use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.
the class TriggerResource method list.
/**
* List process trigger definitions for the specified project and repository.
*
* @param projectName
* @param repositoryName
* @return
*/
@GET
@ApiOperation(value = "List trigger definitions", responseContainer = "list", response = TriggerEntry.class)
@javax.ws.rs.Path("/{orgName}/project/{projectName}/repo/{repositoryName}/trigger")
@Produces(MediaType.APPLICATION_JSON)
public List<TriggerEntry> list(@ApiParam @PathParam("orgName") @ConcordKey String orgName, @ApiParam @PathParam("projectName") @ConcordKey String projectName, @ApiParam @PathParam("repositoryName") @ConcordKey String repositoryName) {
OrganizationEntry org = orgManager.assertAccess(orgName, true);
ProjectEntry p = assertProject(org.getId(), projectName, ResourceAccessLevel.READER, true);
RepositoryEntry r = assertRepository(p, repositoryName);
return triggersDao.list(p.getId(), r.getId());
}
use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.
the class TeamManager method assertAccess.
public TeamEntry assertAccess(UUID orgId, UUID teamId, String teamName, TeamRole requiredRole, boolean teamMembersOnly) {
TeamEntry e = assertExisting(orgId, teamId, teamName);
if (Roles.isAdmin()) {
return e;
}
UserPrincipal p = UserPrincipal.assertCurrent();
OrganizationEntry org = orgManager.assertAccess(e.getOrgId(), false);
if (ResourceAccessUtils.isSame(p, org.getOwner())) {
// the org owner can do anything with the org's inventories
return e;
}
if (requiredRole != null && teamMembersOnly) {
if (!teamDao.hasUser(e.getId(), p.getId(), TeamRole.atLeast(requiredRole))) {
throw new UnauthorizedException("The current user (" + p.getUsername() + ") does not have the required role: " + requiredRole);
}
}
return e;
}
use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.
the class InventoryQueryResource method createOrUpdate.
/**
* Creates or updates inventory query
*
* @param orgName organization's name
* @param inventoryName inventory's name
* @param queryName query's name
* @param text query text
* @return
*/
@POST
@ApiOperation("Create or update inventory query")
@Consumes({ MediaType.APPLICATION_JSON, MediaType.TEXT_PLAIN })
@Produces(MediaType.APPLICATION_JSON)
@Path("/{orgName}/inventory/{inventoryName}/query/{queryName}")
public CreateInventoryQueryResponse createOrUpdate(@ApiParam @PathParam("orgName") @ConcordKey String orgName, @ApiParam @PathParam("inventoryName") @ConcordKey String inventoryName, @ApiParam @PathParam("queryName") @ConcordKey String queryName, @ApiParam String text) {
GenericOperationResult res = storageQueryResource.createOrUpdate(orgName, inventoryName, JsonStoreQueryRequest.builder().name(queryName).text(text).build());
OrganizationEntry org = organizationManager.assertExisting(null, orgName);
JsonStoreEntry storage = storageDao.get(org.getId(), inventoryName);
UUID id = storageQueryDao.getId(storage.id(), queryName);
return new CreateInventoryQueryResponse(res.getResult(), id);
}
use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.
the class InventoryResource method createOrUpdate.
/**
* Create or update a inventory.
*
* @param orgName organization's name
* @param entry inventory's data
* @return
*/
@POST
@ApiOperation("Create or update inventory")
@Path("/{orgName}/inventory")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Validate
public CreateInventoryResponse createOrUpdate(@ApiParam @PathParam("orgName") String orgName, @ApiParam @Valid InventoryEntry entry) {
OrganizationEntry org = orgManager.assertAccess(orgName, true);
OperationResult result = storageManager.createOrUpdate(orgName, JsonStoreRequest.builder().id(entry.getId()).name(entry.getName()).owner(toOwner(entry.getOwner())).visibility(entry.getVisibility() != null ? entry.getVisibility() : JsonStoreVisibility.PUBLIC).build());
UUID id = storageDao.getId(org.getId(), entry.getName());
return new CreateInventoryResponse(result, id);
}
use of com.walmartlabs.concord.server.org.OrganizationEntry in project concord by walmartlabs.
the class JsonStoreAccessManager method hasAccess.
public boolean hasAccess(JsonStoreEntry store, ResourceAccessLevel accessLevel, boolean orgMembersOnly) {
if (Roles.isAdmin()) {
// an admin can access any store
return true;
}
if (accessLevel == ResourceAccessLevel.READER && (Roles.isGlobalReader() || Roles.isGlobalWriter())) {
return true;
} else if (accessLevel == ResourceAccessLevel.WRITER && Roles.isGlobalWriter()) {
return true;
}
UserPrincipal principal = UserPrincipal.assertCurrent();
if (ResourceAccessUtils.isSame(principal, store.owner())) {
// the owner can do anything with his store
return true;
}
if (orgMembersOnly && store.visibility() == JsonStoreVisibility.PUBLIC && accessLevel == ResourceAccessLevel.READER && userManager.isInOrganization(store.orgId())) {
// organization members can access any public store in the same organization
return true;
}
OrganizationEntry org = orgManager.assertAccess(store.orgId(), false);
if (ResourceAccessUtils.isSame(principal, org.getOwner())) {
// the org owner can do anything with the org's store
return true;
}
if (orgMembersOnly || store.visibility() != JsonStoreVisibility.PUBLIC) {
if (!storeDao.hasAccessLevel(store.id(), principal.getId(), ResourceAccessLevel.atLeast(accessLevel))) {
throw new UnauthorizedException("The current user (" + principal.getUsername() + ") doesn't have " + "the necessary access level (" + accessLevel + ") to the JSON store: " + store.name());
}
}
return true;
}
Aggregations