Search in sources :

Example 21 with RestResponse

use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.

the class AbstractLocationResourcesSecurityController method revokeGroupAccess.

/**
 * Revoke the group's authorisation to access the location resource
 *
 * @param locationId The id of the location.
 * @param groupId The authorized group.
 * @return A {@link Void} {@link RestResponse}.
 */
@ApiOperation(value = "Revoke the group's authorisation to access the location", notes = "Only user with ADMIN role can revoke access to the location.")
@RequestMapping(value = "/groups/{groupId}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<List<GroupDTO>> revokeGroupAccess(@PathVariable String orchestratorId, @PathVariable String locationId, @PathVariable String resourceId, @PathVariable String groupId) {
    AbstractLocationResourceTemplate resourceTemplate = locationResourceService.getOrFail(resourceId);
    resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource((AbstractLocationResourceTemplate) resource)), Subject.GROUP, groupId);
    List<GroupDTO> groups = GroupDTO.convert(resourcePermissionService.getAuthorizedGroups(resourceTemplate));
    return RestResponseBuilder.<List<GroupDTO>>builder().data(groups).build();
}
Also used : PathVariable(org.springframework.web.bind.annotation.PathVariable) Lists(org.elasticsearch.common.collect.Lists) Arrays(java.util.Arrays) ApplicationEnvironmentService(alien4cloud.application.ApplicationEnvironmentService) Subject(alien4cloud.security.Subject) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) LocationService(alien4cloud.orchestrators.locations.services.LocationService) ResourcePermissionService(alien4cloud.authorization.ResourcePermissionService) ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) ArrayUtils(org.apache.commons.lang3.ArrayUtils) LocationSecurityService(alien4cloud.orchestrators.locations.services.LocationSecurityService) AlienUtils.safe(alien4cloud.utils.AlienUtils.safe) Location(alien4cloud.model.orchestrators.locations.Location) RequestBody(org.springframework.web.bind.annotation.RequestBody) ApiOperation(io.swagger.annotations.ApiOperation) Audit(alien4cloud.audit.annotation.Audit) RestResponseBuilder(alien4cloud.rest.model.RestResponseBuilder) RestResponse(alien4cloud.rest.model.RestResponse) Application(alien4cloud.model.application.Application) ILocationResourceService(alien4cloud.orchestrators.locations.services.ILocationResourceService) MapUtils(org.apache.commons.collections4.MapUtils) ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment) MediaType(org.springframework.http.MediaType) Resource(javax.annotation.Resource) RequestMethod(org.springframework.web.bind.annotation.RequestMethod) Set(java.util.Set) IGenericSearchDAO(alien4cloud.dao.IGenericSearchDAO) Collectors(java.util.stream.Collectors) Sets(com.google.common.collect.Sets) List(java.util.List) GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO) UserDTO(alien4cloud.rest.orchestrator.model.UserDTO) AbstractLocationResourceTemplate(alien4cloud.model.orchestrators.locations.AbstractLocationResourceTemplate) ApplicationEnvironmentAuthorizationUpdateRequest(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest) GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO) AbstractLocationResourceTemplate(alien4cloud.model.orchestrators.locations.AbstractLocationResourceTemplate) List(java.util.List) Audit(alien4cloud.audit.annotation.Audit) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 22 with RestResponse

use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.

the class ServiceSecurityController method getAuthorizedEnvironmentsPerApplication.

/**
 * List all environments per application authorised to access the location.
 *
 * @return list of all environments per application.
 */
@ApiOperation(value = "List all applications, environments and environment types authorized to access the service resource", notes = "Only user with ADMIN role can list authorized applications, environments and environment types for the location.")
@RequestMapping(value = "/environmentsPerApplication", method = RequestMethod.GET, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public RestResponse<List<ApplicationEnvironmentAuthorizationDTO>> getAuthorizedEnvironmentsPerApplication(@PathVariable String serviceId) {
    ServiceResource service = serviceResourceService.getOrFail(serviceId);
    List<Application> applicationsRelatedToEnvironment = Lists.newArrayList();
    List<Application> applicationsRelatedToEnvironmentType = Lists.newArrayList();
    List<ApplicationEnvironment> environments = Lists.newArrayList();
    List<String> environmentTypes = Lists.newArrayList();
    List<Application> applications = Lists.newArrayList();
    if (service.getEnvironmentPermissions() != null && service.getEnvironmentPermissions().size() > 0) {
        environments = alienDAO.findByIds(ApplicationEnvironment.class, service.getEnvironmentPermissions().keySet().toArray(new String[service.getEnvironmentPermissions().size()]));
        Set<String> environmentApplicationIds = environments.stream().map(ae -> ae.getApplicationId()).collect(Collectors.toSet());
        applicationsRelatedToEnvironment = alienDAO.findByIds(Application.class, environmentApplicationIds.toArray(new String[environmentApplicationIds.size()]));
    }
    if (service.getEnvironmentTypePermissions() != null && service.getEnvironmentTypePermissions().size() > 0) {
        environmentTypes.addAll(service.getEnvironmentTypePermissions().keySet());
        Set<String> environmentTypeApplicationIds = Sets.newHashSet();
        for (String envType : safe(service.getEnvironmentTypePermissions()).keySet()) {
            environmentTypeApplicationIds.add(envType.split(":")[0]);
        }
        applicationsRelatedToEnvironmentType = alienDAO.findByIds(Application.class, environmentTypeApplicationIds.toArray(new String[environmentTypeApplicationIds.size()]));
    }
    if (service.getApplicationPermissions() != null && service.getApplicationPermissions().size() > 0) {
        applications = alienDAO.findByIds(Application.class, service.getApplicationPermissions().keySet().toArray(new String[service.getApplicationPermissions().size()]));
    }
    List<ApplicationEnvironmentAuthorizationDTO> result = ApplicationEnvironmentAuthorizationDTO.buildDTOs(applicationsRelatedToEnvironment, applicationsRelatedToEnvironmentType, environments, applications, environmentTypes);
    return RestResponseBuilder.<List<ApplicationEnvironmentAuthorizationDTO>>builder().data(result).build();
}
Also used : PathVariable(org.springframework.web.bind.annotation.PathVariable) Lists(org.elasticsearch.common.collect.Lists) Arrays(java.util.Arrays) ApplicationEnvironmentService(alien4cloud.application.ApplicationEnvironmentService) Subject(alien4cloud.security.Subject) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) ServiceResourceService(org.alien4cloud.alm.service.ServiceResourceService) ResourcePermissionService(alien4cloud.authorization.ResourcePermissionService) ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) AlienUtils.safe(alien4cloud.utils.AlienUtils.safe) RequestBody(org.springframework.web.bind.annotation.RequestBody) ApiOperation(io.swagger.annotations.ApiOperation) Audit(alien4cloud.audit.annotation.Audit) RestResponseBuilder(alien4cloud.rest.model.RestResponseBuilder) RestResponse(alien4cloud.rest.model.RestResponse) Application(alien4cloud.model.application.Application) Api(io.swagger.annotations.Api) ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment) MediaType(org.springframework.http.MediaType) Resource(javax.annotation.Resource) RequestMethod(org.springframework.web.bind.annotation.RequestMethod) Set(java.util.Set) IGenericSearchDAO(alien4cloud.dao.IGenericSearchDAO) RestController(org.springframework.web.bind.annotation.RestController) Collectors(java.util.stream.Collectors) Sets(com.google.common.collect.Sets) List(java.util.List) GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO) UserDTO(alien4cloud.rest.orchestrator.model.UserDTO) ApplicationEnvironmentAuthorizationUpdateRequest(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest) ServiceResource(alien4cloud.model.service.ServiceResource) ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO) ServiceResource(alien4cloud.model.service.ServiceResource) List(java.util.List) Application(alien4cloud.model.application.Application) ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 23 with RestResponse

use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.

the class ServiceSecurityController method revokeApplicationAccess.

/**
 *****************************************************************************************************************************
 *
 * SECURITY ON APPLICATIONS
 *
 ******************************************************************************************************************************
 */
/**
 * Revoke the application's authorisation to access the location (including all related environments and environment types).
 *
 * @param serviceId The id of the location.
 * @param applicationId The authorized application.
 * @return A {@link Void} {@link RestResponse}.
 */
@ApiOperation(value = "Revoke the application's authorisation to access the service resource", notes = "Only user with ADMIN role can revoke access to the location.")
@RequestMapping(value = "/applications/{applicationId}", method = RequestMethod.DELETE, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
@Audit
public synchronized RestResponse<Void> revokeApplicationAccess(@PathVariable String serviceId, @PathVariable String applicationId) {
    ServiceResource service = serviceResourceService.getOrFail(serviceId);
    resourcePermissionService.revokePermission(service, Subject.APPLICATION, applicationId);
    // remove all environments related to this application
    ApplicationEnvironment[] aes = applicationEnvironmentService.getByApplicationId(applicationId);
    String[] envIds = Arrays.stream(aes).map(ae -> ae.getId()).toArray(String[]::new);
    resourcePermissionService.revokePermission(service, Subject.ENVIRONMENT, envIds);
    // remove all environments types related to this application
    Set<String> envTypeIds = Sets.newHashSet();
    for (String envType : safe(service.getEnvironmentTypePermissions()).keySet()) {
        if (envType.contains(applicationId)) {
            envTypeIds.add(envType);
        }
    }
    resourcePermissionService.revokePermission(service, Subject.ENVIRONMENT_TYPE, envTypeIds.toArray(new String[envTypeIds.size()]));
    return RestResponseBuilder.<Void>builder().build();
}
Also used : PathVariable(org.springframework.web.bind.annotation.PathVariable) Lists(org.elasticsearch.common.collect.Lists) Arrays(java.util.Arrays) ApplicationEnvironmentService(alien4cloud.application.ApplicationEnvironmentService) Subject(alien4cloud.security.Subject) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) ServiceResourceService(org.alien4cloud.alm.service.ServiceResourceService) ResourcePermissionService(alien4cloud.authorization.ResourcePermissionService) ApplicationEnvironmentAuthorizationDTO(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) AlienUtils.safe(alien4cloud.utils.AlienUtils.safe) RequestBody(org.springframework.web.bind.annotation.RequestBody) ApiOperation(io.swagger.annotations.ApiOperation) Audit(alien4cloud.audit.annotation.Audit) RestResponseBuilder(alien4cloud.rest.model.RestResponseBuilder) RestResponse(alien4cloud.rest.model.RestResponse) Application(alien4cloud.model.application.Application) Api(io.swagger.annotations.Api) ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment) MediaType(org.springframework.http.MediaType) Resource(javax.annotation.Resource) RequestMethod(org.springframework.web.bind.annotation.RequestMethod) Set(java.util.Set) IGenericSearchDAO(alien4cloud.dao.IGenericSearchDAO) RestController(org.springframework.web.bind.annotation.RestController) Collectors(java.util.stream.Collectors) Sets(com.google.common.collect.Sets) List(java.util.List) GroupDTO(alien4cloud.rest.orchestrator.model.GroupDTO) UserDTO(alien4cloud.rest.orchestrator.model.UserDTO) ApplicationEnvironmentAuthorizationUpdateRequest(alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest) ServiceResource(alien4cloud.model.service.ServiceResource) ServiceResource(alien4cloud.model.service.ServiceResource) ApplicationEnvironment(alien4cloud.model.application.ApplicationEnvironment) Audit(alien4cloud.audit.annotation.Audit) ApiOperation(io.swagger.annotations.ApiOperation) PreAuthorize(org.springframework.security.access.prepost.PreAuthorize) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 24 with RestResponse

use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.

the class MaintenanceFilter method init.

@SneakyThrows(JsonProcessingException.class)
@Override
public void init(FilterConfig filterConfig) throws ServletException {
    // Load the current maintenance state
    RestResponse restResponse = RestResponseBuilder.<Void>builder().error(RestErrorBuilder.builder(RestErrorCode.MAINTENANCE).message("Maintenance mode is enabled.").build()).build();
    ObjectMapper mapper = new ObjectMapper();
    maintenanceJsonError = mapper.writeValueAsString(restResponse);
    // Initialize the list of authorizedPaths
    List<String> fullAuthorizedPaths = Lists.newArrayList();
    authorizedPaths.stream().forEach(s -> {
        fullAuthorizedPaths.add("/rest" + s);
        fullAuthorizedPaths.add("/rest/v1" + s);
        fullAuthorizedPaths.add("/rest/latest" + s);
    });
    authorizedPaths = fullAuthorizedPaths;
}
Also used : RestResponse(alien4cloud.rest.model.RestResponse) ObjectMapper(com.fasterxml.jackson.databind.ObjectMapper) SneakyThrows(lombok.SneakyThrows)

Example 25 with RestResponse

use of alien4cloud.rest.model.RestResponse in project alien4cloud by alien4cloud.

the class InputPropertiesStepDefinitions method The_topology_should_have_the_property_of_the_node_defined_as_input_property.

@Then("^The topology should have the property \"([^\"]*)\" defined as input property$")
public void The_topology_should_have_the_property_of_the_node_defined_as_input_property(String inputId) throws Throwable {
    String response = Context.getRestClientInstance().get("/rest/v1/topologies/" + Context.getInstance().getTopologyId());
    JavaType restResponseType = Context.getJsonMapper().getTypeFactory().constructParametricType(RestResponse.class, TopologyDTO.class);
    TopologyDTO topologyDTO = ((RestResponse<TopologyDTO>) Context.getJsonMapper().readValue(response, restResponseType)).getData();
    Map<String, PropertyDefinition> inputProperties = topologyDTO.getTopology().getInputs();
    Assert.assertNotNull(inputProperties);
    PropertyDefinition inputPropertieDefinition = inputProperties.get(inputId);
    Assert.assertNotNull(inputPropertieDefinition);
}
Also used : JavaType(com.fasterxml.jackson.databind.JavaType) TopologyDTO(alien4cloud.topology.TopologyDTO) RestResponse(alien4cloud.rest.model.RestResponse) PropertyDefinition(org.alien4cloud.tosca.model.definitions.PropertyDefinition) Then(cucumber.api.java.en.Then)

Aggregations

RestResponse (alien4cloud.rest.model.RestResponse)25 PreAuthorize (org.springframework.security.access.prepost.PreAuthorize)18 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)18 ApplicationEnvironment (alien4cloud.model.application.ApplicationEnvironment)17 ApiOperation (io.swagger.annotations.ApiOperation)17 Audit (alien4cloud.audit.annotation.Audit)15 Application (alien4cloud.model.application.Application)14 ApplicationEnvironmentService (alien4cloud.application.ApplicationEnvironmentService)12 ResourcePermissionService (alien4cloud.authorization.ResourcePermissionService)12 RestResponseBuilder (alien4cloud.rest.model.RestResponseBuilder)12 ApplicationEnvironmentAuthorizationUpdateRequest (alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest)12 Subject (alien4cloud.security.Subject)12 Sets (com.google.common.collect.Sets)12 Arrays (java.util.Arrays)12 List (java.util.List)12 Set (java.util.Set)12 Collectors (java.util.stream.Collectors)12 Resource (javax.annotation.Resource)12 IGenericSearchDAO (alien4cloud.dao.IGenericSearchDAO)11 ApplicationEnvironmentAuthorizationDTO (alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationDTO)11