Examples with Policies com.yahoo.pulsar.common.policies.data.Policies used on opensource projects

Search in sources :

Example 16 with Policies

use of com.yahoo.pulsar.common.policies.data.Policies in project pulsar by yahoo.

the class Namespaces method setBacklogQuota.

@POST
@Path("/{property}/{cluster}/{namespace}/backlogQuota")
@ApiOperation(value = " Set a backlog quota for all the destinations on a namespace.")
@ApiResponses(value = { @ApiResponse(code = 403, message = "Don't have admin permission"), @ApiResponse(code = 404, message = "Namespace does not exist"), @ApiResponse(code = 409, message = "Concurrent modification"), @ApiResponse(code = 412, message = "Specified backlog quota exceeds retention quota. Increase retention quota and retry request") })
public void setBacklogQuota(@PathParam("property") String property, @PathParam("cluster") String cluster, @PathParam("namespace") String namespace, @QueryParam("backlogQuotaType") BacklogQuotaType backlogQuotaType, BacklogQuota backlogQuota) {
    validateAdminAccessOnProperty(property);
    validatePoliciesReadOnlyAccess();
    if (backlogQuotaType == null) {
        backlogQuotaType = BacklogQuotaType.destination_storage;
    }
    try {
        Stat nodeStat = new Stat();
        final String path = path("policies", property, cluster, namespace);
        byte[] content = globalZk().getData(path, null, nodeStat);
        Policies policies = jsonMapper().readValue(content, Policies.class);
        RetentionPolicies r = policies.retention_policies;
        if (r != null) {
            Policies p = new Policies();
            p.backlog_quota_map.put(backlogQuotaType, backlogQuota);
            if (!checkQuotas(p, r)) {
                log.warn("[{}] Failed to update backlog configuration for namespace {}/{}/{}: conflicts with retention quota", clientAppId(), property, cluster, namespace);
                throw new RestException(Status.PRECONDITION_FAILED, "Backlog Quota exceeds configured retention quota for namespace. Please increase retention quota and retry");
            }
        }
        policies.backlog_quota_map.put(backlogQuotaType, backlogQuota);
        globalZk().setData(path, jsonMapper().writeValueAsBytes(policies), nodeStat.getVersion());
        policiesCache().invalidate(path("policies", property, cluster, namespace));
        log.info("[{}] Successfully updated backlog quota map: namespace={}/{}/{}, map={}", clientAppId(), property, cluster, namespace, jsonMapper().writeValueAsString(policies.backlog_quota_map));
    } catch (KeeperException.NoNodeException e) {
        log.warn("[{}] Failed to update backlog quota map for namespace {}/{}/{}: does not exist", clientAppId(), property, cluster, namespace);
        throw new RestException(Status.NOT_FOUND, "Namespace does not exist");
    } catch (KeeperException.BadVersionException e) {
        log.warn("[{}] Failed to update backlog quota map for namespace {}/{}/{}: concurrent modification", clientAppId(), property, cluster, namespace);
        throw new RestException(Status.CONFLICT, "Concurrent modification");
    } catch (RestException pfe) {
        throw pfe;
    } catch (Exception e) {
        log.error("[{}] Failed to update backlog quota map for namespace {}/{}/{}", clientAppId(), property, cluster, namespace, e);
        throw new RestException(e);
    }
}
Also used : RetentionPolicies(com.yahoo.pulsar.common.policies.data.RetentionPolicies) Stat(org.apache.zookeeper.data.Stat) Policies(com.yahoo.pulsar.common.policies.data.Policies) PersistencePolicies(com.yahoo.pulsar.common.policies.data.PersistencePolicies) RetentionPolicies(com.yahoo.pulsar.common.policies.data.RetentionPolicies) NoNodeException(org.apache.zookeeper.KeeperException.NoNodeException) RestException(com.yahoo.pulsar.broker.web.RestException) KeeperException(org.apache.zookeeper.KeeperException) RestException(com.yahoo.pulsar.broker.web.RestException) WebApplicationException(javax.ws.rs.WebApplicationException) SubscriptionBusyException(com.yahoo.pulsar.broker.service.BrokerServiceException.SubscriptionBusyException) KeeperException(org.apache.zookeeper.KeeperException) PulsarAdminException(com.yahoo.pulsar.client.admin.PulsarAdminException) NoNodeException(org.apache.zookeeper.KeeperException.NoNodeException) PulsarServerException(com.yahoo.pulsar.broker.PulsarServerException) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 17 with Policies

use of com.yahoo.pulsar.common.policies.data.Policies in project pulsar by yahoo.

the class PersistentTopics method revokePermissionsOnDestination.

@DELETE
@Path("/{property}/{cluster}/{namespace}/{destination}/permissions/{role}")
@ApiOperation(value = "Revoke permissions on a destination.", notes = "Revoke permissions to a role on a single destination. If the permission was not set at the destination" + "level, but rather at the namespace level, this operation will return an error (HTTP status code 412).")
@ApiResponses(value = { @ApiResponse(code = 403, message = "Don't have admin permission"), @ApiResponse(code = 404, message = "Namespace doesn't exist"), @ApiResponse(code = 412, message = "Permissions are not set at the destination level") })
public void revokePermissionsOnDestination(@PathParam("property") String property, @PathParam("cluster") String cluster, @PathParam("namespace") String namespace, @PathParam("destination") @Encoded String destination, @PathParam("role") String role) {
    destination = decode(destination);
    // This operation should be reading from zookeeper and it should be allowed without having admin privileges
    validateAdminAccessOnProperty(property);
    validatePoliciesReadOnlyAccess();
    String destinationUri = DestinationName.get(domain(), property, cluster, namespace, destination).toString();
    Stat nodeStat = new Stat();
    Policies policies;
    try {
        byte[] content = globalZk().getData(path("policies", property, cluster, namespace), null, nodeStat);
        policies = jsonMapper().readValue(content, Policies.class);
    } catch (KeeperException.NoNodeException e) {
        log.warn("[{}] Failed to revoke permissions on destination {}: Namespace does not exist", clientAppId(), destinationUri);
        throw new RestException(Status.NOT_FOUND, "Namespace does not exist");
    } catch (Exception e) {
        log.error("[{}] Failed to revoke permissions for destination {}", clientAppId(), destinationUri, e);
        throw new RestException(e);
    }
    if (!policies.auth_policies.destination_auth.containsKey(destinationUri) || !policies.auth_policies.destination_auth.get(destinationUri).containsKey(role)) {
        log.warn("[{}] Failed to revoke permission from role {} on destination: Not set at destination level", clientAppId(), role, destinationUri);
        throw new RestException(Status.PRECONDITION_FAILED, "Permissions are not set at the destination level");
    }
    policies.auth_policies.destination_auth.get(destinationUri).remove(role);
    try {
        // Write the new policies to zookeeper
        String namespacePath = path("policies", property, cluster, namespace);
        globalZk().setData(namespacePath, jsonMapper().writeValueAsBytes(policies), nodeStat.getVersion());
        // invalidate the local cache to force update
        policiesCache().invalidate(namespacePath);
        globalZkCache().invalidate(namespacePath);
        log.info("[{}] Successfully revoke access for role {} - destination {}", clientAppId(), role, destinationUri);
    } catch (Exception e) {
        log.error("[{}] Failed to revoke permissions for destination {}", clientAppId(), destinationUri, e);
        throw new RestException(e);
    }
}
Also used : Stat(org.apache.zookeeper.data.Stat) Policies(com.yahoo.pulsar.common.policies.data.Policies) AuthPolicies(com.yahoo.pulsar.common.policies.data.AuthPolicies) RestException(com.yahoo.pulsar.broker.web.RestException) KeeperException(org.apache.zookeeper.KeeperException) RestException(com.yahoo.pulsar.broker.web.RestException) TopicBusyException(com.yahoo.pulsar.broker.service.BrokerServiceException.TopicBusyException) WebApplicationException(javax.ws.rs.WebApplicationException) PulsarClientException(com.yahoo.pulsar.client.api.PulsarClientException) PreconditionFailedException(com.yahoo.pulsar.client.admin.PulsarAdminException.PreconditionFailedException) SubscriptionBusyException(com.yahoo.pulsar.broker.service.BrokerServiceException.SubscriptionBusyException) NotFoundException(com.yahoo.pulsar.client.admin.PulsarAdminException.NotFoundException) NotAllowedException(com.yahoo.pulsar.broker.service.BrokerServiceException.NotAllowedException) KeeperException(org.apache.zookeeper.KeeperException) IOException(java.io.IOException) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 18 with Policies

use of com.yahoo.pulsar.common.policies.data.Policies in project pulsar by yahoo.

the class ResourceQuotas method removeNamespaceBundleResourceQuota.

@DELETE
@Path("/{property}/{cluster}/{namespace}/{bundle}")
@ApiOperation(value = "Remove resource quota for a namespace.")
@ApiResponses(value = { @ApiResponse(code = 403, message = "Don't have admin permission"), @ApiResponse(code = 409, message = "Concurrent modification") })
public void removeNamespaceBundleResourceQuota(@PathParam("property") String property, @PathParam("cluster") String cluster, @PathParam("namespace") String namespace, @PathParam("bundle") String bundleRange) {
    validateSuperUserAccess();
    validatePoliciesReadOnlyAccess();
    Policies policies = getNamespacePolicies(property, cluster, namespace);
    if (!cluster.equals(Namespaces.GLOBAL_CLUSTER)) {
        validateClusterOwnership(cluster);
        validateClusterForProperty(property, cluster);
    }
    NamespaceName fqnn = new NamespaceName(property, cluster, namespace);
    NamespaceBundle nsBundle = validateNamespaceBundleRange(fqnn, policies.bundles, bundleRange);
    try {
        pulsar().getLocalZkCacheService().getResourceQuotaCache().unsetQuota(nsBundle);
        log.info("[{}] Successfully unset resource quota for namespace bundle {}", clientAppId(), nsBundle.toString());
    } catch (KeeperException.NoNodeException e) {
        log.warn("[{}] Failed to unset resource quota for namespace bundle {}: concurrent modification", clientAppId(), nsBundle.toString());
        throw new RestException(Status.CONFLICT, "Cuncurrent modification on namespace bundle quota");
    } catch (Exception e) {
        log.error("[{}] Failed to unset resource quota for namespace bundle {}", clientAppId(), nsBundle.toString());
        throw new RestException(e);
    }
}
Also used : NamespaceBundle(com.yahoo.pulsar.common.naming.NamespaceBundle) NamespaceName(com.yahoo.pulsar.common.naming.NamespaceName) Policies(com.yahoo.pulsar.common.policies.data.Policies) RestException(com.yahoo.pulsar.broker.web.RestException) KeeperException(org.apache.zookeeper.KeeperException) RestException(com.yahoo.pulsar.broker.web.RestException) KeeperException(org.apache.zookeeper.KeeperException) Path(javax.ws.rs.Path) DELETE(javax.ws.rs.DELETE) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Example 19 with Policies

use of com.yahoo.pulsar.common.policies.data.Policies in project pulsar by yahoo.

the class Namespaces method unloadNamespaceBundle.

@PUT
@Path("/{property}/{cluster}/{namespace}/{bundle}/unload")
@ApiOperation(value = "Unload a namespace bundle")
@ApiResponses(value = { @ApiResponse(code = 403, message = "Don't have admin permission") })
public void unloadNamespaceBundle(@PathParam("property") String property, @PathParam("cluster") String cluster, @PathParam("namespace") String namespace, @PathParam("bundle") String bundleRange, @QueryParam("authoritative") @DefaultValue("false") boolean authoritative) {
    log.info("[{}] Unloading namespace bundle {}/{}/{}/{}", clientAppId(), property, cluster, namespace, bundleRange);
    validateSuperUserAccess();
    Policies policies = getNamespacePolicies(property, cluster, namespace);
    if (!cluster.equals(Namespaces.GLOBAL_CLUSTER)) {
        validateClusterOwnership(cluster);
        validateClusterForProperty(property, cluster);
    }
    NamespaceName fqnn = new NamespaceName(property, cluster, namespace);
    validatePoliciesReadOnlyAccess();
    NamespaceBundle nsBundle = validateNamespaceBundleOwnership(fqnn, policies.bundles, bundleRange, authoritative, true);
    try {
        pulsar().getNamespaceService().unloadNamespaceBundle(nsBundle);
        log.info("[{}] Successfully unloaded namespace bundle {}", clientAppId(), nsBundle.toString());
    } catch (Exception e) {
        log.error("[{}] Failed to unload namespace bundle {}/{}", clientAppId(), fqnn.toString(), bundleRange, e);
        throw new RestException(e);
    }
}
Also used : NamespaceBundle(com.yahoo.pulsar.common.naming.NamespaceBundle) NamespaceName(com.yahoo.pulsar.common.naming.NamespaceName) Policies(com.yahoo.pulsar.common.policies.data.Policies) PersistencePolicies(com.yahoo.pulsar.common.policies.data.PersistencePolicies) RetentionPolicies(com.yahoo.pulsar.common.policies.data.RetentionPolicies) RestException(com.yahoo.pulsar.broker.web.RestException) RestException(com.yahoo.pulsar.broker.web.RestException) WebApplicationException(javax.ws.rs.WebApplicationException) SubscriptionBusyException(com.yahoo.pulsar.broker.service.BrokerServiceException.SubscriptionBusyException) KeeperException(org.apache.zookeeper.KeeperException) PulsarAdminException(com.yahoo.pulsar.client.admin.PulsarAdminException) NoNodeException(org.apache.zookeeper.KeeperException.NoNodeException) PulsarServerException(com.yahoo.pulsar.broker.PulsarServerException) Path(javax.ws.rs.Path) ApiOperation(io.swagger.annotations.ApiOperation) PUT(javax.ws.rs.PUT) ApiResponses(io.swagger.annotations.ApiResponses)

Example 20 with Policies

use of com.yahoo.pulsar.common.policies.data.Policies in project pulsar by yahoo.

the class Namespaces method unsubscribeNamespaceBundle.

@POST
@Path("/{property}/{cluster}/{namespace}/{bundle}/unsubscribe/{subscription}")
@ApiOperation(value = "Unsubscribes the given subscription on all destinations on a namespace bundle.")
@ApiResponses(value = { @ApiResponse(code = 403, message = "Don't have admin permission"), @ApiResponse(code = 404, message = "Namespace does not exist") })
public void unsubscribeNamespaceBundle(@PathParam("property") String property, @PathParam("cluster") String cluster, @PathParam("namespace") String namespace, @PathParam("subscription") String subscription, @PathParam("bundle") String bundleRange, @QueryParam("authoritative") @DefaultValue("false") boolean authoritative) {
    validateAdminAccessOnProperty(property);
    Policies policies = getNamespacePolicies(property, cluster, namespace);
    if (!cluster.equals(Namespaces.GLOBAL_CLUSTER)) {
        validateClusterOwnership(cluster);
        validateClusterForProperty(property, cluster);
    }
    NamespaceName nsName = new NamespaceName(property, cluster, namespace);
    validateNamespaceBundleOwnership(nsName, policies.bundles, bundleRange, authoritative, true);
    unsubscribe(nsName, bundleRange, subscription);
    log.info("[{}] Successfully unsubscribed {} on namespace bundle {}/{}", clientAppId(), subscription, nsName.toString(), bundleRange);
}
Also used : NamespaceName(com.yahoo.pulsar.common.naming.NamespaceName) Policies(com.yahoo.pulsar.common.policies.data.Policies) PersistencePolicies(com.yahoo.pulsar.common.policies.data.PersistencePolicies) RetentionPolicies(com.yahoo.pulsar.common.policies.data.RetentionPolicies) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) ApiOperation(io.swagger.annotations.ApiOperation) ApiResponses(io.swagger.annotations.ApiResponses)

Aggregations

Policies (com.yahoo.pulsar.common.policies.data.Policies)49 ApiOperation (io.swagger.annotations.ApiOperation)30 ApiResponses (io.swagger.annotations.ApiResponses)30 Path (javax.ws.rs.Path)30 RetentionPolicies (com.yahoo.pulsar.common.policies.data.RetentionPolicies)27 PersistencePolicies (com.yahoo.pulsar.common.policies.data.PersistencePolicies)26 KeeperException (org.apache.zookeeper.KeeperException)25 RestException (com.yahoo.pulsar.broker.web.RestException)24 SubscriptionBusyException (com.yahoo.pulsar.broker.service.BrokerServiceException.SubscriptionBusyException)19 NamespaceName (com.yahoo.pulsar.common.naming.NamespaceName)18 WebApplicationException (javax.ws.rs.WebApplicationException)17 PulsarServerException (com.yahoo.pulsar.broker.PulsarServerException)16 PulsarAdminException (com.yahoo.pulsar.client.admin.PulsarAdminException)15 NamespaceBundle (com.yahoo.pulsar.common.naming.NamespaceBundle)13 NoNodeException (org.apache.zookeeper.KeeperException.NoNodeException)13 Stat (org.apache.zookeeper.data.Stat)13 POST (javax.ws.rs.POST)11 GET (javax.ws.rs.GET)9 Test (org.testng.annotations.Test)9 DestinationName (com.yahoo.pulsar.common.naming.DestinationName)8
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial