Search in sources :

Example 1 with GcpGcsBucketResource

use of bio.terra.workspace.model.GcpGcsBucketResource in project terra-workspace-manager by DataBiosphere.

the class ControlledGcsBucketLifecycle method testCloneBucket.

private void testCloneBucket(GcpGcsBucketResource sourceBucket, TestUserSpecification cloningUser, ControlledGcpResourceApi resourceApi) throws Exception {
    final String destinationBucketName = "clone-" + UUID.randomUUID().toString();
    // clone the bucket
    final String clonedBucketDescription = "A cloned bucket";
    final CloneControlledGcpGcsBucketRequest cloneRequest = new CloneControlledGcpGcsBucketRequest().bucketName(destinationBucketName).destinationWorkspaceId(getDestinationWorkspaceId()).name(sourceBucket.getMetadata().getName()).description(clonedBucketDescription).location(// use same as src
    null).cloningInstructions(CloningInstructionsEnum.RESOURCE).jobControl(new JobControl().id(UUID.randomUUID().toString()));
    logger.info("Cloning bucket\n\tname: {}\n\tresource ID: {}\n\tworkspace: {}\n\t" + "projectID: {}\ninto destination bucket\n\tname: {}\n\tworkspace: {}\n\tprojectID: {}", sourceBucket.getMetadata().getName(), sourceBucket.getMetadata().getResourceId(), sourceBucket.getMetadata().getWorkspaceId(), getSourceProjectId(), destinationBucketName, getDestinationWorkspaceId(), getDestinationProjectId());
    CloneControlledGcpGcsBucketResult cloneResult = resourceApi.cloneGcsBucket(cloneRequest, sourceBucket.getMetadata().getWorkspaceId(), sourceBucket.getMetadata().getResourceId());
    cloneResult = ClientTestUtils.pollWhileRunning(cloneResult, () -> resourceApi.getCloneGcsBucketResult(cloneRequest.getDestinationWorkspaceId(), cloneRequest.getJobControl().getId()), CloneControlledGcpGcsBucketResult::getJobReport, Duration.ofSeconds(5));
    ClientTestUtils.assertJobSuccess("cloned bucket", cloneResult.getJobReport(), cloneResult.getErrorReport());
    final ClonedControlledGcpGcsBucket clonedBucket = cloneResult.getBucket();
    assertEquals(getWorkspaceId(), clonedBucket.getSourceWorkspaceId());
    assertEquals(sourceBucket.getMetadata().getResourceId(), clonedBucket.getSourceResourceId());
    final CreatedControlledGcpGcsBucket createdBucket = clonedBucket.getBucket();
    final GcpGcsBucketResource clonedResource = createdBucket.getGcpBucket();
    assertEquals(destinationBucketName, clonedResource.getAttributes().getBucketName());
    final ResourceMetadata clonedResourceMetadata = clonedResource.getMetadata();
    assertEquals(getDestinationWorkspaceId(), clonedResourceMetadata.getWorkspaceId());
    assertEquals(sourceBucket.getMetadata().getName(), clonedResourceMetadata.getName());
    assertEquals(clonedBucketDescription, clonedResourceMetadata.getDescription());
    final ResourceMetadata sourceMetadata = sourceBucket.getMetadata();
    assertEquals(CloningInstructionsEnum.NOTHING, clonedResourceMetadata.getCloningInstructions());
    assertEquals(sourceMetadata.getCloudPlatform(), clonedResourceMetadata.getCloudPlatform());
    assertEquals(ResourceType.GCS_BUCKET, clonedResourceMetadata.getResourceType());
    assertEquals(StewardshipType.CONTROLLED, clonedResourceMetadata.getStewardshipType());
    assertEquals(sourceMetadata.getControlledResourceMetadata().getAccessScope(), clonedResourceMetadata.getControlledResourceMetadata().getAccessScope());
    assertEquals(sourceMetadata.getControlledResourceMetadata().getManagedBy(), clonedResourceMetadata.getControlledResourceMetadata().getManagedBy());
    assertEquals(sourceMetadata.getControlledResourceMetadata().getPrivateResourceUser(), clonedResourceMetadata.getControlledResourceMetadata().getPrivateResourceUser());
    assertEquals(CloudPlatform.GCP, clonedResourceMetadata.getCloudPlatform());
    final Storage destinationProjectStorageClient = ClientTestUtils.getGcpStorageClient(cloningUser, getDestinationProjectId());
    final Bucket destinationGcsBucket = destinationProjectStorageClient.get(destinationBucketName);
    // Location, storage class, and lifecycle rules should match values from createBucketAttempt
    assertEquals(StorageClass.STANDARD, destinationGcsBucket.getStorageClass());
    assertEquals(BUCKET_LOCATION, // default since not specified
    destinationGcsBucket.getLocation());
    assertEquals(2, destinationGcsBucket.getLifecycleRules().size());
    verifyClonedLifecycleRules(destinationGcsBucket);
    assertEquals(CloningInstructionsEnum.RESOURCE, clonedBucket.getEffectiveCloningInstructions());
    // test retrieving file from destination bucket
    Storage cloningUserStorageClient = ClientTestUtils.getGcpStorageClient(cloningUser, getDestinationProjectId());
    BlobId blobId = BlobId.of(destinationBucketName, GCS_BLOB_NAME);
    assertNotNull(blobId);
    final Blob retrievedFile = cloningUserStorageClient.get(blobId);
    assertNotNull(retrievedFile);
    assertEquals(blobId.getName(), retrievedFile.getBlobId().getName());
}
Also used : GcpGcsBucketResource(bio.terra.workspace.model.GcpGcsBucketResource) Blob(com.google.cloud.storage.Blob) CloneControlledGcpGcsBucketResult(bio.terra.workspace.model.CloneControlledGcpGcsBucketResult) Storage(com.google.cloud.storage.Storage) Bucket(com.google.cloud.storage.Bucket) CreatedControlledGcpGcsBucket(bio.terra.workspace.model.CreatedControlledGcpGcsBucket) ClonedControlledGcpGcsBucket(bio.terra.workspace.model.ClonedControlledGcpGcsBucket) CloneControlledGcpGcsBucketRequest(bio.terra.workspace.model.CloneControlledGcpGcsBucketRequest) JobControl(bio.terra.workspace.model.JobControl) ClonedControlledGcpGcsBucket(bio.terra.workspace.model.ClonedControlledGcpGcsBucket) ResourceMetadata(bio.terra.workspace.model.ResourceMetadata) BlobId(com.google.cloud.storage.BlobId) CreatedControlledGcpGcsBucket(bio.terra.workspace.model.CreatedControlledGcpGcsBucket)

Example 2 with GcpGcsBucketResource

use of bio.terra.workspace.model.GcpGcsBucketResource in project terra-workspace-manager by DataBiosphere.

the class PrivateControlledGcsBucketLifecycle method doUserJourney.

@Override
public void doUserJourney(TestUserSpecification testUser, WorkspaceApi workspaceApi) throws Exception {
    String projectId = CloudContextMaker.createGcpCloudContext(getWorkspaceId(), workspaceApi);
    ControlledGcpResourceApi workspaceOwnerResourceApi = ClientTestUtils.getControlledGcpResourceClient(testUser, server);
    ControlledGcpResourceApi privateUserResourceApi = ClientTestUtils.getControlledGcpResourceClient(privateResourceUser, server);
    workspaceApi.grantRole(new GrantRoleRequestBody().memberEmail(workspaceReader.userEmail), getWorkspaceId(), IamRole.READER);
    logger.info("Added {} as a reader to workspace {}", workspaceReader.userEmail, getWorkspaceId());
    workspaceApi.grantRole(new GrantRoleRequestBody().memberEmail(privateResourceUser.userEmail), getWorkspaceId(), IamRole.WRITER);
    logger.info("Added {} as a writer to workspace {}", privateResourceUser.userEmail, getWorkspaceId());
    // Create a private bucket, which privateResourceUser assigns to themselves.
    // Cloud IAM permissions may take several minutes to sync, so we retry this operation until
    // it succeeds.
    CreatedControlledGcpGcsBucket bucket = ClientTestUtils.getWithRetryOnException(() -> createPrivateBucket(privateUserResourceApi));
    UUID resourceId = bucket.getResourceId();
    // Retrieve the bucket resource from WSM
    logger.info("Retrieving bucket resource id {}", resourceId.toString());
    GcpGcsBucketResource gotBucket = privateUserResourceApi.getBucket(getWorkspaceId(), resourceId);
    String bucketName = gotBucket.getAttributes().getBucketName();
    assertEquals(bucket.getGcpBucket().getAttributes().getBucketName(), bucketName);
    // Assert the bucket is assigned to privateResourceUser, even though resource user was
    // not specified
    assertEquals(privateResourceUser.userEmail, gotBucket.getMetadata().getControlledResourceMetadata().getPrivateResourceUser().getUserName());
    try (GcsBucketAccessTester tester = new GcsBucketAccessTester(privateResourceUser, bucketName, projectId)) {
        tester.checkAccessWait(privateResourceUser, ControlledResourceIamRole.EDITOR);
        // workspace owner can do nothing
        tester.checkAccess(testUser, null);
        tester.checkAccess(workspaceReader, null);
    }
    // Any workspace user should be able to enumerate all buckets, even though they can't access
    // their contents.
    ResourceApi readerApi = ClientTestUtils.getResourceClient(workspaceReader, server);
    ResourceList bucketList = readerApi.enumerateResources(getWorkspaceId(), 0, 5, ResourceType.GCS_BUCKET, StewardshipType.CONTROLLED);
    assertEquals(1, bucketList.getResources().size());
    MultiResourcesUtils.assertResourceType(ResourceType.GCS_BUCKET, bucketList);
    // Workspace owner has DELETER role and can delete the bucket through WSM
    var ownerDeleteResult = deleteBucket(workspaceOwnerResourceApi, resourceId);
    ClientTestUtils.assertJobSuccess("owner delete bucket", ownerDeleteResult.getJobReport(), ownerDeleteResult.getErrorReport());
    // verify the bucket was deleted from WSM metadata
    ApiException bucketIsMissing = assertThrows(ApiException.class, () -> workspaceOwnerResourceApi.getBucket(getWorkspaceId(), resourceId), "Incorrectly found a deleted bucket!");
    assertEquals(HttpStatusCodes.STATUS_CODE_NOT_FOUND, bucketIsMissing.getCode());
    // also verify it was deleted from GCP
    Storage ownerStorageClient = ClientTestUtils.getGcpStorageClient(testUser, projectId);
    Bucket maybeBucket = ownerStorageClient.get(bucketName);
    assertNull(maybeBucket);
    // TODO: PF-1218 - change these to negative tests - should error - when
    // the ticket is complete. These exercise two create cases with currently
    // valid combinations of private user.
    PrivateResourceIamRoles roles = new PrivateResourceIamRoles();
    roles.add(ControlledResourceIamRole.READER);
    // Supply all private user parameters
    PrivateResourceUser privateUserFull = new PrivateResourceUser().userName(privateResourceUser.userEmail).privateResourceIamRoles(roles);
    CreatedControlledGcpGcsBucket userFullBucket = GcsBucketUtils.makeControlledGcsBucket(privateUserResourceApi, getWorkspaceId(), RESOURCE_PREFIX + UUID.randomUUID().toString(), /*bucketName=*/
    null, AccessScope.PRIVATE_ACCESS, ManagedBy.USER, CloningInstructionsEnum.NOTHING, privateUserFull);
    assertNotNull(userFullBucket.getGcpBucket().getAttributes().getBucketName());
    deleteBucket(workspaceOwnerResourceApi, userFullBucket.getResourceId());
    // Supply just the roles, but no email
    PrivateResourceUser privateUserNoEmail = new PrivateResourceUser().userName(null).privateResourceIamRoles(roles);
    CreatedControlledGcpGcsBucket userNoEmailBucket = GcsBucketUtils.makeControlledGcsBucket(privateUserResourceApi, getWorkspaceId(), RESOURCE_PREFIX + UUID.randomUUID().toString(), /*bucketName=*/
    null, AccessScope.PRIVATE_ACCESS, ManagedBy.USER, CloningInstructionsEnum.NOTHING, privateUserNoEmail);
    assertNotNull(userNoEmailBucket.getGcpBucket().getAttributes().getBucketName());
    deleteBucket(workspaceOwnerResourceApi, userNoEmailBucket.getResourceId());
    String uniqueBucketName = String.format("terra_%s_bucket", UUID.randomUUID().toString().replace("-", "_"));
    CreatedControlledGcpGcsBucket bucketWithBucketNameSpecified = GcsBucketUtils.makeControlledGcsBucket(privateUserResourceApi, getWorkspaceId(), RESOURCE_PREFIX + UUID.randomUUID().toString(), /*bucketName=*/
    uniqueBucketName, AccessScope.PRIVATE_ACCESS, ManagedBy.USER, CloningInstructionsEnum.NOTHING, privateUserFull);
    assertEquals(uniqueBucketName, bucketWithBucketNameSpecified.getGcpBucket().getAttributes().getBucketName());
    deleteBucket(workspaceOwnerResourceApi, bucketWithBucketNameSpecified.getResourceId());
}
Also used : GrantRoleRequestBody(bio.terra.workspace.model.GrantRoleRequestBody) PrivateResourceUser(bio.terra.workspace.model.PrivateResourceUser) GcsBucketAccessTester(scripts.utils.GcsBucketAccessTester) GcpGcsBucketResource(bio.terra.workspace.model.GcpGcsBucketResource) ControlledGcpResourceApi(bio.terra.workspace.api.ControlledGcpResourceApi) ResourceApi(bio.terra.workspace.api.ResourceApi) ResourceList(bio.terra.workspace.model.ResourceList) Storage(com.google.cloud.storage.Storage) Bucket(com.google.cloud.storage.Bucket) CreatedControlledGcpGcsBucket(bio.terra.workspace.model.CreatedControlledGcpGcsBucket) ControlledGcpResourceApi(bio.terra.workspace.api.ControlledGcpResourceApi) UUID(java.util.UUID) PrivateResourceIamRoles(bio.terra.workspace.model.PrivateResourceIamRoles) CreatedControlledGcpGcsBucket(bio.terra.workspace.model.CreatedControlledGcpGcsBucket) ApiException(bio.terra.workspace.client.ApiException)

Example 3 with GcpGcsBucketResource

use of bio.terra.workspace.model.GcpGcsBucketResource in project terra-workspace-manager by DataBiosphere.

the class ReferencedGcsResourceLifecycle method testUpdateReferences.

private void testUpdateReferences(GcpGcsBucketResource fineGrainedBucket, ReferencedGcpResourceApi fullAccessApi) throws Exception {
    ReferencedGcpResourceApi partialAccessApi = ClientTestUtils.getReferencedGcpResourceClient(partialAccessUser, server);
    ResourceApi partialAccessResourceApi = ClientTestUtils.getResourceClient(partialAccessUser, server);
    // Update GCS bucket's name and description
    String newBucketName = "newGcsBucket";
    String newBucketDescription = "a new description to the new bucket reference";
    GcsBucketUtils.updateGcsBucketReference(fullAccessApi, getWorkspaceId(), bucketResourceId, newBucketName, newBucketDescription, null);
    GcpGcsBucketResource bucketReferenceFirstUpdate = fullAccessApi.getBucketReference(getWorkspaceId(), bucketResourceId);
    assertEquals(newBucketName, bucketReferenceFirstUpdate.getMetadata().getName());
    assertEquals(newBucketDescription, bucketReferenceFirstUpdate.getMetadata().getDescription());
    assertEquals(gcsUniformAccessBucketAttributes.getBucketName(), bucketReferenceFirstUpdate.getAttributes().getBucketName());
    assertTrue(partialAccessResourceApi.checkReferenceAccess(getWorkspaceId(), bucketResourceId));
    // Attempt to update bucket reference but {@code userWithPartialAccess} does not have
    // access to the bucket with fine-grained access
    assertThrows(ApiException.class, () -> GcsBucketUtils.updateGcsBucketReference(partialAccessApi, getWorkspaceId(), bucketResourceId, /*name=*/
    null, /*description=*/
    null, fineGrainedBucket.getAttributes().getBucketName()));
    // Successfully update the referencing target because the {@code userWithFullAccess} has
    // access to the bucket with fine-grained access.
    GcsBucketUtils.updateGcsBucketReference(fullAccessApi, getWorkspaceId(), bucketResourceId, /*name=*/
    null, /*description=*/
    null, fineGrainedBucket.getAttributes().getBucketName());
    GcpGcsBucketResource bucketReferenceSecondUpdate = fullAccessApi.getBucketReference(getWorkspaceId(), bucketResourceId);
    assertEquals(newBucketName, bucketReferenceSecondUpdate.getMetadata().getName());
    assertEquals(newBucketDescription, bucketReferenceSecondUpdate.getMetadata().getDescription());
    assertEquals(fineGrainedBucket.getAttributes().getBucketName(), bucketReferenceSecondUpdate.getAttributes().getBucketName());
    // Update GCS bucket object's name and description
    String newBlobName = "newBlobName";
    String newBlobDescription = "a new description to the new bucket blob reference";
    GcsBucketUtils.updateGcsBucketObjectReference(fullAccessApi, getWorkspaceId(), fileResourceId, newBlobName, newBlobDescription, /*bucketName=*/
    null, /*objectName=*/
    null);
    GcpGcsObjectResource blobResource = fullAccessApi.getGcsObjectReference(getWorkspaceId(), fileResourceId);
    assertEquals(newBlobName, blobResource.getMetadata().getName());
    assertEquals(newBlobDescription, blobResource.getMetadata().getDescription());
    assertEquals(gcsFileAttributes.getBucketName(), blobResource.getAttributes().getBucketName());
    assertEquals(gcsFileAttributes.getFileName(), blobResource.getAttributes().getFileName());
    // Update GCS bucket object's referencing target from foo/monkey_sees_monkey_dos.txt to foo/.
    assertTrue(partialAccessResourceApi.checkReferenceAccess(getWorkspaceId(), fileResourceId));
    // Update object path only.
    // Attempt to update to foo but {@code userWithPartialAccess} does not have access to foo/
    assertThrows(ApiException.class, () -> GcsBucketUtils.updateGcsBucketObjectReference(partialAccessApi, getWorkspaceId(), fileResourceId, /*name=*/
    null, /*description=*/
    null, gcsFileAttributes.getBucketName(), gcsFolderAttributes.getFileName()));
    // User with access to foo/ can successfully update the referencing target to foo/.
    GcsBucketUtils.updateGcsBucketObjectReference(fullAccessApi, getWorkspaceId(), fileResourceId, /*name=*/
    null, /*description=*/
    null, /*bucketName=*/
    null, gcsFolderAttributes.getFileName());
    GcpGcsObjectResource blobReferenceSecondUpdate = fullAccessApi.getGcsObjectReference(getWorkspaceId(), fileResourceId);
    assertEquals(gcsFileAttributes.getBucketName(), blobReferenceSecondUpdate.getAttributes().getBucketName());
    assertEquals(gcsFolderAttributes.getFileName(), blobReferenceSecondUpdate.getAttributes().getFileName());
    assertEquals(newBlobName, blobReferenceSecondUpdate.getMetadata().getName());
    assertEquals(newBlobDescription, blobReferenceSecondUpdate.getMetadata().getDescription());
    // update bucket only.
    GcsBucketUtils.updateGcsBucketObjectReference(fullAccessApi, getWorkspaceId(), fileResourceId, /*name=*/
    null, /*description=*/
    null, /*bucketName=*/
    gcsUniformAccessBucketAttributes.getBucketName(), null);
    GcpGcsObjectResource blobReferenceThirdUpdate = fullAccessApi.getGcsObjectReference(getWorkspaceId(), fileResourceId);
    assertEquals(gcsUniformAccessBucketAttributes.getBucketName(), blobReferenceThirdUpdate.getAttributes().getBucketName());
    assertEquals(gcsFolderAttributes.getFileName(), blobReferenceThirdUpdate.getAttributes().getFileName());
    assertEquals(newBlobName, blobReferenceThirdUpdate.getMetadata().getName());
    assertEquals(newBlobDescription, blobReferenceThirdUpdate.getMetadata().getDescription());
    // Update both bucket and object path.
    GcsBucketUtils.updateGcsBucketObjectReference(fullAccessApi, getWorkspaceId(), fileResourceId, /*name=*/
    null, /*description=*/
    null, /*bucketName=*/
    gcsFileAttributes.getBucketName(), gcsFileAttributes.getFileName());
    GcpGcsObjectResource blobReferenceFourthUpdate = fullAccessApi.getGcsObjectReference(getWorkspaceId(), fileResourceId);
    assertEquals(gcsFileAttributes.getBucketName(), blobReferenceFourthUpdate.getAttributes().getBucketName());
    assertEquals(gcsFileAttributes.getFileName(), blobReferenceFourthUpdate.getAttributes().getFileName());
    assertEquals(newBlobName, blobReferenceFourthUpdate.getMetadata().getName());
    assertEquals(newBlobDescription, blobReferenceFourthUpdate.getMetadata().getDescription());
}
Also used : GcpGcsBucketResource(bio.terra.workspace.model.GcpGcsBucketResource) GcpGcsObjectResource(bio.terra.workspace.model.GcpGcsObjectResource) ReferencedGcpResourceApi(bio.terra.workspace.api.ReferencedGcpResourceApi) ResourceApi(bio.terra.workspace.api.ResourceApi) ReferencedGcpResourceApi(bio.terra.workspace.api.ReferencedGcpResourceApi)

Example 4 with GcpGcsBucketResource

use of bio.terra.workspace.model.GcpGcsBucketResource in project terra-workspace-manager by DataBiosphere.

the class ReferencedGcsResourceLifecycle method doUserJourney.

@Override
protected void doUserJourney(TestUserSpecification testUser, WorkspaceApi workspaceApi) throws Exception {
    ReferencedGcpResourceApi referencedGcpResourceApi = ClientTestUtils.getReferencedGcpResourceClient(testUser, server);
    // Grant secondary users READER permission in the workspace.
    workspaceApi.grantRole(new GrantRoleRequestBody().memberEmail(partialAccessUser.userEmail), getWorkspaceId(), IamRole.READER);
    workspaceApi.grantRole(new GrantRoleRequestBody().memberEmail(noAccessUser.userEmail), getWorkspaceId(), IamRole.READER);
    // Create the references
    GcpGcsBucketResource referencedBucket = GcsBucketUtils.makeGcsBucketReference(gcsUniformAccessBucketAttributes, referencedGcpResourceApi, getWorkspaceId(), MultiResourcesUtils.makeName(), CloningInstructionsEnum.REFERENCE);
    bucketResourceId = referencedBucket.getMetadata().getResourceId();
    GcpGcsBucketResource fineGrainedBucket = GcsBucketUtils.makeGcsBucketReference(gcsFineGrainedAccessBucketAttributes, referencedGcpResourceApi, getWorkspaceId(), MultiResourcesUtils.makeName(), CloningInstructionsEnum.REFERENCE);
    fineGrainedBucketResourceId = fineGrainedBucket.getMetadata().getResourceId();
    GcpGcsObjectResource referencedGcsFile = GcsBucketObjectUtils.makeGcsObjectReference(gcsFileAttributes, referencedGcpResourceApi, getWorkspaceId(), MultiResourcesUtils.makeName(), CloningInstructionsEnum.REFERENCE);
    fileResourceId = referencedGcsFile.getMetadata().getResourceId();
    GcpGcsObjectResource referencedGcsFolder = GcsBucketObjectUtils.makeGcsObjectReference(gcsFolderAttributes, referencedGcpResourceApi, getWorkspaceId(), MultiResourcesUtils.makeName(), CloningInstructionsEnum.REFERENCE);
    folderResourceId = referencedGcsFolder.getMetadata().getResourceId();
    // Get the references
    testGetReferences(referencedBucket, fineGrainedBucket, referencedGcsFile, referencedGcsFolder, referencedGcpResourceApi);
    // Create a second workspace to clone references into, owned by the same user
    testCloneReference(referencedBucket, fineGrainedBucket, referencedGcsFile, referencedGcsFolder, referencedGcpResourceApi, workspaceApi);
    // Validate reference access
    testValidateReference(testUser);
    // Update the references
    testUpdateReferences(fineGrainedBucket, referencedGcpResourceApi);
    // Delete the references
    referencedGcpResourceApi.deleteBucketReference(getWorkspaceId(), bucketResourceId);
    referencedGcpResourceApi.deleteBucketReference(getWorkspaceId(), fineGrainedBucketResourceId);
    referencedGcpResourceApi.deleteGcsObjectReference(getWorkspaceId(), fileResourceId);
    referencedGcpResourceApi.deleteGcsObjectReference(getWorkspaceId(), folderResourceId);
    // Enumerating all resources with no filters should be empty
    ResourceApi resourceApi = ClientTestUtils.getResourceClient(testUser, server);
    ResourceList enumerateResult = resourceApi.enumerateResources(getWorkspaceId(), 0, 100, null, null);
    assertTrue(enumerateResult.getResources().isEmpty());
}
Also used : GcpGcsBucketResource(bio.terra.workspace.model.GcpGcsBucketResource) GcpGcsObjectResource(bio.terra.workspace.model.GcpGcsObjectResource) ReferencedGcpResourceApi(bio.terra.workspace.api.ReferencedGcpResourceApi) ResourceApi(bio.terra.workspace.api.ResourceApi) ResourceList(bio.terra.workspace.model.ResourceList) GrantRoleRequestBody(bio.terra.workspace.model.GrantRoleRequestBody) ReferencedGcpResourceApi(bio.terra.workspace.api.ReferencedGcpResourceApi)

Example 5 with GcpGcsBucketResource

use of bio.terra.workspace.model.GcpGcsBucketResource in project terra-workspace-manager by DataBiosphere.

the class ReferencedGcsResourceLifecycle method testGetReferences.

private void testGetReferences(GcpGcsBucketResource uniformBucketReference, GcpGcsBucketResource fineGrainedBucketReference, GcpGcsObjectResource fileReference, GcpGcsObjectResource folderReference, ReferencedGcpResourceApi referencedGcpResourceApi) throws Exception {
    GcpGcsBucketResource fetchedBucket = referencedGcpResourceApi.getBucketReference(getWorkspaceId(), bucketResourceId);
    assertEquals(uniformBucketReference, fetchedBucket);
    GcpGcsBucketResource fetchedFineGrainedBucket = referencedGcpResourceApi.getBucketReference(getWorkspaceId(), fineGrainedBucketResourceId);
    assertEquals(fineGrainedBucketReference, fetchedFineGrainedBucket);
    GcpGcsObjectResource fetchedGcsFile = referencedGcpResourceApi.getGcsObjectReference(getWorkspaceId(), fileResourceId);
    assertEquals(fileReference, fetchedGcsFile);
    GcpGcsObjectResource fetchedGcsFolder = referencedGcpResourceApi.getGcsObjectReference(getWorkspaceId(), folderResourceId);
    assertEquals(folderReference, fetchedGcsFolder);
    // Enumerate the references
    // Any workspace member can view references in WSM, even if they can't view the underlying cloud
    // resource or contents.
    ResourceApi noAccessApi = ClientTestUtils.getResourceClient(noAccessUser, server);
    ResourceList referenceList = noAccessApi.enumerateResources(getWorkspaceId(), 0, 5, /*referenceType=*/
    null, StewardshipType.REFERENCED);
    assertEquals(4, referenceList.getResources().size());
    ResourceList bucketList = noAccessApi.enumerateResources(getWorkspaceId(), 0, 5, /*referenceType=*/
    ResourceType.GCS_BUCKET, StewardshipType.REFERENCED);
    assertEquals(2, bucketList.getResources().size());
    MultiResourcesUtils.assertResourceType(ResourceType.GCS_BUCKET, bucketList);
    ResourceList fileList = noAccessApi.enumerateResources(getWorkspaceId(), 0, 5, /*referenceType=*/
    ResourceType.GCS_OBJECT, StewardshipType.REFERENCED);
    assertEquals(2, fileList.getResources().size());
    MultiResourcesUtils.assertResourceType(ResourceType.GCS_OBJECT, fileList);
}
Also used : GcpGcsBucketResource(bio.terra.workspace.model.GcpGcsBucketResource) GcpGcsObjectResource(bio.terra.workspace.model.GcpGcsObjectResource) ReferencedGcpResourceApi(bio.terra.workspace.api.ReferencedGcpResourceApi) ResourceApi(bio.terra.workspace.api.ResourceApi) ResourceList(bio.terra.workspace.model.ResourceList)

Aggregations

GcpGcsBucketResource (bio.terra.workspace.model.GcpGcsBucketResource)10 ResourceApi (bio.terra.workspace.api.ResourceApi)5 ResourceList (bio.terra.workspace.model.ResourceList)4 ReferencedGcpResourceApi (bio.terra.workspace.api.ReferencedGcpResourceApi)3 CreatedControlledGcpGcsBucket (bio.terra.workspace.model.CreatedControlledGcpGcsBucket)3 GcpGcsObjectResource (bio.terra.workspace.model.GcpGcsObjectResource)3 Bucket (com.google.cloud.storage.Bucket)3 Storage (com.google.cloud.storage.Storage)3 PDGcsBucket (bio.terra.cli.serialization.persisted.resource.PDGcsBucket)2 UFGcsBucket (bio.terra.cli.serialization.userfacing.resource.UFGcsBucket)2 ControlledGcpResourceApi (bio.terra.workspace.api.ControlledGcpResourceApi)2 ApiException (bio.terra.workspace.client.ApiException)2 ClonedControlledGcpGcsBucket (bio.terra.workspace.model.ClonedControlledGcpGcsBucket)2 GrantRoleRequestBody (bio.terra.workspace.model.GrantRoleRequestBody)2 Blob (com.google.cloud.storage.Blob)2 BlobId (com.google.cloud.storage.BlobId)2 UUID (java.util.UUID)2 GcsBucketAccessTester (scripts.utils.GcsBucketAccessTester)2 CloneControlledGcpGcsBucketRequest (bio.terra.workspace.model.CloneControlledGcpGcsBucketRequest)1 CloneControlledGcpGcsBucketResult (bio.terra.workspace.model.CloneControlledGcpGcsBucketResult)1