Examples with ApiAccessDeniedException com.bluenimble.platform.api.ApiAccessDeniedException used on opensource projects

Search in sources :

Example 21 with ApiAccessDeniedException

use of com.bluenimble.platform.api.ApiAccessDeniedException in project serverless by bluenimble.

the class DeleteRecordSpi method execute.

@Override
public ApiOutput execute(Api api, final ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
    String provider = (String) request.get(CommonSpec.Provider);
    String sEntity = (String) request.get(CommonSpec.Entity);
    String record = (String) request.get(Spec.Record);
    ApiSpace space;
    try {
        space = MgmUtils.space(consumer, api);
    } catch (ApiAccessDeniedException e) {
        throw new ApiServiceExecutionException(e.getMessage(), e).status(ApiResponse.FORBIDDEN);
    }
    try {
        Database db = space.feature(Database.class, provider, request);
        DatabaseObject oRecord = db.get(sEntity, record);
        if (oRecord == null) {
            return new JsonApiOutput((JsonObject) new JsonObject().set(CommonOutput.Deleted, false));
        }
        oRecord.delete();
    } catch (DatabaseException e) {
        throw new ApiServiceExecutionException(e.getMessage(), e);
    }
    return new JsonApiOutput((JsonObject) new JsonObject().set(CommonOutput.Deleted, true));
}
Also used : ApiAccessDeniedException(com.bluenimble.platform.api.ApiAccessDeniedException) ApiSpace(com.bluenimble.platform.api.ApiSpace) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) Database(com.bluenimble.platform.db.Database) DatabaseObject(com.bluenimble.platform.db.DatabaseObject) JsonObject(com.bluenimble.platform.json.JsonObject) DatabaseException(com.bluenimble.platform.db.DatabaseException) JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput)

Example 22 with ApiAccessDeniedException

use of com.bluenimble.platform.api.ApiAccessDeniedException in project serverless by bluenimble.

the class DropEntitySpi method execute.

@Override
public ApiOutput execute(Api api, final ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
    String provider = (String) request.get(CommonSpec.Provider);
    String sEntity = (String) request.get(CommonSpec.Entity);
    ApiSpace space;
    try {
        space = MgmUtils.space(consumer, api);
    } catch (ApiAccessDeniedException e) {
        throw new ApiServiceExecutionException(e.getMessage(), e).status(ApiResponse.FORBIDDEN);
    }
    try {
        Database db = space.feature(Database.class, provider, request);
        db.drop(sEntity);
    } catch (DatabaseException e) {
        throw new ApiServiceExecutionException(e.getMessage(), e);
    } catch (Exception e) {
        throw new ApiServiceExecutionException(e.getMessage(), e).status(ApiResponse.NOT_FOUND);
    }
    return new JsonApiOutput((JsonObject) new JsonObject().set(CommonOutput.Dropped, true));
}
Also used : ApiAccessDeniedException(com.bluenimble.platform.api.ApiAccessDeniedException) ApiSpace(com.bluenimble.platform.api.ApiSpace) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) Database(com.bluenimble.platform.db.Database) JsonObject(com.bluenimble.platform.json.JsonObject) DatabaseException(com.bluenimble.platform.db.DatabaseException) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) ApiAccessDeniedException(com.bluenimble.platform.api.ApiAccessDeniedException) DatabaseException(com.bluenimble.platform.db.DatabaseException) JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput)

Example 23 with ApiAccessDeniedException

use of com.bluenimble.platform.api.ApiAccessDeniedException in project serverless by bluenimble.

the class AddFeatureSpi method execute.

@Override
public ApiOutput execute(Api api, ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
    JsonObject oFeature = (JsonObject) request.get(ApiRequest.Payload);
    ApiSpace space;
    try {
        space = MgmUtils.space(consumer, api);
    } catch (ApiAccessDeniedException e) {
        throw new ApiServiceExecutionException(e.getMessage(), e).status(ApiResponse.NOT_FOUND);
    }
    try {
        space.addFeature(Json.getString(oFeature, Spec.Name), Json.getString(oFeature, Spec.Feature), Json.getString(oFeature, ApiSpace.Features.Provider), Json.getObject(oFeature, ApiSpace.Features.Spec));
    } catch (ApiManagementException e) {
        throw new ApiServiceExecutionException(e.getMessage(), e).status(ApiResponse.BAD_REQUEST);
    }
    return new JsonApiOutput((JsonObject) new JsonObject().set(CommonOutput.Added, true));
}
Also used : ApiAccessDeniedException(com.bluenimble.platform.api.ApiAccessDeniedException) ApiSpace(com.bluenimble.platform.api.ApiSpace) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) JsonObject(com.bluenimble.platform.json.JsonObject) ApiManagementException(com.bluenimble.platform.api.ApiManagementException) JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput)

Example 24 with ApiAccessDeniedException

use of com.bluenimble.platform.api.ApiAccessDeniedException in project serverless by bluenimble.

the class AddSecretsSpi method execute.

@Override
public ApiOutput execute(Api api, ApiConsumer consumer, ApiRequest request, ApiResponse response) throws ApiServiceExecutionException {
    JsonObject oSecrets = (JsonObject) request.get(ApiRequest.Payload);
    ApiSpace space;
    try {
        space = MgmUtils.space(consumer, api);
    } catch (ApiAccessDeniedException e) {
        throw new ApiServiceExecutionException(e.getMessage(), e).status(ApiResponse.NOT_FOUND);
    }
    try {
        space.addSecrets((String) request.get(Spec.Name), oSecrets);
    } catch (ApiManagementException e) {
        throw new ApiServiceExecutionException(e.getMessage(), e).status(ApiResponse.BAD_REQUEST);
    }
    return new JsonApiOutput((JsonObject) new JsonObject().set(CommonOutput.Added, true));
}
Also used : ApiAccessDeniedException(com.bluenimble.platform.api.ApiAccessDeniedException) ApiSpace(com.bluenimble.platform.api.ApiSpace) ApiServiceExecutionException(com.bluenimble.platform.api.ApiServiceExecutionException) JsonObject(com.bluenimble.platform.json.JsonObject) ApiManagementException(com.bluenimble.platform.api.ApiManagementException) JsonApiOutput(com.bluenimble.platform.api.impls.JsonApiOutput)

Example 25 with ApiAccessDeniedException

use of com.bluenimble.platform.api.ApiAccessDeniedException in project serverless by bluenimble.

the class KeyStoreAwareApiSpi method findConsumer.

@Override
public void findConsumer(Api api, ApiService service, ApiRequest request, ApiConsumer consumer) throws ApiAuthenticationException {
    String accessKey = (String) consumer.get(ApiConsumer.Fields.AccessKey);
    if ("container".equals(request.getChannel())) {
        consumer.override((ApiConsumer) request.get(ApiRequest.Consumer));
        return;
    }
    if (!MgmUtils.isSecure(service)) {
        if (root.accessKey().equals(accessKey)) {
            consumer.set(ApiConsumer.Fields.SecretKey, root.secretKey());
            consumer.set(ApiConsumer.Fields.ExpiryDate, root.expiryDate());
            consumer.set(CommonSpec.Role, Role.SUPER.name());
        }
        return;
    }
    if (!consumer.type().equals(Type.Signature)) {
        throw new ApiAuthenticationException("unsupported authentication scheme");
    }
    JsonArray roles = Json.getArray(service.getSecurity(), ApiService.Spec.Security.Roles);
    if (root.accessKey().equals(accessKey)) {
        if (roles == null || roles.isEmpty() || !roles.contains(Role.SUPER.name().toLowerCase())) {
            throw new ApiAuthenticationException("insuffisant permissions");
        }
        consumer.set(ApiConsumer.Fields.SecretKey, root.secretKey());
        consumer.set(ApiConsumer.Fields.ExpiryDate, root.expiryDate());
        consumer.set(CommonSpec.Role, Role.SUPER.name());
    } else {
        int indexOfDot = accessKey.indexOf(Lang.DOT);
        if (indexOfDot <= 0) {
            throw new ApiAuthenticationException("invalid accessKey");
        }
        String consumerSpaceNs = accessKey.substring(0, indexOfDot);
        accessKey = accessKey.substring(indexOfDot + 1);
        ApiSpace consumerSpace;
        try {
            consumerSpace = api.space().space(consumerSpaceNs);
        } catch (ApiAccessDeniedException e) {
            throw new ApiAuthenticationException("instance manager can't access requested space");
        }
        KeyPair skp;
        try {
            skp = consumerSpace.keystore().get(accessKey, true);
        } catch (SpaceKeyStoreException e) {
            throw new ApiAuthenticationException("instance manager can't access space keystore");
        }
        if (skp == null) {
            throw new ApiAuthenticationException("accessKey " + accessKey + " not found");
        }
        String role = (String) skp.property(CommonSpec.Role);
        if (Lang.isNullOrEmpty(role)) {
            throw new ApiAuthenticationException("no role defined for consumer");
        }
        if (roles != null && !roles.isEmpty() && !roles.contains(role.toLowerCase())) {
            throw new ApiAuthenticationException("insuffisant permissions");
        }
        consumer.set(ApiConsumer.Fields.Space, consumerSpaceNs);
        consumer.set(ApiConsumer.Fields.SecretKey, skp.secretKey());
        consumer.set(ApiConsumer.Fields.ExpiryDate, skp.expiryDate());
        Iterator<String> props = skp.properties();
        if (props != null) {
            while (props.hasNext()) {
                String p = props.next();
                consumer.set(p, skp.property(p));
            }
        }
    }
}
Also used : JsonArray(com.bluenimble.platform.json.JsonArray) ApiAccessDeniedException(com.bluenimble.platform.api.ApiAccessDeniedException) KeyPair(com.bluenimble.platform.security.KeyPair) ApiSpace(com.bluenimble.platform.api.ApiSpace) SpaceKeyStoreException(com.bluenimble.platform.security.SpaceKeyStoreException) ApiAuthenticationException(com.bluenimble.platform.api.security.ApiAuthenticationException)

Aggregations

ApiAccessDeniedException (com.bluenimble.platform.api.ApiAccessDeniedException)28 ApiServiceExecutionException (com.bluenimble.platform.api.ApiServiceExecutionException)27 ApiSpace (com.bluenimble.platform.api.ApiSpace)26 JsonApiOutput (com.bluenimble.platform.api.impls.JsonApiOutput)25 JsonObject (com.bluenimble.platform.json.JsonObject)22 Database (com.bluenimble.platform.db.Database)8 DatabaseException (com.bluenimble.platform.db.DatabaseException)8 Storage (com.bluenimble.platform.storage.Storage)6 StorageException (com.bluenimble.platform.storage.StorageException)6 StorageObject (com.bluenimble.platform.storage.StorageObject)6 DatabaseObject (com.bluenimble.platform.db.DatabaseObject)4 JsonArray (com.bluenimble.platform.json.JsonArray)4 Cache (com.bluenimble.platform.cache.Cache)3 KeyPair (com.bluenimble.platform.security.KeyPair)3 Folder (com.bluenimble.platform.storage.Folder)3 Api (com.bluenimble.platform.api.Api)2 ApiManagementException (com.bluenimble.platform.api.ApiManagementException)2 ApiStreamSource (com.bluenimble.platform.api.ApiStreamSource)2 Role (com.bluenimble.platform.apis.mgm.Role)2 ExchangeOption (com.bluenimble.platform.db.Database.ExchangeOption)2
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial