Search in sources :

Example 1 with AuditPolicy

use of io.cdap.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class MetadataHttpHandler method addProperties.

@POST
@Path("/**/metadata/properties")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void addProperties(FullHttpRequest request, HttpResponder responder, @QueryParam("type") String type, @QueryParam("async") @DefaultValue("false") Boolean async) throws Exception {
    MetadataEntity metadataEntity = getMetadataEntityFromPath(request.uri(), type, "/metadata/properties");
    enforce(metadataEntity, StandardPermission.UPDATE);
    metadataAdmin.addProperties(metadataEntity, readProperties(request), async ? ASYNC : SYNC);
    responder.sendString(HttpResponseStatus.OK, String.format("Metadata properties for %s added successfully.", metadataEntity));
}
Also used : MetadataEntity(io.cdap.cdap.api.metadata.MetadataEntity) Path(javax.ws.rs.Path) AuditPolicy(io.cdap.cdap.common.security.AuditPolicy) POST(javax.ws.rs.POST)

Example 2 with AuditPolicy

use of io.cdap.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class NamespacedExploreQueryExecutorHttpHandler method query.

@POST
@Path("data/explore/queries")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void query(FullHttpRequest request, HttpResponder responder, @PathParam("namespace-id") final String namespaceId) throws Exception {
    try {
        Map<String, String> args = decodeArguments(request);
        final String query = args.get("query");
        final Map<String, String> additionalSessionConf = new HashMap<>(args);
        additionalSessionConf.remove("query");
        LOG.trace("Received query: {}", query);
        QueryHandle queryHandle = impersonator.doAs(new NamespaceId(namespaceId), new Callable<QueryHandle>() {

            @Override
            public QueryHandle call() throws Exception {
                return exploreService.execute(new NamespaceId(namespaceId), query, additionalSessionConf);
            }
        }, ImpersonatedOpType.EXPLORE);
        responder.sendJson(HttpResponseStatus.OK, GSON.toJson(queryHandle));
    } catch (IllegalArgumentException e) {
        LOG.debug("Got exception:", e);
        responder.sendString(HttpResponseStatus.BAD_REQUEST, e.getMessage());
    } catch (SQLException e) {
        LOG.debug("Got exception:", e);
        responder.sendString(HttpResponseStatus.BAD_REQUEST, String.format("[SQLState %s] %s", e.getSQLState(), e.getMessage()));
    }
}
Also used : HashMap(java.util.HashMap) SQLException(java.sql.SQLException) NamespaceId(io.cdap.cdap.proto.id.NamespaceId) QueryHandle(io.cdap.cdap.proto.QueryHandle) ExploreException(io.cdap.cdap.explore.service.ExploreException) SQLException(java.sql.SQLException) Path(javax.ws.rs.Path) AuditPolicy(io.cdap.cdap.common.security.AuditPolicy) POST(javax.ws.rs.POST)

Example 3 with AuditPolicy

use of io.cdap.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class ExploreExecutorHttpHandler method updateDataset.

/**
 * Enable ad-hoc exploration of a dataset instance.
 */
@POST
@Path("datasets/{dataset}/update")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void updateDataset(FullHttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespace, @PathParam("dataset") String datasetName) throws BadRequestException {
    final DatasetId datasetId = new DatasetId(namespace, datasetName);
    try {
        UpdateExploreParameters params = readUpdateParameters(request);
        final DatasetSpecification oldSpec = params.getOldSpec();
        final DatasetSpecification datasetSpec = params.getNewSpec();
        QueryHandle handle;
        if (oldSpec.equals(datasetSpec)) {
            handle = QueryHandle.NO_OP;
        } else {
            handle = impersonator.doAs(datasetId, new Callable<QueryHandle>() {

                @Override
                public QueryHandle call() throws Exception {
                    return exploreTableManager.updateDataset(datasetId, datasetSpec, oldSpec);
                }
            });
        }
        JsonObject json = new JsonObject();
        json.addProperty("handle", handle.getHandle());
        responder.sendJson(HttpResponseStatus.OK, json.toString());
    } catch (IllegalArgumentException e) {
        responder.sendString(HttpResponseStatus.BAD_REQUEST, e.getMessage());
    } catch (ExploreException e) {
        responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, "Error updating explore on dataset " + datasetId);
    } catch (SQLException e) {
        responder.sendString(HttpResponseStatus.BAD_REQUEST, "SQL exception while trying to update explore on dataset " + datasetId);
    } catch (UnsupportedTypeException e) {
        responder.sendString(HttpResponseStatus.BAD_REQUEST, "Schema for dataset " + datasetId + " is not supported for exploration: " + e.getMessage());
    } catch (Throwable e) {
        LOG.error("Got exception:", e);
        responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, e.getMessage());
    }
}
Also used : UpdateExploreParameters(io.cdap.cdap.explore.client.UpdateExploreParameters) SQLException(java.sql.SQLException) DatasetSpecification(io.cdap.cdap.api.dataset.DatasetSpecification) JsonObject(com.google.gson.JsonObject) UnsupportedTypeException(io.cdap.cdap.api.data.schema.UnsupportedTypeException) QueryHandle(io.cdap.cdap.proto.QueryHandle) Callable(java.util.concurrent.Callable) DatasetId(io.cdap.cdap.proto.id.DatasetId) ExploreException(io.cdap.cdap.explore.service.ExploreException) Path(javax.ws.rs.Path) AuditPolicy(io.cdap.cdap.common.security.AuditPolicy) POST(javax.ws.rs.POST)

Example 4 with AuditPolicy

use of io.cdap.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class AppLifecycleHttpHandler method upgradeApplications.

/**
 * Upgrades a lis of existing application to use latest version of application artifact and plugin artifacts.
 *
 * <pre>
 * {@code
 * [
 *   {"name":"XYZ"},
 *   {"name":"ABC"},
 *   {"name":"FOO"},
 * ]
 * }
 * </pre>
 * The response will be an array of {@link ApplicationUpdateDetail} object, which either indicates a success (200) or
 * failure for each of the requested application in the same order as the request. The failure also indicates reason
 * for the error. The response will be sent via ChunkResponder to continuously stream upgrade result per application.
 */
@POST
@Path("/upgrade")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void upgradeApplications(FullHttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId, @QueryParam("artifactScope") Set<String> artifactScopes, @QueryParam("allowSnapshot") boolean allowSnapshot) throws Exception {
    // TODO: (CDAP-16910) Improve batch API performance as each application upgrade is an event independent of each
    // other.
    List<ApplicationId> appIds = decodeAndValidateBatchApplicationRecord(validateNamespace(namespaceId), request);
    Set<ArtifactScope> allowedArtifactScopes = getArtifactScopes(artifactScopes);
    try (ChunkResponder chunkResponder = responder.sendChunkStart(HttpResponseStatus.OK)) {
        ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
        try (JsonWriter jsonWriter = new JsonWriter(new OutputStreamWriter(outputStream, StandardCharsets.UTF_8))) {
            jsonWriter.beginArray();
            for (ApplicationId appId : appIds) {
                ApplicationUpdateDetail updateDetail;
                try {
                    applicationLifecycleService.upgradeApplication(appId, allowedArtifactScopes, allowSnapshot);
                    updateDetail = new ApplicationUpdateDetail(appId);
                } catch (UnsupportedOperationException e) {
                    String errorMessage = String.format("Application %s does not support upgrade.", appId);
                    updateDetail = new ApplicationUpdateDetail(appId, new NotImplementedException(errorMessage));
                } catch (InvalidArtifactException | NotFoundException e) {
                    updateDetail = new ApplicationUpdateDetail(appId, e);
                } catch (Exception e) {
                    updateDetail = new ApplicationUpdateDetail(appId, new ServiceException("Upgrade failed due to internal error.", e, HttpResponseStatus.INTERNAL_SERVER_ERROR));
                    LOG.error("Application upgrade failed with exception", e);
                }
                GSON.toJson(updateDetail, ApplicationUpdateDetail.class, jsonWriter);
                jsonWriter.flush();
                chunkResponder.sendChunk(Unpooled.wrappedBuffer(outputStream.toByteArray()));
                outputStream.reset();
                chunkResponder.flush();
            }
            jsonWriter.endArray();
        }
        chunkResponder.sendChunk(Unpooled.wrappedBuffer(outputStream.toByteArray()));
    }
}
Also used : NotImplementedException(io.cdap.cdap.common.NotImplementedException) ApplicationNotFoundException(io.cdap.cdap.common.ApplicationNotFoundException) NamespaceNotFoundException(io.cdap.cdap.common.NamespaceNotFoundException) NotFoundException(io.cdap.cdap.common.NotFoundException) ArtifactNotFoundException(io.cdap.cdap.common.ArtifactNotFoundException) ByteArrayOutputStream(java.io.ByteArrayOutputStream) JsonWriter(com.google.gson.stream.JsonWriter) ApplicationNotFoundException(io.cdap.cdap.common.ApplicationNotFoundException) UnauthorizedException(io.cdap.cdap.security.spi.authorization.UnauthorizedException) NamespaceNotFoundException(io.cdap.cdap.common.NamespaceNotFoundException) WriteConflictException(io.cdap.cdap.internal.app.runtime.artifact.WriteConflictException) DatasetManagementException(io.cdap.cdap.api.dataset.DatasetManagementException) IOException(java.io.IOException) ConflictException(io.cdap.cdap.common.ConflictException) NotImplementedException(io.cdap.cdap.common.NotImplementedException) ExecutionException(java.util.concurrent.ExecutionException) AccessException(io.cdap.cdap.api.security.AccessException) InvalidArtifactException(io.cdap.cdap.common.InvalidArtifactException) ArtifactAlreadyExistsException(io.cdap.cdap.common.ArtifactAlreadyExistsException) NotFoundException(io.cdap.cdap.common.NotFoundException) ServiceException(io.cdap.cdap.common.ServiceException) JsonSyntaxException(com.google.gson.JsonSyntaxException) BadRequestException(io.cdap.cdap.common.BadRequestException) ArtifactNotFoundException(io.cdap.cdap.common.ArtifactNotFoundException) ArtifactScope(io.cdap.cdap.api.artifact.ArtifactScope) ApplicationUpdateDetail(io.cdap.cdap.proto.ApplicationUpdateDetail) ServiceException(io.cdap.cdap.common.ServiceException) OutputStreamWriter(java.io.OutputStreamWriter) ApplicationId(io.cdap.cdap.proto.id.ApplicationId) ChunkResponder(io.cdap.http.ChunkResponder) InvalidArtifactException(io.cdap.cdap.common.InvalidArtifactException) Path(javax.ws.rs.Path) AuditPolicy(io.cdap.cdap.common.security.AuditPolicy) POST(javax.ws.rs.POST)

Example 5 with AuditPolicy

use of io.cdap.cdap.common.security.AuditPolicy in project cdap by caskdata.

the class ArtifactHttpHandler method writeProperty.

@PUT
@Path("/namespaces/{namespace-id}/artifacts/{artifact-name}/versions/{artifact-version}/properties/{property}")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void writeProperty(FullHttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId, @PathParam("artifact-name") String artifactName, @PathParam("artifact-version") String artifactVersion, @PathParam("property") String key) throws Exception {
    NamespaceId namespace = NamespaceId.SYSTEM.getNamespace().equalsIgnoreCase(namespaceId) ? NamespaceId.SYSTEM : validateAndGetNamespace(namespaceId);
    ArtifactId artifactId = validateAndGetArtifactId(namespace, artifactName, artifactVersion);
    String value = request.content().toString(StandardCharsets.UTF_8);
    if (value == null) {
        responder.sendStatus(HttpResponseStatus.OK);
        return;
    }
    try {
        artifactRepository.writeArtifactProperty(Id.Artifact.fromEntityId(artifactId), key, value);
        responder.sendStatus(HttpResponseStatus.OK);
    } catch (IOException e) {
        LOG.error("Exception writing properties for artifact {}.", artifactId, e);
        responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, "Error writing property to artifact.");
    }
}
Also used : ArtifactId(io.cdap.cdap.proto.id.ArtifactId) NamespaceId(io.cdap.cdap.proto.id.NamespaceId) IOException(java.io.IOException) Path(javax.ws.rs.Path) AuditPolicy(io.cdap.cdap.common.security.AuditPolicy) PUT(javax.ws.rs.PUT)

Aggregations

AuditPolicy (io.cdap.cdap.common.security.AuditPolicy)31 Path (javax.ws.rs.Path)31 PUT (javax.ws.rs.PUT)18 POST (javax.ws.rs.POST)14 BadRequestException (io.cdap.cdap.common.BadRequestException)12 JsonSyntaxException (com.google.gson.JsonSyntaxException)10 NamespaceId (io.cdap.cdap.proto.id.NamespaceId)9 IOException (java.io.IOException)9 ApplicationId (io.cdap.cdap.proto.id.ApplicationId)8 ProgramId (io.cdap.cdap.proto.id.ProgramId)8 NamespaceNotFoundException (io.cdap.cdap.common.NamespaceNotFoundException)6 NotFoundException (io.cdap.cdap.common.NotFoundException)6 ConflictException (io.cdap.cdap.common.ConflictException)5 UnauthorizedException (io.cdap.cdap.security.spi.authorization.UnauthorizedException)5 NotImplementedException (io.cdap.cdap.common.NotImplementedException)4 Constraint (io.cdap.cdap.internal.schedule.constraint.Constraint)4 ArrayList (java.util.ArrayList)4 JsonObject (com.google.gson.JsonObject)3 ApplicationSpecification (io.cdap.cdap.api.app.ApplicationSpecification)3 ByteBufInputStream (io.netty.buffer.ByteBufInputStream)3