Example 71 with AuditPolicy
use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class ArtifactHttpHandler method addArtifact.
@POST
@Path("/namespaces/{namespace-id}/artifacts/{artifact-name}")
@AuditPolicy(AuditDetail.HEADERS)
public BodyConsumer addArtifact(HttpRequest request, HttpResponder responder, @PathParam("namespace-id") final String namespaceId, @PathParam("artifact-name") final String artifactName, @HeaderParam(VERSION_HEADER) final String artifactVersion, @HeaderParam(EXTENDS_HEADER) final String parentArtifactsStr, @HeaderParam(PLUGINS_HEADER) String pluginClasses) throws NamespaceNotFoundException, BadRequestException {
final NamespaceId namespace = validateAndGetNamespace(namespaceId);
// and validated there
if (artifactVersion != null && !artifactVersion.isEmpty()) {
validateAndGetArtifactId(namespace, artifactName, artifactVersion);
}
final Set<ArtifactRange> parentArtifacts = parseExtendsHeader(namespace, parentArtifactsStr);
final Set<PluginClass> additionalPluginClasses;
if (pluginClasses == null) {
additionalPluginClasses = ImmutableSet.of();
} else {
try {
additionalPluginClasses = GSON.fromJson(pluginClasses, PLUGINS_TYPE);
} catch (JsonParseException e) {
responder.sendString(HttpResponseStatus.BAD_REQUEST, String.format("%s header '%s' is invalid: %s", PLUGINS_HEADER, pluginClasses, e.getMessage()));
return null;
}
}
try {
// copy the artifact contents to local tmp directory
final File destination = File.createTempFile("artifact-", ".jar", tmpDir);
return new AbstractBodyConsumer(destination) {
@Override
protected void onFinish(HttpResponder responder, File uploadedFile) {
try {
String version = (artifactVersion == null || artifactVersion.isEmpty()) ? getBundleVersion(uploadedFile) : artifactVersion;
ArtifactId artifactId = validateAndGetArtifactId(namespace, artifactName, version);
// add the artifact to the repo
artifactRepository.addArtifact(Id.Artifact.fromEntityId(artifactId), uploadedFile, parentArtifacts, additionalPluginClasses);
responder.sendString(HttpResponseStatus.OK, "Artifact added successfully");
} catch (ArtifactRangeNotFoundException e) {
responder.sendString(HttpResponseStatus.NOT_FOUND, e.getMessage());
} catch (ArtifactAlreadyExistsException e) {
responder.sendString(HttpResponseStatus.CONFLICT, e.getMessage());
} catch (WriteConflictException e) {
responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, "Conflict while writing artifact, please try again.");
} catch (IOException e) {
LOG.error("Exception while trying to write artifact {}-{}-{}.", namespaceId, artifactName, artifactVersion, e);
responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, "Error performing IO while writing artifact.");
} catch (BadRequestException e) {
responder.sendString(HttpResponseStatus.BAD_REQUEST, e.getMessage());
} catch (UnauthorizedException e) {
responder.sendString(HttpResponseStatus.FORBIDDEN, e.getMessage());
} catch (Exception e) {
LOG.error("Error while writing artifact {}-{}-{}", namespaceId, artifactName, artifactVersion, e);
responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, "Error while adding artifact.");
}
}
private String getBundleVersion(File file) throws BadRequestException, IOException {
try (JarFile jarFile = new JarFile(file)) {
Manifest manifest = jarFile.getManifest();
if (manifest == null) {
throw new BadRequestException("Unable to derive version from artifact because it does not contain a manifest. " + "Please package the jar with a manifest, or explicitly specify the artifact version.");
}
Attributes attributes = manifest.getMainAttributes();
String version = attributes == null ? null : attributes.getValue(ManifestFields.BUNDLE_VERSION);
if (version == null) {
throw new BadRequestException("Unable to derive version from artifact because manifest does not contain Bundle-Version attribute. " + "Please include Bundle-Version in the manifest, or explicitly specify the artifact version.");
}
return version;
} catch (ZipException e) {
throw new BadRequestException("Artifact is not in zip format. Please make sure it is a jar file.");
}
}
};
} catch (IOException e) {
LOG.error("Exception creating temp file to place artifact {} contents", artifactName, e);
responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, "Server error creating temp file for artifact.");
return null;
}
}
Also used :
ArtifactRangeNotFoundException(co.cask.cdap.common.ArtifactRangeNotFoundException)
HttpResponder(co.cask.http.HttpResponder)
ArtifactId(co.cask.cdap.proto.id.ArtifactId)
ArtifactRange(co.cask.cdap.api.artifact.ArtifactRange)
Attributes(java.util.jar.Attributes)
ZipException(java.util.zip.ZipException)
IOException(java.io.IOException)
JsonParseException(com.google.gson.JsonParseException)
JarFile(java.util.jar.JarFile)
Manifest(java.util.jar.Manifest)
InvalidArtifactRangeException(co.cask.cdap.api.artifact.InvalidArtifactRangeException)
NamespaceNotFoundException(co.cask.cdap.common.NamespaceNotFoundException)
ArtifactNotFoundException(co.cask.cdap.common.ArtifactNotFoundException)
ZipException(java.util.zip.ZipException)
ArtifactAlreadyExistsException(co.cask.cdap.common.ArtifactAlreadyExistsException)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
BadRequestException(co.cask.cdap.common.BadRequestException)
UnauthorizedException(co.cask.cdap.security.spi.authorization.UnauthorizedException)
JsonParseException(com.google.gson.JsonParseException)
PluginNotExistsException(co.cask.cdap.internal.app.runtime.plugin.PluginNotExistsException)
ArtifactRangeNotFoundException(co.cask.cdap.common.ArtifactRangeNotFoundException)
WriteConflictException(co.cask.cdap.internal.app.runtime.artifact.WriteConflictException)
JsonSyntaxException(com.google.gson.JsonSyntaxException)
IOException(java.io.IOException)
NotFoundException(co.cask.cdap.common.NotFoundException)
ArtifactAlreadyExistsException(co.cask.cdap.common.ArtifactAlreadyExistsException)
AbstractBodyConsumer(co.cask.cdap.common.http.AbstractBodyConsumer)
WriteConflictException(co.cask.cdap.internal.app.runtime.artifact.WriteConflictException)
UnauthorizedException(co.cask.cdap.security.spi.authorization.UnauthorizedException)
BadRequestException(co.cask.cdap.common.BadRequestException)
NamespaceId(co.cask.cdap.proto.id.NamespaceId)
PluginClass(co.cask.cdap.api.plugin.PluginClass)
JarFile(java.util.jar.JarFile)
File(java.io.File)
Path(javax.ws.rs.Path)
AuditPolicy(co.cask.cdap.common.security.AuditPolicy)
POST(javax.ws.rs.POST)
Example 72 with AuditPolicy
use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class ArtifactHttpHandler method writeProperties.
@PUT
@Path("/namespaces/{namespace-id}/artifacts/{artifact-name}/versions/{artifact-version}/properties")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void writeProperties(FullHttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId, @PathParam("artifact-name") String artifactName, @PathParam("artifact-version") String artifactVersion) throws Exception {
NamespaceId namespace = NamespaceId.SYSTEM.getNamespace().equalsIgnoreCase(namespaceId) ? NamespaceId.SYSTEM : validateAndGetNamespace(namespaceId);
ArtifactId artifactId = validateAndGetArtifactId(namespace, artifactName, artifactVersion);
Map<String, String> properties;
try (Reader reader = new InputStreamReader(new ByteBufInputStream(request.content()), StandardCharsets.UTF_8)) {
properties = GSON.fromJson(reader, MAP_STRING_STRING_TYPE);
} catch (JsonSyntaxException e) {
throw new BadRequestException("Json Syntax Error while parsing properties from request. " + "Please check that the properties are a json map from string to string.", e);
} catch (IOException e) {
throw new BadRequestException("Unable to read properties from the request.", e);
}
try {
artifactRepository.writeArtifactProperties(Id.Artifact.fromEntityId(artifactId), properties);
responder.sendStatus(HttpResponseStatus.OK);
} catch (IOException e) {
LOG.error("Exception writing properties for artifact {}.", artifactId, e);
responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, "Error adding properties to artifact.");
}
}
Also used :
JsonSyntaxException(com.google.gson.JsonSyntaxException)
ArtifactId(co.cask.cdap.proto.id.ArtifactId)
InputStreamReader(java.io.InputStreamReader)
Reader(java.io.Reader)
InputStreamReader(java.io.InputStreamReader)
BadRequestException(co.cask.cdap.common.BadRequestException)
NamespaceId(co.cask.cdap.proto.id.NamespaceId)
ByteBufInputStream(io.netty.buffer.ByteBufInputStream)
IOException(java.io.IOException)
Path(javax.ws.rs.Path)
AuditPolicy(co.cask.cdap.common.security.AuditPolicy)
PUT(javax.ws.rs.PUT)
Example 73 with AuditPolicy
use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class ConsoleSettingsHttpHandler method set.
@Path("/")
@PUT
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void set(FullHttpRequest request, HttpResponder responder) throws Exception {
String data = request.content().toString(StandardCharsets.UTF_8);
if (!isValidJSON(data)) {
responder.sendJson(HttpResponseStatus.BAD_REQUEST, "Invalid JSON in body");
return;
}
// Configuration Layout for UserSettings:
// Config ID : userId
// Config Properties : Map (Key = CONFIG_PROPERTY, Value = Serialized JSON string of properties)
// User Settings configurations are stored under empty NAMESPACE.
Map<String, String> propMap = ImmutableMap.of(CONFIG_PROPERTY, data);
String userId = Objects.firstNonNull(SecurityRequestContext.getUserId(), "");
Config userConfig = new Config(userId, propMap);
store.put(userConfig);
responder.sendStatus(HttpResponseStatus.OK);
}
Also used :
Config(co.cask.cdap.config.Config)
Path(javax.ws.rs.Path)
AuditPolicy(co.cask.cdap.common.security.AuditPolicy)
PUT(javax.ws.rs.PUT)
Example 74 with AuditPolicy
use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class ProgramLifecycleHttpHandler method startPrograms.
/**
* Starts all programs that are passed into the data. The data is an array of JSON objects
* where each object must contain the following three elements: appId, programType, and programId
* (flow name, service name, etc.). In additional, each object can contain an optional runtimeargs element,
* which is a map of arguments to start the program with.
* <p>
* Example input:
* <pre><code>
* [{"appId": "App1", "programType": "Service", "programId": "Service1"},
* {"appId": "App1", "programType": "Mapreduce", "programId": "MapReduce2", "runtimeargs":{"arg1":"val1"}},
* {"appId": "App2", "programType": "Flow", "programId": "Flow1"}]
* </code></pre>
* </p><p>
* The response will be an array of JsonObjects each of which will contain the three input parameters
* as well as a "statusCode" field which maps to the status code for the data in that JsonObjects.
* </p><p>
* If an error occurs in the input (for the example above, App2 does not exist), then all JsonObjects for which the
* parameters have a valid status will have the status field but all JsonObjects for which the parameters do not have
* a valid status will have an error message and statusCode.
* </p><p>
* For example, if there is no App2 in the data above, then the response would be 200 OK with following possible data:
* </p>
* <pre><code>
* [{"appId": "App1", "programType": "Service", "programId": "Service1", "statusCode": 200},
* {"appId": "App1", "programType": "Mapreduce", "programId": "Mapreduce2", "statusCode": 200},
* {"appId":"App2", "programType":"Flow", "programId":"Flow1", "statusCode":404, "error": "App: App2 not found"}]
* </code></pre>
*/
@POST
@Path("/start")
@AuditPolicy({ AuditDetail.REQUEST_BODY, AuditDetail.RESPONSE_BODY })
public void startPrograms(FullHttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId) throws Exception {
List<BatchProgramStart> programs = validateAndGetBatchInput(request, BATCH_STARTS_TYPE);
List<BatchProgramResult> output = new ArrayList<>(programs.size());
for (BatchProgramStart program : programs) {
ProgramId programId = new ProgramId(namespaceId, program.getAppId(), program.getProgramType(), program.getProgramId());
try {
ProgramController programController = lifecycleService.start(programId, program.getRuntimeargs(), false);
output.add(new BatchProgramResult(program, HttpResponseStatus.OK.code(), null, programController.getRunId().getId()));
} catch (NotFoundException e) {
output.add(new BatchProgramResult(program, HttpResponseStatus.NOT_FOUND.code(), e.getMessage()));
} catch (BadRequestException e) {
output.add(new BatchProgramResult(program, HttpResponseStatus.BAD_REQUEST.code(), e.getMessage()));
} catch (ConflictException e) {
output.add(new BatchProgramResult(program, HttpResponseStatus.CONFLICT.code(), e.getMessage()));
}
}
responder.sendJson(HttpResponseStatus.OK, GSON.toJson(output));
}
Also used :
ProgramController(co.cask.cdap.app.runtime.ProgramController)
ConflictException(co.cask.cdap.common.ConflictException)
BatchProgramResult(co.cask.cdap.proto.BatchProgramResult)
ArrayList(java.util.ArrayList)
NamespaceNotFoundException(co.cask.cdap.common.NamespaceNotFoundException)
NotFoundException(co.cask.cdap.common.NotFoundException)
BadRequestException(co.cask.cdap.common.BadRequestException)
BatchProgramStart(co.cask.cdap.proto.BatchProgramStart)
ProgramId(co.cask.cdap.proto.id.ProgramId)
Path(javax.ws.rs.Path)
AuditPolicy(co.cask.cdap.common.security.AuditPolicy)
POST(javax.ws.rs.POST)
Example 75 with AuditPolicy
use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class ProgramLifecycleHttpHandler method stopPrograms.
/**
* Stops all programs that are passed into the data. The data is an array of JSON objects
* where each object must contain the following three elements: appId, programType, and programId
* (flow name, service name, etc.).
* <p>
* Example input:
* <pre><code>
* [{"appId": "App1", "programType": "Service", "programId": "Service1"},
* {"appId": "App1", "programType": "Mapreduce", "programId": "MapReduce2"},
* {"appId": "App2", "programType": "Flow", "programId": "Flow1"}]
* </code></pre>
* </p><p>
* The response will be an array of JsonObjects each of which will contain the three input parameters
* as well as a "statusCode" field which maps to the status code for the data in that JsonObjects.
* </p><p>
* If an error occurs in the input (for the example above, App2 does not exist), then all JsonObjects for which the
* parameters have a valid status will have the status field but all JsonObjects for which the parameters do not have
* a valid status will have an error message and statusCode.
* </p><p>
* For example, if there is no App2 in the data above, then the response would be 200 OK with following possible data:
* </p>
* <pre><code>
* [{"appId": "App1", "programType": "Service", "programId": "Service1", "statusCode": 200},
* {"appId": "App1", "programType": "Mapreduce", "programId": "Mapreduce2", "statusCode": 200},
* {"appId":"App2", "programType":"Flow", "programId":"Flow1", "statusCode":404, "error": "App: App2 not found"}]
* </code></pre>
*/
@POST
@Path("/stop")
@AuditPolicy({ AuditDetail.REQUEST_BODY, AuditDetail.RESPONSE_BODY })
public void stopPrograms(FullHttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId) throws Exception {
List<BatchProgram> programs = validateAndGetBatchInput(request, BATCH_PROGRAMS_TYPE);
List<ListenableFuture<BatchProgramResult>> issuedStops = new ArrayList<>(programs.size());
for (final BatchProgram program : programs) {
ProgramId programId = new ProgramId(namespaceId, program.getAppId(), program.getProgramType(), program.getProgramId());
try {
List<ListenableFuture<ProgramController>> stops = lifecycleService.issueStop(programId, null);
for (ListenableFuture<ProgramController> stop : stops) {
ListenableFuture<BatchProgramResult> issuedStop = Futures.transform(stop, new Function<ProgramController, BatchProgramResult>() {
@Override
public BatchProgramResult apply(ProgramController input) {
return new BatchProgramResult(program, HttpResponseStatus.OK.code(), null, input.getRunId().getId());
}
});
issuedStops.add(issuedStop);
}
} catch (NotFoundException e) {
issuedStops.add(Futures.immediateFuture(new BatchProgramResult(program, HttpResponseStatus.NOT_FOUND.code(), e.getMessage())));
} catch (BadRequestException e) {
issuedStops.add(Futures.immediateFuture(new BatchProgramResult(program, HttpResponseStatus.BAD_REQUEST.code(), e.getMessage())));
}
}
List<BatchProgramResult> output = new ArrayList<>(programs.size());
// need to keep this index in case there is an exception getting the future, since we won't have the program
// information in that scenario
int i = 0;
for (ListenableFuture<BatchProgramResult> issuedStop : issuedStops) {
try {
output.add(issuedStop.get());
} catch (Throwable t) {
LOG.warn(t.getMessage(), t);
output.add(new BatchProgramResult(programs.get(i), HttpResponseStatus.INTERNAL_SERVER_ERROR.code(), t.getMessage()));
}
i++;
}
responder.sendJson(HttpResponseStatus.OK, GSON.toJson(output));
}
Also used :
ProgramController(co.cask.cdap.app.runtime.ProgramController)
ArrayList(java.util.ArrayList)
BatchProgramResult(co.cask.cdap.proto.BatchProgramResult)
NamespaceNotFoundException(co.cask.cdap.common.NamespaceNotFoundException)
NotFoundException(co.cask.cdap.common.NotFoundException)
ProgramId(co.cask.cdap.proto.id.ProgramId)
Constraint(co.cask.cdap.internal.schedule.constraint.Constraint)
ListenableFuture(com.google.common.util.concurrent.ListenableFuture)
BadRequestException(co.cask.cdap.common.BadRequestException)
BatchProgram(co.cask.cdap.proto.BatchProgram)
Path(javax.ws.rs.Path)
AuditPolicy(co.cask.cdap.common.security.AuditPolicy)
POST(javax.ws.rs.POST)
Aggregations
AuditPolicy (co.cask.cdap.common.security.AuditPolicy)86
Path (javax.ws.rs.Path)86
POST (javax.ws.rs.POST)47
PUT (javax.ws.rs.PUT)38
BadRequestException (co.cask.cdap.common.BadRequestException)25
ProgramId (co.cask.cdap.proto.id.ProgramId)22
NamespaceId (co.cask.cdap.proto.id.NamespaceId)17
IOException (java.io.IOException)14
NotFoundException (co.cask.cdap.common.NotFoundException)13
JsonSyntaxException (com.google.gson.JsonSyntaxException)13
NamespaceNotFoundException (co.cask.cdap.common.NamespaceNotFoundException)11
ArtifactId (co.cask.cdap.proto.id.ArtifactId)11
ArrayList (java.util.ArrayList)11
StreamId (co.cask.cdap.proto.id.StreamId)10
ApplicationId (co.cask.cdap.proto.id.ApplicationId)9
Constraint (co.cask.cdap.internal.schedule.constraint.Constraint)8
DatasetId (co.cask.cdap.proto.id.DatasetId)8
InputStreamReader (java.io.InputStreamReader)8
Reader (java.io.Reader)8
ArtifactNotFoundException (co.cask.cdap.common.ArtifactNotFoundException)5
