Examples with CloudContextHolder bio.terra.workspace.service.workspace.model.CloudContextHolder used on opensource projects

Search in sources :

Example 1 with CloudContextHolder

use of bio.terra.workspace.service.workspace.model.CloudContextHolder in project terra-workspace-manager by DataBiosphere.

the class RemoveUserFromWorkspaceFlightTest method removeUserFromWorkspaceFlightDoUndo.

@Test
@DisabledIfEnvironmentVariable(named = "TEST_ENV", matches = BUFFER_SERVICE_DISABLED_ENVS_REG_EX)
void removeUserFromWorkspaceFlightDoUndo() throws Exception {
    // Create a workspace as the default test user
    Workspace request = Workspace.builder().workspaceId(UUID.randomUUID()).workspaceStage(WorkspaceStage.MC_WORKSPACE).spendProfileId(spendUtils.defaultSpendId()).build();
    UUID workspaceId = workspaceService.createWorkspace(request, userAccessUtils.defaultUserAuthRequest());
    // Add the secondary test user as a writer
    samService.grantWorkspaceRole(workspaceId, userAccessUtils.defaultUserAuthRequest(), WsmIamRole.WRITER, userAccessUtils.getSecondUserEmail());
    samService.dumpRoleBindings(SamResource.WORKSPACE, workspaceId.toString(), userAccessUtils.defaultUserAuthRequest().getRequiredToken());
    // Create a GCP context as default user
    String makeContextJobId = UUID.randomUUID().toString();
    workspaceService.createGcpCloudContext(workspaceId, makeContextJobId, userAccessUtils.defaultUserAuthRequest());
    jobService.waitForJob(makeContextJobId);
    AsyncJobResult<CloudContextHolder> createContextJobResult = jobService.retrieveAsyncJobResult(makeContextJobId, CloudContextHolder.class, userAccessUtils.defaultUserAuthRequest());
    assertEquals(StatusEnum.SUCCEEDED, createContextJobResult.getJobReport().getStatus());
    GcpCloudContext cloudContext = createContextJobResult.getResult().getGcpCloudContext();
    // Create a private dataset for secondary user
    String datasetId = RandomStringUtils.randomAlphabetic(8);
    ControlledBigQueryDatasetResource privateDataset = buildPrivateDataset(workspaceId, datasetId, cloudContext.getGcpProjectId());
    assertNotNull(privateDataset);
    // Validate with Sam that secondary user can read their private resource
    assertTrue(samService.isAuthorized(userAccessUtils.secondUserAuthRequest(), privateDataset.getCategory().getSamResourceName(), privateDataset.getResourceId().toString(), SamControlledResourceActions.WRITE_ACTION));
    // Run the "removeUser" flight to the very end, then undo it, retrying steps along the way.
    Map<String, StepStatus> retrySteps = new HashMap<>();
    retrySteps.put(RemoveUserFromSamStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
    retrySteps.put(CheckUserStillInWorkspaceStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
    retrySteps.put(ClaimUserPrivateResourcesStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
    retrySteps.put(RemovePrivateResourceAccessStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
    retrySteps.put(MarkPrivateResourcesAbandonedStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
    retrySteps.put(RevokePetUsagePermissionStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
    retrySteps.put(ReleasePrivateResourceCleanupClaimsStep.class.getName(), StepStatus.STEP_RESULT_FAILURE_RETRY);
    FlightDebugInfo failingDebugInfo = FlightDebugInfo.newBuilder().undoStepFailures(retrySteps).lastStepFailure(true).build();
    FlightMap inputParameters = new FlightMap();
    inputParameters.put(WorkspaceFlightMapKeys.WORKSPACE_ID, workspaceId.toString());
    inputParameters.put(WorkspaceFlightMapKeys.USER_TO_REMOVE, userAccessUtils.getSecondUserEmail());
    inputParameters.put(WorkspaceFlightMapKeys.ROLE_TO_REMOVE, ControlledResourceIamRole.WRITER.name());
    // Auth info comes from default user, as they are the ones "making this request"
    inputParameters.put(JobMapKeys.AUTH_USER_INFO.getKeyName(), userAccessUtils.defaultUserAuthRequest());
    FlightState flightState = StairwayTestUtils.blockUntilFlightCompletes(jobService.getStairway(), RemoveUserFromWorkspaceFlight.class, inputParameters, STAIRWAY_FLIGHT_TIMEOUT, failingDebugInfo);
    assertEquals(FlightStatus.ERROR, flightState.getFlightStatus());
    // Validate that secondary user is still a workspace writer and can still read their private
    // resource.
    assertTrue(samService.isAuthorized(userAccessUtils.secondUserAuthRequest(), SamResource.WORKSPACE, workspaceId.toString(), SamWorkspaceAction.WRITE));
    assertTrue(samService.isAuthorized(userAccessUtils.secondUserAuthRequest(), privateDataset.getCategory().getSamResourceName(), privateDataset.getResourceId().toString(), SamControlledResourceActions.WRITE_ACTION));
    // Run the flight again, this time to success. Retry each do step once.
    FlightDebugInfo passingDebugInfo = FlightDebugInfo.newBuilder().doStepFailures(retrySteps).build();
    FlightState passingFlightState = StairwayTestUtils.blockUntilFlightCompletes(jobService.getStairway(), RemoveUserFromWorkspaceFlight.class, inputParameters, STAIRWAY_FLIGHT_TIMEOUT, passingDebugInfo);
    assertEquals(FlightStatus.SUCCESS, passingFlightState.getFlightStatus());
    // Verify the secondary user can no longer access the workspace or their private resource
    assertFalse(samService.isAuthorized(userAccessUtils.secondUserAuthRequest(), SamResource.WORKSPACE, workspaceId.toString(), SamWorkspaceAction.WRITE));
    assertFalse(samService.isAuthorized(userAccessUtils.secondUserAuthRequest(), privateDataset.getCategory().getSamResourceName(), privateDataset.getResourceId().toString(), SamControlledResourceActions.WRITE_ACTION));
    // Cleanup
    workspaceService.deleteWorkspace(workspaceId, userAccessUtils.defaultUserAuthRequest());
}
Also used : FlightDebugInfo(bio.terra.stairway.FlightDebugInfo) HashMap(java.util.HashMap) StepStatus(bio.terra.stairway.StepStatus) CloudContextHolder(bio.terra.workspace.service.workspace.model.CloudContextHolder) FlightState(bio.terra.stairway.FlightState) FlightMap(bio.terra.stairway.FlightMap) UUID(java.util.UUID) ControlledBigQueryDatasetResource(bio.terra.workspace.service.resource.controlled.cloud.gcp.bqdataset.ControlledBigQueryDatasetResource) GcpCloudContext(bio.terra.workspace.service.workspace.model.GcpCloudContext) Workspace(bio.terra.workspace.service.workspace.model.Workspace) BaseConnectedTest(bio.terra.workspace.common.BaseConnectedTest) Test(org.junit.jupiter.api.Test) DisabledIfEnvironmentVariable(org.junit.jupiter.api.condition.DisabledIfEnvironmentVariable)

Example 2 with CloudContextHolder

use of bio.terra.workspace.service.workspace.model.CloudContextHolder in project terra-workspace-manager by DataBiosphere.

the class WorkspaceApiController method fetchCreateCloudContextResult.

private ApiCreateCloudContextResult fetchCreateCloudContextResult(String jobId, AuthenticatedUserRequest userRequest) {
    final AsyncJobResult<CloudContextHolder> jobResult = jobService.retrieveAsyncJobResult(jobId, CloudContextHolder.class, userRequest);
    ApiGcpContext gcpContext = null;
    ApiAzureContext azureContext = null;
    if (jobResult.getJobReport().getStatus().equals(StatusEnum.SUCCEEDED)) {
        gcpContext = Optional.ofNullable(jobResult.getResult().getGcpCloudContext()).map(c -> new ApiGcpContext().projectId(c.getGcpProjectId())).orElse(null);
        azureContext = Optional.ofNullable(jobResult.getResult().getAzureCloudContext()).map(c -> new ApiAzureContext().tenantId(c.getAzureTenantId()).subscriptionId(c.getAzureSubscriptionId()).resourceGroupId(c.getAzureResourceGroupId())).orElse(null);
    }
    return new ApiCreateCloudContextResult().jobReport(jobResult.getJobReport()).errorReport(jobResult.getApiErrorReport()).gcpContext(gcpContext).azureContext(azureContext);
}
Also used : ApiCreateCloudContextResult(bio.terra.workspace.generated.model.ApiCreateCloudContextResult) ApiGcpContext(bio.terra.workspace.generated.model.ApiGcpContext) CloudContextHolder(bio.terra.workspace.service.workspace.model.CloudContextHolder) ApiAzureContext(bio.terra.workspace.generated.model.ApiAzureContext)

Example 3 with CloudContextHolder

use of bio.terra.workspace.service.workspace.model.CloudContextHolder in project terra-workspace-manager by DataBiosphere.

the class UpdateDbGcpCloudContextStep method doStep.

@Override
public StepResult doStep(FlightContext flightContext) throws InterruptedException {
    FlightUtils.validateRequiredEntries(flightContext.getWorkingMap(), GCP_PROJECT_ID, IAM_GROUP_EMAIL_MAP);
    String projectId = flightContext.getWorkingMap().get(GCP_PROJECT_ID, String.class);
    Map<WsmIamRole, String> workspaceRoleGroupsMap = flightContext.getWorkingMap().get(WorkspaceFlightMapKeys.IAM_GROUP_EMAIL_MAP, new TypeReference<>() {
    });
    GcpCloudContext context = new GcpCloudContext(projectId, workspaceRoleGroupsMap.get(WsmIamRole.OWNER), workspaceRoleGroupsMap.get(WsmIamRole.WRITER), workspaceRoleGroupsMap.get(WsmIamRole.READER), workspaceRoleGroupsMap.get(WsmIamRole.APPLICATION));
    gcpCloudContextService.createGcpCloudContextFinish(workspaceId, context, flightContext.getFlightId());
    CloudContextHolder cch = new CloudContextHolder();
    cch.setGcpCloudContext(context);
    FlightUtils.setResponse(flightContext, cch, HttpStatus.OK);
    return StepResult.getStepResultSuccess();
}
Also used : CloudContextHolder(bio.terra.workspace.service.workspace.model.CloudContextHolder) WsmIamRole(bio.terra.workspace.service.iam.model.WsmIamRole) GcpCloudContext(bio.terra.workspace.service.workspace.model.GcpCloudContext)

Example 4 with CloudContextHolder

use of bio.terra.workspace.service.workspace.model.CloudContextHolder in project terra-workspace-manager by DataBiosphere.

the class CreateDbAzureCloudContextFinishStep method doStep.

@Override
public StepResult doStep(FlightContext flightContext) throws InterruptedException {
    AzureCloudContext azureCloudContext = flightContext.getInputParameters().get(JobMapKeys.REQUEST.getKeyName(), AzureCloudContext.class);
    // Create the cloud context; throws if the context already exists.
    azureCloudContextService.createAzureCloudContextFinish(workspaceId, azureCloudContext, flightContext.getFlightId());
    CloudContextHolder cch = new CloudContextHolder();
    cch.setAzureCloudContext(azureCloudContext);
    FlightUtils.setResponse(flightContext, cch, HttpStatus.OK);
    return StepResult.getStepResultSuccess();
}
Also used : AzureCloudContext(bio.terra.workspace.service.workspace.model.AzureCloudContext) CloudContextHolder(bio.terra.workspace.service.workspace.model.CloudContextHolder)

Aggregations

CloudContextHolder (bio.terra.workspace.service.workspace.model.CloudContextHolder)4 GcpCloudContext (bio.terra.workspace.service.workspace.model.GcpCloudContext)2 FlightDebugInfo (bio.terra.stairway.FlightDebugInfo)1 FlightMap (bio.terra.stairway.FlightMap)1 FlightState (bio.terra.stairway.FlightState)1 StepStatus (bio.terra.stairway.StepStatus)1 BaseConnectedTest (bio.terra.workspace.common.BaseConnectedTest)1 ApiAzureContext (bio.terra.workspace.generated.model.ApiAzureContext)1 ApiCreateCloudContextResult (bio.terra.workspace.generated.model.ApiCreateCloudContextResult)1 ApiGcpContext (bio.terra.workspace.generated.model.ApiGcpContext)1 WsmIamRole (bio.terra.workspace.service.iam.model.WsmIamRole)1 ControlledBigQueryDatasetResource (bio.terra.workspace.service.resource.controlled.cloud.gcp.bqdataset.ControlledBigQueryDatasetResource)1 AzureCloudContext (bio.terra.workspace.service.workspace.model.AzureCloudContext)1 Workspace (bio.terra.workspace.service.workspace.model.Workspace)1 HashMap (java.util.HashMap)1 UUID (java.util.UUID)1 Test (org.junit.jupiter.api.Test)1 DisabledIfEnvironmentVariable (org.junit.jupiter.api.condition.DisabledIfEnvironmentVariable)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial