Integrate EPSDK-FW library for auth and users

[portal/ric-dashboard.git] / webapp-backend / src / main / java / org / oransc / ric / portal / dashboard / controller / AcXappController.java

diff --git a/webapp-backend/src/main/java/org/oransc/ric/portal/dashboard/controller/AcXappController.java b/webapp-backend/src/main/java/org/oransc/ric/portal/dashboard/controller/AcXappController.java
index 2fa3eeb..655b47a 100644 (file)
--- a/webapp-backend/src/main/java/org/oransc/ric/portal/dashboard/controller/AcXappController.java
+++ b/webapp-backend/src/main/java/org/oransc/ric/portal/dashboard/controller/AcXappController.java
@@ -31,10 +31,12 @@ import org.slf4j.Logger;
 import org.slf4j.LoggerFactory;
 import org.springframework.beans.factory.annotation.Autowired;
 import org.springframework.http.MediaType;
+import org.springframework.security.access.annotation.Secured;
 import org.springframework.util.Assert;
+import org.springframework.web.bind.annotation.GetMapping;
+import org.springframework.web.bind.annotation.PutMapping;
 import org.springframework.web.bind.annotation.RequestBody;
 import org.springframework.web.bind.annotation.RequestMapping;
-import org.springframework.web.bind.annotation.RequestMethod;
 import org.springframework.web.bind.annotation.RestController;
 
 import com.fasterxml.jackson.databind.JsonNode;
@@ -58,6 +60,7 @@ public class AcXappController {
        public static final String CONTROLLER_PATH = DashboardConstants.ENDPOINT_PREFIX + "/xapp/ac";
        // Endpoints
        public static final String ADMCTRL_METHOD = "/admctrl";
+       public static final String VERSION_METHOD = DashboardConstants.VERSION_METHOD;
 
        // A "control" is an element in the XApp descriptor
        private static final String AC_CONTROL_NAME = "admission_control_policy";
@@ -74,7 +77,8 @@ public class AcXappController {
        }
 
        @ApiOperation(value = "Gets the A1 client library MANIFEST.MF property Implementation-Version.", response = SuccessTransport.class)
-       @RequestMapping(value = DashboardConstants.VERSION_METHOD, method = RequestMethod.GET)
+       @GetMapping(VERSION_METHOD)
+       // No role required
        public SuccessTransport getA1MediatorClientVersion() {
                return new SuccessTransport(200, DashboardApplication.getImplementationVersion(A1MediatorApi.class));
        }
@@ -83,7 +87,8 @@ public class AcXappController {
         * GET policy is not supported at present by A1 Mediator! Always returns 501.
         */
        @ApiOperation(value = "Gets the admission control policy for AC xApp via the A1 Mediator")
-       @RequestMapping(value = ADMCTRL_METHOD, method = RequestMethod.GET)
+       @GetMapping(ADMCTRL_METHOD)
+       @Secured({ DashboardConstants.ROLE_ADMIN, DashboardConstants.ROLE_STANDARD })
        public Object getAdmissionControlPolicy(HttpServletResponse response) {
                logger.debug("getAdmissionControlPolicy");
                response.setStatus(HttpServletResponse.SC_NOT_IMPLEMENTED);
@@ -95,7 +100,8 @@ public class AcXappController {
         * fields are defined in the ACAdmissionIntervalControl Typescript interface.
         */
        @ApiOperation(value = "Sets the admission control policy for AC xApp via the A1 Mediator")
-       @RequestMapping(value = ADMCTRL_METHOD, method = RequestMethod.PUT)
+       @PutMapping(ADMCTRL_METHOD)
+       @Secured({ DashboardConstants.ROLE_ADMIN })
        public void setAdmissionControlPolicy(@ApiParam(value = "Admission control policy") @RequestBody JsonNode acPolicy, //
                        HttpServletResponse response) {
                logger.debug("setAdmissionControlPolicy {}", acPolicy);