use of alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest in project alien4cloud by alien4cloud.
the class AbstractLocationResourcesBatchSecurityController method updateAuthorizedEnvironmentsPerApplication.
/**
*****************************************************************************************************************************
*
* SECURITY ON APPLICATIONS
*
******************************************************************************************************************************
*/
/**
* Update applications, environments and environment types authorized to access the location resource.
*/
@ApiOperation(value = "Update applications, environments and environment type authorized to access the location resource", notes = "Only user with ADMIN role can update authorized applications/environments for the location.")
@RequestMapping(value = "/environmentsPerApplication", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public synchronized RestResponse<Void> updateAuthorizedEnvironmentsPerApplication(@PathVariable String orchestratorId, @PathVariable String locationId, @RequestBody ApplicationEnvironmentAuthorizationUpdateRequest request) {
if (ArrayUtils.isEmpty(request.getResources())) {
return RestResponseBuilder.<Void>builder().build();
}
Location location = locationService.getLocation(orchestratorId, locationId);
locationSecurityService.grantAuthorizationOnLocationIfNecessary(request.getApplicationsToAdd(), request.getEnvironmentsToAdd(), request.getEnvironmentTypesToAdd(), location);
Arrays.stream(request.getResources()).forEach(resourceId -> {
AbstractLocationResourceTemplate resourceTemplate = locationResourceService.getOrFail(resourceId);
if (ArrayUtils.isNotEmpty(request.getApplicationsToDelete())) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.APPLICATION, request.getApplicationsToDelete());
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentsToDelete())) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT, request.getEnvironmentsToDelete());
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentTypesToDelete())) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT_TYPE, request.getEnvironmentTypesToDelete());
}
Set<String> envIds = Sets.newHashSet();
if (ArrayUtils.isNotEmpty(request.getApplicationsToAdd())) {
resourcePermissionService.grantPermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.APPLICATION, request.getApplicationsToAdd());
// when an app is added, all eventual existing env authorizations are removed
for (String applicationToAddId : request.getApplicationsToAdd()) {
ApplicationEnvironment[] aes = applicationEnvironmentService.getByApplicationId(applicationToAddId);
for (ApplicationEnvironment ae : aes) {
envIds.add(ae.getId());
}
}
if (!envIds.isEmpty()) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT, envIds.toArray(new String[envIds.size()]));
}
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentsToAdd())) {
List<String> envToAddSet = Arrays.stream(request.getEnvironmentsToAdd()).filter(env -> !envIds.contains(env)).collect(Collectors.toList());
resourcePermissionService.grantPermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT, envToAddSet.toArray(new String[envToAddSet.size()]));
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentTypesToAdd())) {
List<String> envToAddSet = Arrays.stream(request.getEnvironmentTypesToAdd()).filter(env -> !envIds.contains(env)).collect(Collectors.toList());
resourcePermissionService.grantPermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT_TYPE, envToAddSet.toArray(new String[envToAddSet.size()]));
}
});
return RestResponseBuilder.<Void>builder().build();
}
use of alien4cloud.rest.orchestrator.model.ApplicationEnvironmentAuthorizationUpdateRequest in project alien4cloud by alien4cloud.
the class AbstractLocationResourcesSecurityController method updateAuthorizedEnvironmentsAndEnvTypePerApplication.
/**
* Update applications,environments and environment types authorized to access the location resource.
*/
@ApiOperation(value = "Update applications,environments and environment types authorized to access the location resource", notes = "Only user with ADMIN role can update authorized applications,environments and environment types for the location.")
@RequestMapping(value = "/environmentsPerApplication", method = RequestMethod.POST, produces = MediaType.APPLICATION_JSON_VALUE)
@PreAuthorize("hasAuthority('ADMIN')")
public synchronized RestResponse<Void> updateAuthorizedEnvironmentsAndEnvTypePerApplication(@PathVariable String orchestratorId, @PathVariable String locationId, @PathVariable String resourceId, @RequestBody ApplicationEnvironmentAuthorizationUpdateRequest request) {
Location location = locationService.getLocation(orchestratorId, locationId);
locationSecurityService.grantAuthorizationOnLocationIfNecessary(request.getApplicationsToAdd(), request.getEnvironmentsToAdd(), request.getEnvironmentTypesToAdd(), location);
AbstractLocationResourceTemplate resourceTemplate = locationResourceService.getOrFail(resourceId);
if (ArrayUtils.isNotEmpty(request.getApplicationsToDelete())) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.APPLICATION, request.getApplicationsToDelete());
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentsToDelete())) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT, request.getEnvironmentsToDelete());
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentTypesToDelete())) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT_TYPE, request.getEnvironmentTypesToDelete());
}
Set<String> envIds = Sets.newHashSet();
if (ArrayUtils.isNotEmpty(request.getApplicationsToAdd())) {
resourcePermissionService.grantPermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.APPLICATION, request.getApplicationsToAdd());
// when an app is added, all eventual existing env authorizations are removed
for (String applicationToAddId : request.getApplicationsToAdd()) {
ApplicationEnvironment[] aes = applicationEnvironmentService.getByApplicationId(applicationToAddId);
for (ApplicationEnvironment ae : aes) {
envIds.add(ae.getId());
}
}
if (!envIds.isEmpty()) {
resourcePermissionService.revokePermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT, envIds.toArray(new String[envIds.size()]));
}
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentsToAdd())) {
List<String> envToAddSet = Arrays.stream(request.getEnvironmentsToAdd()).filter(env -> !envIds.contains(env)).collect(Collectors.toList());
resourcePermissionService.grantPermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT, envToAddSet.toArray(new String[envToAddSet.size()]));
}
if (ArrayUtils.isNotEmpty(request.getEnvironmentTypesToAdd())) {
resourcePermissionService.grantPermission(resourceTemplate, (resource -> locationResourceService.saveResource(location, (AbstractLocationResourceTemplate) resource)), Subject.ENVIRONMENT_TYPE, request.getEnvironmentTypesToAdd());
}
return RestResponseBuilder.<Void>builder().build();
}
Aggregations