use of io.cdap.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class MetadataHttpHandler method addProperties.
@POST
@Path("/**/metadata/properties")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void addProperties(FullHttpRequest request, HttpResponder responder, @QueryParam("type") String type, @QueryParam("async") @DefaultValue("false") Boolean async) throws Exception {
MetadataEntity metadataEntity = getMetadataEntityFromPath(request.uri(), type, "/metadata/properties");
enforce(metadataEntity, StandardPermission.UPDATE);
metadataAdmin.addProperties(metadataEntity, readProperties(request), async ? ASYNC : SYNC);
responder.sendString(HttpResponseStatus.OK, String.format("Metadata properties for %s added successfully.", metadataEntity));
}
use of io.cdap.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class NamespacedExploreQueryExecutorHttpHandler method query.
@POST
@Path("data/explore/queries")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void query(FullHttpRequest request, HttpResponder responder, @PathParam("namespace-id") final String namespaceId) throws Exception {
try {
Map<String, String> args = decodeArguments(request);
final String query = args.get("query");
final Map<String, String> additionalSessionConf = new HashMap<>(args);
additionalSessionConf.remove("query");
LOG.trace("Received query: {}", query);
QueryHandle queryHandle = impersonator.doAs(new NamespaceId(namespaceId), new Callable<QueryHandle>() {
@Override
public QueryHandle call() throws Exception {
return exploreService.execute(new NamespaceId(namespaceId), query, additionalSessionConf);
}
}, ImpersonatedOpType.EXPLORE);
responder.sendJson(HttpResponseStatus.OK, GSON.toJson(queryHandle));
} catch (IllegalArgumentException e) {
LOG.debug("Got exception:", e);
responder.sendString(HttpResponseStatus.BAD_REQUEST, e.getMessage());
} catch (SQLException e) {
LOG.debug("Got exception:", e);
responder.sendString(HttpResponseStatus.BAD_REQUEST, String.format("[SQLState %s] %s", e.getSQLState(), e.getMessage()));
}
}
use of io.cdap.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class ExploreExecutorHttpHandler method updateDataset.
/**
* Enable ad-hoc exploration of a dataset instance.
*/
@POST
@Path("datasets/{dataset}/update")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void updateDataset(FullHttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespace, @PathParam("dataset") String datasetName) throws BadRequestException {
final DatasetId datasetId = new DatasetId(namespace, datasetName);
try {
UpdateExploreParameters params = readUpdateParameters(request);
final DatasetSpecification oldSpec = params.getOldSpec();
final DatasetSpecification datasetSpec = params.getNewSpec();
QueryHandle handle;
if (oldSpec.equals(datasetSpec)) {
handle = QueryHandle.NO_OP;
} else {
handle = impersonator.doAs(datasetId, new Callable<QueryHandle>() {
@Override
public QueryHandle call() throws Exception {
return exploreTableManager.updateDataset(datasetId, datasetSpec, oldSpec);
}
});
}
JsonObject json = new JsonObject();
json.addProperty("handle", handle.getHandle());
responder.sendJson(HttpResponseStatus.OK, json.toString());
} catch (IllegalArgumentException e) {
responder.sendString(HttpResponseStatus.BAD_REQUEST, e.getMessage());
} catch (ExploreException e) {
responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, "Error updating explore on dataset " + datasetId);
} catch (SQLException e) {
responder.sendString(HttpResponseStatus.BAD_REQUEST, "SQL exception while trying to update explore on dataset " + datasetId);
} catch (UnsupportedTypeException e) {
responder.sendString(HttpResponseStatus.BAD_REQUEST, "Schema for dataset " + datasetId + " is not supported for exploration: " + e.getMessage());
} catch (Throwable e) {
LOG.error("Got exception:", e);
responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, e.getMessage());
}
}
use of io.cdap.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class AppLifecycleHttpHandler method upgradeApplications.
/**
* Upgrades a lis of existing application to use latest version of application artifact and plugin artifacts.
*
* <pre>
* {@code
* [
* {"name":"XYZ"},
* {"name":"ABC"},
* {"name":"FOO"},
* ]
* }
* </pre>
* The response will be an array of {@link ApplicationUpdateDetail} object, which either indicates a success (200) or
* failure for each of the requested application in the same order as the request. The failure also indicates reason
* for the error. The response will be sent via ChunkResponder to continuously stream upgrade result per application.
*/
@POST
@Path("/upgrade")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void upgradeApplications(FullHttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId, @QueryParam("artifactScope") Set<String> artifactScopes, @QueryParam("allowSnapshot") boolean allowSnapshot) throws Exception {
// TODO: (CDAP-16910) Improve batch API performance as each application upgrade is an event independent of each
// other.
List<ApplicationId> appIds = decodeAndValidateBatchApplicationRecord(validateNamespace(namespaceId), request);
Set<ArtifactScope> allowedArtifactScopes = getArtifactScopes(artifactScopes);
try (ChunkResponder chunkResponder = responder.sendChunkStart(HttpResponseStatus.OK)) {
ByteArrayOutputStream outputStream = new ByteArrayOutputStream();
try (JsonWriter jsonWriter = new JsonWriter(new OutputStreamWriter(outputStream, StandardCharsets.UTF_8))) {
jsonWriter.beginArray();
for (ApplicationId appId : appIds) {
ApplicationUpdateDetail updateDetail;
try {
applicationLifecycleService.upgradeApplication(appId, allowedArtifactScopes, allowSnapshot);
updateDetail = new ApplicationUpdateDetail(appId);
} catch (UnsupportedOperationException e) {
String errorMessage = String.format("Application %s does not support upgrade.", appId);
updateDetail = new ApplicationUpdateDetail(appId, new NotImplementedException(errorMessage));
} catch (InvalidArtifactException | NotFoundException e) {
updateDetail = new ApplicationUpdateDetail(appId, e);
} catch (Exception e) {
updateDetail = new ApplicationUpdateDetail(appId, new ServiceException("Upgrade failed due to internal error.", e, HttpResponseStatus.INTERNAL_SERVER_ERROR));
LOG.error("Application upgrade failed with exception", e);
}
GSON.toJson(updateDetail, ApplicationUpdateDetail.class, jsonWriter);
jsonWriter.flush();
chunkResponder.sendChunk(Unpooled.wrappedBuffer(outputStream.toByteArray()));
outputStream.reset();
chunkResponder.flush();
}
jsonWriter.endArray();
}
chunkResponder.sendChunk(Unpooled.wrappedBuffer(outputStream.toByteArray()));
}
}
use of io.cdap.cdap.common.security.AuditPolicy in project cdap by caskdata.
the class ArtifactHttpHandler method writeProperty.
@PUT
@Path("/namespaces/{namespace-id}/artifacts/{artifact-name}/versions/{artifact-version}/properties/{property}")
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void writeProperty(FullHttpRequest request, HttpResponder responder, @PathParam("namespace-id") String namespaceId, @PathParam("artifact-name") String artifactName, @PathParam("artifact-version") String artifactVersion, @PathParam("property") String key) throws Exception {
NamespaceId namespace = NamespaceId.SYSTEM.getNamespace().equalsIgnoreCase(namespaceId) ? NamespaceId.SYSTEM : validateAndGetNamespace(namespaceId);
ArtifactId artifactId = validateAndGetArtifactId(namespace, artifactName, artifactVersion);
String value = request.content().toString(StandardCharsets.UTF_8);
if (value == null) {
responder.sendStatus(HttpResponseStatus.OK);
return;
}
try {
artifactRepository.writeArtifactProperty(Id.Artifact.fromEntityId(artifactId), key, value);
responder.sendStatus(HttpResponseStatus.OK);
} catch (IOException e) {
LOG.error("Exception writing properties for artifact {}.", artifactId, e);
responder.sendString(HttpResponseStatus.INTERNAL_SERVER_ERROR, "Error writing property to artifact.");
}
}
Aggregations