Search in sources :

Example 11 with WithTimer

use of com.walmartlabs.concord.server.sdk.metrics.WithTimer in project concord by walmartlabs.

the class ResumingProcessor method process.

@Override
@WithTimer
public Payload process(Chain chain, Payload payload) {
    ProcessKey processKey = payload.getProcessKey();
    boolean updated = queueManager.updateExpectedStatus(processKey, ProcessStatus.SUSPENDED, ProcessStatus.RESUMING);
    if (updated) {
        return chain.process(payload);
    }
    log.warn("process ['{}'] -> process is not suspended, can't resume", processKey);
    throw new InvalidProcessStateException("Process is not suspended, can't resume");
}
Also used : ProcessKey(com.walmartlabs.concord.server.sdk.ProcessKey) WithTimer(com.walmartlabs.concord.server.sdk.metrics.WithTimer)

Example 12 with WithTimer

use of com.walmartlabs.concord.server.sdk.metrics.WithTimer in project concord by walmartlabs.

the class LdapRealm method queryForAuthenticationInfo.

@Override
@WithTimer
protected AuthenticationInfo queryForAuthenticationInfo(AuthenticationToken token, LdapContextFactory ldapContextFactory) throws NamingException {
    if (this.url == null) {
        return null;
    }
    UsernamePasswordToken t = (UsernamePasswordToken) token;
    LdapPrincipal ldapPrincipal;
    try {
        ldapPrincipal = getPrincipal(t);
    } catch (Exception e) {
        throw new AuthenticationException("LDAP error while attempting to retrieve the user's principal: " + t.getUsername(), e);
    }
    if (ldapPrincipal == null) {
        throw new AuthenticationException("LDAP data not found: " + t.getUsername());
    }
    // TODO merge getOrCreate+update operations into a single one (only for this use case)
    UserEntry u = userManager.getOrCreate(ldapPrincipal.getUsername(), ldapPrincipal.getDomain(), UserType.LDAP).orElseThrow(() -> new ConcordApplicationException("User not found: " + ldapPrincipal.getUsername()));
    if (u.isDisabled()) {
        throw new AuthenticationException("User account '" + u.getName() + "' is disabled");
    }
    UUID userId = u.getId();
    u = userManager.update(userId, ldapPrincipal.getDisplayName(), ldapPrincipal.getEmail(), UserType.LDAP, false, null).orElseThrow(() -> new RuntimeException("User record not found: " + userId));
    ldapGroupManager.cacheLdapGroupsIfNeeded(userId, ldapPrincipal.getGroups());
    UserPrincipal userPrincipal = new UserPrincipal(REALM_NAME, u);
    auditLog.add(AuditObject.SYSTEM, AuditAction.ACCESS).userId(userId).field("username", u.getName()).field("domain", u.getDomain()).field("realm", REALM_NAME).log();
    return new SimpleAccount(Arrays.asList(userPrincipal, t, ldapPrincipal), t, getName());
}
Also used : ConcordApplicationException(com.walmartlabs.concord.server.sdk.ConcordApplicationException) UserEntry(com.walmartlabs.concord.server.user.UserEntry) UUID(java.util.UUID) NamingException(javax.naming.NamingException) ConcordApplicationException(com.walmartlabs.concord.server.sdk.ConcordApplicationException) UserPrincipal(com.walmartlabs.concord.server.security.UserPrincipal) WithTimer(com.walmartlabs.concord.server.sdk.metrics.WithTimer)

Example 13 with WithTimer

use of com.walmartlabs.concord.server.sdk.metrics.WithTimer in project concord by walmartlabs.

the class SessionKeyRealm method doGetAuthenticationInfo.

@Override
@WithTimer
protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token) throws AuthenticationException {
    SessionKey t = (SessionKey) token;
    PartialProcessKey processKey = PartialProcessKey.from(t.getInstanceId());
    try {
        ProcessInitiatorEntry p = processQueueManager.getInitiator(processKey);
        if (p == null) {
            log.warn("doGetAuthenticationInfo -> process not found: {}", t.getInstanceId());
            return null;
        }
        if (p.initiatorId() == null) {
            log.warn("doGetAuthenticationInfo -> initiator not found: {}", t.getInstanceId());
            return null;
        }
        if (isFinished(p)) {
            log.warn("doGetAuthenticationInfo -> process is finished: {}", t.getInstanceId());
            return null;
        }
        PrincipalCollection principals = getPrincipals(processKey);
        return new SimpleAccount(principals, t.getInstanceId(), getName());
    } catch (Exception e) {
        log.error("doGetAuthenticationInfo ['{}'] -> error", t.getInstanceId(), e);
        throw e;
    }
}
Also used : SimpleAccount(org.apache.shiro.authc.SimpleAccount) PartialProcessKey(com.walmartlabs.concord.server.sdk.PartialProcessKey) ProcessInitiatorEntry(com.walmartlabs.concord.server.process.queue.ProcessInitiatorEntry) PrincipalCollection(org.apache.shiro.subject.PrincipalCollection) SimplePrincipalCollection(org.apache.shiro.subject.SimplePrincipalCollection) AuthenticationException(org.apache.shiro.authc.AuthenticationException) WithTimer(com.walmartlabs.concord.server.sdk.metrics.WithTimer)

Example 14 with WithTimer

use of com.walmartlabs.concord.server.sdk.metrics.WithTimer in project concord by walmartlabs.

the class OrganizationManager method assertAccess.

@WithTimer
public OrganizationEntry assertAccess(DSLContext tx, UUID orgId, String orgName, boolean orgMembersOnly) {
    OrganizationEntry e = assertExisting(tx, orgId, orgName);
    if (Roles.isAdmin()) {
        // an admin can access any organization
        return e;
    }
    if (Roles.isGlobalReader() || Roles.isGlobalWriter()) {
        return e;
    }
    UserPrincipal p = UserPrincipal.assertCurrent();
    EntityOwner owner = e.getOwner();
    if (ResourceAccessUtils.isSame(p, owner)) {
        // the owner can do anything with his organization
        return e;
    }
    if (orgMembersOnly) {
        if (!userManager.isInOrganization(tx, e.getId())) {
            throw new UnauthorizedException("The current user (" + p.getUsername() + ") doesn't belong to the specified organization: " + e.getName());
        }
    }
    return e;
}
Also used : UnauthorizedException(org.apache.shiro.authz.UnauthorizedException) UserPrincipal(com.walmartlabs.concord.server.security.UserPrincipal) WithTimer(com.walmartlabs.concord.server.sdk.metrics.WithTimer)

Example 15 with WithTimer

use of com.walmartlabs.concord.server.sdk.metrics.WithTimer in project concord by walmartlabs.

the class ConsoleService method testRepository.

@POST
@Path("/repository/test")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@WithTimer
public boolean testRepository(RepositoryTestRequest req) {
    OrganizationEntry org = orgManager.assertAccess(null, req.getOrgName(), false);
    ProjectEntry project = projectAccessManager.assertAccess(org.getId(), null, req.getProjectName(), ResourceAccessLevel.READER, false);
    try {
        String secretName = secretDao.getName(req.getSecretId());
        repositoryManager.testConnection(project.getOrgId(), project.getId(), req.getUrl(), req.getBranch(), req.getCommitId(), req.getPath(), secretName);
        return true;
    } catch (InvalidRepositoryPathException e) {
        Map<String, String> m = new HashMap<>();
        m.put("message", "Repository validation error");
        m.put("level", "WARN");
        m.put("details", e.getMessage());
        throw new ConcordApplicationException(Response.status(Status.INTERNAL_SERVER_ERROR).header(HttpHeaders.CONTENT_TYPE, MediaType.APPLICATION_JSON).entity(m).build());
    } catch (Exception e) {
        String msg;
        Throwable t = e;
        while (true) {
            msg = t.getMessage();
            t = t.getCause();
            if (t == null) {
                break;
            }
        }
        if (msg == null) {
            msg = "Repository test error";
        }
        throw new ConcordApplicationException(Response.status(Status.INTERNAL_SERVER_ERROR).header(HttpHeaders.CONTENT_TYPE, MediaType.TEXT_PLAIN).entity(msg).build());
    }
}
Also used : ProjectEntry(com.walmartlabs.concord.server.org.project.ProjectEntry) ConcordApplicationException(com.walmartlabs.concord.server.sdk.ConcordApplicationException) InvalidRepositoryPathException(com.walmartlabs.concord.server.repository.InvalidRepositoryPathException) OrganizationEntry(com.walmartlabs.concord.server.org.OrganizationEntry) UnauthorizedException(org.apache.shiro.authz.UnauthorizedException) InvalidRepositoryPathException(com.walmartlabs.concord.server.repository.InvalidRepositoryPathException) ConcordApplicationException(com.walmartlabs.concord.server.sdk.ConcordApplicationException) WithTimer(com.walmartlabs.concord.server.sdk.metrics.WithTimer)

Aggregations

WithTimer (com.walmartlabs.concord.server.sdk.metrics.WithTimer)64 ApiOperation (io.swagger.annotations.ApiOperation)32 ProcessKey (com.walmartlabs.concord.server.sdk.ProcessKey)26 PartialProcessKey (com.walmartlabs.concord.server.sdk.PartialProcessKey)24 ConcordApplicationException (com.walmartlabs.concord.server.sdk.ConcordApplicationException)22 UserPrincipal (com.walmartlabs.concord.server.security.UserPrincipal)16 UnauthorizedException (org.apache.shiro.authz.UnauthorizedException)10 UUID (java.util.UUID)9 ProcessEntry (com.walmartlabs.concord.server.process.ProcessEntry)7 EntryPoint (com.walmartlabs.concord.server.process.PayloadManager.EntryPoint)6 Inject (javax.inject.Inject)5 Named (javax.inject.Named)5 Payload (com.walmartlabs.concord.server.process.Payload)4 Path (java.nio.file.Path)4 ValidationErrorsException (org.sonatype.siesta.ValidationErrorsException)4 ObjectMapper (com.fasterxml.jackson.databind.ObjectMapper)3 HttpUtils (com.walmartlabs.concord.server.HttpUtils)3 ProcessFilter (com.walmartlabs.concord.server.process.queue.ProcessFilter)3 UserEntry (com.walmartlabs.concord.server.user.UserEntry)3 IOException (java.io.IOException)3