Examples with TenantId com.yahoo.vespa.hosted.controller.api.identifiers.TenantId used on opensource projects

Example 6 with TenantId

use of com.yahoo.vespa.hosted.controller.api.identifiers.TenantId in project vespa by vespa-engine.

the class ApplicationApiHandler method createTenant.

private HttpResponse createTenant(String tenantName, HttpRequest request) {
    if (new TenantId(tenantName).isUser())
        return ErrorResponse.badRequest("Use User API to create user tenants.");
    Inspector requestData = toSlime(request.getData()).get();
    Tenant tenant = new Tenant(new TenantId(tenantName), optional("property", requestData).map(Property::new), optional("athensDomain", requestData).map(AthenzDomain::new), optional("propertyId", requestData).map(PropertyId::new));
    if (tenant.isAthensTenant())
        throwIfNotAthenzDomainAdmin(new AthenzDomain(mandatory("athensDomain", requestData).asString()), request);
    NToken token = getUserPrincipal(request).getNToken().orElseThrow(() -> new IllegalArgumentException("Could not create " + tenant + ": No NToken provided"));
    controller.tenants().createAthenzTenant(tenant, token);
    return tenant(tenant, request, true);
}

Example 7 with TenantId

use of com.yahoo.vespa.hosted.controller.api.identifiers.TenantId in project vespa by vespa-engine.

the class ApplicationApiHandler method updateTenant.

private HttpResponse updateTenant(String tenantName, HttpRequest request) {
    Optional<Tenant> existingTenant = controller.tenants().tenant(new TenantId(tenantName));
    if (!existingTenant.isPresent())
        return ErrorResponse.notFoundError("Tenant '" + tenantName + "' does not exist");
    ;
    Inspector requestData = toSlime(request.getData()).get();
    Tenant updatedTenant;
    switch(existingTenant.get().tenantType()) {
        case USER:
            {
                throw new BadRequestException("Cannot set property or OpsDB user group for user tenant");
            }
        case ATHENS:
            {
                updatedTenant = Tenant.createAthensTenant(new TenantId(tenantName), new AthenzDomain(mandatory("athensDomain", requestData).asString()), new Property(mandatory("property", requestData).asString()), optional("propertyId", requestData).map(PropertyId::new));
                controller.tenants().updateTenant(updatedTenant, getUserPrincipal(request).getNToken());
                break;
            }
        default:
            {
                throw new BadRequestException("Unknown tenant type: " + existingTenant.get().tenantType());
            }
    }
    return tenant(updatedTenant, request, true);
}

Example 8 with TenantId

use of com.yahoo.vespa.hosted.controller.api.identifiers.TenantId in project vespa by vespa-engine.

the class ApplicationApiHandler method verifyApplicationIdentityConfiguration.

private void verifyApplicationIdentityConfiguration(String tenantName, Optional<ApplicationPackage> applicationPackage) {
    // Validate that domain in identity configuration (deployment.xml) is same as tenant domain
    applicationPackage.map(ApplicationPackage::deploymentSpec).flatMap(DeploymentSpec::athenzDomain).ifPresent(identityDomain -> {
        Tenant tenant = controller.tenants().tenant(new TenantId(tenantName)).orElseThrow(() -> new IllegalArgumentException("Tenant does not exist"));
        AthenzDomain tenantDomain = tenant.getAthensDomain().orElseThrow(() -> new IllegalArgumentException("Identity provider only available to Athenz onboarded tenants"));
        if (!Objects.equals(tenantDomain.getName(), identityDomain.value())) {
            throw new ForbiddenException(String.format("Athenz domain in deployment.xml: [%s] must match tenant domain: [%s]", identityDomain.value(), tenantDomain.getName()));
        }
    });
}

Example 9 with TenantId

use of com.yahoo.vespa.hosted.controller.api.identifiers.TenantId in project vespa by vespa-engine.

the class ApplicationApiHandler method deleteTenant.

private HttpResponse deleteTenant(String tenantName, HttpRequest request) {
    Optional<Tenant> tenant = controller.tenants().tenant(new TenantId(tenantName));
    // NOTE: The Jersey implementation would silently ignore this
    if (!tenant.isPresent())
        return ErrorResponse.notFoundError("Could not delete tenant '" + tenantName + "': Tenant not found");
    controller.tenants().deleteTenant(new TenantId(tenantName), getUserPrincipal(request).getNToken());
    // TODO: Change to a message response saying the tenant was deleted
    return tenant(tenant.get(), request, false);
}

Example 10 with TenantId

use of com.yahoo.vespa.hosted.controller.api.identifiers.TenantId in project vespa by vespa-engine.

the class ApplicationController method createApplication.

/**
 * Creates a new application for an existing tenant.
 *
 * @throws IllegalArgumentException if the application already exists
 */
public Application createApplication(ApplicationId id, Optional<NToken> token) {
    if (// TODO: Support instances properly
    !(id.instance().isDefault() || id.instance().value().matches("\\d+")))
        throw new UnsupportedOperationException("Only the instance names 'default' and names which are just the PR number are supported at the moment");
    try (Lock lock = lock(id)) {
        // Validate only application names which do not already exist.
        if (asList(id.tenant()).stream().noneMatch(application -> application.id().application().equals(id.application())))
            com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId.validate(id.application().value());
        Optional<Tenant> tenant = controller.tenants().tenant(new TenantId(id.tenant().value()));
        if (!tenant.isPresent())
            throw new IllegalArgumentException("Could not create '" + id + "': This tenant does not exist");
        if (get(id).isPresent())
            throw new IllegalArgumentException("Could not create '" + id + "': Application already exists");
        if (// VESPA-1945
        get(dashToUnderscore(id)).isPresent())
            throw new IllegalArgumentException("Could not create '" + id + "': Application " + dashToUnderscore(id) + " already exists");
        if (id.instance().isDefault() && tenant.get().isAthensTenant()) {
            // Only create the athens application for "default" instances.
            if (!token.isPresent())
                throw new IllegalArgumentException("Could not create '" + id + "': No NToken provided");
            ZmsClient zmsClient = zmsClientFactory.createZmsClientWithAuthorizedServiceToken(token.get());
            zmsClient.addApplication(tenant.get().getAthensDomain().get(), new com.yahoo.vespa.hosted.controller.api.identifiers.ApplicationId(id.application().value()));
        }
        LockedApplication application = new LockedApplication(new Application(id), lock);
        store(application);
        log.info("Created " + application);
        return application;
    }
}