Search in sources :

Example 1 with NotFoundException

use of com.mercedesbenz.sechub.sharedkernel.error.NotFoundException in project sechub by mercedes-benz.

the class ProjectCreationService method createProject.

@Validated
/* @formatter:off */
@UseCaseAdminCreatesProject(@Step(number = 2, name = "Create project", description = "The service will create the project when not already existing with such name."))
public /* @formatter:on */
void createProject(@NotNull String projectId, @NotNull String description, @NotNull String owner, @NotNull Set<URI> whitelist, @NotNull ProjectMetaData metaData) {
    LOG.info("Administrator {} triggers create of project:{}, having owner:{}", userContext.getUserId(), projectId, owner);
    assertion.assertIsValidProjectId(projectId);
    assertion.assertIsValidUserId(owner);
    assertion.assertIsValidProjectDescription(description);
    /* assert found */
    Optional<Project> foundProject = projectRepository.findById(projectId);
    if (foundProject.isPresent()) {
        throw new AlreadyExistsException("Project '" + projectId + "' already exists");
    }
    Optional<User> foundOwner = userRepository.findById(owner);
    if (!foundOwner.isPresent()) {
        throw new NotFoundException("Owner '" + owner + "' not found");
    }
    /* setup */
    Project project = new Project();
    project.id = projectId;
    project.description = description;
    User ownerUser = foundOwner.get();
    project.owner = ownerUser;
    /**
     * add only accepted/valid URIs - sanitize
     */
    whitelist.stream().filter(uri -> uriValidation.validate(uri).isValid()).forEach(project.getWhiteList()::add);
    List<ProjectMetaDataEntity> metaDataEntities = metaData.getMetaDataMap().entrySet().stream().map(entry -> new ProjectMetaDataEntity(projectId, entry.getKey(), entry.getValue())).collect(Collectors.toList());
    project.metaData.addAll(metaDataEntities);
    /* store */
    persistenceService.saveInOwnTransaction(project);
    sendProjectCreatedEvent(projectId, whitelist);
    sendRefreshUserAuth(ownerUser);
}
Also used : RolesAllowed(javax.annotation.security.RolesAllowed) LoggerFactory(org.slf4j.LoggerFactory) Autowired(org.springframework.beans.factory.annotation.Autowired) User(com.mercedesbenz.sechub.domain.administration.user.User) MessageID(com.mercedesbenz.sechub.sharedkernel.messaging.MessageID) ProjectMessage(com.mercedesbenz.sechub.sharedkernel.messaging.ProjectMessage) DomainMessage(com.mercedesbenz.sechub.sharedkernel.messaging.DomainMessage) Service(org.springframework.stereotype.Service) NotFoundException(com.mercedesbenz.sechub.sharedkernel.error.NotFoundException) Step(com.mercedesbenz.sechub.sharedkernel.Step) URI(java.net.URI) AlreadyExistsException(com.mercedesbenz.sechub.sharedkernel.error.AlreadyExistsException) MessageDataKeys(com.mercedesbenz.sechub.sharedkernel.messaging.MessageDataKeys) UserRepository(com.mercedesbenz.sechub.domain.administration.user.UserRepository) DomainMessageFactory(com.mercedesbenz.sechub.sharedkernel.messaging.DomainMessageFactory) UseCaseAdminCreatesProject(com.mercedesbenz.sechub.sharedkernel.usecases.admin.project.UseCaseAdminCreatesProject) UserInputAssertion(com.mercedesbenz.sechub.sharedkernel.validation.UserInputAssertion) Validated(org.springframework.validation.annotation.Validated) Logger(org.slf4j.Logger) UserContextService(com.mercedesbenz.sechub.sharedkernel.UserContextService) Set(java.util.Set) URIValidation(com.mercedesbenz.sechub.sharedkernel.validation.URIValidation) RoleConstants(com.mercedesbenz.sechub.sharedkernel.RoleConstants) NotNull(javax.validation.constraints.NotNull) Collectors(java.util.stream.Collectors) IsSendingAsyncMessage(com.mercedesbenz.sechub.sharedkernel.messaging.IsSendingAsyncMessage) List(java.util.List) DomainMessageService(com.mercedesbenz.sechub.sharedkernel.messaging.DomainMessageService) ProjectMetaData(com.mercedesbenz.sechub.domain.administration.project.ProjectJsonInput.ProjectMetaData) Optional(java.util.Optional) UseCaseAdminCreatesProject(com.mercedesbenz.sechub.sharedkernel.usecases.admin.project.UseCaseAdminCreatesProject) User(com.mercedesbenz.sechub.domain.administration.user.User) AlreadyExistsException(com.mercedesbenz.sechub.sharedkernel.error.AlreadyExistsException) NotFoundException(com.mercedesbenz.sechub.sharedkernel.error.NotFoundException) Validated(org.springframework.validation.annotation.Validated) UseCaseAdminCreatesProject(com.mercedesbenz.sechub.sharedkernel.usecases.admin.project.UseCaseAdminCreatesProject)

Example 2 with NotFoundException

use of com.mercedesbenz.sechub.sharedkernel.error.NotFoundException in project sechub by mercedes-benz.

the class ProjectDetailChangeServiceTest method change_description_but_project_does_not_exist.

@Test
public void change_description_but_project_does_not_exist() {
    /* prepare */
    String json = "{\"description\": \"new\"}";
    when(projectRepository.findOrFailProject("project2")).thenThrow(new NotFoundException());
    /* execute + test */
    assertThrows(NotFoundException.class, () -> {
        ProjectJsonInput withNewDescription = new ProjectJsonInput();
        withNewDescription = withNewDescription.fromJSON(json);
        serviceToTest.changeProjectDescription("project2", withNewDescription);
    });
}
Also used : NotFoundException(com.mercedesbenz.sechub.sharedkernel.error.NotFoundException) Test(org.junit.Test)

Example 3 with NotFoundException

use of com.mercedesbenz.sechub.sharedkernel.error.NotFoundException in project sechub by mercedes-benz.

the class IntegrationTestSchedulerService method revertJobAsStillRunning.

/**
 * Reverts/Marks given job as still running - will reset result, state, end
 * timestamp and traffic light
 *
 * @param sechubJobUUID
 */
public void revertJobAsStillRunning(UUID sechubJobUUID) {
    Optional<ScheduleSecHubJob> found = repository.findById(sechubJobUUID);
    if (!found.isPresent()) {
        throw new NotFoundException("Job not found!");
    }
    ScheduleSecHubJob job = found.get();
    job.setExecutionResult(ExecutionResult.NONE);
    job.setExecutionState(ExecutionState.STARTED);
    job.setEnded(null);
    job.setTrafficLight(null);
    repository.save(job);
}
Also used : NotFoundException(com.mercedesbenz.sechub.sharedkernel.error.NotFoundException) ScheduleSecHubJob(com.mercedesbenz.sechub.domain.schedule.job.ScheduleSecHubJob)

Example 4 with NotFoundException

use of com.mercedesbenz.sechub.sharedkernel.error.NotFoundException in project sechub by mercedes-benz.

the class ScheduleUserAccessToProjectValidationService method assertUserHasAccessToProject.

/**
 * Assert user logged in has access to project
 *
 * @param projectId
 */
public void assertUserHasAccessToProject(String projectId) {
    if (userContextService.isSuperAdmin()) {
        if (!accessRepository.hasProjectUserAccess(projectId)) {
            throw new NotFoundException("Project " + projectId + " does not exist, or no user has access at all.");
        }
        return;
    }
    String userId = userContextService.getUserId();
    ProjectAccessCompositeKey key = new ProjectAccessCompositeKey(userId, projectId);
    Optional<ScheduleAccess> scheduleAccess = accessRepository.findById(key);
    if (!scheduleAccess.isPresent()) {
        securityLogService.log(SecurityLogType.POTENTIAL_INTRUSION, "Denied user access in domain 'schedule'. userId={},projectId={}", userId, logSanitizer.sanitize(projectId, 30));
        // bad guys they got a target...
        throw new NotFoundException("Project " + projectId + " does not exist, or you have no access.");
    }
}
Also used : NotFoundException(com.mercedesbenz.sechub.sharedkernel.error.NotFoundException) ProjectAccessCompositeKey(com.mercedesbenz.sechub.domain.schedule.access.ScheduleAccess.ProjectAccessCompositeKey)

Example 5 with NotFoundException

use of com.mercedesbenz.sechub.sharedkernel.error.NotFoundException in project sechub by mercedes-benz.

the class ScanUserAccessToProjectValidationService method assertUserHasAccessToProject.

/**
 * Assert user logged in has access to project
 *
 * @param projectId
 */
public void assertUserHasAccessToProject(String projectId) {
    if (userContextService.isSuperAdmin()) {
        /* a super admin has always access */
        return;
    }
    String userId = userContextService.getUserId();
    ProjectAccessCompositeKey key = new ProjectAccessCompositeKey(userId, projectId);
    Optional<ScanAccess> project = accessRepository.findById(key);
    if (!project.isPresent()) {
        securityLogService.log(SecurityLogType.POTENTIAL_INTRUSION, "Denied user access in domain 'scan'. userId={},projectId={}", userId, logSanitizer.sanitize(projectId, 30));
        // bad guys they got a target...
        throw new NotFoundException("Project " + projectId + " does not exist, or you have no access.");
    }
}
Also used : NotFoundException(com.mercedesbenz.sechub.sharedkernel.error.NotFoundException) ProjectAccessCompositeKey(com.mercedesbenz.sechub.domain.scan.access.ScanAccess.ProjectAccessCompositeKey)

Aggregations

NotFoundException (com.mercedesbenz.sechub.sharedkernel.error.NotFoundException)12 ScheduleSecHubJob (com.mercedesbenz.sechub.domain.schedule.job.ScheduleSecHubJob)3 AlreadyExistsException (com.mercedesbenz.sechub.sharedkernel.error.AlreadyExistsException)2 Test (org.junit.Test)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 SecHubRuntimeException (com.mercedesbenz.sechub.commons.model.SecHubRuntimeException)1 ProjectMetaData (com.mercedesbenz.sechub.domain.administration.project.ProjectJsonInput.ProjectMetaData)1 User (com.mercedesbenz.sechub.domain.administration.user.User)1 UserRepository (com.mercedesbenz.sechub.domain.administration.user.UserRepository)1 ProjectAccessCompositeKey (com.mercedesbenz.sechub.domain.scan.access.ScanAccess.ProjectAccessCompositeKey)1 ProductResult (com.mercedesbenz.sechub.domain.scan.product.ProductResult)1 ScanReport (com.mercedesbenz.sechub.domain.scan.report.ScanReport)1 ScanSecHubReport (com.mercedesbenz.sechub.domain.scan.report.ScanSecHubReport)1 ProjectAccessCompositeKey (com.mercedesbenz.sechub.domain.schedule.access.ScheduleAccess.ProjectAccessCompositeKey)1 RoleConstants (com.mercedesbenz.sechub.sharedkernel.RoleConstants)1 Step (com.mercedesbenz.sechub.sharedkernel.Step)1 UserContextService (com.mercedesbenz.sechub.sharedkernel.UserContextService)1 DomainMessage (com.mercedesbenz.sechub.sharedkernel.messaging.DomainMessage)1 DomainMessageFactory (com.mercedesbenz.sechub.sharedkernel.messaging.DomainMessageFactory)1 DomainMessageService (com.mercedesbenz.sechub.sharedkernel.messaging.DomainMessageService)1