use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.
the class ApplicationEnvironmentRolesController method removeGroupRole.
/**
* Remove a role from a group on a specific application environment
*
* @param applicationEnvironmentId application environment id
* @param groupId The id of the group to update roles
* @param role The role to add to the user on the application environment
* @return A {@link Void} {@link RestResponse}.
*/
@ApiOperation(value = "Remove a role of a group on a specific application environment", notes = "Any user with application role APPLICATION_MANAGER can un-assign any role to a group. Application role required [ APPLICATION_MANAGER ]")
@RequestMapping(value = "/groups/{groupId}/{role}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("isAuthenticated()")
@Audit
public RestResponse<Void> removeGroupRole(@PathVariable String applicationEnvironmentId, @PathVariable String groupId, @PathVariable String role) {
ApplicationEnvironment applicationEnvironment = applicationEnvironmentService.checkAndGetApplicationEnvironment(applicationEnvironmentId, ApplicationRole.APPLICATION_MANAGER);
resourceRoleService.removeGroupRole(applicationEnvironment, groupId, role);
handleRemoveGrpRoleOnApplication(applicationEnvironment.getApplicationId(), groupId);
return RestResponseBuilder.<Void>builder().build();
}
use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.
the class ApplicationEnvironmentRolesController method handleRemoveGrpRoleOnApplication.
/**
* Handle group roles on the targeted application
*
* @param applicationId
* @param groupId
*/
private void handleRemoveGrpRoleOnApplication(String applicationId, String groupId) {
Application application = applicationService.getOrFail(applicationId);
// Check if group has at least one role on the application or the environments
Set<String> applicationRoles = application.getGroupRoles() != null ? application.getGroupRoles().get(groupId) : new HashSet<>();
List<Set<String>> environmentRoles = Arrays.stream(applicationEnvironmentService.getByApplicationId(applicationId)).map(applicationEnvironment -> applicationEnvironment.getGroupRoles() != null ? applicationEnvironment.getGroupRoles().get(groupId) : null).filter(roles -> roles != null).collect(Collectors.toList());
if (mustRemoveApplicationUserRole(applicationRoles, environmentRoles)) {
// If we are here, it means that we must take out the APPLICATION_USER role for application as group does not have any other role than that
resourceRoleService.removeGroupRole(application, groupId, ApplicationRole.APPLICATION_USER.toString());
}
}
use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.
the class RuntimeController method getDeployedTopology.
/**
* Get runtime (deployed) topology of an application on a specific environment
*
* @param applicationId application id for which to get the topology
* @param applicationEnvironmentId application environment for which to get the topology through the version
* @return {@link RestResponse}<{@link TopologyDTO}> containing the requested runtime {@link Topology} and the
* {@link NodeType} related to his {@link NodeTemplate}s
*/
@ApiOperation(value = "Get runtime (deployed) topology of an application on a specific cloud.")
@RequestMapping(value = "/{applicationId:.+?}/environment/{applicationEnvironmentId:.+?}/topology", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("isAuthenticated()")
public RestResponse<TopologyDTO> getDeployedTopology(@ApiParam(value = "Id of the application for which to get deployed topology.", required = true) @PathVariable String applicationId, @ApiParam(value = "Id of the environment for which to get deployed topology.", required = true) @PathVariable String applicationEnvironmentId) {
ApplicationEnvironment environment = applicationEnvironmentService.getEnvironmentByIdOrDefault(applicationId, applicationEnvironmentId);
if (!environment.getApplicationId().equals(applicationId)) {
throw new NotFoundException("Unable to find environment with id <" + applicationEnvironmentId + "> for application <" + applicationId + ">");
}
// Security check user must be authorized to deploy the environment (or be application manager)
AuthorizationUtil.checkAuthorizationForEnvironment(applicationService.getOrFail(applicationId), environment);
Deployment deployment = deploymentService.getActiveDeploymentOrFail(environment.getId());
DeploymentTopology deploymentTopology = deploymentRuntimeStateService.getRuntimeTopology(deployment.getId());
return RestResponseBuilder.<TopologyDTO>builder().data(topologyDTOBuilder.initTopologyDTO(deploymentTopology, new TopologyDTO())).build();
}
use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.
the class RuntimeController method executeOperation.
@ApiOperation(value = "Trigger a custom command on a specific node template of a topology .", authorizations = { @Authorization("APPLICATION_MANAGER") }, notes = "Returns a response with no errors and the command response as data in success case. Application role required [ APPLICATION_MANAGER ]")
@RequestMapping(value = "/{applicationId:.+?}/operations", method = RequestMethod.POST, consumes = MediaType.APPLICATION_JSON_VALUE, produces = MediaType.APPLICATION_JSON_VALUE)
@ResponseBody
@PreAuthorize("isAuthenticated()")
@Audit(bodyHiddenFields = { "secretProviderCredentials" })
public DeferredResult<RestResponse<Object>> executeOperation(@PathVariable String applicationId, @RequestBody @Valid OperationExecRequest operationRequest) {
final DeferredResult<RestResponse<Object>> result = new DeferredResult<>(15L * 60L * 1000L);
Application application = applicationService.getOrFail(applicationId);
ApplicationEnvironment environment = applicationEnvironmentService.getEnvironmentByIdOrDefault(applicationId, operationRequest.getApplicationEnvironmentId());
AuthorizationUtil.checkAuthorizationForEnvironment(application, environment);
Topology topology = deploymentRuntimeStateService.getRuntimeTopologyFromEnvironment(operationRequest.getApplicationEnvironmentId());
// validate the operation request
try {
validateCommand(operationRequest, topology);
} catch (ConstraintViolationException e) {
result.setErrorResult(RestResponseBuilder.<Object>builder().data(e.getConstraintInformation()).error(new RestError(RestErrorCode.PROPERTY_CONSTRAINT_VIOLATION_ERROR.getCode(), e.getMessage())).build());
return result;
} catch (ConstraintValueDoNotMatchPropertyTypeException e) {
result.setErrorResult(RestResponseBuilder.<Object>builder().data(e.getConstraintInformation()).error(new RestError(RestErrorCode.PROPERTY_TYPE_VIOLATION_ERROR.getCode(), e.getMessage())).build());
return result;
} catch (ConstraintRequiredParameterException e) {
result.setErrorResult(RestResponseBuilder.<Object>builder().data(e.getConstraintInformation()).error(new RestError(RestErrorCode.PROPERTY_REQUIRED_VIOLATION_ERROR.getCode(), e.getMessage())).build());
return result;
} catch (ConstraintFunctionalException e) {
result.setErrorResult(RestResponseBuilder.<Object>builder().data(e.getConstraintInformation()).error(new RestError(RestErrorCode.PROPERTY_UNKNOWN_VIOLATION_ERROR.getCode(), e.getMessage())).build());
return result;
}
// try to trigger the execution of the operation
try {
deploymentRuntimeService.triggerOperationExecution(operationRequest, new IPaaSCallback<Map<String, String>>() {
@Override
public void onSuccess(Map<String, String> data) {
result.setResult(RestResponseBuilder.<Object>builder().data(data).build());
}
@Override
public void onFailure(Throwable throwable) {
result.setErrorResult(RestResponseBuilder.<Object>builder().error(new RestError(RestErrorCode.NODE_OPERATION_EXECUTION_ERROR.getCode(), throwable.getMessage())).build());
}
});
} catch (OperationExecutionException e) {
result.setErrorResult(RestResponseBuilder.<Object>builder().error(new RestError(RestErrorCode.NODE_OPERATION_EXECUTION_ERROR.getCode(), e.getMessage())).build());
} catch (OrchestratorDisabledException e) {
result.setErrorResult(RestResponseBuilder.<Object>builder().error(new RestError(RestErrorCode.CLOUD_DISABLED_ERROR.getCode(), e.getMessage())).build());
}
return result;
}
use of alien4cloud.model.application.ApplicationEnvironment in project alien4cloud by alien4cloud.
the class WorkflowEventHandler method checkDeploymentAuthorization.
private void checkDeploymentAuthorization(Authentication authentication, User a4cUser, String deploymentId) {
Deployment deployment = alienDAO.findById(Deployment.class, deploymentId);
switch(deployment.getSourceType()) {
case APPLICATION:
// check if the user has right for the environment associated with the deployment.
ApplicationEnvironment environment = alienDAO.findById(ApplicationEnvironment.class, deployment.getEnvironmentId());
if (environment == null) {
log.error("Environment with id [{}] do not exist any more for deployment [{}]", deployment.getEnvironmentId(), deployment.getId());
throw new NotFoundException("Environment with id [" + deployment.getEnvironmentId() + "] do not exist any more for deployment [" + deployment.getId() + "]");
}
AuthorizationUtil.checkAuthorization(a4cUser, environment, ApplicationRole.APPLICATION_MANAGER, ApplicationEnvironmentRole.values());
break;
case CSAR:
AuthorizationUtil.checkHasOneRoleIn(authentication, Role.COMPONENTS_MANAGER);
}
}
Aggregations