use of com.netflix.spinnaker.front50.api.model.pipeline.Pipeline in project front50 by spinnaker.
the class StrategyController method update.
@PreAuthorize("hasPermission(#strategy.application, 'APPLICATION', 'WRITE')")
@RequestMapping(value = "/{id}", method = RequestMethod.PUT)
public Pipeline update(@PathVariable final String id, @RequestBody final Pipeline strategy) {
Pipeline existingStrategy = pipelineStrategyDAO.findById(id);
if (!strategy.getId().equals(existingStrategy.getId())) {
throw new InvalidRequestException(format("The provided id '%s' doesn't match the strategy id '%s'", id, strategy.getId()));
}
boolean alreadyExists = pipelineStrategyDAO.getPipelinesByApplication(strategy.getApplication()).stream().anyMatch(it -> it.getName().equalsIgnoreCase(strategy.getName()) && !it.getId().equals(id));
if (alreadyExists) {
throw new DuplicateEntityException(format("A strategy with name '%s' already exists in application '%s'", strategy.getName(), strategy.getApplication()));
}
strategy.setLastModified(System.currentTimeMillis());
pipelineStrategyDAO.update(id, strategy);
return strategy;
}
use of com.netflix.spinnaker.front50.api.model.pipeline.Pipeline in project front50 by spinnaker.
the class V2PipelineTemplateController method getDependentConfigs.
@VisibleForTesting
List<String> getDependentConfigs(String templateId) {
List<String> dependentConfigIds = new ArrayList<>();
String prefixedId = SPINNAKER_PREFIX + templateId;
pipelineDAO.all().stream().filter(pipeline -> pipeline.getType() != null && pipeline.getType().equals(TYPE_TEMPLATED)).forEach(templatedPipeline -> {
String source;
try {
TemplateConfiguration config = objectMapper.convertValue(templatedPipeline.getConfig(), TemplateConfiguration.class);
source = config.getPipeline().getTemplate().getSource();
} catch (Exception e) {
return;
}
if (source != null && source.equalsIgnoreCase(prefixedId)) {
dependentConfigIds.add(templatedPipeline.getId());
}
});
return dependentConfigIds;
}
use of com.netflix.spinnaker.front50.api.model.pipeline.Pipeline in project front50 by spinnaker.
the class AuthorizationSupport method hasRunAsUserPermission.
public boolean hasRunAsUserPermission(final Pipeline pipeline) {
List<String> runAsUsers = Optional.ofNullable(pipeline.getTriggers()).map(triggers -> triggers.stream().map(it -> (String) it.get("runAsUser")).filter(Objects::nonNull).collect(Collectors.toList())).orElse(Collections.emptyList());
if (runAsUsers.isEmpty()) {
return true;
}
final Authentication auth = SecurityContextHolder.getContext().getAuthentication();
return runAsUsers.stream().noneMatch(runAsUser -> {
if (!userCanAccessServiceAccount(auth, runAsUser)) {
log.error("User {} does not have access to service account {}", Optional.ofNullable(auth).map(Authentication::getPrincipal).orElse("unknown"), runAsUser);
return true;
}
if (!serviceAccountCanAccessApplication(runAsUser, pipeline.getApplication())) {
log.error("Service account {} does not have access to application {}", runAsUser, pipeline.getApplication());
return true;
}
return false;
});
}
Aggregations