Example 16 with RestResponse
use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.
the class LocationSecurityController method getAuthorizedEnvironmentsAndEnvTypesPerApplicationPaginated.
/**
* search applications,environments and environment types authorised to access the location.
*
* @return {@link RestResponse} that contains a {@link GetMultipleDataResult} of {@link GroupDTO}..
*/
@ApiOperation(value = "List all applications,environments and environment types authorized to access the location", notes = "Only user with ADMIN role can list authorized applications,environments and environment types to the location.")
@RequestMapping(value = "/applications/search", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public RestResponse<GetMultipleDataResult<ApplicationEnvironmentAuthorizationDTO>> getAuthorizedEnvironmentsAndEnvTypesPerApplicationPaginated(@PathVariable String orchestratorId, @PathVariable String locationId, @ApiParam(value = "Text Query to search.") @RequestParam(required = false) String query, @ApiParam(value = "Query from the given index.") @RequestParam(required = false, defaultValue = "0") int from, @ApiParam(value = "Maximum number of results to retrieve.") @RequestParam(required = false, defaultValue = "20") int size) {
Location location = locationService.getLocation(orchestratorId, locationId);
List<Application> applicationsRelatedToEnvironment = Lists.newArrayList();
List<Application> applicationsRelatedToEnvironmentType = Lists.newArrayList();
List<ApplicationEnvironment> environments = Lists.newArrayList();
List<String> environmentTypes = Lists.newArrayList();
List<Application> applications = Lists.newArrayList();
// we get all authorized applications and environment to not favor the one of them
if (MapUtils.isNotEmpty(location.getEnvironmentPermissions())) {
environments = alienDAO.findByIds(ApplicationEnvironment.class, location.getEnvironmentPermissions().keySet().toArray(new String[location.getEnvironmentPermissions().size()]));
Set<String> environmentApplicationIds = environments.stream().map(ae -> new String(ae.getApplicationId())).collect(Collectors.toSet());
applicationsRelatedToEnvironment = alienDAO.findByIds(Application.class, environmentApplicationIds.toArray(new String[environmentApplicationIds.size()]));
}
if (MapUtils.isNotEmpty(location.getEnvironmentTypePermissions())) {
environmentTypes.addAll(location.getEnvironmentTypePermissions().keySet());
Set<String> environmentTypeApplicationIds = Sets.newHashSet();
for (String envType : safe(location.getEnvironmentTypePermissions()).keySet()) {
environmentTypeApplicationIds.add(envType.split(":")[0]);
}
applicationsRelatedToEnvironmentType = alienDAO.findByIds(Application.class, environmentTypeApplicationIds.toArray(new String[environmentTypeApplicationIds.size()]));
}
if (MapUtils.isNotEmpty(location.getApplicationPermissions())) {
applications = alienDAO.findByIds(Application.class, location.getApplicationPermissions().keySet().toArray(new String[location.getApplicationPermissions().size()]));
}
List<ApplicationEnvironmentAuthorizationDTO> allDTOs = ApplicationEnvironmentAuthorizationDTO.buildDTOs(applicationsRelatedToEnvironment, applicationsRelatedToEnvironmentType, environments, applications, environmentTypes);
int to = (from + size < allDTOs.size()) ? from + size : allDTOs.size();
allDTOs = IntStream.range(from, to).mapToObj(allDTOs::get).collect(Collectors.toList());
List<String> ids = allDTOs.stream().map(appEnvDTO -> appEnvDTO.getApplication().getId()).collect(Collectors.toList());
IdsFilterBuilder idFilters = FilterBuilders.idsFilter().ids(ids.toArray(new String[ids.size()]));
GetMultipleDataResult<Application> tempResult = alienDAO.search(Application.class, query, null, idFilters, null, from, to, "id", false);
return RestResponseBuilder.<GetMultipleDataResult<ApplicationEnvironmentAuthorizationDTO>>builder().data(ApplicationEnvironmentAuthorizationDTO.convert(tempResult, allDTOs)).build();
}
Also used :
IntStream(java.util.stream.IntStream)
PathVariable(org.springframework.web.bind.annotation.PathVariable)
Lists(org.elasticsearch.common.collect.Lists)
RequestParam(org.springframework.web.bind.annotation.RequestParam)
Arrays(java.util.Arrays)
ApplicationEnvironmentService(alien4cloud.application.ApplicationEnvironmentService)
Subject(alien4cloud.security.Subject)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
LocationService(alien4cloud.orchestrators.locations.services.LocationService)
ResourcePermissionService(alien4cloud.authorization.ResourcePermissionService)
ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)
ApiParam(io.swagger.annotations.ApiParam)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
IdsFilterBuilder(org.elasticsearch.index.query.IdsFilterBuilder)
User(alien4cloud.security.model.User)
AlienUtils.safe(alien4cloud.utils.AlienUtils.safe)
Location(alien4cloud.model.orchestrators.locations.Location)
RequestBody(org.springframework.web.bind.annotation.RequestBody)
ApiOperation(io.swagger.annotations.ApiOperation)
Audit(alien4cloud.audit.annotation.Audit)
RestResponseBuilder(alien4cloud.rest.model.RestResponseBuilder)
RestResponse(alien4cloud.rest.model.RestResponse)
Application(alien4cloud.model.application.Application)
Api(io.swagger.annotations.Api)
MapUtils(org.apache.commons.collections4.MapUtils)
GetMultipleDataResult(alien4cloud.dao.model.GetMultipleDataResult)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
FilterBuilders(org.elasticsearch.index.query.FilterBuilders)
MediaType(org.springframework.http.MediaType)
Resource(javax.annotation.Resource)
RequestMethod(org.springframework.web.bind.annotation.RequestMethod)
Set(java.util.Set)
IGenericSearchDAO(alien4cloud.dao.IGenericSearchDAO)
RestController(org.springframework.web.bind.annotation.RestController)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
IAlienGroupDao(alien4cloud.security.groups.IAlienGroupDao)
IAlienUserDao(alien4cloud.security.users.IAlienUserDao)
List(java.util.List)
GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO)
Group(alien4cloud.security.model.Group)
UserDTO(alien4cloud.rest.orchestrator.model.UserDTO)
ApplicationEnvironmentAuthorizationUpdateRequest(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
IdsFilterBuilder(org.elasticsearch.index.query.IdsFilterBuilder)
ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)
GetMultipleDataResult(alien4cloud.dao.model.GetMultipleDataResult)
Application(alien4cloud.model.application.Application)
Location(alien4cloud.model.orchestrators.locations.Location)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 17 with RestResponse
use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.
the class AbstractLocationResourcesBatchSecurityController method updateAuthorizedEnvironmentsPerApplication.
/**
*****************************************************************************************************************************
*
* SECURITY ON APPLICATIONS
*
******************************************************************************************************************************
*/
/**
* Update applications, environments and environment types authorized to access the location resource.
*/
@ApiOperation(value = "Update applications, environments and environment type authorized to access the location resource", notes = "Only user with ADMIN role can update authorized applications/environments for the location.")
@RequestMapping(value = "/environmentsPerApplication", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public synchronized RestResponse<Void> updateAuthorizedEnvironmentsPerApplication(@PathVariable String orchestratorId, @PathVariable String locationId, @RequestBody ApplicationEnvironmentAuthorizationUpdateRequest request) {
if (ArrayUtils.isEmpty(request.getResources())) {
return RestResponseBuilder.<Void>builder().build();
}
Location location = locationService.getLocation(orchestratorId, locationId);
locationSecurityService.grantAuthorizationOnLocationIfNecessary(request.getApplicationsToAdd(), request.getEnvironmentsToAdd(), request.getEnvironmentTypesToAdd(), location);
Arrays.stream(request.getResources()).forEach(resourceId -> {
AbstractLocationResourceTemplate resourceTemplate = locationResourceService.getOrFail(resourceId);
if (ArrayUtils.isNotEmpty(request.getApplicationsToDelete())) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.APPLICATION, request.getApplicationsToDelete());
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentsToDelete())) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT, request.getEnvironmentsToDelete());
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentTypesToDelete())) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT_TYPE, request.getEnvironmentTypesToDelete());
}
Set<String> envIds = Sets.newHashSet();
if (ArrayUtils.isNotEmpty(request.getApplicationsToAdd())) {
resourcePermissionService.grantPermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.APPLICATION, request.getApplicationsToAdd());
// when an app is added, all eventual existing env authorizations are removed
for (String applicationToAddId : request.getApplicationsToAdd()) {
ApplicationEnvironment[] aes = applicationEnvironmentService.getByApplicationId(applicationToAddId);
for (ApplicationEnvironment ae : aes) {
envIds.add(ae.getId());
}
}
if (!envIds.isEmpty()) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT, envIds.toArray(new String[envIds.size()]));
}
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentsToAdd())) {
List<String> envToAddSet = Arrays.stream(request.getEnvironmentsToAdd()).filter(env -> !envIds.contains(env)).collect(Collectors.toList());
resourcePermissionService.grantPermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT, envToAddSet.toArray(new String[envToAddSet.size()]));
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentTypesToAdd())) {
List<String> envToAddSet = Arrays.stream(request.getEnvironmentTypesToAdd()).filter(env -> !envIds.contains(env)).collect(Collectors.toList());
resourcePermissionService.grantPermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT_TYPE, envToAddSet.toArray(new String[envToAddSet.size()]));
}
});
return RestResponseBuilder.<Void>builder().build();
}
Also used :
PathVariable(org.springframework.web.bind.annotation.PathVariable)
Arrays(java.util.Arrays)
ApplicationEnvironmentService(alien4cloud.application.ApplicationEnvironmentService)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
Subject(alien4cloud.security.Subject)
LocationService(alien4cloud.orchestrators.locations.services.LocationService)
ResourcePermissionService(alien4cloud.authorization.ResourcePermissionService)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ArrayUtils(org.apache.commons.lang3.ArrayUtils)
LocationSecurityService(alien4cloud.orchestrators.locations.services.LocationSecurityService)
Location(alien4cloud.model.orchestrators.locations.Location)
RequestBody(org.springframework.web.bind.annotation.RequestBody)
ApiOperation(io.swagger.annotations.ApiOperation)
Audit(alien4cloud.audit.annotation.Audit)
RestResponseBuilder(alien4cloud.rest.model.RestResponseBuilder)
RestResponse(alien4cloud.rest.model.RestResponse)
ILocationResourceService(alien4cloud.orchestrators.locations.services.ILocationResourceService)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
MediaType(org.springframework.http.MediaType)
Resource(javax.annotation.Resource)
Set(java.util.Set)
RequestMethod(org.springframework.web.bind.annotation.RequestMethod)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
SubjectsAuthorizationRequest(alien4cloud.rest.orchestrator.model.SubjectsAuthorizationRequest)
List(java.util.List)
AbstractLocationResourceTemplate(alien4cloud.model.orchestrators.locations.AbstractLocationResourceTemplate)
ApplicationEnvironmentAuthorizationUpdateRequest(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)
AbstractLocationResourceTemplate(alien4cloud.model.orchestrators.locations.AbstractLocationResourceTemplate)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
Location(alien4cloud.model.orchestrators.locations.Location)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 18 with RestResponse
use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.
the class AbstractLocationResourcesSecurityController method revokeApplicationAccess.
/**
*****************************************************************************************************************************
*
* SECURITY ON APPLICATIONS
*
******************************************************************************************************************************
*/
/**
* Revoke the application's authorisation to access the location resource (including all related environments).
*
* @param locationId The id of the location.
* @param applicationId The authorized application.
* @return A {@link Void} {@link RestResponse}.
*/
@ApiOperation(value = "Revoke the application's authorisation to access the location resource", notes = "Only user with ADMIN role can revoke access to the location.")
@RequestMapping(value = "/applications/{applicationId}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<Void> revokeApplicationAccess(@PathVariable String orchestratorId, @PathVariable String locationId, @PathVariable String applicationId, @PathVariable String resourceId) {
AbstractLocationResourceTemplate resourceTemplate = locationResourceService.getOrFail(resourceId);
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource((AbstractLocationResourceTemplate) resource)), Subject.APPLICATION, applicationId);
// remove all environments related to this application
ApplicationEnvironment[] aes = applicationEnvironmentService.getByApplicationId(applicationId);
String[] envIds = Arrays.stream(aes).map(ae -> ae.getId()).toArray(String[]::new);
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource((AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT, envIds);
// remove all environment types
Set<String> envTypeIds = Sets.newHashSet();
for (String envType : safe(resourceTemplate.getEnvironmentTypePermissions()).keySet()) {
if (envType.split(":")[0].equals(applicationId)) {
envTypeIds.add(envType);
}
}
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource((AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT_TYPE, envTypeIds.toArray(new String[envTypeIds.size()]));
return RestResponseBuilder.<Void>builder().build();
}
Also used :
PathVariable(org.springframework.web.bind.annotation.PathVariable)
Lists(org.elasticsearch.common.collect.Lists)
Arrays(java.util.Arrays)
ApplicationEnvironmentService(alien4cloud.application.ApplicationEnvironmentService)
Subject(alien4cloud.security.Subject)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
LocationService(alien4cloud.orchestrators.locations.services.LocationService)
ResourcePermissionService(alien4cloud.authorization.ResourcePermissionService)
ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ArrayUtils(org.apache.commons.lang3.ArrayUtils)
LocationSecurityService(alien4cloud.orchestrators.locations.services.LocationSecurityService)
AlienUtils.safe(alien4cloud.utils.AlienUtils.safe)
Location(alien4cloud.model.orchestrators.locations.Location)
RequestBody(org.springframework.web.bind.annotation.RequestBody)
ApiOperation(io.swagger.annotations.ApiOperation)
Audit(alien4cloud.audit.annotation.Audit)
RestResponseBuilder(alien4cloud.rest.model.RestResponseBuilder)
RestResponse(alien4cloud.rest.model.RestResponse)
Application(alien4cloud.model.application.Application)
ILocationResourceService(alien4cloud.orchestrators.locations.services.ILocationResourceService)
MapUtils(org.apache.commons.collections4.MapUtils)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
MediaType(org.springframework.http.MediaType)
Resource(javax.annotation.Resource)
RequestMethod(org.springframework.web.bind.annotation.RequestMethod)
Set(java.util.Set)
IGenericSearchDAO(alien4cloud.dao.IGenericSearchDAO)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
List(java.util.List)
GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO)
UserDTO(alien4cloud.rest.orchestrator.model.UserDTO)
AbstractLocationResourceTemplate(alien4cloud.model.orchestrators.locations.AbstractLocationResourceTemplate)
ApplicationEnvironmentAuthorizationUpdateRequest(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)
AbstractLocationResourceTemplate(alien4cloud.model.orchestrators.locations.AbstractLocationResourceTemplate)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
Audit(alien4cloud.audit.annotation.Audit)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 19 with RestResponse
use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.
the class AbstractLocationResourcesSecurityController method revokeUserAccess.
/**
* Revoke the user's authorisation to access a location resource
*
* @param locationId The id of the location.
* @param username The authorized user.
* @return A {@link Void} {@link RestResponse}.
*/
@ApiOperation(value = "Revoke the user's authorisation to access a location resource, send back the new authorised users list", notes = "Only user with ADMIN role can revoke access to the location.")
@RequestMapping(value = "/users/{username}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<List<UserDTO>> revokeUserAccess(@PathVariable String orchestratorId, @PathVariable String locationId, @PathVariable String resourceId, @PathVariable String username) {
AbstractLocationResourceTemplate resourceTemplate = locationResourceService.getOrFail(resourceId);
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource((AbstractLocationResourceTemplate) resource)), Subject.USER, username);
List<UserDTO> users = UserDTO.convert(resourcePermissionService.getAuthorizedUsers(resourceTemplate));
return RestResponseBuilder.<List<UserDTO>>builder().data(users).build();
}
Also used :
PathVariable(org.springframework.web.bind.annotation.PathVariable)
Lists(org.elasticsearch.common.collect.Lists)
Arrays(java.util.Arrays)
ApplicationEnvironmentService(alien4cloud.application.ApplicationEnvironmentService)
Subject(alien4cloud.security.Subject)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
LocationService(alien4cloud.orchestrators.locations.services.LocationService)
ResourcePermissionService(alien4cloud.authorization.ResourcePermissionService)
ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ArrayUtils(org.apache.commons.lang3.ArrayUtils)
LocationSecurityService(alien4cloud.orchestrators.locations.services.LocationSecurityService)
AlienUtils.safe(alien4cloud.utils.AlienUtils.safe)
Location(alien4cloud.model.orchestrators.locations.Location)
RequestBody(org.springframework.web.bind.annotation.RequestBody)
ApiOperation(io.swagger.annotations.ApiOperation)
Audit(alien4cloud.audit.annotation.Audit)
RestResponseBuilder(alien4cloud.rest.model.RestResponseBuilder)
RestResponse(alien4cloud.rest.model.RestResponse)
Application(alien4cloud.model.application.Application)
ILocationResourceService(alien4cloud.orchestrators.locations.services.ILocationResourceService)
MapUtils(org.apache.commons.collections4.MapUtils)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
MediaType(org.springframework.http.MediaType)
Resource(javax.annotation.Resource)
RequestMethod(org.springframework.web.bind.annotation.RequestMethod)
Set(java.util.Set)
IGenericSearchDAO(alien4cloud.dao.IGenericSearchDAO)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
List(java.util.List)
GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO)
UserDTO(alien4cloud.rest.orchestrator.model.UserDTO)
AbstractLocationResourceTemplate(alien4cloud.model.orchestrators.locations.AbstractLocationResourceTemplate)
ApplicationEnvironmentAuthorizationUpdateRequest(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)
UserDTO(alien4cloud.rest.orchestrator.model.UserDTO)
AbstractLocationResourceTemplate(alien4cloud.model.orchestrators.locations.AbstractLocationResourceTemplate)
List(java.util.List)
Audit(alien4cloud.audit.annotation.Audit)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 20 with RestResponse
use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.
the class AbstractLocationResourcesSecurityController method updateAuthorizedEnvironmentsAndEnvTypePerApplication.
/**
* Update applications,environments and environment types authorized to access the location resource.
*/
@ApiOperation(value = "Update applications,environments and environment types authorized to access the location resource", notes = "Only user with ADMIN role can update authorized applications,environments and environment types for the location.")
@RequestMapping(value = "/environmentsPerApplication", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public synchronized RestResponse<Void> updateAuthorizedEnvironmentsAndEnvTypePerApplication(@PathVariable String orchestratorId, @PathVariable String locationId, @PathVariable String resourceId, @RequestBody ApplicationEnvironmentAuthorizationUpdateRequest request) {
Location location = locationService.getLocation(orchestratorId, locationId);
locationSecurityService.grantAuthorizationOnLocationIfNecessary(request.getApplicationsToAdd(), request.getEnvironmentsToAdd(), request.getEnvironmentTypesToAdd(), location);
AbstractLocationResourceTemplate resourceTemplate = locationResourceService.getOrFail(resourceId);
if (ArrayUtils.isNotEmpty(request.getApplicationsToDelete())) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.APPLICATION, request.getApplicationsToDelete());
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentsToDelete())) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT, request.getEnvironmentsToDelete());
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentTypesToDelete())) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT_TYPE, request.getEnvironmentTypesToDelete());
}
Set<String> envIds = Sets.newHashSet();
if (ArrayUtils.isNotEmpty(request.getApplicationsToAdd())) {
resourcePermissionService.grantPermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.APPLICATION, request.getApplicationsToAdd());
// when an app is added, all eventual existing env authorizations are removed
for (String applicationToAddId : request.getApplicationsToAdd()) {
ApplicationEnvironment[] aes = applicationEnvironmentService.getByApplicationId(applicationToAddId);
for (ApplicationEnvironment ae : aes) {
envIds.add(ae.getId());
}
}
if (!envIds.isEmpty()) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT, envIds.toArray(new String[envIds.size()]));
}
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentsToAdd())) {
List<String> envToAddSet = Arrays.stream(request.getEnvironmentsToAdd()).filter(env -> !envIds.contains(env)).collect(Collectors.toList());
resourcePermissionService.grantPermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT, envToAddSet.toArray(new String[envToAddSet.size()]));
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentTypesToAdd())) {
resourcePermissionService.grantPermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT_TYPE, request.getEnvironmentTypesToAdd());
}
return RestResponseBuilder.<Void>builder().build();
}
Also used :
PathVariable(org.springframework.web.bind.annotation.PathVariable)
Lists(org.elasticsearch.common.collect.Lists)
Arrays(java.util.Arrays)
ApplicationEnvironmentService(alien4cloud.application.ApplicationEnvironmentService)
Subject(alien4cloud.security.Subject)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
LocationService(alien4cloud.orchestrators.locations.services.LocationService)
ResourcePermissionService(alien4cloud.authorization.ResourcePermissionService)
ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
ArrayUtils(org.apache.commons.lang3.ArrayUtils)
LocationSecurityService(alien4cloud.orchestrators.locations.services.LocationSecurityService)
AlienUtils.safe(alien4cloud.utils.AlienUtils.safe)
Location(alien4cloud.model.orchestrators.locations.Location)
RequestBody(org.springframework.web.bind.annotation.RequestBody)
ApiOperation(io.swagger.annotations.ApiOperation)
Audit(alien4cloud.audit.annotation.Audit)
RestResponseBuilder(alien4cloud.rest.model.RestResponseBuilder)
RestResponse(alien4cloud.rest.model.RestResponse)
Application(alien4cloud.model.application.Application)
ILocationResourceService(alien4cloud.orchestrators.locations.services.ILocationResourceService)
MapUtils(org.apache.commons.collections4.MapUtils)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
MediaType(org.springframework.http.MediaType)
Resource(javax.annotation.Resource)
RequestMethod(org.springframework.web.bind.annotation.RequestMethod)
Set(java.util.Set)
IGenericSearchDAO(alien4cloud.dao.IGenericSearchDAO)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
List(java.util.List)
GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO)
UserDTO(alien4cloud.rest.orchestrator.model.UserDTO)
AbstractLocationResourceTemplate(alien4cloud.model.orchestrators.locations.AbstractLocationResourceTemplate)
ApplicationEnvironmentAuthorizationUpdateRequest(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)
AbstractLocationResourceTemplate(alien4cloud.model.orchestrators.locations.AbstractLocationResourceTemplate)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
Location(alien4cloud.model.orchestrators.locations.Location)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
RestResponse (alien4cloud.rest.model.RestResponse)25
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)18
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)18
ApplicationEnvironment (alien4cloud.model.application.ApplicationEnvironment)17
ApiOperation (io.swagger.annotations.ApiOperation)17
Audit (alien4cloud.audit.annotation.Audit)15
Application (alien4cloud.model.application.Application)14
ApplicationEnvironmentService (alien4cloud.application.ApplicationEnvironmentService)12
ResourcePermissionService (alien4cloud.authorization.ResourcePermissionService)12
RestResponseBuilder (alien4cloud.rest.model.RestResponseBuilder)12
ApplicationEnvironmentAuthorizationUpdateRequest (alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)12
Subject (alien4cloud.security.Subject)12
Sets (com.google.common.collect.Sets)12
Arrays (java.util.Arrays)12
List (java.util.List)12
Set (java.util.Set)12
Collectors (java.util.stream.Collectors)12
Resource (javax.annotation.Resource)12
IGenericSearchDAO (alien4cloud.dao.IGenericSearchDAO)11
ApplicationEnvironmentAuthorizationDTO (alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)11
