Search in sources :

Example 1 with CheckPermissionByAccount

use of com.sequenceiq.authorization.annotation.CheckPermissionByAccount in project cloudbreak by hortonworks.

the class AccountAuthorizationServiceTest method testCheckPermissions.

@Test
public void testCheckPermissions() {
    doNothing().when(commonPermissionCheckingUtils).checkPermissionForUser(any(), anyString());
    CheckPermissionByAccount methodAnnotation = new CheckPermissionByAccount() {

        @Override
        public Class<? extends Annotation> annotationType() {
            return CheckPermissionByAccount.class;
        }

        @Override
        public AuthorizationResourceAction action() {
            return AuthorizationResourceAction.ENVIRONMENT_WRITE;
        }
    };
    underTest.authorize(methodAnnotation, USER_CRN);
    verify(commonPermissionCheckingUtils).checkPermissionForUser(eq(AuthorizationResourceAction.ENVIRONMENT_WRITE), eq(USER_CRN));
}
Also used : CheckPermissionByAccount(com.sequenceiq.authorization.annotation.CheckPermissionByAccount) Test(org.junit.Test)

Example 2 with CheckPermissionByAccount

use of com.sequenceiq.authorization.annotation.CheckPermissionByAccount in project cloudbreak by hortonworks.

the class EventV4Controller method download.

@Override
@CheckPermissionByAccount(action = AuthorizationResourceAction.POWERUSER_ONLY)
public Response download(String name, @AccountId String accountId) {
    StructuredEventContainer events = legacyStructuredEventService.getStructuredEventsForStack(name, workspaceService.getForCurrentUser().getId());
    StreamingOutput streamingOutput = output -> {
        try (ZipOutputStream zipOutputStream = new ZipOutputStream(output)) {
            zipOutputStream.putNextEntry(new ZipEntry("struct-events.json"));
            zipOutputStream.write(JsonUtil.writeValueAsString(events).getBytes());
            zipOutputStream.closeEntry();
        }
    };
    return Response.ok(streamingOutput).header("content-disposition", "attachment; filename = struct-events.zip").build();
}
Also used : ZipOutputStream(java.util.zip.ZipOutputStream) StackView(com.sequenceiq.cloudbreak.domain.view.StackView) WorkspaceEntityType(com.sequenceiq.cloudbreak.workspace.controller.WorkspaceEntityType) StructuredEventEntity(com.sequenceiq.cloudbreak.domain.StructuredEventEntity) JsonUtil(com.sequenceiq.cloudbreak.common.json.JsonUtil) Controller(org.springframework.stereotype.Controller) Inject(javax.inject.Inject) AccountId(com.sequenceiq.cloudbreak.auth.security.internal.AccountId) LegacyStructuredEventService(com.sequenceiq.cloudbreak.structuredevent.LegacyStructuredEventService) Sort(org.springframework.data.domain.Sort) CloudbreakEventV4Responses(com.sequenceiq.cloudbreak.api.endpoint.v4.events.responses.CloudbreakEventV4Responses) ZipEntry(java.util.zip.ZipEntry) NotFoundException.notFound(com.sequenceiq.cloudbreak.common.exception.NotFoundException.notFound) TxType(javax.transaction.Transactional.TxType) Transactional(javax.transaction.Transactional) PageRequest(org.springframework.data.domain.PageRequest) WorkspaceService(com.sequenceiq.cloudbreak.service.workspace.WorkspaceService) StreamingOutput(javax.ws.rs.core.StreamingOutput) CheckPermissionByAccount(com.sequenceiq.authorization.annotation.CheckPermissionByAccount) Page(org.springframework.data.domain.Page) EventV4Endpoint(com.sequenceiq.cloudbreak.api.endpoint.v4.events.EventV4Endpoint) List(java.util.List) Response(javax.ws.rs.core.Response) CloudbreakEventsFacade(com.sequenceiq.cloudbreak.facade.CloudbreakEventsFacade) StructuredEventContainer(com.sequenceiq.cloudbreak.structuredevent.event.StructuredEventContainer) Optional(java.util.Optional) AuthorizationResourceAction(com.sequenceiq.authorization.resource.AuthorizationResourceAction) StackService(com.sequenceiq.cloudbreak.service.stack.StackService) TenantAwareParam(com.sequenceiq.cloudbreak.auth.security.internal.TenantAwareParam) CloudbreakEventV4Response(com.sequenceiq.cloudbreak.api.endpoint.v4.events.responses.CloudbreakEventV4Response) ZipOutputStream(java.util.zip.ZipOutputStream) StructuredEventContainer(com.sequenceiq.cloudbreak.structuredevent.event.StructuredEventContainer) ZipEntry(java.util.zip.ZipEntry) StreamingOutput(javax.ws.rs.core.StreamingOutput) CheckPermissionByAccount(com.sequenceiq.authorization.annotation.CheckPermissionByAccount)

Example 3 with CheckPermissionByAccount

use of com.sequenceiq.authorization.annotation.CheckPermissionByAccount in project cloudbreak by hortonworks.

the class EventV4Controller method getCloudbreakEventsByStack.

@Override
@CheckPermissionByAccount(action = AuthorizationResourceAction.POWERUSER_ONLY)
public Page<CloudbreakEventV4Response> getCloudbreakEventsByStack(String name, Integer page, Integer size, @AccountId String accountId) {
    PageRequest pageable = PageRequest.of(page, size, Sort.by("timestamp").descending());
    StackView stackView = getStackViewByNameIfAvailable(name);
    return cloudbreakEventsFacade.retrieveEventsByStack(stackView.getId(), stackView.getType(), pageable);
}
Also used : PageRequest(org.springframework.data.domain.PageRequest) StackView(com.sequenceiq.cloudbreak.domain.view.StackView) CheckPermissionByAccount(com.sequenceiq.authorization.annotation.CheckPermissionByAccount)

Example 4 with CheckPermissionByAccount

use of com.sequenceiq.authorization.annotation.CheckPermissionByAccount in project cloudbreak by hortonworks.

the class RecipesV4Controller method post.

@Override
@CheckPermissionByAccount(action = AuthorizationResourceAction.CREATE_RECIPE)
public RecipeV4Response post(Long workspaceId, RecipeV4Request request) {
    String accountId = ThreadBasedUserCrnProvider.getAccountId();
    String creator = ThreadBasedUserCrnProvider.getUserCrn();
    Recipe recipeToSave = recipeV4RequestToRecipeConverter.convert(request);
    Recipe recipe = recipeService.createForLoggedInUser(recipeToSave, restRequestThreadLocalService.getRequestedWorkspaceId(), accountId, creator);
    notify(ResourceEvent.RECIPE_CREATED);
    return recipeToRecipeV4ResponseConverter.convert(recipe);
}
Also used : Recipe(com.sequenceiq.cloudbreak.domain.Recipe) CheckPermissionByAccount(com.sequenceiq.authorization.annotation.CheckPermissionByAccount)

Example 5 with CheckPermissionByAccount

use of com.sequenceiq.authorization.annotation.CheckPermissionByAccount in project cloudbreak by hortonworks.

the class ClusterTemplateV4Controller method post.

@Override
@CheckPermissionByAccount(action = AuthorizationResourceAction.CREATE_CLUSTER_DEFINITION)
public ClusterTemplateV4Response post(Long workspaceId, @Valid ClusterTemplateV4Request request) {
    String accountId = ThreadBasedUserCrnProvider.getAccountId();
    String creator = ThreadBasedUserCrnProvider.getUserCrn();
    ClusterTemplate clusterTemplate = clusterTemplateService.createForLoggedInUser(clusterTemplateV4RequestToClusterTemplateConverter.convert(request), threadLocalService.getRequestedWorkspaceId(), accountId, creator);
    return getByName(threadLocalService.getRequestedWorkspaceId(), clusterTemplate.getName());
}
Also used : ClusterTemplate(com.sequenceiq.cloudbreak.domain.stack.cluster.ClusterTemplate) CheckPermissionByAccount(com.sequenceiq.authorization.annotation.CheckPermissionByAccount)

Aggregations

CheckPermissionByAccount (com.sequenceiq.authorization.annotation.CheckPermissionByAccount)33 Credential (com.sequenceiq.environment.credential.domain.Credential)8 ProxyConfig (com.sequenceiq.environment.proxy.domain.ProxyConfig)4 StackView (com.sequenceiq.cloudbreak.domain.view.StackView)3 SdxCluster (com.sequenceiq.datalake.entity.SdxCluster)3 FlowIdentifier (com.sequenceiq.flow.api.model.FlowIdentifier)3 SdxClusterResponse (com.sequenceiq.sdx.api.model.SdxClusterResponse)3 PageRequest (org.springframework.data.domain.PageRequest)3 AuthorizationResourceAction (com.sequenceiq.authorization.resource.AuthorizationResourceAction)2 AccountId (com.sequenceiq.cloudbreak.auth.security.internal.AccountId)2 TenantAwareParam (com.sequenceiq.cloudbreak.auth.security.internal.TenantAwareParam)2 ImageCatalog (com.sequenceiq.cloudbreak.domain.ImageCatalog)2 ProxyResponse (com.sequenceiq.environment.api.v1.proxy.model.response.ProxyResponse)2 EnvironmentDto (com.sequenceiq.environment.environment.dto.EnvironmentDto)2 Controller (org.springframework.stereotype.Controller)2 CheckPermissionByRequestProperty (com.sequenceiq.authorization.annotation.CheckPermissionByRequestProperty)1 EventV4Endpoint (com.sequenceiq.cloudbreak.api.endpoint.v4.events.EventV4Endpoint)1 CloudbreakEventV4Response (com.sequenceiq.cloudbreak.api.endpoint.v4.events.responses.CloudbreakEventV4Response)1 CloudbreakEventV4Responses (com.sequenceiq.cloudbreak.api.endpoint.v4.events.responses.CloudbreakEventV4Responses)1 ResourceEventResponse (com.sequenceiq.cloudbreak.api.endpoint.v4.util.responses.ResourceEventResponse)1