use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.
the class DBService method getAthenzDomain.
AthenzDomain getAthenzDomain(String domainName, boolean masterCopy) {
// first check to see if we our data is in the cache
AthenzDomain athenzDomain = getAthenzDomainFromCache(domainName, masterCopy);
if (athenzDomain != null) {
return athenzDomain;
}
try (ObjectStoreConnection con = store.getConnection(true, masterCopy)) {
athenzDomain = con.getAthenzDomain(domainName);
setMembersInDomain(athenzDomain);
}
if (athenzDomain != null) {
DataCache dataCache = new DataCache(athenzDomain, athenzDomain.getDomain().getModified().millis());
cacheStore.put(domainName, dataCache);
}
return athenzDomain;
}
use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.
the class DBService method getAthenzDomainFromCache.
AthenzDomain getAthenzDomainFromCache(String domainName, boolean masterCopy) {
// if we have a match for a given domain name then we're going
// to check if the last modified domain timestamp matches to what's
// in the db: So if there is no match, then we'll take the hit
// of extra db read, however, in most cases the domain data is not
// changed that often so we'll satisfy the request with just
// verifying the last modification time as oppose to reading the
// full domain data from db
DataCache data = cacheStore.getIfPresent(domainName);
if (data == null) {
return null;
}
long modTime = 0;
try (ObjectStoreConnection con = store.getConnection(true, masterCopy)) {
// we expect this response to come back immediately from
// object store so we're going to use a smaller timeout
// so we should know right away to use our cache
con.setOperationTimeout(10);
modTime = con.getDomainModTimestamp(domainName);
} catch (ResourceException ex) {
if (ex.getCode() == ResourceException.SERVICE_UNAVAILABLE) {
return data.getAthenzDomain();
}
}
if (data.getModTime() >= modTime) {
return data.getAthenzDomain();
}
cacheStore.invalidate(domainName);
return null;
}
use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.
the class DBService method makeDomain.
Domain makeDomain(ResourceContext ctx, String domainName, String description, String org, Boolean auditEnabled, List<String> adminUsers, String account, int productId, String applicationId, List<String> solutionTemplates, String auditRef) {
final String caller = "makedomain";
Domain domain = new Domain().setName(domainName).setAuditEnabled(auditEnabled).setDescription(description).setOrg(org).setId(UUID.fromCurrentTime()).setAccount(account).setYpmId(productId).setModified(Timestamp.fromCurrentTime()).setApplicationId(applicationId);
// get our connection object
int retryCount = defaultRetryCount;
do {
try (ObjectStoreConnection con = store.getConnection(false, true)) {
// before adding this domain we need to verify our
// quota check for sub-domains
quotaCheck.checkSubdomainQuota(con, domainName, caller);
boolean objectsInserted = con.insertDomain(domain);
if (!objectsInserted) {
con.rollbackChanges();
throw ZMSUtils.requestError("makeDomain: Cannot create domain: " + domainName + " - already exists", caller);
}
StringBuilder auditDetails = new StringBuilder(ZMSConsts.STRING_BLDR_SIZE_DEFAULT);
auditDetails.append("{\"domain\": ");
auditLogDomain(auditDetails, domain);
// first create and process the admin role
Role adminRole = ZMSUtils.makeAdminRole(domainName, adminUsers);
auditDetails.append(", \"role\": ");
if (!processRole(con, null, domainName, ZMSConsts.ADMIN_ROLE_NAME, adminRole, getPrincipalName(ctx), auditRef, false, auditDetails)) {
con.rollbackChanges();
throw ZMSUtils.internalServerError("makeDomain: Cannot process role: '" + adminRole.getName(), caller);
}
// now create and process the admin policy
Policy adminPolicy = ZMSUtils.makeAdminPolicy(domainName, adminRole);
auditDetails.append(", \"policy\": ");
if (!processPolicy(con, null, domainName, ZMSConsts.ADMIN_POLICY_NAME, adminPolicy, false, auditDetails)) {
con.rollbackChanges();
throw ZMSUtils.internalServerError("makeDomain: Cannot process policy: '" + adminPolicy.getName(), caller);
}
if (solutionTemplates != null) {
for (String templateName : solutionTemplates) {
auditDetails.append(", \"template\": ");
if (!addSolutionTemplate(con, domainName, templateName, getPrincipalName(ctx), null, auditRef, auditDetails)) {
con.rollbackChanges();
throw ZMSUtils.internalServerError("makeDomain: Cannot apply templates: '" + domain, caller);
}
}
}
auditDetails.append("}");
// update our domain time-stamp and save changes
saveChanges(con, domainName);
// audit log entry
auditLogRequest(ctx, domainName, auditRef, caller, ZMSConsts.HTTP_POST, domainName, auditDetails.toString());
return domain;
} catch (ResourceException ex) {
if (!shouldRetryOperation(ex, retryCount)) {
throw ex;
}
}
retryCount -= 1;
} while (retryCount > 0);
return null;
}
use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.
the class DBService method lookupDomainById.
DomainList lookupDomainById(String account, int productId) {
DomainList domList = new DomainList();
try (ObjectStoreConnection con = store.getConnection(true, false)) {
String domain = con.lookupDomainById(account, productId);
if (domain != null) {
List<String> list = Arrays.asList(domain);
domList.setNames(list);
}
}
return domList;
}
use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.
the class DBService method executePutDomainMeta.
void executePutDomainMeta(ResourceContext ctx, String domainName, DomainMeta meta, String auditRef, String caller) {
int retryCount = defaultRetryCount;
Domain domain = null;
do {
try (ObjectStoreConnection con = store.getConnection(false, true)) {
// first verify that auditing requirements are met
domain = checkDomainAuditEnabled(con, domainName, auditRef, caller);
// now process the request
Domain updatedDomain = new Domain().setName(domain.getName()).setEnabled(domain.getEnabled()).setId(domain.getId()).setAuditEnabled(meta.getAuditEnabled()).setDescription(meta.getDescription()).setOrg(meta.getOrg());
if (meta.getAccount() == null && meta.getYpmId() == null) {
updatedDomain.setAccount(domain.getAccount());
updatedDomain.setYpmId(domain.getYpmId());
} else {
updatedDomain.setYpmId(meta.getYpmId());
updatedDomain.setAccount(meta.getAccount());
}
// if meta application ID is null, update to existing application ID
if (meta.getApplicationId() == null) {
updatedDomain.setApplicationId(domain.getApplicationId());
} else {
updatedDomain.setApplicationId(meta.getApplicationId());
}
con.updateDomain(updatedDomain);
con.commitChanges();
cacheStore.invalidate(domainName);
// audit log the request
StringBuilder auditDetails = new StringBuilder(ZMSConsts.STRING_BLDR_SIZE_DEFAULT);
auditLogDomain(auditDetails, updatedDomain);
auditLogRequest(ctx, domainName, auditRef, caller, ZMSConsts.HTTP_PUT, domainName, auditDetails.toString());
return;
} catch (ResourceException ex) {
if (!shouldRetryOperation(ex, retryCount)) {
throw ex;
}
}
retryCount -= 1;
} while (retryCount > 0);
}
Aggregations