import org.slf4j.LoggerFactory;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.http.MediaType;
+import org.springframework.security.access.annotation.Secured;
import org.springframework.util.Assert;
import org.springframework.web.bind.annotation.GetMapping;
import org.springframework.web.bind.annotation.PutMapping;
import io.swagger.annotations.ApiParam;
/**
- * * Proxies calls from the front end to the AC xApp via the A1 Mediator API.
- * All methods answer 502 on failure: <blockquote>HTTP server received an
- * invalid response from a server it consulted when acting as a proxy or
- * gateway.</blockquote>
+ * Proxies calls from the front end to the AC xApp via the A1 Mediator API.
+ *
+ * If a method throws RestClientResponseException, it is handled by
+ * {@link CustomResponseEntityExceptionHandler#handleProxyMethodException(Exception, org.springframework.web.context.request.WebRequest)}
+ * which returns status 502. All other exceptions are handled by Spring which
+ * returns status 500.
*/
@RestController
@RequestMapping(value = AcXappController.CONTROLLER_PATH, produces = MediaType.APPLICATION_JSON_VALUE)
@ApiOperation(value = "Gets the A1 client library MANIFEST.MF property Implementation-Version.", response = SuccessTransport.class)
@GetMapping(VERSION_METHOD)
+ // No role required
public SuccessTransport getA1MediatorClientVersion() {
return new SuccessTransport(200, DashboardApplication.getImplementationVersion(A1MediatorApi.class));
}
*/
@ApiOperation(value = "Gets the admission control policy for AC xApp via the A1 Mediator")
@GetMapping(ADMCTRL_METHOD)
+ @Secured({ DashboardConstants.ROLE_ADMIN, DashboardConstants.ROLE_STANDARD })
public Object getAdmissionControlPolicy(HttpServletResponse response) {
logger.debug("getAdmissionControlPolicy");
response.setStatus(HttpServletResponse.SC_NOT_IMPLEMENTED);
*/
@ApiOperation(value = "Sets the admission control policy for AC xApp via the A1 Mediator")
@PutMapping(ADMCTRL_METHOD)
+ @Secured({ DashboardConstants.ROLE_ADMIN })
public void setAdmissionControlPolicy(@ApiParam(value = "Admission control policy") @RequestBody JsonNode acPolicy, //
HttpServletResponse response) {
logger.debug("setAdmissionControlPolicy {}", acPolicy);