Examples with ObjectStoreConnection com.yahoo.athenz.zms.store.ObjectStoreConnection used on opensource projects

Search in sources :

Example 71 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBService method deleteDomainDependency.

public void deleteDomainDependency(ResourceContext ctx, String domainName, String service, String auditRef, String caller) {
    for (int retryCount = defaultRetryCount; ; retryCount--) {
        try (ObjectStoreConnection con = store.getConnection(false, true)) {
            final String principal = getPrincipalName(ctx);
            // first verify that auditing requirements are met
            checkDomainAuditEnabled(con, domainName, auditRef, caller, principal, AUDIT_TYPE_DOMAIN);
            // verify domain exists
            Domain domain = con.getDomain(domainName);
            if (domain == null) {
                con.rollbackChanges();
                throw ZMSUtils.notFoundError(caller + ": Unknown domain: " + domainName, caller);
            }
            // now process the request
            StringBuilder auditDetails = new StringBuilder(ZMSConsts.STRING_BLDR_SIZE_DEFAULT);
            if (!processDeleteDomainDependency(con, domainName, service, auditDetails)) {
                con.rollbackChanges();
                throw ZMSUtils.internalServerError("unable to delete dependency on domain " + domainName + " for service " + service, caller);
            }
            // update our domain time-stamp and save changes
            saveChanges(con, domainName);
            // audit log the request
            auditLogRequest(ctx, domainName, auditRef, caller, ZMSConsts.HTTP_DELETE, service, auditDetails.toString());
            // add domain change event
            addDomainChangeMessage(ctx, domainName, service, DomainChangeMessage.ObjectType.DOMAIN);
            return;
        } catch (ResourceException ex) {
            if (!shouldRetryOperation(ex, retryCount)) {
                throw ex;
            }
        }
    }
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain)

Example 72 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBService method executePutDomainMeta.

void executePutDomainMeta(ResourceContext ctx, Domain domain, DomainMeta meta, final String systemAttribute, boolean deleteAllowed, String auditRef, String caller) {
    for (int retryCount = defaultRetryCount; ; retryCount--) {
        try (ObjectStoreConnection con = store.getConnection(false, true)) {
            final String domainName = domain.getName();
            // first verify that auditing requirements are met
            checkDomainAuditEnabled(con, domain, auditRef, caller, getPrincipalName(ctx), AUDIT_TYPE_DOMAIN);
            // now process the request. first we're going to make a
            // copy of our domain
            Domain updatedDomain = new Domain().setName(domain.getName()).setEnabled(domain.getEnabled()).setId(domain.getId()).setAuditEnabled(domain.getAuditEnabled()).setDescription(domain.getDescription()).setOrg(domain.getOrg()).setApplicationId(domain.getApplicationId()).setAccount(domain.getAccount()).setAzureSubscription(domain.getAzureSubscription()).setYpmId(domain.getYpmId()).setCertDnsDomain(domain.getCertDnsDomain()).setMemberExpiryDays(domain.getMemberExpiryDays()).setServiceExpiryDays(domain.getServiceExpiryDays()).setGroupExpiryDays(domain.getGroupExpiryDays()).setTokenExpiryMins(domain.getTokenExpiryMins()).setRoleCertExpiryMins(domain.getRoleCertExpiryMins()).setServiceCertExpiryMins(domain.getServiceCertExpiryMins()).setSignAlgorithm(domain.getSignAlgorithm()).setUserAuthorityFilter(domain.getUserAuthorityFilter()).setBusinessService(domain.getBusinessService()).setTags(domain.getTags()).setBusinessService(domain.getBusinessService());
            if (systemAttribute != null) {
                updateSystemMetaFields(updatedDomain, systemAttribute, deleteAllowed, meta);
            } else {
                updateDomainMetaFields(updatedDomain, meta);
            }
            con.updateDomain(updatedDomain);
            if (!processDomainTags(con, meta.getTags(), domain, domainName, true)) {
                con.rollbackChanges();
                throw ZMSUtils.internalServerError(caller + "Unable to update tags", caller);
            }
            con.commitChanges();
            cacheStore.invalidate(domainName);
            // audit log the request
            StringBuilder auditDetails = new StringBuilder(ZMSConsts.STRING_BLDR_SIZE_DEFAULT);
            auditLogDomain(auditDetails, updatedDomain);
            auditLogRequest(ctx, domainName, auditRef, caller, ZMSConsts.HTTP_PUT, domainName, auditDetails.toString());
            // if the domain member expiry date has changed then we're going
            // process all the members in the domain and update the expiration
            // date accordingly
            updateDomainMembersExpiration(ctx, con, domain, updatedDomain, auditRef, caller);
            // if the domain user attribute expiry has changed we need to
            // process all the members in the domain accordingly
            updateDomainMembersUserAuthorityFilter(ctx, con, domain, updatedDomain, auditRef, caller);
            // add domain change event
            addDomainChangeMessage(ctx, domainName, domainName, DomainChangeMessage.ObjectType.DOMAIN);
            return;
        } catch (ResourceException ex) {
            if (!shouldRetryOperation(ex, retryCount)) {
                throw ex;
            }
        }
    }
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection) AthenzDomain(com.yahoo.athenz.zms.store.AthenzDomain)

Example 73 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBService method executeDeleteQuota.

void executeDeleteQuota(ResourceContext ctx, String domainName, String auditRef, String caller) {
    for (int retryCount = defaultRetryCount; ; retryCount--) {
        try (ObjectStoreConnection con = store.getConnection(true, true)) {
            if (!con.deleteQuota(domainName)) {
                throw ZMSUtils.notFoundError(caller + ": unable to delete quota: " + domainName, caller);
            }
            // audit log the request
            auditLogRequest(ctx, domainName, auditRef, caller, ZMSConsts.HTTP_DELETE, domainName, null);
            // add domain change event
            addDomainChangeMessage(ctx, domainName, domainName, DomainChangeMessage.ObjectType.DOMAIN);
            return;
        } catch (ResourceException ex) {
            if (!shouldRetryOperation(ex, retryCount)) {
                throw ex;
            }
        }
    }
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)

Example 74 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBService method executeDeleteMembership.

void executeDeleteMembership(ResourceContext ctx, String domainName, String roleName, String normalizedMember, String auditRef, String caller) {
    for (int retryCount = defaultRetryCount; ; retryCount--) {
        try (ObjectStoreConnection con = store.getConnection(true, true)) {
            final String principal = getPrincipalName(ctx);
            // first verify that auditing requirements are met
            checkDomainAuditEnabled(con, domainName, auditRef, caller, principal, AUDIT_TYPE_ROLE);
            if (!con.deleteRoleMember(domainName, roleName, normalizedMember, principal, auditRef)) {
                con.rollbackChanges();
                throw ZMSUtils.notFoundError(caller + ": unable to delete role member: " + normalizedMember + " from role: " + roleName, caller);
            }
            // update our role and domain time-stamps, and invalidate local cache entry
            con.updateRoleModTimestamp(domainName, roleName);
            con.updateDomainModTimestamp(domainName);
            cacheStore.invalidate(domainName);
            // audit log the request
            auditLogRequest(ctx, domainName, auditRef, caller, ZMSConsts.HTTP_DELETE, roleName, "{\"member\": \"" + normalizedMember + "\"}");
            // add domain change event
            addDomainChangeMessage(ctx, domainName, roleName, DomainChangeMessage.ObjectType.ROLE);
            return;
        } catch (ResourceException ex) {
            if (!shouldRetryOperation(ex, retryCount)) {
                throw ex;
            }
        }
    }
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)

Example 75 with ObjectStoreConnection

use of com.yahoo.athenz.zms.store.ObjectStoreConnection in project athenz by yahoo.

the class DBService method executePutGroupMembership.

void executePutGroupMembership(ResourceContext ctx, final String domainName, Group group, GroupMember groupMember, final String auditRef) {
    for (int retryCount = defaultRetryCount; ; retryCount--) {
        try (ObjectStoreConnection con = store.getConnection(true, true)) {
            final String principal = getPrincipalName(ctx);
            // first verify that auditing requirements are met
            checkDomainAuditEnabled(con, domainName, auditRef, ctx.getApiName(), principal, AUDIT_TYPE_GROUP);
            // make sure the group auditing requirements are met
            checkObjectAuditEnabled(con, group.getAuditEnabled(), group.getName(), auditRef, ctx.getApiName(), principal);
            // now we need verify our quota check
            final String groupName = ZMSUtils.extractGroupName(domainName, group.getName());
            quotaCheck.checkGroupMembershipQuota(con, domainName, groupName, ctx.getApiName());
            if (!con.insertGroupMember(domainName, groupName, groupMember, principal, auditRef)) {
                con.rollbackChanges();
                throw ZMSUtils.requestError("unable to insert group member: " + groupMember.getMemberName() + " to group: " + groupName, ctx.getApiName());
            }
            // update our group and domain time-stamps, and invalidate local cache entry
            con.updateGroupModTimestamp(domainName, groupName);
            con.updateDomainModTimestamp(domainName);
            cacheStore.invalidate(domainName);
            // audit log the request
            StringBuilder auditDetails = new StringBuilder(ZMSConsts.STRING_BLDR_SIZE_DEFAULT);
            auditLogGroupMember(auditDetails, groupMember, true);
            auditLogRequest(ctx, domainName, auditRef, ctx.getApiName(), ZMSConsts.HTTP_PUT, groupName, auditDetails.toString());
            // add domain change event
            addDomainChangeMessage(ctx, domainName, groupName, DomainChangeMessage.ObjectType.GROUP);
            return;
        } catch (ResourceException ex) {
            if (!shouldRetryOperation(ex, retryCount)) {
                throw ex;
            }
        }
    }
}
Also used : ObjectStoreConnection(com.yahoo.athenz.zms.store.ObjectStoreConnection)

Aggregations

ObjectStoreConnection (com.yahoo.athenz.zms.store.ObjectStoreConnection)173 Test (org.testng.annotations.Test)96 ObjectStore (com.yahoo.athenz.zms.store.ObjectStore)38 AthenzDomain (com.yahoo.athenz.zms.store.AthenzDomain)34 Authority (com.yahoo.athenz.auth.Authority)23 Timestamp (com.yahoo.rdl.Timestamp)17 ArrayList (java.util.ArrayList)16 MemberDueDays (com.yahoo.athenz.zms.config.MemberDueDays)11 Principal (com.yahoo.athenz.auth.Principal)7 SimplePrincipal (com.yahoo.athenz.auth.impl.SimplePrincipal)7 EmbeddedMysql (com.wix.mysql.EmbeddedMysql)5 FilePrivateKeyStore (com.yahoo.athenz.auth.impl.FilePrivateKeyStore)5 Crypto (com.yahoo.athenz.auth.util.Crypto)5 AuditReferenceValidator (com.yahoo.athenz.common.server.audit.AuditReferenceValidator)5 NotificationManager (com.yahoo.athenz.common.server.notification.NotificationManager)5 ResourceUtils (com.yahoo.athenz.common.server.util.ResourceUtils)5 DataCache (com.yahoo.athenz.zms.DBService.DataCache)5 MockAuditReferenceValidatorImpl (com.yahoo.athenz.zms.audit.MockAuditReferenceValidatorImpl)5 JDBCConnection (com.yahoo.athenz.zms.store.impl.jdbc.JDBCConnection)5 ZMSUtils (com.yahoo.athenz.zms.utils.ZMSUtils)5
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial