use of io.hops.hopsworks.persistence.entity.user.Users in project hopsworks by logicalclocks.
the class ModelsResource method put.
@ApiOperation(value = "Create or update a model", response = ModelDTO.class)
@PUT
@Path("{id}")
@Produces(MediaType.APPLICATION_JSON)
@Consumes(MediaType.APPLICATION_JSON)
@AllowedProjectRoles({ AllowedProjectRoles.DATA_OWNER, AllowedProjectRoles.DATA_SCIENTIST })
@JWTRequired(acceptedTokens = { Audience.API, Audience.JOB }, allowedUserRoles = { "HOPS_ADMIN", "HOPS_USER" })
@ApiKeyRequired(acceptedScopes = { ApiScope.MODELREGISTRY }, allowedUserRoles = { "HOPS_ADMIN", "HOPS_USER" })
public Response put(@PathParam("id") String id, ModelDTO modelDTO, @QueryParam("jobName") String jobName, @QueryParam("kernelId") String kernelId, @Context HttpServletRequest req, @Context UriInfo uriInfo, @Context SecurityContext sc) throws DatasetException, ModelRegistryException, JobException, ServiceException, PythonException, MetadataException, GenericException, ProjectException {
if (modelDTO == null) {
throw new IllegalArgumentException("Model summary not provided");
}
modelUtils.validateModelName(modelDTO);
Users user = jwtHelper.getUserPrincipal(sc);
Project modelProject = modelUtils.getModelsProjectAndCheckAccess(modelDTO, userProject);
Project experimentProject = modelUtils.getExperimentProjectAndCheckAccess(modelDTO, userProject);
ModelsController.Accessor accessor = modelUtils.getModelsAccessor(user, userProject, modelProject, experimentProject);
try {
return modelUtils.createModel(uriInfo, accessor, id, modelDTO, jobName, kernelId);
} finally {
dfs.closeDfsClient(accessor.udfso);
}
}
use of io.hops.hopsworks.persistence.entity.user.Users in project hopsworks by logicalclocks.
the class ModelsResource method deleteTag.
@ApiOperation(value = "Delete tag attached to a model")
@DELETE
@Path("/{id}/tags/{name}")
@Produces(MediaType.APPLICATION_JSON)
@AllowedProjectRoles({ AllowedProjectRoles.DATA_SCIENTIST, AllowedProjectRoles.DATA_OWNER })
@JWTRequired(acceptedTokens = { Audience.API, Audience.JOB }, allowedUserRoles = { "HOPS_ADMIN", "HOPS_USER" })
@ApiKeyRequired(acceptedScopes = { ApiScope.MODELREGISTRY }, allowedUserRoles = { "HOPS_ADMIN", "HOPS_USER" })
public Response deleteTag(@Context SecurityContext sc, @ApiParam(value = "Id of the model", required = true) @PathParam("id") String id, @ApiParam(value = "Name of the tag", required = true) @PathParam("name") String name) throws DatasetException, MetadataException, ProvenanceException, ModelRegistryException {
Users user = jwtHelper.getUserPrincipal(sc);
ProvStateDTO fileState = modelsController.getModel(modelRegistryProject, id);
ModelDTO model = modelUtils.convertProvenanceHitToModel(fileState);
tagController.delete(userProject, user, modelUtils.getModelFullPath(modelRegistryProject, model.getName(), model.getVersion()), name);
return Response.noContent().build();
}
use of io.hops.hopsworks.persistence.entity.user.Users in project hopsworks by logicalclocks.
the class JupyterService method getGitStatusOfJupyterRepo.
@GET
@Path("/git/status")
@Produces(MediaType.APPLICATION_JSON)
@AllowedProjectRoles({ AllowedProjectRoles.DATA_OWNER, AllowedProjectRoles.DATA_SCIENTIST })
@JWTRequired(acceptedTokens = { Audience.API }, allowedUserRoles = { "HOPS_ADMIN", "HOPS_USER" })
public Response getGitStatusOfJupyterRepo(@Context SecurityContext sc) throws ProjectException, ServiceException {
Users user = jWTHelper.getUserPrincipal(sc);
String projectUser = hdfsUsersController.getHdfsUserName(project, user);
JupyterProject jupyterProject = jupyterFacade.findByUser(projectUser);
if (jupyterProject == null) {
throw new ProjectException(RESTCodes.ProjectErrorCode.JUPYTER_SERVER_NOT_FOUND, Level.FINE, "Could not found Jupyter server", "Could not found Jupyter server for Hopsworks user: " + projectUser);
}
if (!jupyterManager.ping(jupyterProject)) {
throw new ServiceException(RESTCodes.ServiceErrorCode.JUPYTER_SERVERS_NOT_RUNNING, Level.FINE, "Jupyter server is not running", "Jupyter server for Hopsworks user: " + projectUser + " is not running");
}
JupyterSettings jupyterSettings = jupyterSettingsFacade.findByProjectUser(project, user.getEmail());
RepositoryStatus status = NullJupyterNbVCSController.EMPTY_REPOSITORY_STATUS;
if (jupyterSettings.isGitBackend()) {
status = jupyterNbVCSController.status(jupyterProject, jupyterSettings);
}
return Response.ok(status).build();
}
use of io.hops.hopsworks.persistence.entity.user.Users in project hopsworks by logicalclocks.
the class JupyterService method settings.
/**
* Get livy session Yarn AppId
*
* @param sc
* @return
*/
@GET
@Path("/settings")
@Produces(MediaType.APPLICATION_JSON)
@AllowedProjectRoles({ AllowedProjectRoles.DATA_OWNER, AllowedProjectRoles.DATA_SCIENTIST })
@JWTRequired(acceptedTokens = { Audience.API }, allowedUserRoles = { "HOPS_ADMIN", "HOPS_USER" })
public Response settings(@Context SecurityContext sc) {
Users user = jWTHelper.getUserPrincipal(sc);
JupyterSettings js = jupyterSettingsFacade.findByProjectUser(project, user.getEmail());
if (settings.isPythonKernelEnabled()) {
js.setPrivateDir(settings.getStagingDir() + Settings.PRIVATE_DIRS + js.getSecret());
}
js.setGitAvailable(jupyterNbVCSController.isGitAvailable());
js.setMode(JupyterMode.JUPYTER_LAB);
return noCacheResponse.getNoCacheResponseBuilder(Response.Status.OK).entity(js).build();
}
use of io.hops.hopsworks.persistence.entity.user.Users in project hopsworks by logicalclocks.
the class JupyterService method startNotebookServer.
@POST
@Path("/start")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@AllowedProjectRoles({ AllowedProjectRoles.DATA_OWNER, AllowedProjectRoles.DATA_SCIENTIST })
@JWTRequired(acceptedTokens = { Audience.API }, allowedUserRoles = { "HOPS_ADMIN", "HOPS_USER" })
public Response startNotebookServer(JupyterSettings jupyterSettings, @Context HttpServletRequest req, @Context SecurityContext sc, @Context UriInfo uriInfo) throws ProjectException, HopsSecurityException, ServiceException, GenericException, JobException {
Users hopsworksUser = jWTHelper.getUserPrincipal(sc);
String hdfsUser = hdfsUsersController.getHdfsUserName(project, hopsworksUser);
// from in the front-end
if (jupyterSettings.getUsers() == null) {
jupyterSettings.setUsers(hopsworksUser);
}
if (project.getPaymentType().equals(PaymentType.PREPAID)) {
YarnProjectsQuota projectQuota = yarnProjectsQuotaFacade.findByProjectName(project.getName());
if (projectQuota == null || projectQuota.getQuotaRemaining() <= 0) {
throw new ProjectException(RESTCodes.ProjectErrorCode.PROJECT_QUOTA_ERROR, Level.FINE);
}
}
if (project.getPythonEnvironment() == null) {
throw new ProjectException(RESTCodes.ProjectErrorCode.ANACONDA_NOT_ENABLED, Level.FINE);
}
if (jupyterSettings.getMode() == null) {
// set default mode for jupyter if mode is null
jupyterSettings.setMode(JupyterMode.JUPYTER_LAB);
}
// Jupyter Git works only for JupyterLab
if (jupyterSettings.isGitBackend() && jupyterSettings.getMode().equals(JupyterMode.JUPYTER_CLASSIC)) {
throw new ServiceException(RESTCodes.ServiceErrorCode.JUPYTER_START_ERROR, Level.FINE, "Git support available only in JupyterLab");
}
// Do not allow auto push on shutdown if api key is missing
GitConfig gitConfig = jupyterSettings.getGitConfig();
if (jupyterSettings.isGitBackend() && gitConfig.getShutdownAutoPush() && Strings.isNullOrEmpty(gitConfig.getApiKeyName())) {
throw new ServiceException(RESTCodes.ServiceErrorCode.JUPYTER_START_ERROR, Level.FINE, "Auto push not supported if api key is not configured.");
}
// Verify that API token has got write access on the repo if ShutdownAutoPush is enabled
if (jupyterSettings.isGitBackend() && gitConfig.getShutdownAutoPush() && !jupyterNbVCSController.hasWriteAccess(hopsworksUser, gitConfig.getApiKeyName(), gitConfig.getRemoteGitURL(), gitConfig.getGitBackend())) {
throw new ServiceException(RESTCodes.ServiceErrorCode.JUPYTER_START_ERROR, Level.FINE, "API token " + gitConfig.getApiKeyName() + " does not have write access on " + gitConfig.getRemoteGitURL());
}
JupyterProject jp = jupyterFacade.findByUser(hdfsUser);
if (jp == null) {
HdfsUsers user = hdfsUsersFacade.findByName(hdfsUser);
String configSecret = DigestUtils.sha256Hex(Integer.toString(ThreadLocalRandom.current().nextInt()));
JupyterDTO dto = null;
DistributedFileSystemOps dfso = dfsService.getDfsOps();
String allowOriginHost = uriInfo.getBaseUri().getHost();
int allowOriginPort = uriInfo.getBaseUri().getPort();
String allowOriginPortStr = allowOriginPort != -1 ? ":" + allowOriginPort : "";
String allowOrigin = settings.getJupyterOriginScheme() + "://" + allowOriginHost + allowOriginPortStr;
try {
jupyterSettingsFacade.update(jupyterSettings);
// Inspect dependencies
sparkController.inspectDependencies(project, hopsworksUser, (SparkJobConfiguration) jupyterSettings.getJobConfig());
dto = jupyterManager.startJupyterServer(project, configSecret, hdfsUser, hopsworksUser, jupyterSettings, allowOrigin);
jupyterJWTManager.materializeJWT(hopsworksUser, project, jupyterSettings, dto.getCid(), dto.getPort(), JUPYTER_JWT_AUD);
HopsUtils.materializeCertificatesForUserCustomDir(project.getName(), user.getUsername(), settings.getHdfsTmpCertDir(), dfso, certificateMaterializer, settings, dto.getCertificatesDir());
jupyterManager.waitForStartup(project, hopsworksUser);
} catch (ServiceException | TimeoutException ex) {
if (dto != null) {
jupyterController.shutdownQuietly(project, hdfsUser, hopsworksUser, configSecret, dto.getCid(), dto.getPort());
}
throw new ServiceException(RESTCodes.ServiceErrorCode.JUPYTER_START_ERROR, Level.SEVERE, ex.getMessage(), null, ex);
} catch (IOException ex) {
if (dto != null) {
jupyterController.shutdownQuietly(project, hdfsUser, hopsworksUser, configSecret, dto.getCid(), dto.getPort());
}
throw new HopsSecurityException(RESTCodes.SecurityErrorCode.CERT_MATERIALIZATION_ERROR, Level.SEVERE, ex.getMessage(), null, ex);
} finally {
if (dfso != null) {
dfsService.closeDfsClient(dfso);
}
}
String externalIp = Ip.getHost(req.getRequestURL().toString());
try {
Date expirationDate = new Date();
Calendar cal = Calendar.getInstance();
cal.setTime(expirationDate);
cal.add(Calendar.HOUR_OF_DAY, jupyterSettings.getShutdownLevel());
expirationDate = cal.getTime();
jp = jupyterFacade.saveServer(externalIp, project, configSecret, dto.getPort(), user.getId(), dto.getToken(), dto.getCid(), expirationDate, jupyterSettings.isNoLimit());
// set minutes left until notebook server is killed
Duration durationLeft = Duration.between(new Date().toInstant(), jp.getExpires().toInstant());
jp.setMinutesUntilExpiration(durationLeft.toMinutes());
} catch (Exception e) {
LOGGER.log(Level.SEVERE, "Failed to save Jupyter notebook settings", e);
jupyterController.shutdownQuietly(project, hdfsUser, hopsworksUser, configSecret, dto.getCid(), dto.getPort());
}
if (jp == null) {
throw new ServiceException(RESTCodes.ServiceErrorCode.JUPYTER_SAVE_SETTINGS_ERROR, Level.SEVERE);
}
if (jupyterSettings.isGitBackend()) {
try {
// Init is idempotent, calling it on an already initialized repo won't affect it
jupyterNbVCSController.init(jp, jupyterSettings);
if (jupyterSettings.getGitConfig().getStartupAutoPull()) {
jupyterNbVCSController.pull(jp, jupyterSettings);
}
} catch (ServiceException ex) {
jupyterController.shutdownQuietly(project, hdfsUser, hopsworksUser, configSecret, dto.getCid(), dto.getPort());
throw ex;
}
}
} else {
throw new ServiceException(RESTCodes.ServiceErrorCode.JUPYTER_SERVER_ALREADY_RUNNING, Level.FINE);
}
return noCacheResponse.getNoCacheResponseBuilder(Response.Status.OK).entity(jp).build();
}
Aggregations