Example 71 with ApplicationEnvironment
use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.
the class ApplicationEnvironmentRolesController method removeUserRole.
/**
* Remove a role from a user on a specific application environment
*
* @param applicationEnvironmentId application environment id
* @param username The username of the user to update roles
* @param role The role to add to the user on the application environment
* @return A {@link Void} {@link RestResponse}
*/
@ApiOperation(value = "Remove a role to a user on a specific application environment", notes = "Any user with application role APPLICATION_MANAGER can unassign any role to another user. Application role required [ APPLICATION_MANAGER ]")
@RequestMapping(value = "/users/{username}/{role}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("isAuthenticated()")
@Audit
public RestResponse<Void> removeUserRole(@PathVariable String applicationEnvironmentId, @PathVariable String username, @PathVariable String role) {
ApplicationEnvironment applicationEnvironment = applicationEnvironmentService.checkAndGetApplicationEnvironment(applicationEnvironmentId, ApplicationRole.APPLICATION_MANAGER);
resourceRoleService.removeUserRole(applicationEnvironment, username, role);
handleRemoveUserRoleOnApplication(applicationEnvironment.getApplicationId(), username);
return RestResponseBuilder.<Void>builder().build();
}
Also used :
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
Audit(alien4cloud.audit.annotation.Audit)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 72 with ApplicationEnvironment
use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.
the class LocationSecurityController method revokeApplicationAccess.
/**
*****************************************************************************************************************************
*
* SECURITY ON APPLICATIONS
*
******************************************************************************************************************************
*/
/**
* Revoke the application's authorisation to access the location (including all related environments).
*
* @param locationId The id of the location.
* @param applicationId The authorized application.
* @return A {@link Void} {@link RestResponse}.
*/
@ApiOperation(value = "Revoke the application's authorisation to access the location", notes = "Only user with ADMIN role can revoke access to the location.")
@RequestMapping(value = "/applications/{applicationId}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<Void> revokeApplicationAccess(@PathVariable String orchestratorId, @PathVariable String locationId, @PathVariable String applicationId) {
Location location = locationService.getLocation(orchestratorId, locationId);
resourcePermissionService.revokePermission(location, Subject.APPLICATION, applicationId);
// remove all environments related to this application
ApplicationEnvironment[] aes = applicationEnvironmentService.getByApplicationId(applicationId);
String[] envIds = Arrays.stream(aes).map(ae -> ae.getId()).toArray(String[]::new);
resourcePermissionService.revokePermission(location, Subject.ENVIRONMENT, envIds);
// remove all environments types related to this application
Set<String> envTypeIds = Sets.newHashSet();
for (String envType : safe(location.getEnvironmentTypePermissions()).keySet()) {
if (envType.contains(applicationId)) {
envTypeIds.add(envType);
}
}
resourcePermissionService.revokePermission(location, Subject.ENVIRONMENT_TYPE, envTypeIds.toArray(new String[envTypeIds.size()]));
return RestResponseBuilder.<Void>builder().build();
}
Also used :
IntStream(java.util.stream.IntStream)
PathVariable(org.springframework.web.bind.annotation.PathVariable)
Lists(org.elasticsearch.common.collect.Lists)
RequestParam(org.springframework.web.bind.annotation.RequestParam)
Arrays(java.util.Arrays)
ApplicationEnvironmentService(alien4cloud.application.ApplicationEnvironmentService)
Subject(alien4cloud.security.Subject)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
LocationService(alien4cloud.orchestrators.locations.services.LocationService)
ResourcePermissionService(alien4cloud.authorization.ResourcePermissionService)
ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)
ApiParam(io.swagger.annotations.ApiParam)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
IdsFilterBuilder(org.elasticsearch.index.query.IdsFilterBuilder)
User(alien4cloud.security.model.User)
AlienUtils.safe(alien4cloud.utils.AlienUtils.safe)
Location(alien4cloud.model.orchestrators.locations.Location)
RequestBody(org.springframework.web.bind.annotation.RequestBody)
ApiOperation(io.swagger.annotations.ApiOperation)
Audit(alien4cloud.audit.annotation.Audit)
RestResponseBuilder(alien4cloud.rest.model.RestResponseBuilder)
RestResponse(alien4cloud.rest.model.RestResponse)
Application(alien4cloud.model.application.Application)
Api(io.swagger.annotations.Api)
MapUtils(org.apache.commons.collections4.MapUtils)
GetMultipleDataResult(alien4cloud.dao.model.GetMultipleDataResult)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
FilterBuilders(org.elasticsearch.index.query.FilterBuilders)
MediaType(org.springframework.http.MediaType)
Resource(javax.annotation.Resource)
RequestMethod(org.springframework.web.bind.annotation.RequestMethod)
Set(java.util.Set)
IGenericSearchDAO(alien4cloud.dao.IGenericSearchDAO)
RestController(org.springframework.web.bind.annotation.RestController)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
IAlienGroupDao(alien4cloud.security.groups.IAlienGroupDao)
IAlienUserDao(alien4cloud.security.users.IAlienUserDao)
List(java.util.List)
GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO)
Group(alien4cloud.security.model.Group)
UserDTO(alien4cloud.rest.orchestrator.model.UserDTO)
ApplicationEnvironmentAuthorizationUpdateRequest(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
Location(alien4cloud.model.orchestrators.locations.Location)
Audit(alien4cloud.audit.annotation.Audit)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 73 with ApplicationEnvironment
use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.
the class LocationSecurityController method getAuthorizedEnvironmentsAndEnvTypePerApplication.
/**
* List all environments per application authorised to access the location.
*
* @return list of all environments per application.
*/
@ApiOperation(value = "List all applications,environments and environment types authorized to access the location", notes = "Only user with ADMIN role can list authorized applications,environments and environment types for the location.")
@RequestMapping(value = "/environmentsPerApplication", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public RestResponse<List<ApplicationEnvironmentAuthorizationDTO>> getAuthorizedEnvironmentsAndEnvTypePerApplication(@PathVariable String orchestratorId, @PathVariable String locationId) {
Location location = locationService.getLocation(orchestratorId, locationId);
List<Application> applicationsRelatedToEnvironment = Lists.newArrayList();
List<Application> applicationsRelatedToEnvironmentType = Lists.newArrayList();
List<ApplicationEnvironment> environments = Lists.newArrayList();
List<Application> applications = Lists.newArrayList();
List<String> environmentTypes = Lists.newArrayList();
if (location.getEnvironmentPermissions() != null && location.getEnvironmentPermissions().size() > 0) {
environments = alienDAO.findByIds(ApplicationEnvironment.class, location.getEnvironmentPermissions().keySet().toArray(new String[location.getEnvironmentPermissions().size()]));
Set<String> environmentApplicationIds = environments.stream().map(ae -> new String(ae.getApplicationId())).collect(Collectors.toSet());
applicationsRelatedToEnvironment = alienDAO.findByIds(Application.class, environmentApplicationIds.toArray(new String[environmentApplicationIds.size()]));
}
if (location.getEnvironmentTypePermissions() != null && location.getEnvironmentTypePermissions().size() > 0) {
environmentTypes.addAll(location.getEnvironmentTypePermissions().keySet());
Set<String> environmentTypeApplicationIds = environmentTypes.stream().map(envType -> new String(envType.split(":")[0])).collect(Collectors.toSet());
applicationsRelatedToEnvironmentType = alienDAO.findByIds(Application.class, environmentTypeApplicationIds.toArray(new String[environmentTypeApplicationIds.size()]));
}
if (location.getApplicationPermissions() != null && location.getApplicationPermissions().size() > 0) {
applications = alienDAO.findByIds(Application.class, location.getApplicationPermissions().keySet().toArray(new String[location.getApplicationPermissions().size()]));
}
List<ApplicationEnvironmentAuthorizationDTO> result = ApplicationEnvironmentAuthorizationDTO.buildDTOs(applicationsRelatedToEnvironment, applicationsRelatedToEnvironmentType, environments, applications, environmentTypes);
return RestResponseBuilder.<List<ApplicationEnvironmentAuthorizationDTO>>builder().data(result).build();
}
Also used :
IntStream(java.util.stream.IntStream)
PathVariable(org.springframework.web.bind.annotation.PathVariable)
Lists(org.elasticsearch.common.collect.Lists)
RequestParam(org.springframework.web.bind.annotation.RequestParam)
Arrays(java.util.Arrays)
ApplicationEnvironmentService(alien4cloud.application.ApplicationEnvironmentService)
Subject(alien4cloud.security.Subject)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
LocationService(alien4cloud.orchestrators.locations.services.LocationService)
ResourcePermissionService(alien4cloud.authorization.ResourcePermissionService)
ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)
ApiParam(io.swagger.annotations.ApiParam)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
IdsFilterBuilder(org.elasticsearch.index.query.IdsFilterBuilder)
User(alien4cloud.security.model.User)
AlienUtils.safe(alien4cloud.utils.AlienUtils.safe)
Location(alien4cloud.model.orchestrators.locations.Location)
RequestBody(org.springframework.web.bind.annotation.RequestBody)
ApiOperation(io.swagger.annotations.ApiOperation)
Audit(alien4cloud.audit.annotation.Audit)
RestResponseBuilder(alien4cloud.rest.model.RestResponseBuilder)
RestResponse(alien4cloud.rest.model.RestResponse)
Application(alien4cloud.model.application.Application)
Api(io.swagger.annotations.Api)
MapUtils(org.apache.commons.collections4.MapUtils)
GetMultipleDataResult(alien4cloud.dao.model.GetMultipleDataResult)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
FilterBuilders(org.elasticsearch.index.query.FilterBuilders)
MediaType(org.springframework.http.MediaType)
Resource(javax.annotation.Resource)
RequestMethod(org.springframework.web.bind.annotation.RequestMethod)
Set(java.util.Set)
IGenericSearchDAO(alien4cloud.dao.IGenericSearchDAO)
RestController(org.springframework.web.bind.annotation.RestController)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
IAlienGroupDao(alien4cloud.security.groups.IAlienGroupDao)
IAlienUserDao(alien4cloud.security.users.IAlienUserDao)
List(java.util.List)
GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO)
Group(alien4cloud.security.model.Group)
UserDTO(alien4cloud.rest.orchestrator.model.UserDTO)
ApplicationEnvironmentAuthorizationUpdateRequest(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)
ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)
List(java.util.List)
Application(alien4cloud.model.application.Application)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
Location(alien4cloud.model.orchestrators.locations.Location)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 74 with ApplicationEnvironment
use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.
the class LocationSecurityController method getAuthorizedEnvironmentsAndEnvTypesPerApplicationPaginated.
/**
* search applications,environments and environment types authorised to access the location.
*
* @return {@link RestResponse} that contains a {@link GetMultipleDataResult} of {@link GroupDTO}..
*/
@ApiOperation(value = "List all applications,environments and environment types authorized to access the location", notes = "Only user with ADMIN role can list authorized applications,environments and environment types to the location.")
@RequestMapping(value = "/applications/search", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public RestResponse<GetMultipleDataResult<ApplicationEnvironmentAuthorizationDTO>> getAuthorizedEnvironmentsAndEnvTypesPerApplicationPaginated(@PathVariable String orchestratorId, @PathVariable String locationId, @ApiParam(value = "Text Query to search.") @RequestParam(required = false) String query, @ApiParam(value = "Query from the given index.") @RequestParam(required = false, defaultValue = "0") int from, @ApiParam(value = "Maximum number of results to retrieve.") @RequestParam(required = false, defaultValue = "20") int size) {
Location location = locationService.getLocation(orchestratorId, locationId);
List<Application> applicationsRelatedToEnvironment = Lists.newArrayList();
List<Application> applicationsRelatedToEnvironmentType = Lists.newArrayList();
List<ApplicationEnvironment> environments = Lists.newArrayList();
List<String> environmentTypes = Lists.newArrayList();
List<Application> applications = Lists.newArrayList();
// we get all authorized applications and environment to not favor the one of them
if (MapUtils.isNotEmpty(location.getEnvironmentPermissions())) {
environments = alienDAO.findByIds(ApplicationEnvironment.class, location.getEnvironmentPermissions().keySet().toArray(new String[location.getEnvironmentPermissions().size()]));
Set<String> environmentApplicationIds = environments.stream().map(ae -> new String(ae.getApplicationId())).collect(Collectors.toSet());
applicationsRelatedToEnvironment = alienDAO.findByIds(Application.class, environmentApplicationIds.toArray(new String[environmentApplicationIds.size()]));
}
if (MapUtils.isNotEmpty(location.getEnvironmentTypePermissions())) {
environmentTypes.addAll(location.getEnvironmentTypePermissions().keySet());
Set<String> environmentTypeApplicationIds = Sets.newHashSet();
for (String envType : safe(location.getEnvironmentTypePermissions()).keySet()) {
environmentTypeApplicationIds.add(envType.split(":")[0]);
}
applicationsRelatedToEnvironmentType = alienDAO.findByIds(Application.class, environmentTypeApplicationIds.toArray(new String[environmentTypeApplicationIds.size()]));
}
if (MapUtils.isNotEmpty(location.getApplicationPermissions())) {
applications = alienDAO.findByIds(Application.class, location.getApplicationPermissions().keySet().toArray(new String[location.getApplicationPermissions().size()]));
}
List<ApplicationEnvironmentAuthorizationDTO> allDTOs = ApplicationEnvironmentAuthorizationDTO.buildDTOs(applicationsRelatedToEnvironment, applicationsRelatedToEnvironmentType, environments, applications, environmentTypes);
int to = (from + size < allDTOs.size()) ? from + size : allDTOs.size();
allDTOs = IntStream.range(from, to).mapToObj(allDTOs::get).collect(Collectors.toList());
List<String> ids = allDTOs.stream().map(appEnvDTO -> appEnvDTO.getApplication().getId()).collect(Collectors.toList());
IdsFilterBuilder idFilters = FilterBuilders.idsFilter().ids(ids.toArray(new String[ids.size()]));
GetMultipleDataResult<Application> tempResult = alienDAO.search(Application.class, query, null, idFilters, null, from, to, "id", false);
return RestResponseBuilder.<GetMultipleDataResult<ApplicationEnvironmentAuthorizationDTO>>builder().data(ApplicationEnvironmentAuthorizationDTO.convert(tempResult, allDTOs)).build();
}
Also used :
IntStream(java.util.stream.IntStream)
PathVariable(org.springframework.web.bind.annotation.PathVariable)
Lists(org.elasticsearch.common.collect.Lists)
RequestParam(org.springframework.web.bind.annotation.RequestParam)
Arrays(java.util.Arrays)
ApplicationEnvironmentService(alien4cloud.application.ApplicationEnvironmentService)
Subject(alien4cloud.security.Subject)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
LocationService(alien4cloud.orchestrators.locations.services.LocationService)
ResourcePermissionService(alien4cloud.authorization.ResourcePermissionService)
ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)
ApiParam(io.swagger.annotations.ApiParam)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
IdsFilterBuilder(org.elasticsearch.index.query.IdsFilterBuilder)
User(alien4cloud.security.model.User)
AlienUtils.safe(alien4cloud.utils.AlienUtils.safe)
Location(alien4cloud.model.orchestrators.locations.Location)
RequestBody(org.springframework.web.bind.annotation.RequestBody)
ApiOperation(io.swagger.annotations.ApiOperation)
Audit(alien4cloud.audit.annotation.Audit)
RestResponseBuilder(alien4cloud.rest.model.RestResponseBuilder)
RestResponse(alien4cloud.rest.model.RestResponse)
Application(alien4cloud.model.application.Application)
Api(io.swagger.annotations.Api)
MapUtils(org.apache.commons.collections4.MapUtils)
GetMultipleDataResult(alien4cloud.dao.model.GetMultipleDataResult)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
FilterBuilders(org.elasticsearch.index.query.FilterBuilders)
MediaType(org.springframework.http.MediaType)
Resource(javax.annotation.Resource)
RequestMethod(org.springframework.web.bind.annotation.RequestMethod)
Set(java.util.Set)
IGenericSearchDAO(alien4cloud.dao.IGenericSearchDAO)
RestController(org.springframework.web.bind.annotation.RestController)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
IAlienGroupDao(alien4cloud.security.groups.IAlienGroupDao)
IAlienUserDao(alien4cloud.security.users.IAlienUserDao)
List(java.util.List)
GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO)
Group(alien4cloud.security.model.Group)
UserDTO(alien4cloud.rest.orchestrator.model.UserDTO)
ApplicationEnvironmentAuthorizationUpdateRequest(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
IdsFilterBuilder(org.elasticsearch.index.query.IdsFilterBuilder)
ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)
GetMultipleDataResult(alien4cloud.dao.model.GetMultipleDataResult)
Application(alien4cloud.model.application.Application)
Location(alien4cloud.model.orchestrators.locations.Location)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 75 with ApplicationEnvironment
use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.
the class ApplicationEnvironmentAuthorizationDTO method buildDTOs.
public static List<ApplicationEnvironmentAuthorizationDTO> buildDTOs(List<Application> applicationsRelatedToEnvironment, List<Application> applicationsRelatedToEnvironmentType, List<ApplicationEnvironment> environments, List<Application> applications, List<String> environmentTypes) {
Map<String, ApplicationEnvironmentAuthorizationDTO> aeaDTOsMap = Maps.newHashMap();
if (!environments.isEmpty()) {
applicationsRelatedToEnvironment.stream().forEach(application -> aeaDTOsMap.put(application.getId(), new ApplicationEnvironmentAuthorizationDTO(application, Lists.newArrayList(), Lists.newArrayList())));
for (ApplicationEnvironment ae : environments) {
ApplicationEnvironmentAuthorizationDTO dto = aeaDTOsMap.get(ae.getApplicationId());
dto.getEnvironments().add(ae);
}
}
if (!environmentTypes.isEmpty()) {
for (Application application : applicationsRelatedToEnvironmentType) {
if (aeaDTOsMap.get(application.getId()) != null) {
aeaDTOsMap.get(application.getId()).getEnvironmentTypes().addAll(filterEnvType(application.getId(), environmentTypes));
} else {
aeaDTOsMap.put(application.getId(), new ApplicationEnvironmentAuthorizationDTO(application, Lists.newArrayList(), filterEnvType(application.getId(), environmentTypes)));
}
}
}
if (!applications.isEmpty()) {
for (Application application : applications) {
ApplicationEnvironmentAuthorizationDTO dto = aeaDTOsMap.get(application.getId());
if (dto == null) {
aeaDTOsMap.put(application.getId(), new ApplicationEnvironmentAuthorizationDTO(application, null, null));
} else {
// the application has detailed environment authorizations but the whole application authorization has precedence.
dto.setEnvironments(null);
}
}
}
return Lists.newArrayList(aeaDTOsMap.values());
}
Also used :
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
Application(alien4cloud.model.application.Application)
Aggregations
ApplicationEnvironment (alien4cloud.model.application.ApplicationEnvironment)82
ApiOperation (io.swagger.annotations.ApiOperation)42
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)42
Application (alien4cloud.model.application.Application)40
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)35
Audit (alien4cloud.audit.annotation.Audit)27
List (java.util.List)17
Collectors (java.util.stream.Collectors)16
DeploymentTopology (alien4cloud.model.deployment.DeploymentTopology)15
RestResponse (alien4cloud.rest.model.RestResponse)15
Topology (org.alien4cloud.tosca.model.templates.Topology)15
Set (java.util.Set)14
ApplicationEnvironmentService (alien4cloud.application.ApplicationEnvironmentService)13
NotFoundException (alien4cloud.exception.NotFoundException)13
Map (java.util.Map)13
Resource (javax.annotation.Resource)12
ApplicationTopologyVersion (alien4cloud.model.application.ApplicationTopologyVersion)11
Deployment (alien4cloud.model.deployment.Deployment)11
Arrays (java.util.Arrays)11
Location (alien4cloud.model.orchestrators.locations.Location)10
