Search in sources :

Example 11 with OrganizationEntry

use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.

the class InventoryDataResource method get.

/**
 * Returns an existing inventory data.
 *
 * @param orgName       organization's name
 * @param inventoryName inventory's name
 * @param itemPath      data item path
 * @return
 */
@GET
@ApiOperation("Get inventory data")
@Path("/{orgName}/inventory/{inventoryName}/data/{itemPath:.*}")
@Produces(MediaType.APPLICATION_JSON)
public Object get(@ApiParam @PathParam("orgName") String orgName, @ApiParam @PathParam("inventoryName") String inventoryName, @ApiParam @PathParam("itemPath") String itemPath, @ApiParam @QueryParam("singleItem") @DefaultValue("false") boolean singleItem) {
    OrganizationEntry org = orgManager.assertAccess(orgName, true);
    JsonStoreEntry inventory = inventoryManager.assertAccess(org.getId(), null, inventoryName, ResourceAccessLevel.READER, true);
    if (singleItem) {
        return inventoryDataDao.getSingleItem(inventory.id(), itemPath);
    } else {
        return build(inventory.id(), itemPath);
    }
}
Also used : JsonStoreEntry(com.walmartlabs.concord.server.org.jsonstore.JsonStoreEntry) OrganizationEntry(com.walmartlabs.concord.server.org.OrganizationEntry) ApiOperation(io.swagger.annotations.ApiOperation)

Example 12 with OrganizationEntry

use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.

the class TriggerResource method refresh.

/**
 * Refresh process trigger definitions for the specified project and repository.
 *
 * @param projectName
 * @param repositoryName
 * @return
 */
@POST
@ApiOperation("Refresh trigger definitions for the specified project and repository")
@javax.ws.rs.Path("/{orgName}/project/{projectName}/repo/{repositoryName}/trigger")
public Response refresh(@ApiParam @PathParam("orgName") @ConcordKey String orgName, @ApiParam @PathParam("projectName") @ConcordKey String projectName, @ApiParam @PathParam("repositoryName") @ConcordKey String repositoryName) {
    OrganizationEntry org = orgManager.assertAccess(orgName, true);
    // allow READERs to refresh triggers - it helps with troubleshooting
    ProjectEntry p = assertProject(org.getId(), projectName, ResourceAccessLevel.READER, true);
    RepositoryEntry r = assertRepository(p, repositoryName);
    refresh(r);
    return Response.ok().build();
}
Also used : OrganizationEntry(com.walmartlabs.concord.server.org.OrganizationEntry) POST(javax.ws.rs.POST) ApiOperation(io.swagger.annotations.ApiOperation)

Example 13 with OrganizationEntry

use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.

the class TeamManager method assertAccess.

public void assertAccess(UUID orgId, TeamRole requiredRole) {
    if (Roles.isAdmin()) {
        return;
    }
    UserPrincipal p = UserPrincipal.assertCurrent();
    OrganizationEntry org = orgManager.assertAccess(orgId, false);
    if (ResourceAccessUtils.isSame(p, org.getOwner())) {
        // the org owner can do anything with the org's teams
        return;
    }
    if (!teamDao.isInAnyTeam(orgId, p.getId(), TeamRole.atLeast(requiredRole))) {
        throw new UnauthorizedException("The current user (" + p.getUsername() + ") does not have the required role: " + requiredRole);
    }
}
Also used : UnauthorizedException(org.apache.shiro.authz.UnauthorizedException) OrganizationEntry(com.walmartlabs.concord.server.org.OrganizationEntry) UserPrincipal(com.walmartlabs.concord.server.security.UserPrincipal)

Example 14 with OrganizationEntry

use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.

the class TeamResource method createOrUpdate.

/**
 * Create or update a team.
 *
 * @param entry
 * @return
 */
@POST
@Path("/{orgName}/team")
@ApiOperation("Create or update a team")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Validate
public CreateTeamResponse createOrUpdate(@ApiParam @PathParam("orgName") @ConcordKey String orgName, @ApiParam @Valid TeamEntry entry) {
    OrganizationEntry org = orgManager.assertAccess(orgName, true);
    UUID teamId = entry.getId();
    if (teamId == null) {
        teamId = teamDao.getId(org.getId(), entry.getName());
    }
    if (teamId != null) {
        teamManager.update(teamId, entry.getName(), entry.getDescription());
        return new CreateTeamResponse(OperationResult.UPDATED, teamId);
    } else {
        teamId = teamManager.insert(org.getId(), entry.getName(), entry.getDescription());
        return new CreateTeamResponse(OperationResult.CREATED, teamId);
    }
}
Also used : UUID(java.util.UUID) OrganizationEntry(com.walmartlabs.concord.server.org.OrganizationEntry) Validate(org.sonatype.siesta.Validate) ApiOperation(io.swagger.annotations.ApiOperation)

Example 15 with OrganizationEntry

use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.

the class ProcessResourceV2 method createProcessFilter.

private ProcessFilter createProcessFilter(UUID orgId, String orgName, UUID projectId, String projectName, UUID repoId, String repoName, OffsetDateTimeParam afterCreatedAt, OffsetDateTimeParam beforeCreatedAt, Set<String> tags, ProcessStatus processStatus, String initiator, UUID parentId, Set<ProcessDataInclude> processData, Integer limit, Integer offset, UriInfo uriInfo) {
    UUID effectiveOrgId = orgId;
    Set<UUID> orgIds = null;
    if (orgId != null) {
        // we got an org ID, use it as it is
        orgIds = Collections.singleton(effectiveOrgId);
    } else if (orgName != null) {
        // we got an org name, validate it first by resolving its ID
        OrganizationEntry org = orgManager.assertExisting(null, orgName);
        effectiveOrgId = org.getId();
        orgIds = Collections.singleton(effectiveOrgId);
    } else {
        // we got a query that is not limited to any specific org
        // let's check if we can return all processes from all orgs or if we should limit it to the user's orgs
        boolean canSeeAllOrgs = Roles.isAdmin() || Permission.isPermitted(Permission.GET_PROCESS_QUEUE_ALL_ORGS);
        if (!canSeeAllOrgs) {
            // non-admin users can only see their org's processes or processes w/o projects
            orgIds = getCurrentUserOrgIds();
        }
    }
    UUID effectiveProjectId = projectId;
    if (effectiveProjectId == null && projectName != null) {
        if (effectiveOrgId == null) {
            throw new ValidationErrorsException("Organization name or ID is required");
        }
        effectiveProjectId = projectDao.getId(effectiveOrgId, projectName);
        if (effectiveProjectId == null) {
            throw new ConcordApplicationException("Project not found: " + projectName, Response.Status.NOT_FOUND);
        }
    }
    if (effectiveProjectId != null) {
        projectAccessManager.assertAccess(effectiveProjectId, effectiveProjectId, null, ResourceAccessLevel.READER, false);
    } else if (effectiveOrgId != null) {
        orgManager.assertAccess(effectiveOrgId, null, false);
    } else {
    // we don't have to do the permissions check when neither the org or the project are specified
    // it is done implicitly by calling getCurrentUserOrgIds for all non-admin users (see above)
    }
    UUID effectiveRepoId = repoId;
    if (effectiveRepoId == null && repoName != null && effectiveProjectId != null) {
        effectiveRepoId = repositoryDao.getId(effectiveProjectId, repoName);
    }
    // collect all metadata filters, we assume that they have "meta." prefix in their query parameter names
    List<MetadataFilter> metaFilters = MetadataUtils.parseMetadataFilters(uriInfo);
    // can't allow seq scans, we don't index PROCESS_QUEUE.META (yet?)
    if (!metaFilters.isEmpty() && effectiveProjectId == null) {
        throw new ValidationErrorsException("Process metadata filters require a project name or an ID to be included in the query.");
    }
    return ProcessFilter.builder().parentId(parentId).projectId(effectiveProjectId).orgIds(orgIds).includeWithoutProject(effectiveOrgId == null && effectiveProjectId == null).afterCreatedAt(unwrap(afterCreatedAt)).beforeCreatedAt(unwrap(beforeCreatedAt)).repoId(effectiveRepoId).repoName(repoName).tags(tags).status(processStatus).initiator(initiator).metaFilters(metaFilters).requirements(FilterUtils.parseJson("requirements", uriInfo)).startAt(FilterUtils.parseDate("startAt", uriInfo)).includes(processData != null ? processData : Collections.emptySet()).limit(limit).offset(offset).build();
}
Also used : ConcordApplicationException(com.walmartlabs.concord.server.sdk.ConcordApplicationException) MetadataFilter(com.walmartlabs.concord.server.process.queue.ProcessFilter.MetadataFilter) UUID(java.util.UUID) OrganizationEntry(com.walmartlabs.concord.server.org.OrganizationEntry) ValidationErrorsException(org.sonatype.siesta.ValidationErrorsException)

Aggregations

OrganizationEntry (com.walmartlabs.concord.server.org.OrganizationEntry)36 ApiOperation (io.swagger.annotations.ApiOperation)12 UUID (java.util.UUID)12 ConcordApplicationException (com.walmartlabs.concord.server.sdk.ConcordApplicationException)8 UnauthorizedException (org.apache.shiro.authz.UnauthorizedException)6 GenericOperationResult (com.walmartlabs.concord.server.GenericOperationResult)5 JsonStoreEntry (com.walmartlabs.concord.server.org.jsonstore.JsonStoreEntry)5 ValidationErrorsException (org.sonatype.siesta.ValidationErrorsException)5 WithTimer (com.walmartlabs.concord.server.sdk.metrics.WithTimer)3 UserPrincipal (com.walmartlabs.concord.server.security.UserPrincipal)3 Validate (org.sonatype.siesta.Validate)3 Map (java.util.Map)2 OperationResult (com.walmartlabs.concord.server.OperationResult)1 AuditObject (com.walmartlabs.concord.server.audit.AuditObject)1 RawPayloadMode (com.walmartlabs.concord.server.jooq.enums.RawPayloadMode)1 ResourceAccessLevel (com.walmartlabs.concord.server.org.ResourceAccessLevel)1 ProjectEntry (com.walmartlabs.concord.server.org.project.ProjectEntry)1 MetadataFilter (com.walmartlabs.concord.server.process.queue.ProcessFilter.MetadataFilter)1 InvalidRepositoryPathException (com.walmartlabs.concord.server.repository.InvalidRepositoryPathException)1 UserEntry (com.walmartlabs.concord.server.user.UserEntry)1