Search in sources :

Example 1 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBService method getAthenzDomain.

AthenzDomain getAthenzDomain(String domainName, boolean masterCopy) {
    // first check to see if we our data is in the cache
    AthenzDomain athenzDomain = getAthenzDomainFromCache(domainName, masterCopy);
    if (athenzDomain != null) {
        return athenzDomain;
    }
    try (ObjectStoreConnection con = store.getConnection(true, masterCopy)) {
        athenzDomain = con.getAthenzDomain(domainName);
        setMembersInDomain(athenzDomain);
    }
    if (athenzDomain != null) {
        DataCache dataCache = new DataCache(athenzDomain, athenzDomain.getDomain().getModified().millis());
        cacheStore.put(domainName, dataCache);
    }
    return athenzDomain;
}
Also used : AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain) ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)

Example 2 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBService method getAthenzDomainFromCache.

AthenzDomain getAthenzDomainFromCache(String domainName, boolean masterCopy) {
    // if we have a match for a given domain name then we're going
    // to check if the last modified domain timestamp matches to what's
    // in the db: So if there is no match, then we'll take the hit
    // of extra db read, however, in most cases the domain data is not
    // changed that often so we'll satisfy the request with just
    // verifying the last modification time as oppose to reading the
    // full domain data from db
    DataCache data = cacheStore.getIfPresent(domainName);
    if (data == null) {
        return null;
    }
    long modTime = 0;
    try (ObjectStoreConnection con = store.getConnection(true, masterCopy)) {
        // we expect this response to come back immediately from
        // object store so we're going to use a smaller timeout
        // so we should know right away to use our cache
        con.setOperationTimeout(10);
        modTime = con.getDomainModTimestamp(domainName);
    } catch (ResourceException ex) {
        if (ex.getCode() == ResourceException.SERVICE_UNAVAILABLE) {
            return data.getAthenzDomain();
        }
    }
    if (data.getModTime() >= modTime) {
        return data.getAthenzDomain();
    }
    cacheStore.invalidate(domainName);
    return null;
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)

Example 3 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBService method makeDomain.

Domain makeDomain(ResourceContext ctx, String domainName, String description, String org, Boolean auditEnabled, List<String> adminUsers, String account, int productId, String applicationId, List<String> solutionTemplates, String auditRef) {
    final String caller = "makedomain";
    Domain domain = new Domain().setName(domainName).setAuditEnabled(auditEnabled).setDescription(description).setOrg(org).setId(UUID.fromCurrentTime()).setAccount(account).setYpmId(productId).setModified(Timestamp.fromCurrentTime()).setApplicationId(applicationId);
    // get our connection object
    int retryCount = defaultRetryCount;
    do {
        try (ObjectStoreConnection con = store.getConnection(false, true)) {
            // before adding this domain we need to verify our
            // quota check for sub-domains
            quotaCheck.checkSubdomainQuota(con, domainName, caller);
            boolean objectsInserted = con.insertDomain(domain);
            if (!objectsInserted) {
                con.rollbackChanges();
                throw ZMSUtils.requestError("makeDomain: Cannot create domain: " + domainName + " - already exists", caller);
            }
            StringBuilder auditDetails = new StringBuilder(ZMSConsts.STRING_BLDR_SIZE_DEFAULT);
            auditDetails.append("{\"domain\": ");
            auditLogDomain(auditDetails, domain);
            // first create and process the admin role
            Role adminRole = ZMSUtils.makeAdminRole(domainName, adminUsers);
            auditDetails.append(", \"role\": ");
            if (!processRole(con, null, domainName, ZMSConsts.ADMIN_ROLE_NAME, adminRole, getPrincipalName(ctx), auditRef, false, auditDetails)) {
                con.rollbackChanges();
                throw ZMSUtils.internalServerError("makeDomain: Cannot process role: '" + adminRole.getName(), caller);
            }
            // now create and process the admin policy
            Policy adminPolicy = ZMSUtils.makeAdminPolicy(domainName, adminRole);
            auditDetails.append(", \"policy\": ");
            if (!processPolicy(con, null, domainName, ZMSConsts.ADMIN_POLICY_NAME, adminPolicy, false, auditDetails)) {
                con.rollbackChanges();
                throw ZMSUtils.internalServerError("makeDomain: Cannot process policy: '" + adminPolicy.getName(), caller);
            }
            if (solutionTemplates != null) {
                for (String templateName : solutionTemplates) {
                    auditDetails.append(", \"template\": ");
                    if (!addSolutionTemplate(con, domainName, templateName, getPrincipalName(ctx), null, auditRef, auditDetails)) {
                        con.rollbackChanges();
                        throw ZMSUtils.internalServerError("makeDomain: Cannot apply templates: '" + domain, caller);
                    }
                }
            }
            auditDetails.append("}");
            // update our domain time-stamp and save changes
            saveChanges(con, domainName);
            // audit log entry
            auditLogRequest(ctx, domainName, auditRef, caller, ZMSConsts.HTTP_POST, domainName, auditDetails.toString());
            return domain;
        } catch (ResourceException ex) {
            if (!shouldRetryOperation(ex, retryCount)) {
                throw ex;
            }
        }
        retryCount -= 1;
    } while (retryCount > 0);
    return null;
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain)

Example 4 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBService method lookupDomainById.

DomainList lookupDomainById(String account, int productId) {
    DomainList domList = new DomainList();
    try (ObjectStoreConnection con = store.getConnection(true, false)) {
        String domain = con.lookupDomainById(account, productId);
        if (domain != null) {
            List<String> list = Arrays.asList(domain);
            domList.setNames(list);
        }
    }
    return domList;
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)

Example 5 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBService method executePutDomainMeta.

void executePutDomainMeta(ResourceContext ctx, String domainName, DomainMeta meta, String auditRef, String caller) {
    int retryCount = defaultRetryCount;
    Domain domain = null;
    do {
        try (ObjectStoreConnection con = store.getConnection(false, true)) {
            // first verify that auditing requirements are met
            domain = checkDomainAuditEnabled(con, domainName, auditRef, caller);
            // now process the request
            Domain updatedDomain = new Domain().setName(domain.getName()).setEnabled(domain.getEnabled()).setId(domain.getId()).setAuditEnabled(meta.getAuditEnabled()).setDescription(meta.getDescription()).setOrg(meta.getOrg());
            if (meta.getAccount() == null && meta.getYpmId() == null) {
                updatedDomain.setAccount(domain.getAccount());
                updatedDomain.setYpmId(domain.getYpmId());
            } else {
                updatedDomain.setYpmId(meta.getYpmId());
                updatedDomain.setAccount(meta.getAccount());
            }
            // if meta application ID is null, update to existing application ID
            if (meta.getApplicationId() == null) {
                updatedDomain.setApplicationId(domain.getApplicationId());
            } else {
                updatedDomain.setApplicationId(meta.getApplicationId());
            }
            con.updateDomain(updatedDomain);
            con.commitChanges();
            cacheStore.invalidate(domainName);
            // audit log the request
            StringBuilder auditDetails = new StringBuilder(ZMSConsts.STRING_BLDR_SIZE_DEFAULT);
            auditLogDomain(auditDetails, updatedDomain);
            auditLogRequest(ctx, domainName, auditRef, caller, ZMSConsts.HTTP_PUT, domainName, auditDetails.toString());
            return;
        } catch (ResourceException ex) {
            if (!shouldRetryOperation(ex, retryCount)) {
                throw ex;
            }
        }
        retryCount -= 1;
    } while (retryCount > 0);
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain)

Aggregations

ObjectStoreConnection (com.yahoo.athenz.zms.store.ObjectStoreConnection)173 Test (org.testng.annotations.Test)96 ObjectStore (com.yahoo.athenz.zms.store.ObjectStore)38 AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)34 Authority (com.yahoo.athenz.auth.Authority)23 Timestamp (com.yahoo.rdl.Timestamp)17 ArrayList (java.util.ArrayList)16 MemberDueDays (com.yahoo.athenz.zms.config.MemberDueDays)11 Principal (com.yahoo.athenz.auth.Principal)7 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)7 EmbeddedMysql (com.wix.mysql.EmbeddedMysql)5 FilePrivateKeyStore (com.yahoo.athenz.auth.impl.FilePrivateKeyStore)5 Crypto (com.yahoo.athenz.auth.util.Crypto)5 AuditReferenceValidator (com.yahoo.athenz.common.server.audit.AuditReferenceValidator)5 NotificationManager (com.yahoo.athenz.common.server.notification.NotificationManager)5 ResourceUtils (com.yahoo.athenz.common.server.util.ResourceUtils)5 DataCache (com.yahoo.athenz.zms.DBService.DataCache)5 MockAuditReferenceValidatorImpl (com.yahoo.athenz.zms.audit.MockAuditReferenceValidatorImpl)5 JDBCConnection (com.yahoo.athenz.zms.store.impl.jdbc.JDBCConnection)5 ZMSUtils (com.yahoo.athenz.zms.utils.ZMSUtils)5