Examples with ResourceId com.google.api.services.cloudresourcemanager.model.ResourceId used on opensource projects

Search in sources :

Example 1 with ResourceId

use of com.google.api.services.cloudresourcemanager.model.ResourceId in project workbench by all-of-us.

the class CloudTaskUserControllerTest method testBulkProjectAudit.

@Test
public void testBulkProjectAudit() throws Exception {
    doReturn(ImmutableList.of()).when(mockCloudResourceManagerService).getAllProjectsForUser(userA);
    doReturn(ImmutableList.of(new Project().setName("aou-rw-test-123").setParent(new ResourceId().setType("folder").setId("123")))).when(mockCloudResourceManagerService).getAllProjectsForUser(userB);
    controller.auditProjectAccess(new AuditProjectAccessRequest().addUserIdsItem(userA.getUserId()).addUserIdsItem(userB.getUserId()));
    verify(mockCloudResourceManagerService, times(2)).getAllProjectsForUser(any());
}
Also used : Project(com.google.api.services.cloudresourcemanager.model.Project) ResourceId(com.google.api.services.cloudresourcemanager.model.ResourceId) AuditProjectAccessRequest(org.pmiops.workbench.model.AuditProjectAccessRequest) DataJpaTest(org.springframework.boot.test.autoconfigure.orm.jpa.DataJpaTest) Test(org.junit.jupiter.api.Test)

Example 2 with ResourceId

use of com.google.api.services.cloudresourcemanager.model.ResourceId in project workbench by all-of-us.

the class CloudTaskUserController method auditProjectAccess.

@Override
public ResponseEntity<Void> auditProjectAccess(AuditProjectAccessRequest request) {
    int errorCount = 0;
    for (long userId : request.getUserIds()) {
        DbUser user = userDao.findUserByUserId(userId);
        // TODO(RW-2062): Move to using the gcloud api for list all resources when it is available.
        try {
            List<String> unauthorizedLogs = cloudResourceManagerService.getAllProjectsForUser(user).stream().filter(project -> project.getParent() == null || !(ALLOWED_PARENT_IDS.contains(project.getParent().getId()))).map(project -> String.format("%s in %s %s", project.getName(), Optional.ofNullable(project.getParent()).map(ResourceId::getType).orElse("[type unknown]"), Optional.ofNullable(project.getParent()).map(ResourceId::getId).orElse("[id unknown]"))).collect(Collectors.toList());
            if (unauthorizedLogs.size() > 0) {
                log.warning("User " + user.getUsername() + " has access to projects: " + String.join(", ", unauthorizedLogs));
            }
        } catch (IOException e) {
            log.log(Level.SEVERE, "failed to audit project access for user " + user.getUsername(), e);
            errorCount++;
        }
    }
    if (errorCount > 0) {
        log.severe(String.format("encountered errors on %d/%d users", errorCount, request.getUserIds().size()));
        return ResponseEntity.status(HttpStatus.INTERNAL_SERVER_ERROR).build();
    }
    log.info(String.format("successfully audited %d users", request.getUserIds().size()));
    return ResponseEntity.noContent().build();
}
Also used : UserService(org.pmiops.workbench.db.dao.UserService) CloudResourceManagerService(org.pmiops.workbench.google.CloudResourceManagerService) UserDao(org.pmiops.workbench.db.dao.UserDao) ImmutableSet(com.google.common.collect.ImmutableSet) WorkbenchException(org.pmiops.workbench.exceptions.WorkbenchException) Agent(org.pmiops.workbench.actionaudit.Agent) SynchronizeUserAccessRequest(org.pmiops.workbench.model.SynchronizeUserAccessRequest) AccessModuleStatus(org.pmiops.workbench.model.AccessModuleStatus) AuditProjectAccessRequest(org.pmiops.workbench.model.AuditProjectAccessRequest) Set(java.util.Set) IOException(java.io.IOException) DbAccessModuleName(org.pmiops.workbench.db.model.DbAccessModule.DbAccessModuleName) Logger(java.util.logging.Logger) Collectors(java.util.stream.Collectors) RestController(org.springframework.web.bind.annotation.RestController) Level(java.util.logging.Level) AccessModuleService(org.pmiops.workbench.access.AccessModuleService) HttpStatus(org.springframework.http.HttpStatus) List(java.util.List) ResourceId(com.google.api.services.cloudresourcemanager.model.ResourceId) Optional(java.util.Optional) ResponseEntity(org.springframework.http.ResponseEntity) DbUser(org.pmiops.workbench.db.model.DbUser) ResourceId(com.google.api.services.cloudresourcemanager.model.ResourceId) IOException(java.io.IOException) DbUser(org.pmiops.workbench.db.model.DbUser)

Example 3 with ResourceId

use of com.google.api.services.cloudresourcemanager.model.ResourceId in project jade-data-repo by DataBiosphere.

the class GoogleResourceService method newProject.

private GoogleProjectResource newProject(GoogleProjectRequest projectRequest, String googleProjectId) throws InterruptedException {
    BillingProfile profile = profileService.getProfileById(projectRequest.getProfileId());
    logger.info("creating a new project: {}", projectRequest.getProjectId());
    if (!profile.isAccessible()) {
        throw new InaccessibleBillingAccountException("The repository needs access to this billing account " + "in order to create: " + googleProjectId);
    }
    // projects created by service accounts must live under a parent resource (either a folder or an organization)
    ResourceId parentResource = new ResourceId().setType(resourceConfiguration.getParentResourceType()).setId(resourceConfiguration.getParentResourceId());
    Project requestBody = new Project().setName(googleProjectId).setProjectId(googleProjectId).setParent(parentResource);
    try {
        // kick off a project create request and poll until it is done
        CloudResourceManager resourceManager = cloudResourceManager();
        CloudResourceManager.Projects.Create request = resourceManager.projects().create(requestBody);
        Operation operation = request.execute();
        long timeout = resourceConfiguration.getProjectCreateTimeoutSeconds();
        blockUntilResourceOperationComplete(resourceManager, operation, timeout);
        // it should be retrievable once the create operation is complete
        Project project = getProject(googleProjectId);
        if (project == null) {
            throw new GoogleResourceException("Could not get project after creation");
        }
        String googleProjectNumber = project.getProjectNumber().toString();
        GoogleProjectResource googleProjectResource = new GoogleProjectResource(projectRequest).googleProjectId(googleProjectId).googleProjectNumber(googleProjectNumber);
        setupBilling(googleProjectResource);
        enableServices(googleProjectResource);
        enableIamPermissions(googleProjectResource.getRoleIdentityMapping(), googleProjectId);
        UUID repositoryId = resourceDao.createProject(googleProjectResource);
        return googleProjectResource.repositoryId(repositoryId);
    } catch (IOException | GeneralSecurityException e) {
        throw new GoogleResourceException("Could not create project", e);
    }
}
Also used : CloudResourceManager(com.google.api.services.cloudresourcemanager.CloudResourceManager) GeneralSecurityException(java.security.GeneralSecurityException) InaccessibleBillingAccountException(bio.terra.service.resourcemanagement.exception.InaccessibleBillingAccountException) Operation(com.google.api.services.cloudresourcemanager.model.Operation) IOException(java.io.IOException) BillingProfile(bio.terra.service.resourcemanagement.BillingProfile) Project(com.google.api.services.cloudresourcemanager.model.Project) GcsProject(bio.terra.service.filedata.google.gcs.GcsProject) ResourceId(com.google.api.services.cloudresourcemanager.model.ResourceId) UUID(java.util.UUID) GoogleResourceException(bio.terra.service.resourcemanagement.exception.GoogleResourceException)

Aggregations

ResourceId (com.google.api.services.cloudresourcemanager.model.ResourceId)3 Project (com.google.api.services.cloudresourcemanager.model.Project)2 IOException (java.io.IOException)2 AuditProjectAccessRequest (org.pmiops.workbench.model.AuditProjectAccessRequest)2 GcsProject (bio.terra.service.filedata.google.gcs.GcsProject)1 BillingProfile (bio.terra.service.resourcemanagement.BillingProfile)1 GoogleResourceException (bio.terra.service.resourcemanagement.exception.GoogleResourceException)1 InaccessibleBillingAccountException (bio.terra.service.resourcemanagement.exception.InaccessibleBillingAccountException)1 CloudResourceManager (com.google.api.services.cloudresourcemanager.CloudResourceManager)1 Operation (com.google.api.services.cloudresourcemanager.model.Operation)1 ImmutableSet (com.google.common.collect.ImmutableSet)1 GeneralSecurityException (java.security.GeneralSecurityException)1 List (java.util.List)1 Optional (java.util.Optional)1 Set (java.util.Set)1 UUID (java.util.UUID)1 Level (java.util.logging.Level)1 Logger (java.util.logging.Logger)1 Collectors (java.util.stream.Collectors)1 Test (org.junit.jupiter.api.Test)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial