Example 1 with StopInstanceRequest
use of com.google.api.services.notebooks.v1.model.StopInstanceRequest in project terra-workspace-manager by DataBiosphere.
the class PrivateControlledAiNotebookInstanceLifecycle method doUserJourney.
@Override
@SuppressFBWarnings(value = "DLS_DEAD_LOCAL_STORE")
protected void doUserJourney(TestUserSpecification testUser, WorkspaceApi workspaceApi) throws Exception {
CloudContextMaker.createGcpCloudContext(getWorkspaceId(), workspaceApi);
workspaceApi.grantRole(new GrantRoleRequestBody().memberEmail(resourceUser.userEmail), getWorkspaceId(), IamRole.WRITER);
workspaceApi.grantRole(new GrantRoleRequestBody().memberEmail(otherWorkspaceUser.userEmail), getWorkspaceId(), IamRole.WRITER);
ControlledGcpResourceApi resourceUserApi = ClientTestUtils.getControlledGcpResourceClient(resourceUser, server);
CreatedControlledGcpAiNotebookInstanceResult creationResult = NotebookUtils.makeControlledNotebookUserPrivate(getWorkspaceId(), instanceId, /*location=*/
null, resourceUserApi);
UUID resourceId = creationResult.getAiNotebookInstance().getMetadata().getResourceId();
GcpAiNotebookInstanceResource resource = resourceUserApi.getAiNotebookInstance(getWorkspaceId(), resourceId);
assertEquals(instanceId, resource.getAttributes().getInstanceId(), "Notebook instance id is correct in GET response from WSM");
assertEquals(instanceId, creationResult.getAiNotebookInstance().getAttributes().getInstanceId(), "Notebook instance id is correct in create response from WSM");
assertEquals(resourceUser.userEmail, resource.getMetadata().getControlledResourceMetadata().getPrivateResourceUser().getUserName(), "User is the private user of the notebook");
assertEquals("us-central1-a", resource.getAttributes().getLocation(), "The notebook uses the default location because location is not specified.");
createAControlledAiNotebookInstanceWithoutSpecifiedInstanceId_validInstanceIdIsGenerated(resourceUserApi);
createAControlledAiNotebookInstanceWithoutSpecifiedInstanceId_specifyLocation(resourceUserApi);
String instanceName = String.format("projects/%s/locations/%s/instances/%s", resource.getAttributes().getProjectId(), resource.getAttributes().getLocation(), resource.getAttributes().getInstanceId());
AIPlatformNotebooks userNotebooks = ClientTestUtils.getAIPlatformNotebooksClient(resourceUser);
assertTrue(NotebookUtils.userHasProxyAccess(creationResult, resourceUser, resource.getAttributes().getProjectId()), "Private resource user has access to their notebook");
assertFalse(NotebookUtils.userHasProxyAccess(creationResult, otherWorkspaceUser, resource.getAttributes().getProjectId()), "Other workspace user does not have access to a private notebook");
// The user should be able to stop their notebook.
userNotebooks.projects().locations().instances().stop(instanceName, new StopInstanceRequest());
// The user should not be able to directly delete their notebook.
GoogleJsonResponseException directDeleteForbidden = assertThrows(GoogleJsonResponseException.class, () -> userNotebooks.projects().locations().instances().delete(instanceName).execute());
assertEquals(HttpStatus.SC_FORBIDDEN, directDeleteForbidden.getStatusCode(), "User may not delete notebook directly on GCP");
// Any workspace user should be able to enumerate all created notebooks, even though they can't
// read or write them.
ResourceApi otherUserApi = ClientTestUtils.getResourceClient(otherWorkspaceUser, server);
ResourceList notebookList = otherUserApi.enumerateResources(getWorkspaceId(), 0, 5, ResourceType.AI_NOTEBOOK, StewardshipType.CONTROLLED);
assertEquals(3, notebookList.getResources().size());
MultiResourcesUtils.assertResourceType(ResourceType.AI_NOTEBOOK, notebookList);
// Delete the AI Notebook through WSM.
DeleteControlledGcpAiNotebookInstanceResult deleteResult = resourceUserApi.deleteAiNotebookInstance(new DeleteControlledGcpAiNotebookInstanceRequest().jobControl(new JobControl().id(UUID.randomUUID().toString())), getWorkspaceId(), resourceId);
String deleteJobId = deleteResult.getJobReport().getId();
deleteResult = ClientTestUtils.pollWhileRunning(deleteResult, () -> resourceUserApi.getDeleteAiNotebookInstanceResult(getWorkspaceId(), deleteJobId), DeleteControlledGcpAiNotebookInstanceResult::getJobReport, Duration.ofSeconds(10));
ClientTestUtils.assertJobSuccess("delete ai notebook", deleteResult.getJobReport(), deleteResult.getErrorReport());
// Verify the notebook was deleted from WSM metadata.
ApiException notebookIsMissing = assertThrows(ApiException.class, () -> resourceUserApi.getAiNotebookInstance(getWorkspaceId(), resourceId), "Notebook is deleted from WSM");
assertEquals(HttpStatus.SC_NOT_FOUND, notebookIsMissing.getCode(), "Error from WSM is 404");
// Verify the notebook was deleted from GCP.
GoogleJsonResponseException notebookNotFound = assertThrows(GoogleJsonResponseException.class, () -> userNotebooks.projects().locations().instances().get(instanceName).execute(), "Notebook is deleted from GCP");
// GCP may respond with either 403 or 404 depending on how quickly this is called after deleting
// the notebook. Either response is valid in this case.
assertThat("Error from GCP is 403 or 404", notebookNotFound.getStatusCode(), anyOf(equalTo(HttpStatus.SC_NOT_FOUND), equalTo(HttpStatus.SC_FORBIDDEN)));
}
Also used :
GrantRoleRequestBody(bio.terra.workspace.model.GrantRoleRequestBody)
CreatedControlledGcpAiNotebookInstanceResult(bio.terra.workspace.model.CreatedControlledGcpAiNotebookInstanceResult)
DeleteControlledGcpAiNotebookInstanceRequest(bio.terra.workspace.model.DeleteControlledGcpAiNotebookInstanceRequest)
DeleteControlledGcpAiNotebookInstanceResult(bio.terra.workspace.model.DeleteControlledGcpAiNotebookInstanceResult)
JobControl(bio.terra.workspace.model.JobControl)
AIPlatformNotebooks(com.google.api.services.notebooks.v1.AIPlatformNotebooks)
GcpAiNotebookInstanceResource(bio.terra.workspace.model.GcpAiNotebookInstanceResource)
StopInstanceRequest(com.google.api.services.notebooks.v1.model.StopInstanceRequest)
GoogleJsonResponseException(com.google.api.client.googleapis.json.GoogleJsonResponseException)
ControlledGcpResourceApi(bio.terra.workspace.api.ControlledGcpResourceApi)
ResourceApi(bio.terra.workspace.api.ResourceApi)
ResourceList(bio.terra.workspace.model.ResourceList)
ControlledGcpResourceApi(bio.terra.workspace.api.ControlledGcpResourceApi)
UUID(java.util.UUID)
ApiException(bio.terra.workspace.client.ApiException)
SuppressFBWarnings(edu.umd.cs.findbugs.annotations.SuppressFBWarnings)
Aggregations
ControlledGcpResourceApi (bio.terra.workspace.api.ControlledGcpResourceApi)1
ResourceApi (bio.terra.workspace.api.ResourceApi)1
ApiException (bio.terra.workspace.client.ApiException)1
CreatedControlledGcpAiNotebookInstanceResult (bio.terra.workspace.model.CreatedControlledGcpAiNotebookInstanceResult)1
DeleteControlledGcpAiNotebookInstanceRequest (bio.terra.workspace.model.DeleteControlledGcpAiNotebookInstanceRequest)1
DeleteControlledGcpAiNotebookInstanceResult (bio.terra.workspace.model.DeleteControlledGcpAiNotebookInstanceResult)1
GcpAiNotebookInstanceResource (bio.terra.workspace.model.GcpAiNotebookInstanceResource)1
GrantRoleRequestBody (bio.terra.workspace.model.GrantRoleRequestBody)1
JobControl (bio.terra.workspace.model.JobControl)1
ResourceList (bio.terra.workspace.model.ResourceList)1
GoogleJsonResponseException (com.google.api.client.googleapis.json.GoogleJsonResponseException)1
AIPlatformNotebooks (com.google.api.services.notebooks.v1.AIPlatformNotebooks)1
StopInstanceRequest (com.google.api.services.notebooks.v1.model.StopInstanceRequest)1
SuppressFBWarnings (edu.umd.cs.findbugs.annotations.SuppressFBWarnings)1
UUID (java.util.UUID)1
