Example 1 with ArtifactSummary
use of co.cask.cdap.api.artifact.ArtifactSummary in project cdap by caskdata.
the class ArtifactRepository method getApplicationClasses.
/**
* Get all application classes in the given namespace of the given class name.
* Will never return null. If no artifacts exist, an empty list is returned. Namespace existence is not checked.
*
* @param namespace the namespace to get application classes from
* @param className the application class to get
* @return an unmodifiable list of application classes that belong to the given namespace
* @throws IOException if there as an exception reading from the meta store
*/
public List<ApplicationClassInfo> getApplicationClasses(NamespaceId namespace, String className) throws IOException {
List<ApplicationClassInfo> infos = Lists.newArrayList();
for (Map.Entry<ArtifactDescriptor, ApplicationClass> entry : artifactStore.getApplicationClasses(namespace, className).entrySet()) {
ArtifactSummary artifactSummary = ArtifactSummary.from(entry.getKey().getArtifactId());
ApplicationClass appClass = entry.getValue();
infos.add(new ApplicationClassInfo(artifactSummary, appClass.getClassName(), appClass.getConfigSchema()));
}
return Collections.unmodifiableList(infos);
}
Also used :
ArtifactSummary(co.cask.cdap.api.artifact.ArtifactSummary)
ApplicationClassInfo(co.cask.cdap.proto.artifact.ApplicationClassInfo)
ApplicationClass(co.cask.cdap.api.artifact.ApplicationClass)
Map(java.util.Map)
SortedMap(java.util.SortedMap)
HashMap(java.util.HashMap)
Example 2 with ArtifactSummary
use of co.cask.cdap.api.artifact.ArtifactSummary in project cdap by caskdata.
the class ArtifactRepository method getArtifactSummaries.
/**
* Get all artifacts in the given artifact range. Will never return null.
*
* @param range the range of the artifact
* @param limit the limit number of the result
* @param order the order of the result
* @return an unmodifiable list of artifacts in the given namespace of the given name
* @throws IOException if there as an exception reading from the meta store
*/
public List<ArtifactSummary> getArtifactSummaries(final ArtifactRange range, int limit, ArtifactSortOrder order) throws Exception {
List<ArtifactSummary> summaries = new ArrayList<>();
List<ArtifactSummary> artifacts = convertAndAdd(summaries, artifactStore.getArtifacts(range, limit, order));
// todo - CDAP-11560 should filter in artifact store
return Collections.unmodifiableList(Lists.newArrayList(filterAuthorizedArtifacts(artifacts, new NamespaceId(range.getNamespace()))));
}
Also used :
ArtifactSummary(co.cask.cdap.api.artifact.ArtifactSummary)
ArrayList(java.util.ArrayList)
NamespaceId(co.cask.cdap.proto.id.NamespaceId)
Example 3 with ArtifactSummary
use of co.cask.cdap.api.artifact.ArtifactSummary in project cdap by caskdata.
the class AuthorizationTest method testApps.
@Test
@Category(SlowTests.class)
public void testApps() throws Exception {
try {
deployApplication(NamespaceId.DEFAULT, DummyApp.class);
Assert.fail("App deployment should fail because alice does not have ADMIN privilege on the application");
} catch (UnauthorizedException e) {
// Expected
}
createAuthNamespace();
Authorizer authorizer = getAuthorizer();
ApplicationId dummyAppId = AUTH_NAMESPACE.app(DummyApp.class.getSimpleName());
Map<EntityId, Set<Action>> neededPrivileges = ImmutableMap.<EntityId, Set<Action>>builder().put(dummyAppId, EnumSet.of(Action.ADMIN)).put(AUTH_NAMESPACE.artifact(DummyApp.class.getSimpleName(), "1.0-SNAPSHOT"), EnumSet.of(Action.ADMIN)).put(AUTH_NAMESPACE.dataset("whom"), EnumSet.of(Action.ADMIN)).put(AUTH_NAMESPACE.stream("who"), EnumSet.of(Action.ADMIN)).put(AUTH_NAMESPACE.dataset("customDataset"), EnumSet.of(Action.ADMIN)).put(AUTH_NAMESPACE.datasetType(KeyValueTable.class.getName()), EnumSet.of(Action.ADMIN)).build();
setUpPrivilegeAndRegisterForDeletion(ALICE, neededPrivileges);
// alice will not be able to deploy the app since she does not have privilege on the implicit dataset module
try {
deployApplication(AUTH_NAMESPACE, DummyApp.class);
Assert.fail();
} catch (UnauthorizedException e) {
// expected
}
// grant alice the required implicit type and module
grantAndAssertSuccess(AUTH_NAMESPACE.datasetType(DummyApp.CustomDummyDataset.class.getName()), ALICE, EnumSet.of(Action.ADMIN));
cleanUpEntities.add(AUTH_NAMESPACE.datasetType(DummyApp.CustomDummyDataset.class.getName()));
grantAndAssertSuccess(AUTH_NAMESPACE.datasetModule(DummyApp.CustomDummyDataset.class.getName()), ALICE, EnumSet.of(Action.ADMIN));
cleanUpEntities.add(AUTH_NAMESPACE.datasetModule(DummyApp.CustomDummyDataset.class.getName()));
// this time it should be successful
ApplicationManager appManager = deployApplication(AUTH_NAMESPACE, DummyApp.class);
// Bob should not have any privileges on Alice's app
Assert.assertTrue("Bob should not have any privileges on alice's app", authorizer.listPrivileges(BOB).isEmpty());
// update should succeed because alice has admin privileges on the app
appManager.update(new AppRequest(new ArtifactSummary(DummyApp.class.getSimpleName(), "1.0-SNAPSHOT")));
// Update should fail for Bob
SecurityRequestContext.setUserId(BOB.getName());
try {
appManager.update(new AppRequest(new ArtifactSummary(DummyApp.class.getSimpleName(), "1.0-SNAPSHOT")));
Assert.fail("App update should have failed because Bob does not have admin privileges on the app.");
} catch (UnauthorizedException expected) {
// expected
}
// grant READ and WRITE to Bob
grantAndAssertSuccess(dummyAppId, BOB, ImmutableSet.of(Action.READ, Action.WRITE));
// delete should fail
try {
appManager.delete();
} catch (UnauthorizedException expected) {
// expected
}
// grant ADMIN to Bob. Now delete should succeed
grantAndAssertSuccess(dummyAppId, BOB, ImmutableSet.of(Action.ADMIN));
// deletion should succeed since BOB has privileges on the app
appManager.delete();
// Should still have the privilege for the app since we no longer revoke privileges after deletion of an entity
Assert.assertTrue(!getAuthorizer().isVisible(Collections.singleton(dummyAppId), BOB).isEmpty());
// bob should still have privileges granted to him
Assert.assertEquals(3, authorizer.listPrivileges(BOB).size());
// switch back to Alice
SecurityRequestContext.setUserId(ALICE.getName());
// Deploy a couple of apps in the namespace
// Deploy dummy app should be successful since we already pre-grant the required privileges
deployApplication(AUTH_NAMESPACE, DummyApp.class);
final ApplicationId appId = AUTH_NAMESPACE.app(AllProgramsApp.NAME);
Map<EntityId, Set<Action>> anotherAppNeededPrivilege = ImmutableMap.<EntityId, Set<Action>>builder().put(appId, EnumSet.of(Action.ADMIN)).put(AUTH_NAMESPACE.artifact(AllProgramsApp.class.getSimpleName(), "1.0-SNAPSHOT"), EnumSet.of(Action.ADMIN)).put(AUTH_NAMESPACE.dataset(AllProgramsApp.DATASET_NAME), EnumSet.of(Action.ADMIN)).put(AUTH_NAMESPACE.dataset(AllProgramsApp.DATASET_NAME2), EnumSet.of(Action.ADMIN)).put(AUTH_NAMESPACE.dataset(AllProgramsApp.DATASET_NAME3), EnumSet.of(Action.ADMIN)).put(AUTH_NAMESPACE.dataset(AllProgramsApp.DS_WITH_SCHEMA_NAME), EnumSet.of(Action.ADMIN)).put(AUTH_NAMESPACE.stream(AllProgramsApp.STREAM_NAME), EnumSet.of(Action.ADMIN)).put(AUTH_NAMESPACE.datasetType(ObjectMappedTable.class.getName()), EnumSet.of(Action.ADMIN)).build();
setUpPrivilegeAndRegisterForDeletion(ALICE, anotherAppNeededPrivilege);
Map<EntityId, Set<Action>> bobDatasetPrivileges = ImmutableMap.<EntityId, Set<Action>>builder().put(AUTH_NAMESPACE.dataset(AllProgramsApp.DATASET_NAME), EnumSet.of(Action.ADMIN)).put(AUTH_NAMESPACE.dataset(AllProgramsApp.DATASET_NAME2), EnumSet.of(Action.ADMIN)).build();
Map<EntityId, Set<Action>> bobProgramPrivileges = ImmutableMap.<EntityId, Set<Action>>builder().put(appId.program(ProgramType.FLOW, AllProgramsApp.NoOpFlow.NAME), EnumSet.of(Action.EXECUTE)).put(appId.program(ProgramType.SERVICE, AllProgramsApp.NoOpService.NAME), EnumSet.of(Action.EXECUTE)).put(appId.program(ProgramType.WORKER, AllProgramsApp.NoOpWorker.NAME), EnumSet.of(Action.EXECUTE)).build();
setUpPrivilegeAndRegisterForDeletion(BOB, bobDatasetPrivileges);
setUpPrivilegeAndRegisterForDeletion(BOB, bobProgramPrivileges);
deployApplication(AUTH_NAMESPACE, AllProgramsApp.class);
// Switch to BOB since he does not have any privilege
SecurityRequestContext.setUserId(BOB.getName());
// deleting all apps should fail because bob does not have admin privileges on the apps and the namespace
try {
deleteAllApplications(AUTH_NAMESPACE);
Assert.fail("Deleting all applications in the namespace should have failed because bob does not have ADMIN " + "privilege on the workflow app.");
} catch (UnauthorizedException expected) {
// expected
}
ApplicationDetail applicationDetail = getAppDetail(appId);
Assert.assertEquals(bobDatasetPrivileges.keySet(), Sets.<EntityId>newHashSet(Iterables.transform(applicationDetail.getDatasets(), new Function<DatasetDetail, DatasetId>() {
@Override
public DatasetId apply(DatasetDetail input) {
return appId.getNamespaceId().dataset(input.getName());
}
})));
Assert.assertEquals(bobProgramPrivileges.keySet(), Sets.<EntityId>newHashSet(Iterables.transform(applicationDetail.getPrograms(), new Function<ProgramRecord, ProgramId>() {
@Override
public ProgramId apply(ProgramRecord input) {
return appId.program(input.getType(), input.getName());
}
})));
Assert.assertEquals(Collections.emptyList(), applicationDetail.getStreams());
// Switch to ALICE, deletion should be successful since ALICE has ADMIN privileges
SecurityRequestContext.setUserId(ALICE.getName());
deleteAllApplications(AUTH_NAMESPACE);
}
Also used :
DatasetDetail(co.cask.cdap.proto.DatasetDetail)
PrivilegedAction(java.security.PrivilegedAction)
Action(co.cask.cdap.proto.security.Action)
ApplicationManager(co.cask.cdap.test.ApplicationManager)
EnumSet(java.util.EnumSet)
Set(java.util.Set)
ImmutableSet(com.google.common.collect.ImmutableSet)
HashSet(java.util.HashSet)
PartitionedFileSet(co.cask.cdap.api.dataset.lib.PartitionedFileSet)
AllProgramsApp(co.cask.cdap.AllProgramsApp)
ProgramId(co.cask.cdap.proto.id.ProgramId)
AppRequest(co.cask.cdap.proto.artifact.AppRequest)
DatasetId(co.cask.cdap.proto.id.DatasetId)
EntityId(co.cask.cdap.proto.id.EntityId)
ArtifactSummary(co.cask.cdap.api.artifact.ArtifactSummary)
ApplicationDetail(co.cask.cdap.proto.ApplicationDetail)
ProgramRecord(co.cask.cdap.proto.ProgramRecord)
KeyValueTable(co.cask.cdap.api.dataset.lib.KeyValueTable)
InMemoryAuthorizer(co.cask.cdap.security.authorization.InMemoryAuthorizer)
Authorizer(co.cask.cdap.security.spi.authorization.Authorizer)
UnauthorizedException(co.cask.cdap.security.spi.authorization.UnauthorizedException)
DummyApp(co.cask.cdap.test.app.DummyApp)
ApplicationId(co.cask.cdap.proto.id.ApplicationId)
ObjectMappedTable(co.cask.cdap.api.dataset.lib.ObjectMappedTable)
Category(org.junit.experimental.categories.Category)
Test(org.junit.Test)
Example 4 with ArtifactSummary
use of co.cask.cdap.api.artifact.ArtifactSummary in project cdap by caskdata.
the class Spark2Test method deploy.
private ApplicationManager deploy(NamespaceId namespaceId, Class<? extends Application> appClass) throws Exception {
ArtifactId artifactId = new ArtifactId(namespaceId.getNamespace(), appClass.getSimpleName(), "1.0-SNAPSHOT");
addArtifact(artifactId, ARTIFACTS.get(appClass));
AppRequest<?> appRequest = new AppRequest<>(new ArtifactSummary(artifactId.getArtifact(), artifactId.getVersion()), null);
return deployApplication(namespaceId.app(appClass.getSimpleName()), appRequest);
}
Also used :
ArtifactSummary(co.cask.cdap.api.artifact.ArtifactSummary)
ArtifactId(co.cask.cdap.proto.id.ArtifactId)
AppRequest(co.cask.cdap.proto.artifact.AppRequest)
Example 5 with ArtifactSummary
use of co.cask.cdap.api.artifact.ArtifactSummary in project cdap by caskdata.
the class IntegrationTestBase method doClear.
private void doClear(NamespaceId namespace, boolean deleteNamespace) throws Exception {
// stop all programs in the namespace
getProgramClient().stopAll(namespace);
if (deleteNamespace) {
getNamespaceClient().delete(namespace);
return;
}
// delete all apps in the namespace
for (ApplicationRecord app : getApplicationClient().list(namespace)) {
getApplicationClient().delete(namespace.app(app.getName(), app.getAppVersion()));
}
// delete all streams
for (StreamDetail streamDetail : getStreamClient().list(namespace)) {
getStreamClient().delete(namespace.stream(streamDetail.getName()));
}
// delete all dataset instances
for (DatasetSpecificationSummary datasetSpecSummary : getDatasetClient().list(namespace)) {
getDatasetClient().delete(namespace.dataset(datasetSpecSummary.getName()));
}
ArtifactClient artifactClient = new ArtifactClient(getClientConfig(), getRestClient());
for (ArtifactSummary artifactSummary : artifactClient.list(namespace, ArtifactScope.USER)) {
artifactClient.delete(namespace.artifact(artifactSummary.getName(), artifactSummary.getVersion()));
}
assertIsClear(namespace);
}
Also used :
ArtifactSummary(co.cask.cdap.api.artifact.ArtifactSummary)
StreamDetail(co.cask.cdap.proto.StreamDetail)
ArtifactClient(co.cask.cdap.client.ArtifactClient)
DatasetSpecificationSummary(co.cask.cdap.proto.DatasetSpecificationSummary)
ApplicationRecord(co.cask.cdap.proto.ApplicationRecord)
Aggregations
ArtifactSummary (co.cask.cdap.api.artifact.ArtifactSummary)64
Test (org.junit.Test)33
ApplicationId (co.cask.cdap.proto.id.ApplicationId)32
AppRequest (co.cask.cdap.proto.artifact.AppRequest)31
ArtifactId (co.cask.cdap.proto.id.ArtifactId)25
NamespaceId (co.cask.cdap.proto.id.NamespaceId)17
Id (co.cask.cdap.common.id.Id)13
IOException (java.io.IOException)13
ProgramId (co.cask.cdap.proto.id.ProgramId)12
HashMap (java.util.HashMap)10
ArtifactVersion (co.cask.cdap.api.artifact.ArtifactVersion)9
NotFoundException (co.cask.cdap.common.NotFoundException)8
HashSet (java.util.HashSet)8
PluginInfo (co.cask.cdap.proto.artifact.PluginInfo)7
Map (java.util.Map)7
Set (java.util.Set)7
JsonObject (com.google.gson.JsonObject)6
URL (java.net.URL)6
ConfigTestApp (co.cask.cdap.ConfigTestApp)5
ArtifactRange (co.cask.cdap.api.artifact.ArtifactRange)5
