Examples with AuditPolicy co.cask.cdap.common.security.AuditPolicy used on opensource projects

Example 21 with AuditPolicy

use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class StreamHandler method setConfig.

@PUT
@Path("/{stream}/properties")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void setConfig(HttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId, @PathParam("stream") String stream) throws Exception {
    StreamId streamId = validateAndGetStreamId(namespaceId, stream);
    checkStreamExists(streamId);
    StreamProperties properties = getAndValidateConfig(request);
    streamAdmin.updateConfig(streamId, properties);
    responder.sendStatus(HttpResponseStatus.OK);
}

Example 22 with AuditPolicy

use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class NotificationFeedHttpHandler method createFeed.

@PUT
@Path("/feeds/categories/{feed-category}/names/{feed-name}")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void createFeed(HttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId, @PathParam("feed-category") String category, @PathParam("feed-name") String name) {
    try {
        NotificationFeedInfo feedInfo;
        try {
            Map<String, String> body = parseBody(request, MAP_TYPE);
            String description = body == null ? null : body.get("description");
            feedInfo = new NotificationFeedInfo(namespaceId, category, name, description);
        } catch (IllegalArgumentException e) {
            responder.sendString(HttpResponseStatus.BAD_REQUEST, String.format("Could not create Notification Feed. %s", e.getMessage()));
            return;
        }
        if (feedManager.createFeed(feedInfo)) {
            responder.sendString(HttpResponseStatus.OK, "Notification Feed created successfully");
        } else {
            LOG.trace("Notification Feed already exists.");
            responder.sendString(HttpResponseStatus.OK, "Notification Feed already exists.");
        }
    } catch (NotificationFeedException e) {
        LOG.error("Could not create notification feed.", e);
        responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, e.getMessage());
    } catch (JsonSyntaxException e) {
        responder.sendString(HttpResponseStatus.BAD_REQUEST, "Invalid json object provided in request body.");
    } catch (IOException e) {
        LOG.error("Failed to read Notification feed request body.", e);
        responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, e.getMessage());
    } catch (Throwable t) {
        LOG.debug("Error in creating notification feed.", t);
        responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, t.getMessage());
    }
}

Example 23 with AuditPolicy

use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class ProgramLifecycleHttpHandler method saveProgramRuntimeArgs.

/**
   * Save program runtime args.
   */
@PUT
@Path("/apps/{app-name}/{program-type}/{program-name}/runtimeargs")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void saveProgramRuntimeArgs(HttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId, @PathParam("app-name") String appName, @PathParam("program-type") String type, @PathParam("program-name") String programName) throws Exception {
    ProgramType programType = getProgramType(type);
    ProgramId programId = new ProgramId(namespaceId, appName, programType, programName);
    saveProgramIdRuntimeArgs(programId, request, responder);
}

Example 24 with AuditPolicy

use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class ProgramLifecycleHttpHandler method getInstances.

/**
   * Returns the number of instances for all program runnables that are passed into the data. The data is an array of
   * Json objects where each object must contain the following three elements: appId, programType, and programId
   * (flow name, service name). Retrieving instances only applies to flows, and user
   * services. For flows, another parameter, "runnableId", must be provided. This corresponds to the
   * flowlet/runnable for which to retrieve the instances.
   * <p>
   * Example input:
   * <pre><code>
   * [{"appId": "App1", "programType": "Service", "programId": "Service1", "runnableId": "Runnable1"},
   *  {"appId": "App1", "programType": "Mapreduce", "programId": "Mapreduce2"},
   *  {"appId": "App2", "programType": "Flow", "programId": "Flow1", "runnableId": "Flowlet1"}]
   * </code></pre>
   * </p><p>
   * The response will be an array of JsonObjects each of which will contain the three input parameters
   * as well as 3 fields:
   * <ul>
   * <li>"provisioned" which maps to the number of instances actually provided for the input runnable;</li>
   * <li>"requested" which maps to the number of instances the user has requested for the input runnable; and</li>
   * <li>"statusCode" which maps to the http status code for the data in that JsonObjects (200, 400, 404).</li>
   * </ul>
   * </p><p>
   * If an error occurs in the input (for the example above, Flowlet1 does not exist), then all JsonObjects for
   * which the parameters have a valid instances will have the provisioned and requested fields status code fields
   * but all JsonObjects for which the parameters are not valid will have an error message and statusCode.
   * </p><p>
   * For example, if there is no Flowlet1 in the above data, then the response could be 200 OK with the following data:
   * </p>
   * <pre><code>
   * [{"appId": "App1", "programType": "Service", "programId": "Service1", "runnableId": "Runnable1",
   *   "statusCode": 200, "provisioned": 2, "requested": 2},
   *  {"appId": "App1", "programType": "Mapreduce", "programId": "Mapreduce2", "statusCode": 400,
   *   "error": "Program type 'Mapreduce' is not a valid program type to get instances"},
   *  {"appId": "App2", "programType": "Flow", "programId": "Flow1", "runnableId": "Flowlet1", "statusCode": 404,
   *   "error": "Program": Flowlet1 not found"}]
   * </code></pre>
   */
@POST
@Path("/instances")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void getInstances(HttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId) throws IOException, BadRequestException {
    List<BatchRunnable> runnables = validateAndGetBatchInput(request, BATCH_RUNNABLES_TYPE);
    // cache app specs to perform fewer store lookups
    Map<ApplicationId, ApplicationSpecification> appSpecs = new HashMap<>();
    List<BatchRunnableInstances> output = new ArrayList<>(runnables.size());
    for (BatchRunnable runnable : runnables) {
        // cant get instances for things that are not flows, services, or workers
        if (!canHaveInstances(runnable.getProgramType())) {
            output.add(new BatchRunnableInstances(runnable, HttpResponseStatus.BAD_REQUEST.getCode(), String.format("Program type '%s' is not a valid program type to get instances", runnable.getProgramType().getPrettyName())));
            continue;
        }
        ApplicationId appId = new ApplicationId(namespaceId, runnable.getAppId());
        // populate spec cache if this is the first time we've seen the appid.
        if (!appSpecs.containsKey(appId)) {
            appSpecs.put(appId, store.getApplication(appId));
        }
        ApplicationSpecification spec = appSpecs.get(appId);
        if (spec == null) {
            output.add(new BatchRunnableInstances(runnable, HttpResponseStatus.NOT_FOUND.getCode(), String.format("App: %s not found", appId)));
            continue;
        }
        ProgramId programId = appId.program(runnable.getProgramType(), runnable.getProgramId());
        output.add(getProgramInstances(runnable, spec, programId));
    }
    responder.sendJson(HttpResponseStatus.OK, output);
}

Example 25 with AuditPolicy

use of co.cask.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class ProgramLifecycleHttpHandler method setFlowletInstances.

/**
   * Increases number of instance for a flowlet within a flow.
   */
@PUT
@Path("/apps/{app-id}/flows/{flow-id}/flowlets/{flowlet-id}/instances")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public synchronized void setFlowletInstances(HttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId, @PathParam("app-id") String appId, @PathParam("flow-id") String flowId, @PathParam("flowlet-id") String flowletId) throws Exception {
    int instances = getInstances(request);
    try {
        lifecycleService.setInstances(new ProgramId(namespaceId, appId, ProgramType.FLOW, flowId), instances, flowletId);
        responder.sendStatus(HttpResponseStatus.OK);
    } catch (SecurityException e) {
        responder.sendStatus(HttpResponseStatus.UNAUTHORIZED);
    } catch (Throwable e) {
        if (respondIfElementNotFound(e, responder)) {
            return;
        }
        throw e;
    }
}