use of alien4cloud.audit.annotation.Audit in project alien4cloud by alien4cloud.
the class LocationMetaPropertiesController method upsertMetaProperty.
/**
* Update or create a property for an orchestrator
*
* @param orchestratorId id of the orchestrator the location belongs to.
* @param locationId id of the location to update
* @param propertyRequest property request
* @return information on the constraint
*/
@RequestMapping(method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public RestResponse<ConstraintInformation> upsertMetaProperty(@ApiParam(value = "Id of the orchestrator for which the location is defined.") @PathVariable String orchestratorId, @ApiParam(value = "Id of the location to get", required = true) @PathVariable String locationId, @ApiParam(value = "Id of the location to get", required = true) @RequestBody PropertyRequest propertyRequest) throws ConstraintViolationException, ConstraintValueDoNotMatchPropertyTypeException {
AuthorizationUtil.hasOneRoleIn(Role.ADMIN);
Location location = locationService.getOrFail(locationId);
try {
metaPropertiesService.upsertMetaProperty(location, propertyRequest.getDefinitionId(), propertyRequest.getValue());
} catch (ConstraintViolationException e) {
log.error("Constraint violation error for property <" + propertyRequest.getDefinitionId() + "> with value <" + propertyRequest.getValue() + ">", e);
return RestResponseBuilder.<ConstraintInformation>builder().data(e.getConstraintInformation()).error(RestErrorBuilder.builder(RestErrorCode.PROPERTY_CONSTRAINT_VIOLATION_ERROR).message(e.getMessage()).build()).build();
} catch (ConstraintValueDoNotMatchPropertyTypeException e) {
log.error("Constraint value violation error for property <" + e.getConstraintInformation().getName() + "> with value <" + e.getConstraintInformation().getValue() + "> and type <" + e.getConstraintInformation().getType() + ">", e);
return RestResponseBuilder.<ConstraintInformation>builder().data(e.getConstraintInformation()).error(RestErrorBuilder.builder(RestErrorCode.PROPERTY_TYPE_VIOLATION_ERROR).message(e.getMessage()).build()).build();
}
return RestResponseBuilder.<ConstraintInformation>builder().data(null).error(null).build();
}
use of alien4cloud.audit.annotation.Audit in project alien4cloud by alien4cloud.
the class CloudServiceArchiveController method addDependency.
@ApiOperation(value = "Add dependency to the csar with given id.")
@RequestMapping(value = "/{csarId:.+?}/dependencies", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("isAuthenticated()")
@Audit
@Deprecated
public RestResponse<Boolean> addDependency(@PathVariable String csarId, @Valid @RequestBody CSARDependency dependency) {
Csar csar = csarService.getOrFail(csarId);
csarAuthorizationFilter.checkWriteAccess(csar);
Set<CSARDependency> existingDependencies = csar.getDependencies();
if (existingDependencies == null) {
existingDependencies = Sets.newHashSet();
csar.setDependencies(existingDependencies);
}
boolean couldBeSaved = existingDependencies.add(dependency);
csarDAO.save(csar);
return RestResponseBuilder.<Boolean>builder().data(couldBeSaved).build();
}
use of alien4cloud.audit.annotation.Audit in project alien4cloud by alien4cloud.
the class CloudServiceArchiveController method uploadCSAR.
@ApiOperation(value = "Upload a csar zip file.")
@RequestMapping(method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("isAuthenticated()")
@Audit
public RestResponse<CsarUploadResult> uploadCSAR(@RequestParam(required = false) String workspace, @RequestParam("file") MultipartFile csar) throws IOException {
Path csarPath = null;
try {
if (workspace == null) {
workspace = AlienConstants.GLOBAL_WORKSPACE_ID;
}
// Perform check that the user has one of ARCHITECT, COMPONENT_MANAGER or ADMIN role
archiveIndexerAuthorizationFilter.preCheckAuthorization(workspace);
log.info("Serving file upload with name [" + csar.getOriginalFilename() + "]");
csarPath = Files.createTempFile(tempDirPath, null, '.' + CsarFileRepository.CSAR_EXTENSION);
// save the archive in the temp directory
FileUploadUtil.safeTransferTo(csarPath, csar);
// load, parse the archive definitions and save on disk
ParsingResult<Csar> result = csarUploadService.upload(csarPath, CSARSource.UPLOAD, workspace);
RestError error = null;
if (result.hasError(ParsingErrorLevel.ERROR)) {
error = RestErrorBuilder.builder(RestErrorCode.CSAR_PARSING_ERROR).build();
}
return RestResponseBuilder.<CsarUploadResult>builder().error(error).data(CsarUploadUtil.toUploadResult(result)).build();
} catch (ParsingException e) {
log.error("Error happened while parsing csar file <" + e.getFileName() + ">", e);
String fileName = e.getFileName() == null ? csar.getOriginalFilename() : e.getFileName();
CsarUploadResult uploadResult = new CsarUploadResult();
uploadResult.getErrors().put(fileName, e.getParsingErrors());
return RestResponseBuilder.<CsarUploadResult>builder().error(RestErrorBuilder.builder(RestErrorCode.CSAR_INVALID_ERROR).build()).data(uploadResult).build();
} catch (AlreadyExistException | CSARUsedInActiveDeployment | ToscaTypeAlreadyDefinedInOtherCSAR e) {
CsarUploadResult uploadResult = new CsarUploadResult();
uploadResult.getErrors().put(csar.getOriginalFilename(), Lists.newArrayList(UploadExceptionUtil.parsingErrorFromException(e)));
return RestResponseBuilder.<CsarUploadResult>builder().error(RestErrorBuilder.builder(RestErrorCode.ALREADY_EXIST_ERROR).build()).data(uploadResult).build();
} finally {
if (csarPath != null) {
// Clean up
try {
FileUtil.delete(csarPath);
} catch (IOException e) {
// The repository might just move the file instead of copying to save IO disk access
}
}
}
}
use of alien4cloud.audit.annotation.Audit in project alien4cloud by alien4cloud.
the class CloudServiceArchiveController method delete.
@ApiOperation(value = "Delete a CSAR given its id.")
@RequestMapping(value = "/{csarId:.+?}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("isAuthenticated()")
@Audit
public RestResponse<List<Usage>> delete(@PathVariable String csarId) {
Csar csar = csarService.getOrFail(csarId);
csarAuthorizationFilter.checkWriteAccess(csar);
List<Usage> relatedResourceList = csarService.deleteCsarWithElements(csar);
if (CollectionUtils.isNotEmpty(relatedResourceList)) {
String errorMessage = "The csar named <" + csar.getName() + "> in version <" + csar.getVersion() + "> can not be deleted since it is referenced by other resources";
return RestResponseBuilder.<List<Usage>>builder().data(relatedResourceList).error(RestErrorBuilder.builder(RestErrorCode.DELETE_REFERENCED_OBJECT_ERROR).message(errorMessage).build()).build();
}
return RestResponseBuilder.<List<Usage>>builder().build();
}
use of alien4cloud.audit.annotation.Audit in project alien4cloud by alien4cloud.
the class DeploymentTopologyController method updateSubstitutionProperty.
@ApiOperation(value = "Update node substitution's property.", authorizations = { @Authorization("ADMIN") })
@RequestMapping(value = "/substitutions/{nodeId}/properties", method = RequestMethod.POST)
@PreAuthorize("isAuthenticated()")
@Audit
public RestResponse<?> updateSubstitutionProperty(@PathVariable String appId, @PathVariable String environmentId, @PathVariable String nodeId, @RequestBody UpdatePropertyRequest updateRequest) {
try {
Application application = applicationService.getOrFail(appId);
ApplicationEnvironment environment = appEnvironmentService.getOrFail(environmentId);
AuthorizationUtil.checkAuthorizationForEnvironment(application, environment);
ApplicationTopologyVersion topologyVersion = applicationVersionService.getOrFail(Csar.createId(environment.getApplicationId(), environment.getVersion()), environment.getTopologyVersion());
Topology topology = topologyServiceCore.getOrFail(topologyVersion.getArchiveId());
DeploymentTopologyDTO dto = deploymentTopologyDTOBuilder.prepareDeployment(topology, () -> matchedNodePropertiesConfigService.updateProperty(application, environment, topology, nodeId, Optional.empty(), updateRequest.getPropertyName(), updateRequest.getPropertyValue()));
return RestResponseBuilder.<DeploymentTopologyDTO>builder().data(dto).build();
} catch (ConstraintTechnicalException e) {
if (e.getCause() instanceof ConstraintFunctionalException) {
return RestConstraintValidator.fromException((ConstraintFunctionalException) e.getCause(), updateRequest.getPropertyName(), updateRequest.getPropertyValue());
}
throw e;
}
}
Aggregations