use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.
the class AbstractLocationResourcesSecurityController method revokeGroupAccess.
/**
* Revoke the group's authorisation to access the location resource
*
* @param locationId The id of the location.
* @param groupId The authorized group.
* @return A {@link Void} {@link RestResponse}.
*/
@ApiOperation(value = "Revoke the group's authorisation to access the location", notes = "Only user with ADMIN role can revoke access to the location.")
@RequestMapping(value = "/groups/{groupId}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<List<GroupDTO>> revokeGroupAccess(@PathVariable String orchestratorId, @PathVariable String locationId, @PathVariable String resourceId, @PathVariable String groupId) {
AbstractLocationResourceTemplate resourceTemplate = locationResourceService.getOrFail(resourceId);
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource((AbstractLocationResourceTemplate) resource)), Subject.GROUP, groupId);
List<GroupDTO> groups = GroupDTO.convert(resourcePermissionService.getAuthorizedGroups(resourceTemplate));
return RestResponseBuilder.<List<GroupDTO>>builder().data(groups).build();
}
use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.
the class ServiceSecurityController method getAuthorizedEnvironmentsPerApplication.
/**
* List all environments per application authorised to access the location.
*
* @return list of all environments per application.
*/
@ApiOperation(value = "List all applications, environments and environment types authorized to access the service resource", notes = "Only user with ADMIN role can list authorized applications, environments and environment types for the location.")
@RequestMapping(value = "/environmentsPerApplication", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public RestResponse<List<ApplicationEnvironmentAuthorizationDTO>> getAuthorizedEnvironmentsPerApplication(@PathVariable String serviceId) {
ServiceResource service = serviceResourceService.getOrFail(serviceId);
List<Application> applicationsRelatedToEnvironment = Lists.newArrayList();
List<Application> applicationsRelatedToEnvironmentType = Lists.newArrayList();
List<ApplicationEnvironment> environments = Lists.newArrayList();
List<String> environmentTypes = Lists.newArrayList();
List<Application> applications = Lists.newArrayList();
if (service.getEnvironmentPermissions() != null && service.getEnvironmentPermissions().size() > 0) {
environments = alienDAO.findByIds(ApplicationEnvironment.class, service.getEnvironmentPermissions().keySet().toArray(new String[service.getEnvironmentPermissions().size()]));
Set<String> environmentApplicationIds = environments.stream().map(ae -> ae.getApplicationId()).collect(Collectors.toSet());
applicationsRelatedToEnvironment = alienDAO.findByIds(Application.class, environmentApplicationIds.toArray(new String[environmentApplicationIds.size()]));
}
if (service.getEnvironmentTypePermissions() != null && service.getEnvironmentTypePermissions().size() > 0) {
environmentTypes.addAll(service.getEnvironmentTypePermissions().keySet());
Set<String> environmentTypeApplicationIds = Sets.newHashSet();
for (String envType : safe(service.getEnvironmentTypePermissions()).keySet()) {
environmentTypeApplicationIds.add(envType.split(":")[0]);
}
applicationsRelatedToEnvironmentType = alienDAO.findByIds(Application.class, environmentTypeApplicationIds.toArray(new String[environmentTypeApplicationIds.size()]));
}
if (service.getApplicationPermissions() != null && service.getApplicationPermissions().size() > 0) {
applications = alienDAO.findByIds(Application.class, service.getApplicationPermissions().keySet().toArray(new String[service.getApplicationPermissions().size()]));
}
List<ApplicationEnvironmentAuthorizationDTO> result = ApplicationEnvironmentAuthorizationDTO.buildDTOs(applicationsRelatedToEnvironment, applicationsRelatedToEnvironmentType, environments, applications, environmentTypes);
return RestResponseBuilder.<List<ApplicationEnvironmentAuthorizationDTO>>builder().data(result).build();
}
use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.
the class ServiceSecurityController method revokeApplicationAccess.
/**
*****************************************************************************************************************************
*
* SECURITY ON APPLICATIONS
*
******************************************************************************************************************************
*/
/**
* Revoke the application's authorisation to access the location (including all related environments and environment types).
*
* @param serviceId The id of the location.
* @param applicationId The authorized application.
* @return A {@link Void} {@link RestResponse}.
*/
@ApiOperation(value = "Revoke the application's authorisation to access the service resource", notes = "Only user with ADMIN role can revoke access to the location.")
@RequestMapping(value = "/applications/{applicationId}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<Void> revokeApplicationAccess(@PathVariable String serviceId, @PathVariable String applicationId) {
ServiceResource service = serviceResourceService.getOrFail(serviceId);
resourcePermissionService.revokePermission(service, Subject.APPLICATION, applicationId);
// remove all environments related to this application
ApplicationEnvironment[] aes = applicationEnvironmentService.getByApplicationId(applicationId);
String[] envIds = Arrays.stream(aes).map(ae -> ae.getId()).toArray(String[]::new);
resourcePermissionService.revokePermission(service, Subject.ENVIRONMENT, envIds);
// remove all environments types related to this application
Set<String> envTypeIds = Sets.newHashSet();
for (String envType : safe(service.getEnvironmentTypePermissions()).keySet()) {
if (envType.contains(applicationId)) {
envTypeIds.add(envType);
}
}
resourcePermissionService.revokePermission(service, Subject.ENVIRONMENT_TYPE, envTypeIds.toArray(new String[envTypeIds.size()]));
return RestResponseBuilder.<Void>builder().build();
}
use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.
the class MaintenanceFilter method init.
@SneakyThrows(JsonProcessingException.class)
@Override
public void init(FilterConfig filterConfig) throws ServletException {
// Load the current maintenance state
RestResponse restResponse = RestResponseBuilder.<Void>builder().error(RestErrorBuilder.builder(RestErrorCode.MAINTENANCE).message("Maintenance mode is enabled.").build()).build();
ObjectMapper mapper = new ObjectMapper();
maintenanceJsonError = mapper.writeValueAsString(restResponse);
// Initialize the list of authorizedPaths
List<String> fullAuthorizedPaths = Lists.newArrayList();
authorizedPaths.stream().forEach(s -> {
fullAuthorizedPaths.add("/rest" + s);
fullAuthorizedPaths.add("/rest/v1" + s);
fullAuthorizedPaths.add("/rest/latest" + s);
});
authorizedPaths = fullAuthorizedPaths;
}
use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.
the class InputPropertiesStepDefinitions method The_topology_should_have_the_property_of_the_node_defined_as_input_property.
@Then("^The topology should have the property \"([^\"]*)\" defined as input property$")
public void The_topology_should_have_the_property_of_the_node_defined_as_input_property(String inputId) throws Throwable {
String response = Context.getRestClientInstance().get("/rest/v1/topologies/" + Context.getInstance().getTopologyId());
JavaType restResponseType = Context.getJsonMapper().getTypeFactory().constructParametricType(RestResponse.class, TopologyDTO.class);
TopologyDTO topologyDTO = ((RestResponse<TopologyDTO>) Context.getJsonMapper().readValue(response, restResponseType)).getData();
Map<String, PropertyDefinition> inputProperties = topologyDTO.getTopology().getInputs();
Assert.assertNotNull(inputProperties);
PropertyDefinition inputPropertieDefinition = inputProperties.get(inputId);
Assert.assertNotNull(inputPropertieDefinition);
}
Aggregations