use of bio.terra.workspace.service.petserviceaccount.PetSaService in project terra-workspace-manager by DataBiosphere.
the class ReferencedBigQueryDataTableResource method checkAccess.
@Override
public boolean checkAccess(FlightBeanBag context, AuthenticatedUserRequest userRequest) {
CrlService crlService = context.getCrlService();
PetSaService petSaService = context.getPetSaService();
Optional<AuthenticatedUserRequest> maybePetCreds = petSaService.getWorkspacePetCredentials(getWorkspaceId(), userRequest);
return crlService.canReadBigQueryDataTable(projectId, datasetId, dataTableId, maybePetCreds.orElse(userRequest));
}
use of bio.terra.workspace.service.petserviceaccount.PetSaService in project terra-workspace-manager by DataBiosphere.
the class ReferencedGcsBucketResource method checkAccess.
@Override
public boolean checkAccess(FlightBeanBag context, AuthenticatedUserRequest userRequest) {
CrlService crlService = context.getCrlService();
PetSaService petSaService = context.getPetSaService();
// If the resource's workspace has a GCP cloud context, use the SA from that context. Otherwise,
// use the provided credentials. This cannot use arbitrary pet SA credentials, as they may not
// have the Storage APIs enabled.
Optional<AuthenticatedUserRequest> maybePetCreds = petSaService.getWorkspacePetCredentials(getWorkspaceId(), userRequest);
return crlService.canReadGcsBucket(bucketName, maybePetCreds.orElse(userRequest));
}
use of bio.terra.workspace.service.petserviceaccount.PetSaService in project terra-workspace-manager by DataBiosphere.
the class ReferencedGcsObjectResource method checkAccess.
@Override
public boolean checkAccess(FlightBeanBag context, AuthenticatedUserRequest userRequest) {
CrlService crlService = context.getCrlService();
PetSaService petSaService = context.getPetSaService();
// If the resource's workspace has a GCP cloud context, use the SA from that context. Otherwise,
// use the provided credentials. This cannot use arbitrary pet SA credentials, as they may not
// have the Storage APIs enabled.
Optional<AuthenticatedUserRequest> maybePetCreds = petSaService.getWorkspacePetCredentials(getWorkspaceId(), userRequest);
return crlService.canReadGcsObject(bucketName, objectName, maybePetCreds.orElse(userRequest));
}
use of bio.terra.workspace.service.petserviceaccount.PetSaService in project terra-workspace-manager by DataBiosphere.
the class ReferencedBigQueryDatasetResource method checkAccess.
@Override
public boolean checkAccess(FlightBeanBag context, AuthenticatedUserRequest userRequest) {
// If the resource's workspace has a GCP cloud context, use the SA from that context. Otherwise,
// use the provided credentials. This cannot use arbitrary pet SA credentials, as they may not
// have the BigQuery APIs enabled.
CrlService crlService = context.getCrlService();
PetSaService petSaService = context.getPetSaService();
Optional<AuthenticatedUserRequest> maybePetCreds = petSaService.getWorkspacePetCredentials(getWorkspaceId(), userRequest);
return crlService.canReadBigQueryDataset(projectId, datasetName, maybePetCreds.orElse(userRequest));
}
Aggregations