Examples with CustomPermissionCheck com.sequenceiq.authorization.annotation.CustomPermissionCheck used on opensource projects

Search in sources :

Example 11 with CustomPermissionCheck

use of com.sequenceiq.authorization.annotation.CustomPermissionCheck in project cloudbreak by hortonworks.

the class CredentialPlatformResourceController method getResourceGroups.

@Override
@CustomPermissionCheck
public PlatformResourceGroupsResponse getResourceGroups(String credentialName, String credentialCrn, String region, String platformVariant, String availabilityZone) {
    customCheckUtil.run(() -> permissionCheckByCredential(credentialName, credentialCrn));
    String accountId = getAccountId();
    PlatformResourceRequest request = platformParameterService.getPlatformResourceRequest(accountId, credentialName, credentialCrn, region, platformVariant, availabilityZone, CdpResourceType.DEFAULT);
    LOGGER.info("Get /platform_resources/resource_groups, request: {}", request);
    CloudResourceGroups resourceGroups = platformParameterService.getResourceGroups(request);
    List<PlatformResourceGroupResponse> platformResourceGroups = resourceGroups.getResourceGroups().stream().map(rg -> new PlatformResourceGroupResponse(rg.getName())).collect(Collectors.toList());
    PlatformResourceGroupsResponse response = new PlatformResourceGroupsResponse(platformResourceGroups);
    LOGGER.info("Resp /platform_resources/resource_groups, request: {}, resourceGroups: {}, response: {}", request, resourceGroups, response);
    return response;
}
Also used : PlatformPrivateDnsZoneResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformPrivateDnsZoneResponse) CloudVmTypes(com.sequenceiq.cloudbreak.cloud.model.CloudVmTypes) CloudEncryptionKeysToPlatformEncryptionKeysV1ResponseConverter(com.sequenceiq.environment.platformresource.v1.converter.CloudEncryptionKeysToPlatformEncryptionKeysV1ResponseConverter) TagSpecificationsToTagSpecificationsV1ResponseConverter(com.sequenceiq.environment.platformresource.v1.converter.TagSpecificationsToTagSpecificationsV1ResponseConverter) LoggerFactory(org.slf4j.LoggerFactory) CustomCheckUtil(com.sequenceiq.authorization.service.CustomCheckUtil) PlatformGatewaysResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformGatewaysResponse) PlatformParameters(com.sequenceiq.cloudbreak.cloud.PlatformParameters) ThreadBasedUserCrnProvider(com.sequenceiq.cloudbreak.auth.ThreadBasedUserCrnProvider) CdpResourceType(com.sequenceiq.common.api.type.CdpResourceType) CloudSshKeys(com.sequenceiq.cloudbreak.cloud.model.CloudSshKeys) AccessConfigTypeQueryParam(com.sequenceiq.environment.api.v1.platformresource.model.AccessConfigTypeQueryParam) PlatformDisksResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformDisksResponse) Map(java.util.Map) BadRequestException(javax.ws.rs.BadRequestException) PlatformNetworksResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformNetworksResponse) TxType(javax.transaction.Transactional.TxType) PlatformParameterService(com.sequenceiq.environment.platformresource.PlatformParameterService) Transactional(javax.transaction.Transactional) DisableCheckPermissions(com.sequenceiq.authorization.annotation.DisableCheckPermissions) CloudSshKeysToPlatformSshKeysV1ResponseConverter(com.sequenceiq.environment.platformresource.v1.converter.CloudSshKeysToPlatformSshKeysV1ResponseConverter) CloudEncryptionKeys(com.sequenceiq.cloudbreak.cloud.model.CloudEncryptionKeys) Platform(com.sequenceiq.cloudbreak.cloud.model.Platform) CloudResourceGroups(com.sequenceiq.cloudbreak.cloud.model.resourcegroup.CloudResourceGroups) CloudAccessConfigsToPlatformAccessConfigsV1ResponseConverter(com.sequenceiq.environment.platformresource.v1.converter.CloudAccessConfigsToPlatformAccessConfigsV1ResponseConverter) PlatformEncryptionKeysResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformEncryptionKeysResponse) Crn(com.sequenceiq.cloudbreak.auth.crn.Crn) Collectors(java.util.stream.Collectors) CloudIpPoolsToPlatformIpPoolsV1ResponseConverter(com.sequenceiq.environment.platformresource.v1.converter.CloudIpPoolsToPlatformIpPoolsV1ResponseConverter) CloudNoSqlTables(com.sequenceiq.cloudbreak.cloud.model.nosql.CloudNoSqlTables) PlatformPrivateDnsZonesResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformPrivateDnsZonesResponse) List(java.util.List) CloudPrivateDnsZones(com.sequenceiq.cloudbreak.cloud.model.dns.CloudPrivateDnsZones) CloudSecurityGroupsToPlatformSecurityGroupsV1ResponseConverter(com.sequenceiq.environment.platformresource.v1.converter.CloudSecurityGroupsToPlatformSecurityGroupsV1ResponseConverter) CloudVmTypesToPlatformVmTypesV1ResponseConverter(com.sequenceiq.environment.platformresource.v1.converter.CloudVmTypesToPlatformVmTypesV1ResponseConverter) PlatformResourceGroupsResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformResourceGroupsResponse) NetworkConstants(com.sequenceiq.cloudbreak.common.network.NetworkConstants) CloudIpPools(com.sequenceiq.cloudbreak.cloud.model.CloudIpPools) CredentialPlatformResourceEndpoint(com.sequenceiq.environment.api.v1.platformresource.CredentialPlatformResourceEndpoint) PlatformDisksToPlatformDisksV1ResponseConverter(com.sequenceiq.environment.platformresource.v1.converter.PlatformDisksToPlatformDisksV1ResponseConverter) HashMap(java.util.HashMap) Controller(org.springframework.stereotype.Controller) CloudGateWays(com.sequenceiq.cloudbreak.cloud.model.CloudGateWays) CloudNetworks(com.sequenceiq.cloudbreak.cloud.model.CloudNetworks) CloudRegions(com.sequenceiq.cloudbreak.cloud.model.CloudRegions) PlatformDisks(com.sequenceiq.cloudbreak.cloud.model.PlatformDisks) PlatformVmtypesResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformVmtypesResponse) Inject(javax.inject.Inject) Strings(com.google.common.base.Strings) CustomPermissionCheck(com.sequenceiq.authorization.annotation.CustomPermissionCheck) PlatformResourceRequest(com.sequenceiq.environment.platformresource.PlatformResourceRequest) PlatformAccessConfigsResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformAccessConfigsResponse) CommonPermissionCheckingUtils(com.sequenceiq.authorization.service.CommonPermissionCheckingUtils) CloudNoSqlTablesToPlatformNoSqlTablesV1ResponseConverter(com.sequenceiq.environment.platformresource.v1.converter.CloudNoSqlTablesToPlatformNoSqlTablesV1ResponseConverter) PlatformIpPoolsResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformIpPoolsResponse) PlatformRegionsToRegionV1ResponseConverter(com.sequenceiq.environment.platformresource.v1.converter.PlatformRegionsToRegionV1ResponseConverter) Logger(org.slf4j.Logger) CloudAccessConfigs(com.sequenceiq.cloudbreak.cloud.model.CloudAccessConfigs) RegionResponse(com.sequenceiq.environment.api.v1.platformresource.model.RegionResponse) CrnParseException(com.sequenceiq.cloudbreak.auth.crn.CrnParseException) PlatformResourceGroupResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformResourceGroupResponse) TagSpecificationsResponse(com.sequenceiq.environment.api.v1.platformresource.model.TagSpecificationsResponse) CloudSecurityGroups(com.sequenceiq.cloudbreak.cloud.model.CloudSecurityGroups) CloudNetworksToPlatformNetworksV1ResponseConverter(com.sequenceiq.environment.platformresource.v1.converter.CloudNetworksToPlatformNetworksV1ResponseConverter) PlatformSshKeysResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformSshKeysResponse) AuthorizationResourceAction(com.sequenceiq.authorization.resource.AuthorizationResourceAction) PlatformSecurityGroupsResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformSecurityGroupsResponse) CloudGatewayssToPlatformGatewaysV1ResponseConverter(com.sequenceiq.environment.platformresource.v1.converter.CloudGatewayssToPlatformGatewaysV1ResponseConverter) PlatformNoSqlTablesResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformNoSqlTablesResponse) PlatformResourceGroupResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformResourceGroupResponse) CloudResourceGroups(com.sequenceiq.cloudbreak.cloud.model.resourcegroup.CloudResourceGroups) PlatformResourceRequest(com.sequenceiq.environment.platformresource.PlatformResourceRequest) PlatformResourceGroupsResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformResourceGroupsResponse) CustomPermissionCheck(com.sequenceiq.authorization.annotation.CustomPermissionCheck)

Example 12 with CustomPermissionCheck

use of com.sequenceiq.authorization.annotation.CustomPermissionCheck in project cloudbreak by hortonworks.

the class CredentialPlatformResourceController method getSecurityGroups.

@Override
@CustomPermissionCheck
public PlatformSecurityGroupsResponse getSecurityGroups(String credentialName, String credentialCrn, String region, String platformVariant, String availabilityZone, String sharedProjectId) {
    customCheckUtil.run(() -> permissionCheckByCredential(credentialName, credentialCrn));
    String accountId = getAccountId();
    PlatformResourceRequest request = platformParameterService.getPlatformResourceRequest(accountId, credentialName, credentialCrn, region, platformVariant, availabilityZone, sharedProjectId);
    LOGGER.info("Get /platform_resources/security_groups, request: {}", request);
    CloudSecurityGroups securityGroups = platformParameterService.getSecurityGroups(request);
    PlatformSecurityGroupsResponse response = cloudSecurityGroupsToPlatformSecurityGroupsV1ResponseConverter.convert(securityGroups);
    LOGGER.info("Resp /platform_resources/security_groups, request: {}, securityGroups: {}, response: {}", request, securityGroups, response);
    return response;
}
Also used : CloudSecurityGroups(com.sequenceiq.cloudbreak.cloud.model.CloudSecurityGroups) PlatformSecurityGroupsResponse(com.sequenceiq.environment.api.v1.platformresource.model.PlatformSecurityGroupsResponse) PlatformResourceRequest(com.sequenceiq.environment.platformresource.PlatformResourceRequest) CustomPermissionCheck(com.sequenceiq.authorization.annotation.CustomPermissionCheck)

Example 13 with CustomPermissionCheck

use of com.sequenceiq.authorization.annotation.CustomPermissionCheck in project cloudbreak by hortonworks.

the class UserV1Controller method synchronizeAllUsers.

@Override
@AccountIdNotNeeded
@CustomPermissionCheck
public SyncOperationStatus synchronizeAllUsers(SynchronizeAllUsersRequest request) {
    String userCrn = checkActorCrn();
    String accountId = determineAccountId(userCrn, request.getAccountId());
    LOGGER.debug("synchronizeAllUsers() requested for account {}", accountId);
    UserSyncRequestFilter userSyncFilter = new UserSyncRequestFilter(nullToEmpty(request.getUsers()), nullToEmpty(request.getMachineUsers()), getOptionalDeletedWorkloadUser(request.getDeletedWorkloadUsers()));
    Operation syncOperation = userSyncService.synchronizeUsersWithCustomPermissionCheck(accountId, userCrn, nullToEmpty(request.getEnvironments()), userSyncFilter, request.getWorkloadCredentialsUpdateType(), AuthorizationResourceAction.DESCRIBE_ENVIRONMENT);
    return checkOperationRejected(operationToSyncOperationStatus.convert(syncOperation));
}
Also used : UserSyncRequestFilter(com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter) Operation(com.sequenceiq.freeipa.entity.Operation) CustomPermissionCheck(com.sequenceiq.authorization.annotation.CustomPermissionCheck) AccountIdNotNeeded(com.sequenceiq.authorization.annotation.AccountIdNotNeeded)

Example 14 with CustomPermissionCheck

use of com.sequenceiq.authorization.annotation.CustomPermissionCheck in project cloudbreak by hortonworks.

the class UserV1Controller method synchronizeUser.

@Override
@CustomPermissionCheck
public SyncOperationStatus synchronizeUser(SynchronizeUserRequest request) {
    String userCrn = checkActorCrn();
    String accountId = ThreadBasedUserCrnProvider.getAccountId();
    LOGGER.debug("synchronizeUser() requested for user {} in account {}", userCrn, accountId);
    Set<String> environmentCrnFilter = request == null ? Set.of() : nullToEmpty(request.getEnvironments());
    Set<String> userCrnFilter = Set.of();
    Set<String> machineUserCrnFilter = Set.of();
    Crn crn = Crn.safeFromString(userCrn);
    switch(crn.getResourceType()) {
        case USER:
            userCrnFilter = Set.of(userCrn);
            break;
        case MACHINE_USER:
            machineUserCrnFilter = Set.of(userCrn);
            break;
        default:
            throw new BadRequestException(String.format("UserCrn %s is not of resoure type USER or MACHINE_USER", userCrn));
    }
    UserSyncRequestFilter userSyncFilter = new UserSyncRequestFilter(userCrnFilter, machineUserCrnFilter, Optional.empty());
    Operation syncOperation = userSyncService.synchronizeUsersWithCustomPermissionCheck(accountId, userCrn, environmentCrnFilter, userSyncFilter, WorkloadCredentialsUpdateType.UPDATE_IF_CHANGED, AuthorizationResourceAction.DESCRIBE_ENVIRONMENT);
    return checkOperationRejected(operationToSyncOperationStatus.convert(syncOperation));
}
Also used : UserSyncRequestFilter(com.sequenceiq.freeipa.service.freeipa.user.UserSyncRequestFilter) BadRequestException(com.sequenceiq.cloudbreak.common.exception.BadRequestException) Operation(com.sequenceiq.freeipa.entity.Operation) ResourceCrn(com.sequenceiq.authorization.annotation.ResourceCrn) Crn(com.sequenceiq.cloudbreak.auth.crn.Crn) CheckPermissionByResourceCrn(com.sequenceiq.authorization.annotation.CheckPermissionByResourceCrn) CustomPermissionCheck(com.sequenceiq.authorization.annotation.CustomPermissionCheck)

Example 15 with CustomPermissionCheck

use of com.sequenceiq.authorization.annotation.CustomPermissionCheck in project cloudbreak by hortonworks.

the class UserV1Controller method setPassword.

@Override
@CustomPermissionCheck
public SyncOperationStatus setPassword(SetPasswordRequest request) {
    String userCrn = checkActorCrn();
    String accountId = ThreadBasedUserCrnProvider.getAccountId();
    LOGGER.debug("setPassword() requested for user {} in account {}", userCrn, accountId);
    Operation setPasswordOperation = passwordService.setPasswordWithCustomPermissionCheck(accountId, userCrn, request.getPassword(), nullToEmpty(request.getEnvironments()), AuthorizationResourceAction.DESCRIBE_ENVIRONMENT);
    return checkOperationRejected(operationToSyncOperationStatus.convert(setPasswordOperation));
}
Also used : Operation(com.sequenceiq.freeipa.entity.Operation) CustomPermissionCheck(com.sequenceiq.authorization.annotation.CustomPermissionCheck)

Aggregations

CustomPermissionCheck (com.sequenceiq.authorization.annotation.CustomPermissionCheck)15 PlatformResourceRequest (com.sequenceiq.environment.platformresource.PlatformResourceRequest)12 Crn (com.sequenceiq.cloudbreak.auth.crn.Crn)3 CloudAccessConfigs (com.sequenceiq.cloudbreak.cloud.model.CloudAccessConfigs)3 CloudEncryptionKeys (com.sequenceiq.cloudbreak.cloud.model.CloudEncryptionKeys)3 CloudGateWays (com.sequenceiq.cloudbreak.cloud.model.CloudGateWays)3 CloudIpPools (com.sequenceiq.cloudbreak.cloud.model.CloudIpPools)3 CloudNetworks (com.sequenceiq.cloudbreak.cloud.model.CloudNetworks)3 CloudRegions (com.sequenceiq.cloudbreak.cloud.model.CloudRegions)3 CloudSecurityGroups (com.sequenceiq.cloudbreak.cloud.model.CloudSecurityGroups)3 CloudSshKeys (com.sequenceiq.cloudbreak.cloud.model.CloudSshKeys)3 CloudVmTypes (com.sequenceiq.cloudbreak.cloud.model.CloudVmTypes)3 CloudNoSqlTables (com.sequenceiq.cloudbreak.cloud.model.nosql.CloudNoSqlTables)3 PlatformAccessConfigsResponse (com.sequenceiq.environment.api.v1.platformresource.model.PlatformAccessConfigsResponse)3 PlatformEncryptionKeysResponse (com.sequenceiq.environment.api.v1.platformresource.model.PlatformEncryptionKeysResponse)3 PlatformGatewaysResponse (com.sequenceiq.environment.api.v1.platformresource.model.PlatformGatewaysResponse)3 PlatformIpPoolsResponse (com.sequenceiq.environment.api.v1.platformresource.model.PlatformIpPoolsResponse)3 PlatformNetworksResponse (com.sequenceiq.environment.api.v1.platformresource.model.PlatformNetworksResponse)3 PlatformNoSqlTablesResponse (com.sequenceiq.environment.api.v1.platformresource.model.PlatformNoSqlTablesResponse)3 PlatformSecurityGroupsResponse (com.sequenceiq.environment.api.v1.platformresource.model.PlatformSecurityGroupsResponse)3
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial