_REQUEST));
Hierarchy hierarchy = ontology.getConceptRelationships(valueFactory, modelFactory);
return Response.ok(getHierarchyStream(hierarchy, nested, getConceptIRIs(ontology))).build();
} catch (MobiException e) {
throw ErrorUtils.sendError(e, e.getMessage(), Response.Status.INTERNAL_SERVER_ERROR);
}
}
@RolesAllowed({"admin", "user"})
@POST
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@Deprecated
public UserUI updateUser(UserForm userForm, @PathParam("userName") UserName userName)
throws IOException, IllegalArgumentException, NamespaceException, UserNotFoundException, DACUnauthorizedException {
checkUser(userName, "update");
User userConfig = userForm.getUserConfig();
if (userConfig != null && userConfig.getUserName() != null && !userConfig.getUserName().equals(userName.getName())) {
final UserName newUserName = new UserName(userForm.getUserConfig().getUserName());
userConfig = userService.updateUserName(userName.getName(),
newUserName.getName(),
userConfig, userForm.getPassword());
// TODO: rename home space and all uploaded files along with it
// new username
return new UserUI(new UserResourcePath(newUserName), newUserName, userConfig);
} else {
User newUser = SimpleUser.newBuilder(userForm.getUserConfig()).setUserName(userName.getName()).build();
newUser = userService.updateUser(newUser, userForm.getPassword());
return new UserUI(new UserResourcePath(userName), userName, newUser);
}
}
@RolesAllowed(UserGroupMapping.REGULAR_USER_ROLE_ID)
@Override
public DocumentRevision[] getDocumentRevisionsWithOpenedTasksForGivenUser(String pWorkspaceId, String assignedUserLogin)
throws WorkspaceNotFoundException, UserNotFoundException, UserNotActiveException, WorkspaceNotEnabledException {
User user = userManager.checkWorkspaceReadAccess(pWorkspaceId);
List<DocumentRevision> docRs = documentRevisionDAO.findDocsWithOpenedTasksForGivenUser(pWorkspaceId, assignedUserLogin);
ListIterator<DocumentRevision> ite = docRs.listIterator();
while (ite.hasNext()) {
DocumentRevision docR = ite.next();
if (!hasDocumentRevisionReadAccess(user, docR)) {
ite.remove();
} else if (isCheckoutByAnotherUser(user, docR)) {
em.detach(docR);
docR.removeLastIteration();
}
}
return docRs.toArray(new DocumentRevision[docRs.size()]);
}
@Override
@RolesAllowed({ "SERVICE_MANAGER", "RESELLER_MANAGER", "BROKER_MANAGER" })
public List<VOOrganization> getMyCustomersOptimization() {
List<VOOrganization> result = new ArrayList<>();
PlatformUser user = dm.getCurrentUser();
Organization seller = user.getOrganization();
List<Organization> list = getCustomersOptimization(seller);
for (Organization customer : list) {
result.add(OrganizationAssembler.toVOOrganization(customer, false,
null, PerformanceHint.ONLY_FIELDS_FOR_LISTINGS));
}
return result;
}
@RolesAllowed({ "ORGANIZATION_ADMIN", "PLATFORM_OPERATOR" })
@TransactionAttribute(TransactionAttributeType.MANDATORY)
public void deleteTriggerDefinitionInt(long triggerDefinitionKey)
throws ObjectNotFoundException, DeletionConstraintException,
OperationNotPermittedException {
TriggerDefinition triggerDefinition = dm.getReference(
TriggerDefinition.class, triggerDefinitionKey);
checkOrgAuthority(triggerDefinition);
// check if there are trigger processes exist for current trigger
// definition.
// excepts the triggerDefinition can not be deleted
Query query = dm
.createNamedQuery("TriggerProcess.getAllForTriggerDefinition");
query.setParameter("triggerDefinitionKey",
Long.valueOf(triggerDefinitionKey));
List<TriggerProcess> triggerProcessList = ParameterizedTypes.list(
query.getResultList(), TriggerProcess.class);
if (triggerProcessList.size() > 0) {
DeletionConstraintException sdce = new DeletionConstraintException(
ClassEnum.TRIGGER_DEFINITION,
String.valueOf(triggerDefinitionKey),
ClassEnum.TRIGGER_PROCESS);
logger.logWarn(Log4jLogger.SYSTEM_LOG, sdce,
LogMessageIdentifier.WARN_TRIGGER_DELETION_FAILED);
throw sdce;
}
dm.remove(triggerDefinition);
}
@GET
@RolesAllowed("user")
@Path("principal-secured")
public String getPrincipalSecured(@Context SecurityContext sec) {
if (principal == null) {
throw new IllegalStateException("No injected principal");
}
String name = principal.getName();
return name;
}
@GET
@RolesAllowed({ Role.USER, Role.ADMIN })
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get all available things.", response = EnrichedThingDTO.class, responseContainer = "Set")
@ApiResponses(value = {
@ApiResponse(code = 200, message = "OK", response = EnrichedThingDTO.class, responseContainer = "Set") })
public Response getAll(
@HeaderParam(HttpHeaders.ACCEPT_LANGUAGE) @ApiParam(value = "language") @Nullable String language) {
final Locale locale = localeService.getLocale(language);
Stream<EnrichedThingDTO> thingStream = thingRegistry.stream().map(t -> convertToEnrichedThingDTO(t, locale))
.distinct();
return Response.ok(new Stream2JSONInputStream(thingStream)).build();
}
@RolesAllowed( "Identity-Management|Delete" )
@Override
public void removeRole( long roleId )
{
//******Cannot remove Internal Role *************
Role role = identityDataService.getRole( roleId );
if ( role.getType() == UserType.SYSTEM.getId() )
{
throw new AccessControlException( "Internal Role cannot be removed" );
}
//***********************************************
identityDataService.removeRole( roleId );
}
/**
* Updates TriggerProcessParameters of given TriggerProcess object key.
*
* @param actionKey
* - key of TriggerProcess to update
* @param parameters
* - list with updated values of TriggerProcessParameter
* @throws ObjectNotFoundException
* @throws OperationNotPermittedException
* @throws TriggerProcessStatusException
* @throws ValidationException
*/
@Override
@TransactionAttribute(TransactionAttributeType.REQUIRES_NEW)
@RolesAllowed("ORGANIZATION_ADMIN")
public void updateActionParameters(long actionKey,
List<VOTriggerProcessParameter> parameters)
throws ObjectNotFoundException, OperationNotPermittedException,
TriggerProcessStatusException, ValidationException {
if (parameters == null) {
throw new org.oscm.internal.types.exception.IllegalArgumentException(
"Parameter parameters must not be null.");
}
TriggerProcess triggerProcess = getTriggerProcess(actionKey);
verifyTriggerProcessStatus(triggerProcess,
TriggerProcessStatus.WAITING_FOR_APPROVAL);
verifyTriggerDefinitionType(triggerProcess.getTriggerDefinition(),
TriggerType.SUBSCRIBE_TO_SERVICE);
removeAdditionalParameters(parameters);
removeNonConfigurableParameters(parameters);
validateConfiguredParameters(parameters, triggerProcess);
updateTriggerProcessParameters(triggerProcess, parameters);
dm.merge(triggerProcess);
}
@GET
@Path("/echo")
@RolesAllowed("Echoer")
public String echoInput(@Context SecurityContext sec, @QueryParam("input") String input) {
Principal user = sec.getUserPrincipal();
return input + ", user="+user.getName();
}
@RolesAllowed("CREATE")
@POST
public PageAJAXResponse create(CreatePageAJAXRequest createPageAJAXRequest) {
CreatePageRequest createPageRequest = new CreatePageRequest();
createPageRequest.userId = userInfo.id();
createPageRequest.path = createPageAJAXRequest.path;
createPageRequest.title = createPageAJAXRequest.title;
createPageRequest.tags = createPageAJAXRequest.tags;
createPageRequest.description = createPageAJAXRequest.description;
createPageRequest.sections = createPageAJAXRequest.sections;
createPageRequest.requestBy = userInfo.username();
PageResponse page = pageDraftWebService.create(createPageRequest);
return response(page);
}
@RolesAllowed("system-user")
public void activateMaintenanceMode(String reason) {
log.info("Activating Maintenance mode, with reason: '{}'", reason);
GenericSetting maintenanceMode = createGenericParameterIfNotFound(MAINTENANCE_MODE);
maintenanceMode.setValue(Boolean.TRUE.toString());
genericSettingRepository.save(maintenanceMode);
notifier.sendMessage(GenericSettingNotification.maintenanceModeChanged(true));
setAnnouncementBanner(reason);
}
@RolesAllowed({UserGroupMapping.REGULAR_USER_ROLE_ID})
@Override
public List<PathToPathLink> getPathToPathLinks(String workspaceId, String configurationItemId, String serialNumber) throws UserNotFoundException, UserNotActiveException, WorkspaceNotFoundException, ProductInstanceMasterNotFoundException, AccessRightException, WorkspaceNotEnabledException {
User user = userManager.checkWorkspaceReadAccess(workspaceId);
ProductInstanceMaster prodInstM = productInstanceMasterDAO.loadProductInstanceMaster(new ProductInstanceMasterKey(serialNumber, workspaceId, configurationItemId));
checkProductInstanceReadAccess(workspaceId, prodInstM, user);
return pathToPathLinkDAO.getDistinctPathToPathLink(prodInstM.getLastIteration());
}
@POST
@Path("/bookforms")
@RolesAllowed({"ROLE_USER", "ROLE_ADMIN" })
public Book getBookFromFormParams(MultivaluedMap<String, String> map,
@FormParam("name") String name, @FormParam("id") long id) {
if (name == null || id == 0 || map.getFirst("name") == null
|| Integer.valueOf(map.getFirst("id")) == 0) {
throw new RuntimeException("FormParams are not set");
}
return new Book(name, id);
}
@Path("/subsomething")
@GET
@RolesAllowed("test")
public ObjectWithSchema<Something> getSomething(@PathParam("id") String id) {
Optional<Link> link = linkMetaFactory.createFactoryFor(ResourceClass.class).forCall(Rel.SELF,
r -> r.getSomething(id));
return ObjectWithSchema.create(new Something(), JsonHyperSchema.from(link));
}
@Override
@RolesAllowed("MARKETPLACE_OWNER")
public void deleteReviewByMarketplaceOwner(POServiceReview poReview,
String reason) throws OperationNotPermittedException,
ObjectNotFoundException {
ArgumentValidator.notNull("poReview", poReview);
ArgumentValidator.notEmptyString("reason", reason);
reviewService.deleteReviewByMarketplaceOwner(
Long.valueOf(poReview.getKey()), reason);
}