Search in sources :

Example 1 with CredentialedUser

use of com.google.cloud.tools.intellij.login.CredentialedUser in project google-cloud-intellij by GoogleCloudPlatform.

the class CloudApiManager method enableApis.

/**
 * Enables the supplied set of {@link CloudLibrary CloudLibraries} on GCP.
 *
 * <p>Configures the {@link ProgressIndicator} to display the progress of the tasks. Also notifies
 * the user of the success / failure of API enablement via messages on the event log.
 *
 * @param libraries the set of {@link CloudLibrary CloudLibraries} to enable on GCP
 * @param cloudProject the {@link CloudProject} on which to enable the APIs
 * @param project the currently open IntelliJ {@link Project}
 */
static void enableApis(Set<CloudLibrary> libraries, CloudProject cloudProject, Project project) {
    Optional<CredentialedUser> user = Services.getLoginService().getLoggedInUser(cloudProject.googleUsername());
    if (!user.isPresent()) {
        LOG.error("Cannot enable APIs: logged in user not found.");
        return;
    }
    List<CloudLibrary> libraryList = new ArrayList<>(libraries);
    Set<CloudLibrary> enabledApis = Sets.newHashSet();
    Set<CloudLibrary> erroredApis = Sets.newHashSet();
    for (int i = 0; i < libraryList.size(); i++) {
        CloudLibrary library = libraryList.get(i);
        try {
            ProgressIndicator progress = ProgressManager.getInstance().getProgressIndicator();
            if (progress.isCanceled()) {
                LOG.info("API enablement canceled by user");
                notifyApiEnableSkipped(Sets.difference(libraries, enabledApis), project);
                return;
            }
            updateProgress(progress, GctBundle.message("cloud.apis.enable.progress.message", library.getName(), cloudProject.projectName()), (double) i / libraryList.size());
            enableApi(library, cloudProject, user.get());
            enabledApis.add(library);
        } catch (IOException e) {
            LOG.warn("Exception occurred attempting to enable API " + library.getName() + " on GCP", e);
            erroredApis.add(library);
        }
    }
    if (!erroredApis.isEmpty()) {
        notifyApiEnableError(erroredApis, project);
    }
    if (!enabledApis.isEmpty()) {
        notifyApisEnabled(enabledApis, cloudProject.projectId(), project);
    }
}
Also used : ProgressIndicator(com.intellij.openapi.progress.ProgressIndicator) CloudLibrary(com.google.cloud.tools.libraries.json.CloudLibrary) ArrayList(java.util.ArrayList) CredentialedUser(com.google.cloud.tools.intellij.login.CredentialedUser) IOException(java.io.IOException)

Example 2 with CredentialedUser

use of com.google.cloud.tools.intellij.login.CredentialedUser in project google-cloud-intellij by GoogleCloudPlatform.

the class CloudApiManager method getServiceAccountRoles.

/**
 * Fetches the list of {@link Role} for the supplied {@link CloudProject} by querying the Iam API.
 */
static List<Role> getServiceAccountRoles(CloudProject cloudProject) {
    Optional<CredentialedUser> user = Services.getLoginService().getLoggedInUser(cloudProject.googleUsername());
    if (!user.isPresent()) {
        LOG.error("Cannot fetch service account roles: logged in user not found.");
        return ImmutableList.of();
    }
    Iam iam = GoogleApiClientFactory.getInstance().getIamClient(user.get().getCredential());
    try {
        return iam.roles().list().execute().getRoles();
    } catch (IOException e) {
        LOG.warn("Exception occurred attempting to fetch service account roles");
        return ImmutableList.of();
    }
}
Also used : Iam(com.google.api.services.iam.v1.Iam) CredentialedUser(com.google.cloud.tools.intellij.login.CredentialedUser) IOException(java.io.IOException)

Example 3 with CredentialedUser

use of com.google.cloud.tools.intellij.login.CredentialedUser in project google-cloud-intellij by GoogleCloudPlatform.

the class CloudApiManager method addRolesToServiceAccount.

/**
 * Adds a set of {@link Role roles} to a {@link ServiceAccount}.
 *
 * <p>This is done by fetching the cloud project's existing IAM Policy, adding the new roles to
 * the given service account, and then writing the updated policy back to the cloud project.
 *
 * @param user the current {@link CredentialedUser}
 * @param serviceAccount the {@link ServiceAccount} to which to add roles
 * @param roles the set of {@link Role} to be added to the service account
 * @param cloudProject the current {@link CloudProject}
 * @throws IOException if the API call fails to update the IAM policy
 */
private static void addRolesToServiceAccount(CredentialedUser user, ServiceAccount serviceAccount, Set<Role> roles, CloudProject cloudProject) throws IOException {
    CloudResourceManager resourceManager = GoogleApiClientFactory.getInstance().getCloudResourceManagerClient(user.getCredential());
    Policy existingPolicy = resourceManager.projects().getIamPolicy(cloudProject.projectId(), new GetIamPolicyRequest()).execute();
    List<Binding> bindings = Lists.newArrayList(existingPolicy.getBindings());
    List<Binding> additionalBindings = roles.stream().map(role -> {
        Binding binding = new Binding();
        binding.setRole(role.getName());
        binding.setMembers(createServiceAccountMemberBindings(serviceAccount));
        return binding;
    }).collect(Collectors.toList());
    bindings.addAll(additionalBindings);
    SetIamPolicyRequest policyRequest = new SetIamPolicyRequest();
    Policy newPolicy = new Policy();
    newPolicy.setBindings(bindings);
    policyRequest.setPolicy(newPolicy);
    resourceManager.projects().setIamPolicy(cloudProject.projectId(), policyRequest).execute();
}
Also used : Policy(com.google.api.services.cloudresourcemanager.model.Policy) Binding(com.google.api.services.cloudresourcemanager.model.Binding) ServiceAccountKey(com.google.api.services.iam.v1.model.ServiceAccountKey) ZonedDateTime(java.time.ZonedDateTime) Binding(com.google.api.services.cloudresourcemanager.model.Binding) Role(com.google.api.services.iam.v1.model.Role) CloudProject(com.google.cloud.tools.intellij.project.CloudProject) Logger(com.intellij.openapi.diagnostic.Logger) Path(java.nio.file.Path) ProgressManager(com.intellij.openapi.progress.ProgressManager) CloudLibrary(com.google.cloud.tools.libraries.json.CloudLibrary) Set(java.util.Set) EnableServiceRequest(com.google.api.services.servicemanagement.model.EnableServiceRequest) GoogleApiClientFactory(com.google.cloud.tools.intellij.resources.GoogleApiClientFactory) Collectors(java.util.stream.Collectors) Sets(com.google.common.collect.Sets) NotificationType(com.intellij.notification.NotificationType) Notification(com.intellij.notification.Notification) ProgressIndicator(com.intellij.openapi.progress.ProgressIndicator) List(java.util.List) ServiceManager(com.intellij.openapi.components.ServiceManager) Services(com.google.cloud.tools.intellij.login.Services) ApplicationManager(com.intellij.openapi.application.ApplicationManager) Optional(java.util.Optional) ServiceManagement(com.google.api.services.servicemanagement.ServiceManagement) Pattern(java.util.regex.Pattern) SetIamPolicyRequest(com.google.api.services.cloudresourcemanager.model.SetIamPolicyRequest) NotificationDisplayType(com.intellij.notification.NotificationDisplayType) ServiceAccount(com.google.api.services.iam.v1.model.ServiceAccount) ArrayList(java.util.ArrayList) GetIamPolicyRequest(com.google.api.services.cloudresourcemanager.model.GetIamPolicyRequest) CloudResourceManager(com.google.api.services.cloudresourcemanager.CloudResourceManager) Lists(com.google.common.collect.Lists) ImmutableList(com.google.common.collect.ImmutableList) PropertiesFileFlagReader(com.google.cloud.tools.intellij.flags.PropertiesFileFlagReader) NotificationGroup(com.intellij.notification.NotificationGroup) CredentialedUser(com.google.cloud.tools.intellij.login.CredentialedUser) CreateServiceAccountKeyRequest(com.google.api.services.iam.v1.model.CreateServiceAccountKeyRequest) Project(com.intellij.openapi.project.Project) GctBundle(com.google.cloud.tools.intellij.util.GctBundle) DialogManager(git4idea.DialogManager) Policy(com.google.api.services.cloudresourcemanager.model.Policy) Base64(com.google.api.client.util.Base64) Files(java.nio.file.Files) GctTracking(com.google.cloud.tools.intellij.analytics.GctTracking) IOException(java.io.IOException) UsageTrackerProvider(com.google.cloud.tools.intellij.analytics.UsageTrackerProvider) Paths(java.nio.file.Paths) CreateServiceAccountRequest(com.google.api.services.iam.v1.model.CreateServiceAccountRequest) DateTimeFormatter(java.time.format.DateTimeFormatter) Iam(com.google.api.services.iam.v1.Iam) GoogleCloudCoreIcons(com.google.cloud.tools.intellij.GoogleCloudCoreIcons) CloudResourceManager(com.google.api.services.cloudresourcemanager.CloudResourceManager) SetIamPolicyRequest(com.google.api.services.cloudresourcemanager.model.SetIamPolicyRequest) GetIamPolicyRequest(com.google.api.services.cloudresourcemanager.model.GetIamPolicyRequest)

Example 4 with CredentialedUser

use of com.google.cloud.tools.intellij.login.CredentialedUser in project google-cloud-intellij by GoogleCloudPlatform.

the class ProjectDebuggeeBinding method getCloudDebuggerClient.

@Nullable
private Debugger getCloudDebuggerClient() {
    CloudProject cloudProject = projectSelector.getSelectedProject();
    CredentialedUser credentialedUser = cloudProject == null ? null : Services.getLoginService().getLoggedInUser(cloudProject.googleUsername()).orElse(null);
    if (this.credentialedUser == credentialedUser) {
        return cloudDebuggerClient;
    }
    this.credentialedUser = credentialedUser;
    cloudDebuggerClient = this.credentialedUser != null ? CloudDebuggerClient.getLongTimeoutClient(this.credentialedUser.getEmail()) : null;
    return cloudDebuggerClient;
}
Also used : CloudProject(com.google.cloud.tools.intellij.project.CloudProject) CredentialedUser(com.google.cloud.tools.intellij.login.CredentialedUser) Nullable(org.jetbrains.annotations.Nullable)

Example 5 with CredentialedUser

use of com.google.cloud.tools.intellij.login.CredentialedUser in project google-cloud-intellij by GoogleCloudPlatform.

the class GoogleLoginAction method update.

@Override
public void update(AnActionEvent e) {
    Presentation presentation = e.getPresentation();
    CredentialedUser activeUser = Services.getLoginService().getActiveUser();
    if (activeUser == null) {
        presentation.setText(SIGN_IN_MESSAGE);
    } else {
        presentation.setText(activeUser.getEmail());
    }
    presentation.setIcon(GoogleLoginIcons.getScaledUserIcon(ICON_SIZE, activeUser));
}
Also used : CredentialedUser(com.google.cloud.tools.intellij.login.CredentialedUser) Presentation(com.intellij.openapi.actionSystem.Presentation)

Aggregations

CredentialedUser (com.google.cloud.tools.intellij.login.CredentialedUser)31 IOException (java.io.IOException)9 GoogleLoginState (com.google.gdt.eclipse.login.common.GoogleLoginState)6 Nullable (org.jetbrains.annotations.Nullable)6 IntegratedGoogleLoginService (com.google.cloud.tools.intellij.login.IntegratedGoogleLoginService)5 CloudProject (com.google.cloud.tools.intellij.project.CloudProject)5 LinkedHashMap (java.util.LinkedHashMap)5 Credential (com.google.api.client.auth.oauth2.Credential)4 ProgressIndicator (com.intellij.openapi.progress.ProgressIndicator)4 ArrayList (java.util.ArrayList)3 GoogleNetHttpTransport (com.google.api.client.googleapis.javanet.GoogleNetHttpTransport)2 HttpHeaders (com.google.api.client.http.HttpHeaders)2 HttpRequestInitializer (com.google.api.client.http.HttpRequestInitializer)2 HttpTransport (com.google.api.client.http.HttpTransport)2 CloudResourceManager (com.google.api.services.cloudresourcemanager.CloudResourceManager)2 Iam (com.google.api.services.iam.v1.Iam)2 ServiceAccount (com.google.api.services.iam.v1.model.ServiceAccount)2 ServiceAccountKey (com.google.api.services.iam.v1.model.ServiceAccountKey)2 GoogleApiClientFactory (com.google.cloud.tools.intellij.resources.GoogleApiClientFactory)2 PluginInfoService (com.google.cloud.tools.intellij.service.PluginInfoService)2