use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.
the class InventoryDataResource method get.
/**
* Returns an existing inventory data.
*
* @param orgName organization's name
* @param inventoryName inventory's name
* @param itemPath data item path
* @return
*/
@GET
@ApiOperation("Get inventory data")
@Path("/{orgName}/inventory/{inventoryName}/data/{itemPath:.*}")
@Produces(MediaType.APPLICATION_JSON)
public Object get(@ApiParam @PathParam("orgName") String orgName, @ApiParam @PathParam("inventoryName") String inventoryName, @ApiParam @PathParam("itemPath") String itemPath, @ApiParam @QueryParam("singleItem") @DefaultValue("false") boolean singleItem) {
OrganizationEntry org = orgManager.assertAccess(orgName, true);
JsonStoreEntry inventory = inventoryManager.assertAccess(org.getId(), null, inventoryName, ResourceAccessLevel.READER, true);
if (singleItem) {
return inventoryDataDao.getSingleItem(inventory.id(), itemPath);
} else {
return build(inventory.id(), itemPath);
}
}
use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.
the class TriggerResource method refresh.
/**
* Refresh process trigger definitions for the specified project and repository.
*
* @param projectName
* @param repositoryName
* @return
*/
@POST
@ApiOperation("Refresh trigger definitions for the specified project and repository")
@javax.ws.rs.Path("/{orgName}/project/{projectName}/repo/{repositoryName}/trigger")
public Response refresh(@ApiParam @PathParam("orgName") @ConcordKey String orgName, @ApiParam @PathParam("projectName") @ConcordKey String projectName, @ApiParam @PathParam("repositoryName") @ConcordKey String repositoryName) {
OrganizationEntry org = orgManager.assertAccess(orgName, true);
// allow READERs to refresh triggers - it helps with troubleshooting
ProjectEntry p = assertProject(org.getId(), projectName, ResourceAccessLevel.READER, true);
RepositoryEntry r = assertRepository(p, repositoryName);
refresh(r);
return Response.ok().build();
}
use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.
the class TeamManager method assertAccess.
public void assertAccess(UUID orgId, TeamRole requiredRole) {
if (Roles.isAdmin()) {
return;
}
UserPrincipal p = UserPrincipal.assertCurrent();
OrganizationEntry org = orgManager.assertAccess(orgId, false);
if (ResourceAccessUtils.isSame(p, org.getOwner())) {
// the org owner can do anything with the org's teams
return;
}
if (!teamDao.isInAnyTeam(orgId, p.getId(), TeamRole.atLeast(requiredRole))) {
throw new UnauthorizedException("The current user (" + p.getUsername() + ") does not have the required role: " + requiredRole);
}
}
use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.
the class TeamResource method createOrUpdate.
/**
* Create or update a team.
*
* @param entry
* @return
*/
@POST
@Path("/{orgName}/team")
@ApiOperation("Create or update a team")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Validate
public CreateTeamResponse createOrUpdate(@ApiParam @PathParam("orgName") @ConcordKey String orgName, @ApiParam @Valid TeamEntry entry) {
OrganizationEntry org = orgManager.assertAccess(orgName, true);
UUID teamId = entry.getId();
if (teamId == null) {
teamId = teamDao.getId(org.getId(), entry.getName());
}
if (teamId != null) {
teamManager.update(teamId, entry.getName(), entry.getDescription());
return new CreateTeamResponse(OperationResult.UPDATED, teamId);
} else {
teamId = teamManager.insert(org.getId(), entry.getName(), entry.getDescription());
return new CreateTeamResponse(OperationResult.CREATED, teamId);
}
}
use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.
the class ProcessResourceV2 method createProcessFilter.
private ProcessFilter createProcessFilter(UUID orgId, String orgName, UUID projectId, String projectName, UUID repoId, String repoName, OffsetDateTimeParam afterCreatedAt, OffsetDateTimeParam beforeCreatedAt, Set<String> tags, ProcessStatus processStatus, String initiator, UUID parentId, Set<ProcessDataInclude> processData, Integer limit, Integer offset, UriInfo uriInfo) {
UUID effectiveOrgId = orgId;
Set<UUID> orgIds = null;
if (orgId != null) {
// we got an org ID, use it as it is
orgIds = Collections.singleton(effectiveOrgId);
} else if (orgName != null) {
// we got an org name, validate it first by resolving its ID
OrganizationEntry org = orgManager.assertExisting(null, orgName);
effectiveOrgId = org.getId();
orgIds = Collections.singleton(effectiveOrgId);
} else {
// we got a query that is not limited to any specific org
// let's check if we can return all processes from all orgs or if we should limit it to the user's orgs
boolean canSeeAllOrgs = Roles.isAdmin() || Permission.isPermitted(Permission.GET_PROCESS_QUEUE_ALL_ORGS);
if (!canSeeAllOrgs) {
// non-admin users can only see their org's processes or processes w/o projects
orgIds = getCurrentUserOrgIds();
}
}
UUID effectiveProjectId = projectId;
if (effectiveProjectId == null && projectName != null) {
if (effectiveOrgId == null) {
throw new ValidationErrorsException("Organization name or ID is required");
}
effectiveProjectId = projectDao.getId(effectiveOrgId, projectName);
if (effectiveProjectId == null) {
throw new ConcordApplicationException("Project not found: " + projectName, Response.Status.NOT_FOUND);
}
}
if (effectiveProjectId != null) {
projectAccessManager.assertAccess(effectiveProjectId, effectiveProjectId, null, ResourceAccessLevel.READER, false);
} else if (effectiveOrgId != null) {
orgManager.assertAccess(effectiveOrgId, null, false);
} else {
// we don't have to do the permissions check when neither the org or the project are specified
// it is done implicitly by calling getCurrentUserOrgIds for all non-admin users (see above)
}
UUID effectiveRepoId = repoId;
if (effectiveRepoId == null && repoName != null && effectiveProjectId != null) {
effectiveRepoId = repositoryDao.getId(effectiveProjectId, repoName);
}
// collect all metadata filters, we assume that they have "meta." prefix in their query parameter names
List<MetadataFilter> metaFilters = MetadataUtils.parseMetadataFilters(uriInfo);
// can't allow seq scans, we don't index PROCESS_QUEUE.META (yet?)
if (!metaFilters.isEmpty() && effectiveProjectId == null) {
throw new ValidationErrorsException("Process metadata filters require a project name or an ID to be included in the query.");
}
return ProcessFilter.builder().parentId(parentId).projectId(effectiveProjectId).orgIds(orgIds).includeWithoutProject(effectiveOrgId == null && effectiveProjectId == null).afterCreatedAt(unwrap(afterCreatedAt)).beforeCreatedAt(unwrap(beforeCreatedAt)).repoId(effectiveRepoId).repoName(repoName).tags(tags).status(processStatus).initiator(initiator).metaFilters(metaFilters).requirements(FilterUtils.parseJson("requirements", uriInfo)).startAt(FilterUtils.parseDate("startAt", uriInfo)).includes(processData != null ? processData : Collections.emptySet()).limit(limit).offset(offset).build();
}
Aggregations