Search in sources :

Example 16 with ApplicationEnvironment

use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.

the class ApplicationEnvironmentRolesController method removeGroupRole.

/**
 * Remove a role from a group on a specific application environment
 *
 * @param applicationEnvironmentId application environment id
 * @param groupId The id of the group to update roles
 * @param role The role to add to the user on the application environment
 * @return A {@link Void} {@link RestResponse}.
 */
@ApiOperation(value = "Remove a role of a group on a specific application environment", notes = "Any user with application role APPLICATION_MANAGER can un-assign any role to a group. Application role required [ APPLICATION_MANAGER ]")
@RequestMapping(value = "/groups/{groupId}/{role}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("isAuthenticated()")
@Audit
public RestResponse<Void> removeGroupRole(@PathVariable String applicationEnvironmentId, @PathVariable String groupId, @PathVariable String role) {
    ApplicationEnvironment applicationEnvironment = applicationEnvironmentService.checkAndGetApplicationEnvironment(applicationEnvironmentId, ApplicationRole.APPLICATION_MANAGER);
    resourceRoleService.removeGroupRole(applicationEnvironment, groupId, role);
    handleRemoveGrpRoleOnApplication(applicationEnvironment.getApplicationId(), groupId);
    return RestResponseBuilder.<Void>builder().build();
}
Also used : ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment) Audit(alien4cloud.audit.annotation.Audit) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 17 with ApplicationEnvironment

use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.

the class ApplicationEnvironmentRolesController method handleRemoveGrpRoleOnApplication.

/**
 * Handle group roles on the targeted application
 *
 * @param applicationId
 * @param groupId
 */
private void handleRemoveGrpRoleOnApplication(String applicationId, String groupId) {
    Application application = applicationService.getOrFail(applicationId);
    // Check if group has at least one role on the application or the environments
    Set<String> applicationRoles = application.getGroupRoles() != null ? application.getGroupRoles().get(groupId) : new HashSet<>();
    List<Set<String>> environmentRoles = Arrays.stream(applicationEnvironmentService.getByApplicationId(applicationId)).map(applicationEnvironment -> applicationEnvironment.getGroupRoles() != null ? applicationEnvironment.getGroupRoles().get(groupId) : null).filter(roles -> roles != null).collect(Collectors.toList());
    if (mustRemoveApplicationUserRole(applicationRoles, environmentRoles)) {
        // If we are here, it means that we must take out the APPLICATION_USER role for application as group does not have any other role than that
        resourceRoleService.removeGroupRole(application, groupId, ApplicationRole.APPLICATION_USER.toString());
    }
}
Also used : PathVariable(org.springframework.web.bind.annotation.PathVariable) Arrays(java.util.Arrays) ApplicationRole(alien4cloud.security.model.ApplicationRole) ApplicationEnvironmentService(alien4cloud.application.ApplicationEnvironmentService) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment) MediaType(org.springframework.http.MediaType) Resource(javax.annotation.Resource) Set(java.util.Set) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) RequestMethod(org.springframework.web.bind.annotation.RequestMethod) ApplicationEnvironmentRole(alien4cloud.security.model.ApplicationEnvironmentRole) Collectors(java.util.stream.Collectors) RestController(org.springframework.web.bind.annotation.RestController) HashSet(java.util.HashSet) ApiOperation(io.swagger.annotations.ApiOperation) List(java.util.List) Audit(alien4cloud.audit.annotation.Audit) RestResponseBuilder(alien4cloud.rest.model.RestResponseBuilder) RestResponse(alien4cloud.rest.model.RestResponse) Application(alien4cloud.model.application.Application) ResourceRoleService(alien4cloud.security.ResourceRoleService) ApplicationService(alien4cloud.application.ApplicationService) Api(io.swagger.annotations.Api) Set(java.util.Set) HashSet(java.util.HashSet) Application(alien4cloud.model.application.Application)

Example 18 with ApplicationEnvironment

use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.

the class RuntimeController method getDeployedTopology.

/**
 * Get runtime (deployed) topology of an application on a specific environment
 *
 * @param applicationId application id for which to get the topology
 * @param applicationEnvironmentId application environment for which to get the topology through the version
 * @return {@link RestResponse}<{@link TopologyDTO}> containing the requested runtime {@link Topology} and the
 *         {@link NodeType} related to his {@link NodeTemplate}s
 */
@ApiOperation(value = "Get runtime (deployed) topology of an application on a specific cloud.")
@RequestMapping(value = "/{applicationId:.+?}/environment/{applicationEnvironmentId:.+?}/topology", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("isAuthenticated()")
public RestResponse<TopologyDTO> getDeployedTopology(@ApiParam(value = "Id of the application for which to get deployed topology.", required = true) @PathVariable String applicationId, @ApiParam(value = "Id of the environment for which to get deployed topology.", required = true) @PathVariable String applicationEnvironmentId) {
    ApplicationEnvironment environment = applicationEnvironmentService.getEnvironmentByIdOrDefault(applicationId, applicationEnvironmentId);
    if (!environment.getApplicationId().equals(applicationId)) {
        throw new NotFoundException("Unable to find environment with id <" + applicationEnvironmentId + "> for application <" + applicationId + ">");
    }
    // Security check user must be authorized to deploy the environment (or be application manager)
    AuthorizationUtil.checkAuthorizationForEnvironment(applicationService.getOrFail(applicationId), environment);
    Deployment deployment = deploymentService.getActiveDeploymentOrFail(environment.getId());
    DeploymentTopology deploymentTopology = deploymentRuntimeStateService.getRuntimeTopology(deployment.getId());
    return RestResponseBuilder.<TopologyDTO>builder().data(topologyDTOBuilder.initTopologyDTO(deploymentTopology, new TopologyDTO())).build();
}
Also used : TopologyDTO(alien4cloud.topology.TopologyDTO) DeploymentTopology(alien4cloud.model.deployment.DeploymentTopology) NotFoundException(alien4cloud.exception.NotFoundException) Deployment(alien4cloud.model.deployment.Deployment) ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 19 with ApplicationEnvironment

use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.

the class RuntimeController method executeOperation.

@ApiOperation(value = "Trigger a custom command on a specific node template of a topology .", authorizations = { @Authorization("APPLICATION_MANAGER") }, notes = "Returns a response with no errors and the command response as data in success case. Application role required [ APPLICATION_MANAGER ]")
@RequestMapping(value = "/{applicationId:.+?}/operations", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
@ResponseBody
@PreAuthorize("isAuthenticated()")
@Audit(bodyHiddenFields = { "secretProviderCredentials" })
public DeferredResult<RestResponse<Object>> executeOperation(@PathVariable String applicationId, @RequestBody @Valid OperationExecRequest operationRequest) {
    final DeferredResult<RestResponse<Object>> result = new DeferredResult<>(15L * 60L * 1000L);
    Application application = applicationService.getOrFail(applicationId);
    ApplicationEnvironment environment = applicationEnvironmentService.getEnvironmentByIdOrDefault(applicationId, operationRequest.getApplicationEnvironmentId());
    AuthorizationUtil.checkAuthorizationForEnvironment(application, environment);
    Topology topology = deploymentRuntimeStateService.getRuntimeTopologyFromEnvironment(operationRequest.getApplicationEnvironmentId());
    // validate the operation request
    try {
        validateCommand(operationRequest, topology);
    } catch (ConstraintViolationException e) {
        result.setErrorResult(RestResponseBuilder.<Object>builder().data(e.getConstraintInformation()).error(new RestError(RestErrorCode.PROPERTY_CONSTRAINT_VIOLATION_ERROR.getCode(), e.getMessage())).build());
        return result;
    } catch (ConstraintValueDoNotMatchPropertyTypeException e) {
        result.setErrorResult(RestResponseBuilder.<Object>builder().data(e.getConstraintInformation()).error(new RestError(RestErrorCode.PROPERTY_TYPE_VIOLATION_ERROR.getCode(), e.getMessage())).build());
        return result;
    } catch (ConstraintRequiredParameterException e) {
        result.setErrorResult(RestResponseBuilder.<Object>builder().data(e.getConstraintInformation()).error(new RestError(RestErrorCode.PROPERTY_REQUIRED_VIOLATION_ERROR.getCode(), e.getMessage())).build());
        return result;
    } catch (ConstraintFunctionalException e) {
        result.setErrorResult(RestResponseBuilder.<Object>builder().data(e.getConstraintInformation()).error(new RestError(RestErrorCode.PROPERTY_UNKNOWN_VIOLATION_ERROR.getCode(), e.getMessage())).build());
        return result;
    }
    // try to trigger the execution of the operation
    try {
        deploymentRuntimeService.triggerOperationExecution(operationRequest, new IPaaSCallback<Map<String, String>>() {

            @Override
            public void onSuccess(Map<String, String> data) {
                result.setResult(RestResponseBuilder.<Object>builder().data(data).build());
            }

            @Override
            public void onFailure(Throwable throwable) {
                result.setErrorResult(RestResponseBuilder.<Object>builder().error(new RestError(RestErrorCode.NODE_OPERATION_EXECUTION_ERROR.getCode(), throwable.getMessage())).build());
            }
        });
    } catch (OperationExecutionException e) {
        result.setErrorResult(RestResponseBuilder.<Object>builder().error(new RestError(RestErrorCode.NODE_OPERATION_EXECUTION_ERROR.getCode(), e.getMessage())).build());
    } catch (OrchestratorDisabledException e) {
        result.setErrorResult(RestResponseBuilder.<Object>builder().error(new RestError(RestErrorCode.CLOUD_DISABLED_ERROR.getCode(), e.getMessage())).build());
    }
    return result;
}
Also used : ConstraintValueDoNotMatchPropertyTypeException(org.alien4cloud.tosca.exceptions.ConstraintValueDoNotMatchPropertyTypeException) RestResponse(alien4cloud.rest.model.RestResponse) DeploymentTopology(alien4cloud.model.deployment.DeploymentTopology) Topology(org.alien4cloud.tosca.model.templates.Topology) ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment) ConstraintFunctionalException(org.alien4cloud.tosca.exceptions.ConstraintFunctionalException) OrchestratorDisabledException(alien4cloud.paas.exception.OrchestratorDisabledException) RestError(alien4cloud.rest.model.RestError) OperationExecutionException(alien4cloud.paas.exception.OperationExecutionException) ConstraintViolationException(org.alien4cloud.tosca.exceptions.ConstraintViolationException) Application(alien4cloud.model.application.Application) Map(java.util.Map) ConstraintRequiredParameterException(org.alien4cloud.tosca.exceptions.ConstraintRequiredParameterException) DeferredResult(org.springframework.web.context.request.async.DeferredResult) Audit(alien4cloud.audit.annotation.Audit) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) ResponseBody(org.springframework.web.bind.annotation.ResponseBody)

Example 20 with ApplicationEnvironment

use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.

the class WorkflowEventHandler method checkDeploymentAuthorization.

private void checkDeploymentAuthorization(Authentication authentication, User a4cUser, String deploymentId) {
    Deployment deployment = alienDAO.findById(Deployment.class, deploymentId);
    switch(deployment.getSourceType()) {
        case APPLICATION:
            // check if the user has right for the environment associated with the deployment.
            ApplicationEnvironment environment = alienDAO.findById(ApplicationEnvironment.class, deployment.getEnvironmentId());
            if (environment == null) {
                log.error("Environment with id [{}] do not exist any more for deployment [{}]", deployment.getEnvironmentId(), deployment.getId());
                throw new NotFoundException("Environment with id [" + deployment.getEnvironmentId() + "] do not exist any more for deployment [" + deployment.getId() + "]");
            }
            AuthorizationUtil.checkAuthorization(a4cUser, environment, ApplicationRole.APPLICATION_MANAGER, ApplicationEnvironmentRole.values());
            break;
        case CSAR:
            AuthorizationUtil.checkHasOneRoleIn(authentication, Role.COMPONENTS_MANAGER);
    }
}
Also used : Deployment(alien4cloud.model.deployment.Deployment) NotFoundException(alien4cloud.exception.NotFoundException) ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)

Aggregations

ApplicationEnvironment (alien4cloud.model.application.ApplicationEnvironment)82 ApiOperation (io.swagger.annotations.ApiOperation)42 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)42 Application (alien4cloud.model.application.Application)40 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)35 Audit (alien4cloud.audit.annotation.Audit)27 List (java.util.List)17 Collectors (java.util.stream.Collectors)16 DeploymentTopology (alien4cloud.model.deployment.DeploymentTopology)15 RestResponse (alien4cloud.rest.model.RestResponse)15 Topology (org.alien4cloud.tosca.model.templates.Topology)15 Set (java.util.Set)14 ApplicationEnvironmentService (alien4cloud.application.ApplicationEnvironmentService)13 NotFoundException (alien4cloud.exception.NotFoundException)13 Map (java.util.Map)13 Resource (javax.annotation.Resource)12 ApplicationTopologyVersion (alien4cloud.model.application.ApplicationTopologyVersion)11 Deployment (alien4cloud.model.deployment.Deployment)11 Arrays (java.util.Arrays)11 Location (alien4cloud.model.orchestrators.locations.Location)10