Examples with AuditPolicy co.cask.cdap.common.security.AuditPolicy used on opensource projects

Search in sources :

Example 16 with AuditPolicy

use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class ArtifactHttpHandler method writeProperties.

@PUT
@Path("/namespaces/{namespace-id}/artifacts/{artifact-name}/versions/{artifact-version}/properties")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void writeProperties(HttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId, @PathParam("artifact-name") String artifactName, @PathParam("artifact-version") String artifactVersion) throws Exception {
    NamespaceId namespace = NamespaceId.SYSTEM.getNamespace().equalsIgnoreCase(namespaceId) ? NamespaceId.SYSTEM : validateAndGetNamespace(namespaceId);
    Id.Artifact artifactId = validateAndGetArtifactId(namespace, artifactName, artifactVersion);
    Map<String, String> properties;
    try (Reader reader = new InputStreamReader(new ChannelBufferInputStream(request.getContent()), Charsets.UTF_8)) {
        properties = GSON.fromJson(reader, MAP_STRING_STRING_TYPE);
    } catch (JsonSyntaxException e) {
        throw new BadRequestException("Json Syntax Error while parsing properties from request. " + "Please check that the properties are a json map from string to string.", e);
    } catch (IOException e) {
        throw new BadRequestException("Unable to read properties from the request.", e);
    }
    try {
        artifactRepository.writeArtifactProperties(artifactId, properties);
        responder.sendStatus(HttpResponseStatus.OK);
    } catch (IOException e) {
        LOG.error("Exception writing properties for artifact {}.", artifactId, e);
        responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, "Error adding properties to artifact.");
    }
}
Also used : JsonSyntaxException(com.google.gson.JsonSyntaxException) InputStreamReader(java.io.InputStreamReader) Reader(java.io.Reader) InputStreamReader(java.io.InputStreamReader) BadRequestException(co.cask.cdap.common.BadRequestException) NamespaceId(co.cask.cdap.proto.id.NamespaceId) Id(co.cask.cdap.proto.Id) ArtifactId(co.cask.cdap.proto.id.ArtifactId) NamespaceId(co.cask.cdap.proto.id.NamespaceId) ChannelBufferInputStream(org.jboss.netty.buffer.ChannelBufferInputStream) IOException(java.io.IOException) Path(javax.ws.rs.Path) AuditPolicy(co.cask.cdap.common.security.AuditPolicy) PUT(javax.ws.rs.PUT)

Example 17 with AuditPolicy

use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class DashboardHttpHandler method set.

@Path("/{dashboard-id}")
@PUT
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void set(HttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespace, @PathParam("dashboard-id") String id) throws Exception {
    try {
        String data = request.getContent().toString(Charsets.UTF_8);
        if (!isValidJSON(data)) {
            responder.sendJson(HttpResponseStatus.BAD_REQUEST, "Invalid JSON in body");
            return;
        }
        Map<String, String> propMap = ImmutableMap.of(CONFIG_PROPERTY, data);
        dashboardStore.put(namespace, new Config(id, propMap));
        responder.sendStatus(HttpResponseStatus.OK);
    } catch (ConfigNotFoundException e) {
        responder.sendString(HttpResponseStatus.NOT_FOUND, "Dashboard not found");
    }
}
Also used : Config(co.cask.cdap.config.Config) ConfigNotFoundException(co.cask.cdap.config.ConfigNotFoundException) Path(javax.ws.rs.Path) AuditPolicy(co.cask.cdap.common.security.AuditPolicy) PUT(javax.ws.rs.PUT)

Example 18 with AuditPolicy

use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class AuthorizationHandler method grant.

@Path("/privileges/grant")
@POST
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void grant(HttpRequest httpRequest, HttpResponder httpResponder) throws Exception {
    ensureSecurityEnabled();
    GrantRequest request = parseBody(httpRequest, GrantRequest.class);
    verifyAuthRequest(request);
    Set<Action> actions = request.getActions() == null ? EnumSet.allOf(Action.class) : request.getActions();
    // enforce that the user granting access has admin privileges on the entity
    authorizationEnforcer.enforce(request.getEntity(), authenticationContext.getPrincipal(), Action.ADMIN);
    privilegesManager.grant(request.getEntity(), request.getPrincipal(), actions);
    httpResponder.sendStatus(HttpResponseStatus.OK);
    createLogEntry(httpRequest, request, HttpResponseStatus.OK);
}
Also used : Action(co.cask.cdap.proto.security.Action) GrantRequest(co.cask.cdap.proto.security.GrantRequest) Path(javax.ws.rs.Path) AuditPolicy(co.cask.cdap.common.security.AuditPolicy) POST(javax.ws.rs.POST)

Example 19 with AuditPolicy

use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class AuthorizationHandler method revoke.

@Path("/privileges/revoke")
@POST
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void revoke(HttpRequest httpRequest, HttpResponder httpResponder) throws Exception {
    ensureSecurityEnabled();
    RevokeRequest request = parseBody(httpRequest, RevokeRequest.class);
    verifyAuthRequest(request);
    // enforce that the user revoking access has admin privileges on the entity
    authorizationEnforcer.enforce(request.getEntity(), authenticationContext.getPrincipal(), Action.ADMIN);
    if (request.getPrincipal() == null && request.getActions() == null) {
        privilegesManager.revoke(request.getEntity());
    } else {
        Set<Action> actions = request.getActions() == null ? EnumSet.allOf(Action.class) : request.getActions();
        privilegesManager.revoke(request.getEntity(), request.getPrincipal(), actions);
    }
    httpResponder.sendStatus(HttpResponseStatus.OK);
    createLogEntry(httpRequest, request, HttpResponseStatus.OK);
}
Also used : RevokeRequest(co.cask.cdap.proto.security.RevokeRequest) Action(co.cask.cdap.proto.security.Action) Path(javax.ws.rs.Path) AuditPolicy(co.cask.cdap.common.security.AuditPolicy) POST(javax.ws.rs.POST)

Example 20 with AuditPolicy

use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class StreamViewHttpHandler method createOrUpdate.

@PUT
@Path("/streams/{stream}/views/{view}")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void createOrUpdate(HttpRequest request, HttpResponder responder, @PathParam("namespace") String namespace, @PathParam("stream") String stream, @PathParam("view") String view) throws Exception {
    StreamViewId viewId;
    try {
        viewId = new StreamViewId(namespace, stream, view);
    } catch (IllegalArgumentException e) {
        throw new BadRequestException(e);
    }
    try (Reader reader = new InputStreamReader(new ChannelBufferInputStream(request.getContent()))) {
        ViewSpecification spec = GSON.fromJson(reader, ViewSpecification.class);
        if (spec == null) {
            throw new BadRequestException("Missing ViewSpecification in request body");
        }
        boolean created = admin.createOrUpdateView(viewId, spec);
        responder.sendStatus(created ? HttpResponseStatus.CREATED : HttpResponseStatus.OK);
    } catch (JsonSyntaxException e) {
        responder.sendString(HttpResponseStatus.BAD_REQUEST, "Couldn't decode body as view config JSON");
    } catch (IOException e) {
        LOG.warn("Error closing InputStreamReader", e);
    }
}
Also used : JsonSyntaxException(com.google.gson.JsonSyntaxException) InputStreamReader(java.io.InputStreamReader) BadRequestException(co.cask.cdap.common.BadRequestException) Reader(java.io.Reader) InputStreamReader(java.io.InputStreamReader) ViewSpecification(co.cask.cdap.proto.ViewSpecification) ChannelBufferInputStream(org.jboss.netty.buffer.ChannelBufferInputStream) IOException(java.io.IOException) StreamViewId(co.cask.cdap.proto.id.StreamViewId) Path(javax.ws.rs.Path) AuditPolicy(co.cask.cdap.common.security.AuditPolicy) PUT(javax.ws.rs.PUT)

Aggregations

AuditPolicy (co.cask.cdap.common.security.AuditPolicy)44 Path (javax.ws.rs.Path)44 POST (javax.ws.rs.POST)24 PUT (javax.ws.rs.PUT)19 BadRequestException (co.cask.cdap.common.BadRequestException)12 ProgramId (co.cask.cdap.proto.id.ProgramId)11 NamespaceId (co.cask.cdap.proto.id.NamespaceId)9 IOException (java.io.IOException)8 NotFoundException (co.cask.cdap.common.NotFoundException)7 JsonSyntaxException (com.google.gson.JsonSyntaxException)7 NamespaceNotFoundException (co.cask.cdap.common.NamespaceNotFoundException)6 ArtifactId (co.cask.cdap.proto.id.ArtifactId)6 ArrayList (java.util.ArrayList)6 Id (co.cask.cdap.proto.Id)5 StreamId (co.cask.cdap.proto.id.StreamId)5 Constraint (co.cask.cdap.internal.schedule.constraint.Constraint)4 ProtoConstraint (co.cask.cdap.proto.ProtoConstraint)4 DatasetId (co.cask.cdap.proto.id.DatasetId)4 InputStreamReader (java.io.InputStreamReader)4 Reader (java.io.Reader)4
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial