Try OpenEdge Now
skip to main content
Configuration
Configuring third-party Web applications : OpenEdge Management REST API framework : Method annotations
 

Method annotations

Several annotations are available at method level that perform method-related tasks. A few are provided here:
Description
Accepts a text string as its value. The text appears in the API method description displayed from “/api” request handler.
Note: This annotation is for documentation purposes only.
If the com.progress.fathom.api.OEMAPI class is listed in the restconfig.xml file, the “/api” URL is mapped and provides a human-readable description of the URLs that are mapped for the Web application. The description text is included in the response.
Refer to the REST API for the sample Web application for an example of an API for a sample Web application containing description text.
Since
Accepts a text string as its value. Though this text does not appear in any example, you can use it as you see fit.
Note: This annotation is for documentation purposes only.
RequiredResourcePermission
Adds an authorization check performed by the fathom REST servlet implementation. Authorization checks in OpenEdge Management are based on a security object identified (a string), and an action.
If the user making the REST request exists and is authenticated, the authentication check must succeed to invoke the method. If the user is not authenticated, the REST request fails with a 403 Forbidden response. If the user exists and the RequiredResourcePermission annotation is not available, the user is authorized to access OpenEdge Management to perform the API call.
At the least, the following annotation must be added to prevent users without normal resource permissions, such as the PSCTrend role, from accessing the method. However, users with PSCOper and PSCAdmin roles will still be able to access the method.
@RequiredResourcePermission(grantName = SecurityBean.SECURITY_ROOT, action = SecurityBean.ACTION_READ)
For a list of predefined permission objects, see the SecurityBean class. At the least, your Web application should check SecurityBean.SECURITY_RESOURCE,action=SecurityBean.ACTION_READ.
Note: Three predefined user roles—PSCOper, PSCAdmin, and PSCTrend—are available in OpenEdge Management, and permissions are granted individually based on the user role. PSCOper and PSCAdmin user roles have full read permissions on security_resource. The PSCAdmin user role has full read/write permissions on all security permission tokens within OpenEdge Management. The PSCTrend user role has limited permissions to a few APIs that are required for remote trending.