Examples with TenantResourceGroup com.yahoo.athenz.provider.TenantResourceGroup used on opensource projects

Example 1 with TenantResourceGroup

use of com.yahoo.athenz.provider.TenantResourceGroup in project athenz by yahoo.

the class ZMSImpl method putTenancyResourceGroup.

public TenancyResourceGroup putTenancyResourceGroup(ResourceContext ctx, String tenantDomain, String provider, String resourceGroup, String auditRef, TenancyResourceGroup detail) {
    final String caller = "puttenancyresourcegroup";
    metric.increment(ZMSConsts.HTTP_PUT);
    logPrincipal(ctx);
    if (readOnlyMode) {
        throw ZMSUtils.requestError("Server in Maintenance Read-Only mode. Please try your request later", caller);
    }
    validateRequest(ctx.request(), caller);
    validate(tenantDomain, TYPE_DOMAIN_NAME, caller);
    // the fully qualified service name to provision on
    validate(provider, TYPE_SERVICE_NAME, caller);
    validate(resourceGroup, TYPE_COMPOUND_NAME, caller);
    // for consistent handling of all requests, we're going to convert
    // all incoming object values into lower case (e.g. domain, role,
    // policy, service, etc name)
    tenantDomain = tenantDomain.toLowerCase();
    provider = provider.toLowerCase();
    resourceGroup = resourceGroup.toLowerCase();
    AthenzObject.TENANCY_RESOURCE_GROUP.convertToLowerCase(detail);
    metric.increment(ZMSConsts.HTTP_REQUEST, tenantDomain);
    metric.increment(caller, tenantDomain);
    Object timerMetric = metric.startTiming("puttenancyresourcegroup_timing", tenantDomain);
    // verify that request is properly authenticated for this request
    verifyAuthorizedServiceOperation(((RsrcCtxWrapper) ctx).principal().getAuthorizedService(), caller);
    if (LOG.isDebugEnabled()) {
        LOG.debug("putTenancyResourceGroup: tenant domain(" + tenantDomain + ") resourceGroup(" + resourceGroup + ")");
    }
    // provider service domain
    String provSvcDomain = providerServiceDomain(provider);
    // provider service name
    String provSvcName = providerServiceName(provider);
    ServiceIdentity ent = dbService.getServiceIdentity(provSvcDomain, provSvcName);
    if (ent == null) {
        throw ZMSUtils.requestError("Unable to retrieve service=" + provider, caller);
    }
    if (LOG.isDebugEnabled()) {
        LOG.debug("serviceIdentity: provider=" + ent);
    }
    String url = ent.getProviderEndpoint();
    if (url == null || url.isEmpty()) {
        throw ZMSUtils.requestError("Cannot put tenancy resource group on provider service=" + provider + " -- not a provider service", caller);
    }
    Principal tenantAdmin = ((RsrcCtxWrapper) ctx).principal();
    TenantResourceGroup tenantResourceGroup = new TenantResourceGroup();
    tenantResourceGroup.setService(provSvcName).setName(tenantDomain).setResourceGroup(resourceGroup);
    TenantResourceGroup tenantWithRoles = null;
    try {
        ProviderClient prov = getProviderClient(url, tenantAdmin);
        tenantWithRoles = prov.putTenantResourceGroup(provSvcName, tenantDomain, resourceGroup, auditRef, tenantResourceGroup);
    } catch (com.yahoo.athenz.provider.ResourceException ex) {
        throw ZMSUtils.error(ex.getCode(), ex.getMessage(), caller);
    }
    if (LOG.isInfoEnabled()) {
        LOG.info("---- result of provider.putTenantResourceGroup: " + tenantWithRoles);
    }
    List<String> providerRoles = tenantWithRoles.getRoles();
    if (providerRoles == null || providerRoles.isEmpty()) {
        throw ZMSUtils.requestError("Provider Controller did not return any roles to provision", caller);
    }
    // we're going to create a separate role for each one of tenant roles returned
    // based on its action and set the caller as a member in each role
    dbService.executePutProviderRoles(ctx, tenantDomain, provSvcDomain, provSvcName, resourceGroup, providerRoles, auditRef, caller);
    if (LOG.isInfoEnabled()) {
        LOG.info("---- END put Tenant Resource Group -> " + detail);
    }
    metric.stopTiming(timerMetric);
    return null;
}