use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.
the class ProjectsAdmin method createProjectAsUser.
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Path("/projects/createas")
public Response createProjectAsUser(@Context HttpServletRequest request, @Context SecurityContext sc, ProjectDTO projectDTO) throws DatasetException, GenericException, KafkaException, ProjectException, UserException, ServiceException, HopsSecurityException, FeaturestoreException, OpenSearchException, SchemaException, IOException {
Users user = jWTHelper.getUserPrincipal(sc);
if (user == null) {
throw new UserException(RESTCodes.UserErrorCode.AUTHENTICATION_FAILURE, Level.WARNING, "Unauthorized or unknown user tried to create a Project as another user");
}
String username = projectDTO.getOwner();
if (username == null) {
LOGGER.log(Level.WARNING, "Owner username is null");
throw new IllegalArgumentException("Owner email cannot be null");
}
Users owner = userFacade.findByUsername(username);
if (owner == null) {
throw new UserException(RESTCodes.UserErrorCode.USER_DOES_NOT_EXIST, Level.FINE, "user:" + username);
}
projectController.createProject(projectDTO, owner, request.getSession().getId());
RESTApiJsonResponse response = new RESTApiJsonResponse();
response.setSuccessMessage(ResponseMessages.PROJECT_CREATED);
return noCacheResponse.getNoCacheResponseBuilder(Response.Status.CREATED).entity(response).build();
}
use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.
the class FeaturestoreSnowflakeConnectorController method updateSecret.
private Secret updateSecret(Users user, FeaturestoreSnowflakeConnectorDTO featurestoreSnowflakeConnectorDTO, FeaturestoreSnowflakeConnector snowflakeConnector) throws UserException, ProjectException {
String secret;
Secret existingSecret = getSecret(snowflakeConnector);
secretsController.checkCanAccessSecret(existingSecret, user);
if (!Strings.isNullOrEmpty(featurestoreSnowflakeConnectorDTO.getPassword())) {
secret = featurestoreSnowflakeConnectorDTO.getPassword();
} else {
secret = featurestoreSnowflakeConnectorDTO.getToken();
}
try {
existingSecret.setSecret(secretsController.encryptSecret(secret));
} catch (IOException | GeneralSecurityException e) {
throw new UserException(RESTCodes.UserErrorCode.SECRET_ENCRYPTION_ERROR, Level.SEVERE, "Error encrypting secret", "Could not encrypt Secret " + existingSecret.getId().getName(), e);
}
return existingSecret;
}
use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.
the class StorageConnectorUtil method getSecret.
public <T> T getSecret(Secret secret, Class<T> valueType) throws FeaturestoreException {
T secretClass = null;
if (secret != null) {
try {
Users owner = userFacade.find(secret.getId().getUid());
// check if the calling user is part of the project with the shared feature store is done in feature store
// service, so we can get the secret here with owner/owner
SecretPlaintext plainText = secretsController.getShared(owner, owner, secret.getId().getName());
if (valueType == String.class) {
secretClass = (T) plainText.getPlaintext();
} else {
secretClass = objectMapper.readValue(plainText.getPlaintext(), valueType);
}
} catch (UserException | IOException | ServiceException | ProjectException e) {
throw new FeaturestoreException(RESTCodes.FeaturestoreErrorCode.STORAGE_CONNECTOR_GET_ERROR, Level.FINE, "Unable to retrieve Secret " + secret.getId().getName() + " for this storage connector.", e.getMessage());
}
}
return secretClass;
}
use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.
the class FeaturestoreS3ConnectorController method updateSecret.
private Secret updateSecret(Users user, FeaturestoreS3ConnectorDTO featurestoreS3ConnectorDTO, Featurestore featurestore, FeaturestoreS3Connector featurestoreS3Connector) throws UserException, FeaturestoreException, ProjectException {
Secret secret = featurestoreS3Connector.getSecret();
if (secret != null) {
secretsController.checkCanAccessSecret(secret, user);
}
if (secret == null && keysNotNullOrEmpty(featurestoreS3ConnectorDTO)) {
verifyS3ConnectorAccessKey(featurestoreS3ConnectorDTO.getAccessKey());
verifyS3ConnectorSecretKey(featurestoreS3ConnectorDTO.getSecretKey());
setSecret(user, featurestoreS3ConnectorDTO, featurestoreS3Connector, featurestore);
} else if (keysNotNullOrEmpty(featurestoreS3ConnectorDTO)) {
try {
verifyS3ConnectorAccessKey(featurestoreS3ConnectorDTO.getAccessKey());
verifyS3ConnectorSecretKey(featurestoreS3ConnectorDTO.getSecretKey());
String jsonSecretString = createS3AccessAndSecretKeysSecret(featurestoreS3ConnectorDTO.getAccessKey(), featurestoreS3ConnectorDTO.getSecretKey());
secret.setSecret(secretsController.encryptSecret(jsonSecretString));
} catch (IOException | GeneralSecurityException e) {
throw new UserException(RESTCodes.UserErrorCode.SECRET_ENCRYPTION_ERROR, Level.SEVERE, "Error encrypting secret", "Could not encrypt Secret " + secret.getId().getName(), e);
}
} else {
featurestoreS3Connector.setSecret(null);
// Secret can't be removed here b/c of ON DELETE RESTRICT
}
return secret;
}
use of io.hops.hopsworks.exceptions.UserException in project hopsworks by logicalclocks.
the class ApiKeyResource method getScopes.
@GET
@Path("scopes")
@Produces(MediaType.APPLICATION_JSON)
@ApiOperation(value = "Get all api key scopes.")
@JWTRequired(acceptedTokens = { Audience.API }, allowedUserRoles = { "HOPS_ADMIN", "HOPS_USER" })
public Response getScopes(@Context SecurityContext sc) throws UserException {
Users user = jwtHelper.getUserPrincipal(sc);
if (user == null) {
throw new UserException(RESTCodes.UserErrorCode.USER_WAS_NOT_FOUND, Level.FINE);
}
Set<ApiScope> scopes = getScopesForUser(user);
GenericEntity<Set<ApiScope>> scopeEntity = new GenericEntity<Set<ApiScope>>(scopes) {
};
return Response.ok().entity(scopeEntity).build();
}
Aggregations