Example 76 with AuditPolicy
use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class ProgramLifecycleHttpHandler method setFlowletInstances.
/**
* Increases number of instance for a flowlet within a flow.
*/
@PUT
@Path("/apps/{app-id}/flows/{flow-id}/flowlets/{flowlet-id}/instances")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public synchronized void setFlowletInstances(FullHttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId, @PathParam("app-id") String appId, @PathParam("flow-id") String flowId, @PathParam("flowlet-id") String flowletId) throws Exception {
int instances = getInstances(request);
try {
lifecycleService.setInstances(new ProgramId(namespaceId, appId, ProgramType.FLOW, flowId), instances, flowletId);
responder.sendStatus(HttpResponseStatus.OK);
} catch (SecurityException e) {
responder.sendStatus(HttpResponseStatus.UNAUTHORIZED);
} catch (Throwable e) {
if (respondIfElementNotFound(e, responder)) {
return;
}
throw e;
}
}
Also used :
ProgramId(co.cask.cdap.proto.id.ProgramId)
Constraint(co.cask.cdap.internal.schedule.constraint.Constraint)
Path(javax.ws.rs.Path)
AuditPolicy(co.cask.cdap.common.security.AuditPolicy)
PUT(javax.ws.rs.PUT)
Example 77 with AuditPolicy
use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class RouteConfigHttpHandler method storeRouteConfig.
@PUT
@Path("/routeconfig")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void storeRouteConfig(FullHttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId, @PathParam("app-id") String appId, @PathParam("service-id") String serviceId) throws Exception {
NamespaceId namespace = new NamespaceId(namespaceId);
ProgramId programId = namespace.app(appId).service(serviceId);
Map<String, Integer> routes = parseBody(request, ROUTE_CONFIG_TYPE);
if (routes == null || routes.isEmpty()) {
throw new BadRequestException("Route config contains invalid format or empty content.");
}
List<ProgramId> nonExistingServices = new ArrayList<>();
for (String version : routes.keySet()) {
ProgramId routeProgram = namespace.app(appId, version).service(serviceId);
if (!lifecycleService.programExists(routeProgram)) {
nonExistingServices.add(routeProgram);
}
}
if (nonExistingServices.size() > 0) {
throw new BadRequestException("The following versions of the application/service could not be found : " + nonExistingServices);
}
RouteConfig routeConfig = new RouteConfig(routes);
if (!routeConfig.isValid()) {
throw new BadRequestException("Route Percentage needs to add up to 100.");
}
routeStore.store(programId, routeConfig);
responder.sendStatus(HttpResponseStatus.OK);
}
Also used :
ArrayList(java.util.ArrayList)
BadRequestException(co.cask.cdap.common.BadRequestException)
RouteConfig(co.cask.cdap.route.store.RouteConfig)
NamespaceId(co.cask.cdap.proto.id.NamespaceId)
ProgramId(co.cask.cdap.proto.id.ProgramId)
Path(javax.ws.rs.Path)
AuditPolicy(co.cask.cdap.common.security.AuditPolicy)
PUT(javax.ws.rs.PUT)
Example 78 with AuditPolicy
use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class SecureStoreHandler method create.
@Path("/{key-name}")
@PUT
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void create(FullHttpRequest httpRequest, HttpResponder httpResponder, @PathParam("namespace-id") String namespace, @PathParam("key-name") String name) throws Exception {
SecureKeyId secureKeyId = new SecureKeyId(namespace, name);
SecureKeyCreateRequest secureKeyCreateRequest = parseBody(httpRequest, SecureKeyCreateRequest.class);
if (secureKeyCreateRequest == null) {
SecureKeyCreateRequest dummy = new SecureKeyCreateRequest("<description>", "<data>", ImmutableMap.of("key", "value"));
throw new BadRequestException("Unable to parse the request. The request body should be of the following format." + " \n" + GSON.toJson(dummy));
}
secureStoreManager.putSecureData(namespace, name, secureKeyCreateRequest.getData(), secureKeyCreateRequest.getDescription(), secureKeyCreateRequest.getProperties());
httpResponder.sendStatus(HttpResponseStatus.OK);
}
Also used :
SecureKeyCreateRequest(co.cask.cdap.proto.security.SecureKeyCreateRequest)
SecureKeyId(co.cask.cdap.proto.id.SecureKeyId)
BadRequestException(co.cask.cdap.common.BadRequestException)
Path(javax.ws.rs.Path)
AuditPolicy(co.cask.cdap.common.security.AuditPolicy)
PUT(javax.ws.rs.PUT)
Example 79 with AuditPolicy
use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class AuthorizationHandler method revoke.
@Path("/privileges/revoke")
@POST
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void revoke(FullHttpRequest httpRequest, HttpResponder httpResponder) throws Exception {
ensureSecurityEnabled();
RevokeRequest request = parseBody(httpRequest, RevokeRequest.class);
if (request == null) {
throw new BadRequestException("Missing request body");
}
if (request.getPrincipal() == null && request.getActions() == null) {
privilegesManager.revoke(request.getAuthorizable());
} else {
Set<Action> actions = request.getActions() == null ? EnumSet.allOf(Action.class) : request.getActions();
privilegesManager.revoke(request.getAuthorizable(), request.getPrincipal(), actions);
}
httpResponder.sendStatus(HttpResponseStatus.OK);
createLogEntry(httpRequest, HttpResponseStatus.OK);
}
Also used :
RevokeRequest(co.cask.cdap.proto.security.RevokeRequest)
Action(co.cask.cdap.proto.security.Action)
BadRequestException(co.cask.cdap.common.BadRequestException)
Path(javax.ws.rs.Path)
AuditPolicy(co.cask.cdap.common.security.AuditPolicy)
POST(javax.ws.rs.POST)
Example 80 with AuditPolicy
use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class AuthorizationHandler method grant.
@Path("/privileges/grant")
@POST
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void grant(FullHttpRequest httpRequest, HttpResponder httpResponder) throws Exception {
ensureSecurityEnabled();
GrantRequest request = parseBody(httpRequest, GrantRequest.class);
if (request == null) {
throw new BadRequestException("Missing request body");
}
Set<Action> actions = request.getActions() == null ? EnumSet.allOf(Action.class) : request.getActions();
privilegesManager.grant(request.getAuthorizable(), request.getPrincipal(), actions);
httpResponder.sendStatus(HttpResponseStatus.OK);
createLogEntry(httpRequest, HttpResponseStatus.OK);
}
Also used :
Action(co.cask.cdap.proto.security.Action)
GrantRequest(co.cask.cdap.proto.security.GrantRequest)
BadRequestException(co.cask.cdap.common.BadRequestException)
Path(javax.ws.rs.Path)
AuditPolicy(co.cask.cdap.common.security.AuditPolicy)
POST(javax.ws.rs.POST)
Aggregations
AuditPolicy (co.cask.cdap.common.security.AuditPolicy)86
Path (javax.ws.rs.Path)86
POST (javax.ws.rs.POST)47
PUT (javax.ws.rs.PUT)38
BadRequestException (co.cask.cdap.common.BadRequestException)25
ProgramId (co.cask.cdap.proto.id.ProgramId)22
NamespaceId (co.cask.cdap.proto.id.NamespaceId)17
IOException (java.io.IOException)14
NotFoundException (co.cask.cdap.common.NotFoundException)13
JsonSyntaxException (com.google.gson.JsonSyntaxException)13
NamespaceNotFoundException (co.cask.cdap.common.NamespaceNotFoundException)11
ArtifactId (co.cask.cdap.proto.id.ArtifactId)11
ArrayList (java.util.ArrayList)11
StreamId (co.cask.cdap.proto.id.StreamId)10
ApplicationId (co.cask.cdap.proto.id.ApplicationId)9
Constraint (co.cask.cdap.internal.schedule.constraint.Constraint)8
DatasetId (co.cask.cdap.proto.id.DatasetId)8
InputStreamReader (java.io.InputStreamReader)8
Reader (java.io.Reader)8
ArtifactNotFoundException (co.cask.cdap.common.ArtifactNotFoundException)5
