use of javax.ws.rs.core.SecurityContext in project pravega by pravega.
the class StreamMetadataResourceImpl method listReaderGroups.
@Override
public void listReaderGroups(final String scopeName, final SecurityContext securityContext, final AsyncResponse asyncResponse) {
long traceId = LoggerHelpers.traceEnter(log, "listReaderGroups");
long requestId = requestIdGenerator.nextLong();
try {
restAuthHelper.authenticateAuthorize(getAuthorizationHeader(), authorizationResource.ofReaderGroupsInScope(scopeName), READ);
} catch (AuthException e) {
log.warn(requestId, "Get reader groups for {} failed due to authentication failure.", scopeName);
asyncResponse.resume(Response.status(Status.fromStatusCode(e.getResponseCode())).build());
LoggerHelpers.traceLeave(log, "listReaderGroups", traceId);
return;
}
// Each reader group is represented by a stream within the mentioned scope.
controllerService.listStreamsInScope(scopeName, requestId).thenApply(streamsList -> {
ReaderGroupsList readerGroups = new ReaderGroupsList();
streamsList.forEach((stream, config) -> {
if (stream.startsWith(READER_GROUP_STREAM_PREFIX)) {
ReaderGroupsListReaderGroups readerGroup = new ReaderGroupsListReaderGroups();
readerGroup.setReaderGroupName(stream.substring(READER_GROUP_STREAM_PREFIX.length()));
readerGroups.addReaderGroupsItem(readerGroup);
}
});
log.info(requestId, "Successfully fetched readerGroups for scope: {}", scopeName);
return Response.status(Status.OK).entity(readerGroups).build();
}).exceptionally(exception -> {
if (exception.getCause() instanceof StoreException.DataNotFoundException || exception instanceof StoreException.DataNotFoundException) {
log.warn(requestId, "Scope name: {} not found", scopeName);
return Response.status(Status.NOT_FOUND).build();
} else {
log.warn(requestId, "listReaderGroups for {} failed with exception: ", scopeName, exception);
return Response.status(Status.INTERNAL_SERVER_ERROR).build();
}
}).thenApply(asyncResponse::resume).thenAccept(x -> LoggerHelpers.traceLeave(log, "listReaderGroups", traceId));
}
use of javax.ws.rs.core.SecurityContext in project tomee by apache.
the class AppComposerContextInjectionTest method jaxrs.
@Test
public void jaxrs() throws NamingException {
assertNotNull(provider);
assertNull(provider.find(SecurityContext.class));
final SecurityContext securityContext = new SecurityContext() {
@Override
public Principal getUserPrincipal() {
return null;
}
@Override
public boolean isUserInRole(final String s) {
return "foo".equals(s);
}
@Override
public boolean isSecure() {
return false;
}
@Override
public String getAuthenticationScheme() {
return null;
}
};
provider.register(SecurityContext.class, securityContext);
assertNotNull(provider.find(SecurityContext.class));
assertTrue(SecurityContext.class.cast(ThreadLocalContextManager.findThreadLocal(SecurityContext.class)).isUserInRole("foo"));
assertFalse(SecurityContext.class.cast(ThreadLocalContextManager.findThreadLocal(SecurityContext.class)).isUserInRole("bar"));
}
use of javax.ws.rs.core.SecurityContext in project indy by Commonjava.
the class DeprecatedStoreAdminHandler method store.
/*
* (non-Javadoc)
* @see org.commonjava.indy.core.rest.admin.DeployPointAdminResource#store(java.lang.String)
*/
@ApiOperation("Update an existing store")
@ApiResponses({ @ApiResponse(code = 200, message = "The store was updated"), @ApiResponse(code = 400, message = "The store specified in the body JSON didn't match the URL parameters") })
@ApiImplicitParams({ @ApiImplicitParam(allowMultiple = false, paramType = "body", name = "body", required = true, dataType = "org.commonjava.indy.model.core.ArtifactStore", value = "The artifact store definition JSON") })
@Path("/{name}")
@PUT
@Consumes(ApplicationContent.application_json)
public Response store(@ApiParam(allowableValues = "hosted,group,remote", required = true) @PathParam("type") final String type, @ApiParam(required = true) @PathParam("name") final String name, @Context final HttpServletRequest request, @Context final SecurityContext securityContext) {
String altPath = Paths.get(MavenPackageTypeDescriptor.MAVEN_ADMIN_REST_BASE_PATH, type, name).toString();
Consumer<Response.ResponseBuilder> modifier = (rb) -> responseHelper.markDeprecated(rb, altPath);
final StoreType st = StoreType.get(type);
Response response = null;
String json = null;
try {
json = IOUtils.toString(request.getInputStream());
json = objectMapper.patchLegacyStoreJson(json);
} catch (final IOException e) {
final String message = "Failed to read " + st.getStoreClass().getSimpleName() + " from request body.";
logger.error(message, e);
response = responseHelper.formatResponse(e, message, modifier);
}
if (response != null) {
return response;
}
ArtifactStore store = null;
try {
store = objectMapper.readValue(json, st.getStoreClass());
} catch (final IOException e) {
final String message = "Failed to parse " + st.getStoreClass().getSimpleName() + " from request body.";
logger.error(message, e);
response = responseHelper.formatResponse(e, message, modifier);
}
if (response != null) {
return response;
}
if (!name.equals(store.getName())) {
response = responseHelper.markDeprecated(Response.status(Status.BAD_REQUEST).entity(String.format("Store in URL path is: '%s' but in JSON it is: '%s'", name, store.getName())), altPath).build();
}
try {
String user = securityManager.getUser(securityContext, request);
logger.info("Storing: {}", store);
if (adminController.store(store, user, false)) {
response = responseHelper.markDeprecated(ok(), altPath).build();
} else {
logger.warn("{} NOT modified!", store);
response = responseHelper.markDeprecated(notModified(), altPath).build();
}
} catch (final IndyWorkflowException e) {
logger.error(e.getMessage(), e);
response = responseHelper.formatResponse(e, modifier);
}
return response;
}
use of javax.ws.rs.core.SecurityContext in project indy by Commonjava.
the class DeprecatedStoreAdminHandler method delete.
@ApiOperation("Delete an artifact store")
@ApiResponses({ @ApiResponse(code = 204, response = ArtifactStore.class, message = "The store was deleted (or didn't exist in the first place)") })
@Path("/{name}")
@DELETE
public Response delete(@ApiParam(allowableValues = "hosted,group,remote", required = true) @PathParam("type") final String type, @ApiParam(required = true) @PathParam("name") final String name, @Context final HttpServletRequest request, @Context final SecurityContext securityContext) {
String altPath = Paths.get(MavenPackageTypeDescriptor.MAVEN_ADMIN_REST_BASE_PATH, type, name).toString();
Consumer<Response.ResponseBuilder> modifier = (rb) -> responseHelper.markDeprecated(rb, altPath);
final StoreType st = StoreType.get(type);
final StoreKey key = new StoreKey(st, name);
logger.info("Deleting: {}", key);
Response response;
try {
String summary = null;
try {
summary = IOUtils.toString(request.getInputStream());
} catch (final IOException e) {
// no problem, try to get the summary from a header instead.
logger.info("store-deletion change summary not in request body, checking headers.");
}
if (isEmpty(summary)) {
summary = request.getHeader(METADATA_CHANGELOG);
}
if (isEmpty(summary)) {
summary = "Changelog not provided";
}
String user = securityManager.getUser(securityContext, request);
adminController.delete(key, user, summary, false);
response = responseHelper.markDeprecated(noContent(), altPath).build();
} catch (final IndyWorkflowException e) {
logger.error(e.getMessage(), e);
response = responseHelper.formatResponse(e, modifier);
}
return response;
}
use of javax.ws.rs.core.SecurityContext in project indy by Commonjava.
the class DeprecatedStoreAdminHandler method create.
@ApiOperation("Create a new store")
@ApiResponses({ @ApiResponse(code = 201, response = ArtifactStore.class, message = "The store was created"), @ApiResponse(code = 409, message = "A store with the specified type and name already exists") })
@ApiImplicitParams({ @ApiImplicitParam(allowMultiple = false, paramType = "body", name = "body", required = true, dataType = "org.commonjava.indy.model.core.ArtifactStore", value = "The artifact store definition JSON") })
@POST
@Consumes(ApplicationContent.application_json)
@Produces(ApplicationContent.application_json)
public Response create(@ApiParam(allowableValues = "hosted,group,remote", required = true) @PathParam("type") final String type, @Context final UriInfo uriInfo, @Context final HttpServletRequest request, @Context final SecurityContext securityContext) {
String altPath = Paths.get(MavenPackageTypeDescriptor.MAVEN_ADMIN_REST_BASE_PATH, type).toString();
Consumer<Response.ResponseBuilder> modifier = (rb) -> responseHelper.markDeprecated(rb, altPath);
final StoreType st = StoreType.get(type);
Response response = null;
String json = null;
try {
json = IOUtils.toString(request.getInputStream());
json = objectMapper.patchLegacyStoreJson(json);
} catch (final IOException e) {
final String message = "Failed to read " + st.getStoreClass().getSimpleName() + " from request body.";
logger.error(message, e);
response = responseHelper.formatResponse(e, message, modifier);
}
if (response != null) {
return response;
}
ArtifactStore store = null;
try {
store = objectMapper.readValue(json, st.getStoreClass());
} catch (final IOException e) {
final String message = "Failed to parse " + st.getStoreClass().getSimpleName() + " from request body.";
logger.error(message, e);
response = responseHelper.formatResponse(e, message, modifier);
}
if (response != null) {
return response;
}
logger.info("\n\nGot artifact store: {}\n\n", store);
try {
String user = securityManager.getUser(securityContext, request);
if (adminController.store(store, user, false)) {
final URI uri = uriInfo.getBaseUriBuilder().path(getClass()).path(store.getName()).build(store.getKey().getType().singularEndpointName());
response = responseHelper.formatCreatedResponseWithJsonEntity(uri, store, modifier);
} else {
response = responseHelper.markDeprecated(status(CONFLICT).entity("{\"error\": \"Store already exists.\"}").type(application_json), altPath).build();
}
} catch (final IndyWorkflowException e) {
logger.error(e.getMessage(), e);
response = responseHelper.formatResponse(e, modifier);
}
return response;
}
Aggregations