use of com.yahoo.pulsar.common.policies.data.Policies in project pulsar by yahoo.
the class Namespaces method unloadNamespace.
@PUT
@Path("/{property}/{cluster}/{namespace}/unload")
@ApiOperation(value = "Unload namespace", notes = "Unload an active namespace from the current broker serving it. Performing this operation will let the broker" + "removes all producers, consumers, and connections using this namespace, and close all destinations (including" + "their persistent store). During that operation, the namespace is marked as tentatively unavailable until the" + "broker completes the unloading action. This operation requires strictly super user privileges, since it would" + "result in non-persistent message loss and unexpected connection closure to the clients.")
@ApiResponses(value = { @ApiResponse(code = 403, message = "Don't have admin permission"), @ApiResponse(code = 404, message = "Property or cluster or namespace doesn't exist"), @ApiResponse(code = 412, message = "Namespace is already unloaded or Namespace has bundles activated") })
public void unloadNamespace(@PathParam("property") String property, @PathParam("cluster") String cluster, @PathParam("namespace") String namespace) {
log.info("[{}] Unloading namespace {}/{}/{}", clientAppId(), property, cluster, namespace);
validateSuperUserAccess();
if (!cluster.equals(Namespaces.GLOBAL_CLUSTER)) {
validateClusterOwnership(cluster);
validateClusterForProperty(property, cluster);
}
Policies policies = getNamespacePolicies(property, cluster, namespace);
NamespaceName nsName = new NamespaceName(property, cluster, namespace);
List<String> boundaries = policies.bundles.getBoundaries();
for (int i = 0; i < boundaries.size() - 1; i++) {
String bundle = String.format("%s_%s", boundaries.get(i), boundaries.get(i + 1));
try {
pulsar().getAdminClient().namespaces().unloadNamespaceBundle(nsName.toString(), bundle);
} catch (PulsarServerException | PulsarAdminException e) {
log.error(String.format("[%s] Failed to unload namespace %s/%s/%s", clientAppId(), property, cluster, namespace), e);
throw new RestException(e);
}
}
log.info("[{}] Successfully unloaded all the bundles in namespace {}/{}/{}", clientAppId(), property, cluster, namespace);
}
use of com.yahoo.pulsar.common.policies.data.Policies in project pulsar by yahoo.
the class Namespaces method setNamespaceReplicationClusters.
@POST
@Path("/{property}/{cluster}/{namespace}/replication")
@ApiOperation(value = "Set the replication clusters for a namespace.")
@ApiResponses(value = { @ApiResponse(code = 403, message = "Don't have admin permission"), @ApiResponse(code = 404, message = "Property or cluster or namespace doesn't exist"), @ApiResponse(code = 412, message = "Namespace is not global or invalid cluster ids") })
public void setNamespaceReplicationClusters(@PathParam("property") String property, @PathParam("cluster") String cluster, @PathParam("namespace") String namespace, List<String> clusterIds) {
validateAdminAccessOnProperty(property);
validatePoliciesReadOnlyAccess();
if (!cluster.equals("global")) {
throw new RestException(Status.PRECONDITION_FAILED, "Cannot set replication on a non-global namespace");
}
if (clusterIds.contains("global")) {
throw new RestException(Status.PRECONDITION_FAILED, "Cannot specify global in the list of replication clusters");
}
Set<String> clusters = clusters();
for (String clusterId : clusterIds) {
if (!clusters.contains(clusterId)) {
throw new RestException(Status.FORBIDDEN, "Invalid cluster id: " + clusterId);
}
}
for (String clusterId : clusterIds) {
validateClusterForProperty(property, clusterId);
}
Entry<Policies, Stat> policiesNode = null;
NamespaceName nsName = new NamespaceName(property, cluster, namespace);
try {
// Force to read the data s.t. the watch to the cache content is setup.
policiesNode = policiesCache().getWithStat(path("policies", property, cluster, namespace)).orElseThrow(() -> new RestException(Status.NOT_FOUND, "Namespace " + nsName + " does not exist"));
policiesNode.getKey().replication_clusters = clusterIds;
// Write back the new policies into zookeeper
globalZk().setData(path("policies", property, cluster, namespace), jsonMapper().writeValueAsBytes(policiesNode.getKey()), policiesNode.getValue().getVersion());
policiesCache().invalidate(path("policies", property, cluster, namespace));
log.info("[{}] Successfully updated the replication clusters on namespace {}/{}/{}", clientAppId(), property, cluster, namespace);
} catch (KeeperException.NoNodeException e) {
log.warn("[{}] Failed to update the replication clusters for namespace {}/{}/{}: does not exist", clientAppId(), property, cluster, namespace);
throw new RestException(Status.NOT_FOUND, "Namespace does not exist");
} catch (KeeperException.BadVersionException e) {
log.warn("[{}] Failed to update the replication clusters on namespace {}/{}/{} expected policy node version={} : concurrent modification", clientAppId(), property, cluster, namespace, policiesNode.getValue().getVersion());
throw new RestException(Status.CONFLICT, "Concurrent modification");
} catch (Exception e) {
log.error("[{}] Failed to update the replication clusters on namespace {}/{}/{}", clientAppId(), property, cluster, namespace, e);
throw new RestException(e);
}
}
use of com.yahoo.pulsar.common.policies.data.Policies in project pulsar by yahoo.
the class Namespaces method revokePermissionsOnNamespace.
@DELETE
@Path("/{property}/{cluster}/{namespace}/permissions/{role}")
@ApiOperation(value = "Revoke all permissions to a role on a namespace.")
@ApiResponses(value = { @ApiResponse(code = 403, message = "Don't have admin permission"), @ApiResponse(code = 404, message = "Property or cluster or namespace doesn't exist") })
public void revokePermissionsOnNamespace(@PathParam("property") String property, @PathParam("cluster") String cluster, @PathParam("namespace") String namespace, @PathParam("role") String role) {
validateAdminAccessOnProperty(property);
validatePoliciesReadOnlyAccess();
try {
Stat nodeStat = new Stat();
byte[] content = globalZk().getData(path("policies", property, cluster, namespace), null, nodeStat);
Policies policies = jsonMapper().readValue(content, Policies.class);
policies.auth_policies.namespace_auth.remove(role);
// Write back the new policies into zookeeper
globalZk().setData(path("policies", property, cluster, namespace), jsonMapper().writeValueAsBytes(policies), nodeStat.getVersion());
policiesCache().invalidate(path("policies", property, cluster, namespace));
log.info("[{}] Successfully revoked access for role {} - namespace {}/{}/{}", clientAppId(), role, property, cluster, namespace);
} catch (KeeperException.NoNodeException e) {
log.warn("[{}] Failed to revoke permissions for namespace {}/{}/{}: does not exist", clientAppId(), property, cluster, namespace);
throw new RestException(Status.NOT_FOUND, "Namespace does not exist");
} catch (KeeperException.BadVersionException e) {
log.warn("[{}] Failed to revoke permissions on namespace {}/{}/{}: concurrent modification", clientAppId(), property, cluster, namespace);
throw new RestException(Status.CONFLICT, "Concurrent modification");
} catch (Exception e) {
log.error("[{}] Failed to revoke permissions on namespace {}/{}/{}", clientAppId(), property, cluster, namespace, e);
throw new RestException(e);
}
}
use of com.yahoo.pulsar.common.policies.data.Policies in project pulsar by yahoo.
the class Namespaces method getBundlesData.
@GET
@Path("/{property}/{cluster}/{namespace}/bundles")
@ApiOperation(value = "Get the bundles split data.")
@ApiResponses(value = { @ApiResponse(code = 403, message = "Don't have admin permission"), @ApiResponse(code = 404, message = "Property or cluster or namespace doesn't exist"), @ApiResponse(code = 412, message = "Namespace is not setup to split in bundles") })
public BundlesData getBundlesData(@PathParam("property") String property, @PathParam("cluster") String cluster, @PathParam("namespace") String namespace) {
validateAdminAccessOnProperty(property);
validatePoliciesReadOnlyAccess();
Policies policies = getNamespacePolicies(property, cluster, namespace);
return policies.bundles;
}
use of com.yahoo.pulsar.common.policies.data.Policies in project pulsar by yahoo.
the class Namespaces method getNamespaceReplicationClusters.
@GET
@Path("/{property}/{cluster}/{namespace}/replication")
@ApiOperation(value = "Get the replication clusters for a namespace.", response = String.class, responseContainer = "List")
@ApiResponses(value = { @ApiResponse(code = 403, message = "Don't have admin permission"), @ApiResponse(code = 404, message = "Property or cluster or namespace doesn't exist"), @ApiResponse(code = 412, message = "Namespace is not global") })
public List<String> getNamespaceReplicationClusters(@PathParam("property") String property, @PathParam("cluster") String cluster, @PathParam("namespace") String namespace) {
validateAdminAccessOnProperty(property);
if (!cluster.equals("global")) {
throw new RestException(Status.PRECONDITION_FAILED, "Cannot get the replication clusters for a non-global namespace");
}
Policies policies = getNamespacePolicies(property, cluster, namespace);
return policies.replication_clusters;
}
Aggregations