use of com.walmartlabs.concord.server.security.UserPrincipal in project concord by walmartlabs.
the class ProcessLogAccessManager method assertLogAccess.
public ProcessKey assertLogAccess(UUID instanceId) {
ProcessEntry pe = processManager.assertProcess(instanceId);
ProcessKey pk = new ProcessKey(pe.instanceId(), pe.createdAt());
if (!processCfg.isCheckLogPermissions()) {
return pk;
}
if (Roles.isAdmin() || Roles.isGlobalReader()) {
return pk;
}
UserPrincipal principal = UserPrincipal.assertCurrent();
UUID initiatorId = pe.initiatorId();
if (principal.getId().equals(initiatorId)) {
// process owners should be able to view the process' logs
return pk;
}
SessionKeyPrincipal s = SessionKeyPrincipal.getCurrent();
if (s != null && pk.partOf(s.getProcessKey())) {
// processes can access their own logs
return pk;
}
if (pe.projectId() != null) {
projectAccessManager.assertAccess(pe.projectId(), ResourceAccessLevel.WRITER, true);
return pk;
}
throw new UnauthorizedException("The current user (" + principal.getUsername() + ") doesn't have " + "the necessary permissions to view the process log: " + instanceId);
}
use of com.walmartlabs.concord.server.security.UserPrincipal in project concord by walmartlabs.
the class SecretManager method assertProjectScope.
private void assertProjectScope(AccessScope scope, SecretEntry e) {
UUID projectId = e.getProjectId();
if (projectId == null) {
return;
}
// currently both the server and the agent access repositories and thus require access to secrets
// the agent uses its own API key which is typically a "globalReader". That is why we need to check both
// "globalReaders" and the current session token
// TODO create a separate role or move the repository cloning into the runner and use session tokens?
UserPrincipal u = UserPrincipal.getCurrent();
if (u != null && Roles.isGlobalReader()) {
return;
}
if (scope instanceof InternalAccessScope) {
return;
}
// internal access within a scope of a project
if (scope instanceof ProjectAccessScope) {
UUID scopeProjectId = ((ProjectAccessScope) scope).getProjectId();
if (!projectId.equals(scopeProjectId)) {
throw new UnauthorizedException("Project-scoped secrets can only be accessed within the project they belong to. Secret: " + e.getName());
}
return;
}
SessionKeyPrincipal session = SessionKeyPrincipal.getCurrent();
if (session == null) {
throw new UnauthorizedException("Project-scoped secrets can only be accessed within a running process. Secret: " + e.getName());
}
ProcessEntry p = processQueueManager.get(session.getProcessKey());
if (p == null) {
throw new IllegalStateException("Process not found: " + session.getProcessKey());
}
if (!projectId.equals(p.projectId())) {
throw new UnauthorizedException("Project-scoped secrets can only be accessed within the project they belong to. Secret: " + e.getName());
}
}
use of com.walmartlabs.concord.server.security.UserPrincipal in project concord by walmartlabs.
the class SecretManager method assertAccess.
@WithTimer
public SecretEntry assertAccess(UUID orgId, UUID secretId, String secretName, ResourceAccessLevel level, boolean orgMembersOnly) {
if (secretId == null && (orgId == null || secretName == null)) {
throw new ValidationErrorsException("Secret ID or an organization ID and a secret name is required");
}
SecretEntry e = null;
if (secretId != null) {
e = secretDao.get(secretId);
if (e == null) {
throw new WebApplicationException("Secret not found: " + secretId, Status.NOT_FOUND);
}
}
if (e == null) {
e = secretDao.getByName(orgId, secretName);
if (e == null) {
throw new WebApplicationException("Secret not found: " + secretName, Status.NOT_FOUND);
}
}
if (Roles.isAdmin()) {
// an admin can access any secret
return e;
}
if (level == ResourceAccessLevel.READER && (Roles.isGlobalReader() || Roles.isGlobalWriter())) {
return e;
} else if (level == ResourceAccessLevel.WRITER && Roles.isGlobalWriter()) {
return e;
}
UserPrincipal p = UserPrincipal.assertCurrent();
EntityOwner owner = e.getOwner();
if (owner != null && p.getId().equals(owner.id())) {
// the owner can do anything with his secrets
return e;
}
if (orgMembersOnly && e.getVisibility() == SecretVisibility.PUBLIC && level == ResourceAccessLevel.READER && userDao.isInOrganization(p.getId(), e.getOrgId())) {
// organization members can access any public secret in the same organization
return e;
}
OrganizationEntry org = orgManager.assertAccess(e.getOrgId(), false);
if (ResourceAccessUtils.isSame(p, org.getOwner())) {
// the org owner can do anything with the org's secrets
return e;
}
if (orgMembersOnly || e.getVisibility() != SecretVisibility.PUBLIC) {
// the organization's members or the secret is not public
if (!secretDao.hasAccessLevel(e.getId(), p.getId(), ResourceAccessLevel.atLeast(level))) {
throw new UnauthorizedException("The current user doesn't have " + "the necessary access level (" + level + ") to the secret: " + e.getName());
}
}
return e;
}
use of com.walmartlabs.concord.server.security.UserPrincipal in project concord by walmartlabs.
the class ProjectManager method list.
public List<ProjectEntry> list(UUID orgId, int offset, int limit, String filter) {
UserPrincipal p = UserPrincipal.assertCurrent();
UUID userId = p.getId();
if (Roles.isAdmin() || Roles.isGlobalReader() || Roles.isGlobalWriter()) {
// admins or "global readers" can see any project, so we shouldn't filter projects by user
userId = null;
}
return projectDao.list(orgId, userId, PROJECTS.PROJECT_NAME, true, offset, limit, filter);
}
use of com.walmartlabs.concord.server.security.UserPrincipal in project concord by walmartlabs.
the class JsonStoreManager method list.
public List<JsonStoreEntry> list(String orgName, int offset, int limit, String filter) {
OrganizationEntry org = orgManager.assertAccess(orgName, false);
UserPrincipal p = UserPrincipal.assertCurrent();
UUID userId = p.getId();
if (Roles.isAdmin() || Roles.isGlobalReader() || Roles.isGlobalWriter()) {
// admins or "global readers" can see any stores, so we shouldn't filter stores by user
userId = null;
}
return storeDao.list(org.getId(), userId, offset, limit, filter);
}
Aggregations