Example 66 with Location
use of alien4cloud.model.orchestrators.locations.Location in project alien4cloud by alien4cloud.
the class LocationSecurityController method revokeApplicationAccess.
/**
*****************************************************************************************************************************
*
* SECURITY ON APPLICATIONS
*
******************************************************************************************************************************
*/
/**
* Revoke the application's authorisation to access the location (including all related environments).
*
* @param locationId The id of the location.
* @param applicationId The authorized application.
* @return A {@link Void} {@link RestResponse}.
*/
@ApiOperation(value = "Revoke the application's authorisation to access the location", notes = "Only user with ADMIN role can revoke access to the location.")
@RequestMapping(value = "/applications/{applicationId}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<Void> revokeApplicationAccess(@PathVariable String orchestratorId, @PathVariable String locationId, @PathVariable String applicationId) {
Location location = locationService.getLocation(orchestratorId, locationId);
resourcePermissionService.revokePermission(location, Subject.APPLICATION, applicationId);
// remove all environments related to this application
ApplicationEnvironment[] aes = applicationEnvironmentService.getByApplicationId(applicationId);
String[] envIds = Arrays.stream(aes).map(ae -> ae.getId()).toArray(String[]::new);
resourcePermissionService.revokePermission(location, Subject.ENVIRONMENT, envIds);
// remove all environments types related to this application
Set<String> envTypeIds = Sets.newHashSet();
for (String envType : safe(location.getEnvironmentTypePermissions()).keySet()) {
if (envType.contains(applicationId)) {
envTypeIds.add(envType);
}
}
resourcePermissionService.revokePermission(location, Subject.ENVIRONMENT_TYPE, envTypeIds.toArray(new String[envTypeIds.size()]));
return RestResponseBuilder.<Void>builder().build();
}
Also used :
IntStream(java.util.stream.IntStream)
PathVariable(org.springframework.web.bind.annotation.PathVariable)
Lists(org.elasticsearch.common.collect.Lists)
RequestParam(org.springframework.web.bind.annotation.RequestParam)
Arrays(java.util.Arrays)
ApplicationEnvironmentService(alien4cloud.application.ApplicationEnvironmentService)
Subject(alien4cloud.security.Subject)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
LocationService(alien4cloud.orchestrators.locations.services.LocationService)
ResourcePermissionService(alien4cloud.authorization.ResourcePermissionService)
ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)
ApiParam(io.swagger.annotations.ApiParam)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
IdsFilterBuilder(org.elasticsearch.index.query.IdsFilterBuilder)
User(alien4cloud.security.model.User)
AlienUtils.safe(alien4cloud.utils.AlienUtils.safe)
Location(alien4cloud.model.orchestrators.locations.Location)
RequestBody(org.springframework.web.bind.annotation.RequestBody)
ApiOperation(io.swagger.annotations.ApiOperation)
Audit(alien4cloud.audit.annotation.Audit)
RestResponseBuilder(alien4cloud.rest.model.RestResponseBuilder)
RestResponse(alien4cloud.rest.model.RestResponse)
Application(alien4cloud.model.application.Application)
Api(io.swagger.annotations.Api)
MapUtils(org.apache.commons.collections4.MapUtils)
GetMultipleDataResult(alien4cloud.dao.model.GetMultipleDataResult)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
FilterBuilders(org.elasticsearch.index.query.FilterBuilders)
MediaType(org.springframework.http.MediaType)
Resource(javax.annotation.Resource)
RequestMethod(org.springframework.web.bind.annotation.RequestMethod)
Set(java.util.Set)
IGenericSearchDAO(alien4cloud.dao.IGenericSearchDAO)
RestController(org.springframework.web.bind.annotation.RestController)
Collectors(java.util.stream.Collectors)
Sets(com.google.common.collect.Sets)
IAlienGroupDao(alien4cloud.security.groups.IAlienGroupDao)
IAlienUserDao(alien4cloud.security.users.IAlienUserDao)
List(java.util.List)
GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO)
Group(alien4cloud.security.model.Group)
UserDTO(alien4cloud.rest.orchestrator.model.UserDTO)
ApplicationEnvironmentAuthorizationUpdateRequest(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)
ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment)
Location(alien4cloud.model.orchestrators.locations.Location)
Audit(alien4cloud.audit.annotation.Audit)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 67 with Location
use of alien4cloud.model.orchestrators.locations.Location in project alien4cloud by alien4cloud.
the class LocationSecurityController method grantAccessToGroups.
/**
*****************************************************************************************************************************
*
* SECURITY ON GROUPS
*
******************************************************************************************************************************
*/
/**
* Grant access to the location to the groups (deploy on the location)
*
* @param locationId The location's id.
* @param groupIds The authorized groups.
* @return A {@link Void} {@link RestResponse}.
*/
@ApiOperation(value = "Grant access to the location to the groups", notes = "Only user with ADMIN role can grant access to a group.")
@RequestMapping(value = "/groups", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<List<GroupDTO>> grantAccessToGroups(@PathVariable String orchestratorId, @PathVariable String locationId, @RequestBody String[] groupIds) {
Location location = locationService.getLocation(orchestratorId, locationId);
resourcePermissionService.grantPermission(location, Subject.GROUP, groupIds);
List<GroupDTO> groups = GroupDTO.convert(resourcePermissionService.getAuthorizedGroups(location));
return RestResponseBuilder.<List<GroupDTO>>builder().data(groups).build();
}
Also used :
GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO)
List(java.util.List)
Location(alien4cloud.model.orchestrators.locations.Location)
Audit(alien4cloud.audit.annotation.Audit)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 68 with Location
use of alien4cloud.model.orchestrators.locations.Location in project alien4cloud by alien4cloud.
the class LocationSecurityController method getAuthorizedUsersPaginated.
/**
* search users authorised to access the location.
*
* @return {@link RestResponse} that contains a {@link GetMultipleDataResult} of {@link UserDTO}..
*/
// TODO consider merging this with getAuthorizedUsers
@ApiOperation(value = "List all users authorized to access the location", notes = "Only user with ADMIN role can list authorized users to the location.")
@RequestMapping(value = "/users/search", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public RestResponse<GetMultipleDataResult<UserDTO>> getAuthorizedUsersPaginated(@PathVariable String orchestratorId, @PathVariable String locationId, @ApiParam(value = "Text Query to search.") @RequestParam(required = false) String query, @ApiParam(value = "Query from the given i*ndex.") @RequestParam(required = false, defaultValue = "0") int from, @ApiParam(value = "Maximum number of results to retrieve.") @RequestParam(required = false, defaultValue = "20") int size) {
Location location = locationService.getLocation(orchestratorId, locationId);
if (MapUtils.isEmpty(location.getUserPermissions())) {
return RestResponseBuilder.<GetMultipleDataResult<UserDTO>>builder().data(new GetMultipleDataResult<>()).build();
}
IdsFilterBuilder idFilters = FilterBuilders.idsFilter().ids(location.getUserPermissions().keySet().toArray(new String[location.getUserPermissions().size()]));
GetMultipleDataResult<User> tempResult = alienUserDao.find(query, from, size, idFilters);
return RestResponseBuilder.<GetMultipleDataResult<UserDTO>>builder().data(UserDTO.convert(tempResult)).build();
}
Also used :
User(alien4cloud.security.model.User)
GetMultipleDataResult(alien4cloud.dao.model.GetMultipleDataResult)
Location(alien4cloud.model.orchestrators.locations.Location)
IdsFilterBuilder(org.elasticsearch.index.query.IdsFilterBuilder)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 69 with Location
use of alien4cloud.model.orchestrators.locations.Location in project alien4cloud by alien4cloud.
the class LocationSecurityController method getAuthorizedGroupsPaginated.
/**
* search groups authorised to access the location.
*
* @return {@link RestResponse} that contains a {@link GetMultipleDataResult} of {@link GroupDTO}..
*/
// TODO consider merging this with getAuthorizedGroups
@ApiOperation(value = "List all groups authorized to access the location", notes = "Only user with ADMIN role can list authorized groups to the location.")
@RequestMapping(value = "/groups/search", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public RestResponse<GetMultipleDataResult<GroupDTO>> getAuthorizedGroupsPaginated(@PathVariable String orchestratorId, @PathVariable String locationId, @ApiParam(value = "Text Query to search.") @RequestParam(required = false) String query, @ApiParam(value = "Query from the given index.") @RequestParam(required = false, defaultValue = "0") int from, @ApiParam(value = "Maximum number of results to retrieve.") @RequestParam(required = false, defaultValue = "20") int size) {
Location location = locationService.getLocation(orchestratorId, locationId);
if (MapUtils.isEmpty(location.getGroupPermissions())) {
return RestResponseBuilder.<GetMultipleDataResult<GroupDTO>>builder().data(new GetMultipleDataResult<>()).build();
}
IdsFilterBuilder idFilters = FilterBuilders.idsFilter().ids(location.getGroupPermissions().keySet().toArray(new String[location.getGroupPermissions().size()]));
GetMultipleDataResult<Group> tempResult = alienGroupDao.find(query, from, size, idFilters);
return RestResponseBuilder.<GetMultipleDataResult<GroupDTO>>builder().data(GroupDTO.convert(tempResult)).build();
}
Also used :
Group(alien4cloud.security.model.Group)
GetMultipleDataResult(alien4cloud.dao.model.GetMultipleDataResult)
Location(alien4cloud.model.orchestrators.locations.Location)
IdsFilterBuilder(org.elasticsearch.index.query.IdsFilterBuilder)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Example 70 with Location
use of alien4cloud.model.orchestrators.locations.Location in project alien4cloud by alien4cloud.
the class LocationSecurityController method getAuthorizedUsers.
/**
* List all users authorised to access the location.
*
* @return list of all users.
*/
@ApiOperation(value = "List all users authorized to access the location", notes = "Only user with ADMIN role can list authorized users to the location.")
@RequestMapping(value = "/users", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public RestResponse<List<UserDTO>> getAuthorizedUsers(@PathVariable String orchestratorId, @PathVariable String locationId) {
Location location = locationService.getLocation(orchestratorId, locationId);
List<UserDTO> users = UserDTO.convert(resourcePermissionService.getAuthorizedUsers(location));
return RestResponseBuilder.<List<UserDTO>>builder().data(users).build();
}
Also used :
UserDTO(alien4cloud.rest.orchestrator.model.UserDTO)
List(java.util.List)
Location(alien4cloud.model.orchestrators.locations.Location)
ApiOperation(io.swagger.annotations.ApiOperation)
PreAuthorize(org.springframework.security.access.prepost.PreAuthorize)
RequestMapping(org.springframework.web.bind.annotation.RequestMapping)
Aggregations
Location (alien4cloud.model.orchestrators.locations.Location)80
RequestMapping (org.springframework.web.bind.annotation.RequestMapping)31
ApiOperation (io.swagger.annotations.ApiOperation)30
List (java.util.List)28
PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)28
Audit (alien4cloud.audit.annotation.Audit)21
ApplicationEnvironment (alien4cloud.model.application.ApplicationEnvironment)15
LocationService (alien4cloud.orchestrators.locations.services.LocationService)13
Set (java.util.Set)13
Collectors (java.util.stream.Collectors)13
Application (alien4cloud.model.application.Application)12
AbstractLocationResourceTemplate (alien4cloud.model.orchestrators.locations.AbstractLocationResourceTemplate)12
RestResponse (alien4cloud.rest.model.RestResponse)12
RestResponseBuilder (alien4cloud.rest.model.RestResponseBuilder)12
GroupDTO (alien4cloud.rest.orchestrator.model.GroupDTO)12
UserDTO (alien4cloud.rest.orchestrator.model.UserDTO)12
Resource (javax.annotation.Resource)12
ApplicationEnvironmentService (alien4cloud.application.ApplicationEnvironmentService)11
ResourcePermissionService (alien4cloud.authorization.ResourcePermissionService)11
ApplicationEnvironmentAuthorizationUpdateRequest (alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)11
