Example 1 with SecretRetrievalCursor
use of keywhiz.api.model.SecretRetrievalCursor in project keywhiz by square.
the class SecretControllerTest method getAllSecretsWithCursor.
/**
* Get all secrets matching the given criteria, using the cursor. (This verifies that even if
* the cursor's implementation changes slightly, the underlying behavior remains the same).
*
* @param expireMaxTime the maximum expiration time to return
* @param limit the maximum number of records to return per batch
* @return a list of secrets matching the criteria above
*/
private List<SanitizedSecretWithGroups> getAllSecretsWithCursor(Long expireMaxTime, Integer limit) {
List<SanitizedSecretWithGroups> allRetrievedSecrets = new ArrayList<>();
SecretRetrievalCursor cursor = null;
do {
SanitizedSecretWithGroupsListAndCursor retrievedSecretsAndCursor = secretController.getSanitizedSecretsWithGroupsAndCursor(null, expireMaxTime, limit, cursor);
cursor = retrievedSecretsAndCursor.decodedCursor();
List<SanitizedSecretWithGroups> secrets = retrievedSecretsAndCursor.secrets();
assertThat(secrets).isNotNull();
if (limit != null) {
assertThat(secrets.size()).isLessThanOrEqualTo(limit);
}
allRetrievedSecrets.addAll(secrets);
} while (cursor != null);
return allRetrievedSecrets;
}
Also used :
SanitizedSecretWithGroupsListAndCursor(keywhiz.api.model.SanitizedSecretWithGroupsListAndCursor)
SanitizedSecretWithGroups(keywhiz.api.model.SanitizedSecretWithGroups)
SecretRetrievalCursor(keywhiz.api.model.SecretRetrievalCursor)
ArrayList(java.util.ArrayList)
Example 2 with SecretRetrievalCursor
use of keywhiz.api.model.SecretRetrievalCursor in project keywhiz by square.
the class SecretResourceTest method listExpiringV4HandlingCursor.
private List<SanitizedSecretWithGroups> listExpiringV4HandlingCursor(Long minTime, Long maxTime, Integer limit) throws Exception {
List<SanitizedSecretWithGroups> allRetrievedSecrets = new ArrayList<>();
SecretRetrievalCursor cursor = null;
do {
SanitizedSecretWithGroupsListAndCursor retrievedSecretsAndCursor = listExpiringV4(minTime, maxTime, limit, cursor);
cursor = retrievedSecretsAndCursor.decodedCursor();
List<SanitizedSecretWithGroups> secrets = retrievedSecretsAndCursor.secrets();
assertThat(secrets).isNotNull();
if (limit != null) {
assertThat(secrets.size()).isLessThanOrEqualTo(limit);
}
allRetrievedSecrets.addAll(secrets);
} while (cursor != null);
return allRetrievedSecrets;
}
Also used :
SanitizedSecretWithGroupsListAndCursor(keywhiz.api.model.SanitizedSecretWithGroupsListAndCursor)
SanitizedSecretWithGroups(keywhiz.api.model.SanitizedSecretWithGroups)
SecretRetrievalCursor(keywhiz.api.model.SecretRetrievalCursor)
ArrayList(java.util.ArrayList)
Example 3 with SecretRetrievalCursor
use of keywhiz.api.model.SecretRetrievalCursor in project keywhiz by square.
the class SecretController method getSanitizedSecretsWithGroupsAndCursor.
/**
* @param expireMinTime timestamp for closest expiry to include (may be overridden by cursor)
* @param expireMaxTime timestamp for farthest expiry to include
* @param limit limit on number of results to return
* @param cursor cursor to be used to enforce pagination
* @return all existing sanitized secrets and their groups matching criteria.
*/
public SanitizedSecretWithGroupsListAndCursor getSanitizedSecretsWithGroupsAndCursor(@Nullable Long expireMinTime, @Nullable Long expireMaxTime, @Nullable Integer limit, @Nullable SecretRetrievalCursor cursor) {
// Retrieve secrets based on the cursor (if provided).
ImmutableList<SecretSeriesAndContent> secrets;
// Retrieve one additional record to detect when information is missing
Integer updatedLimit = null;
if (limit != null) {
updatedLimit = limit + 1;
}
if (cursor == null) {
secrets = secretDAO.getSecrets(expireMaxTime, null, expireMinTime, null, updatedLimit);
} else {
secrets = secretDAO.getSecrets(expireMaxTime, null, cursor.expiry(), cursor.name(), updatedLimit);
}
// Set the cursor and strip the final record from the secrets if necessary
SecretRetrievalCursor newCursor = null;
if (limit != null && secrets.size() > limit) {
// The name and expiry in the new cursor will be the first entry in the next set of results
newCursor = SecretRetrievalCursor.of(secrets.get(limit).series().name(), secrets.get(limit).content().expiry());
// Trim the last record from the list
secrets = secrets.subList(0, limit);
}
Set<Long> secretIds = secrets.stream().map(s -> s.series().id()).collect(toSet());
Map<Long, List<Group>> groupsForSecrets = aclDAO.getGroupsForSecrets(secretIds);
List<SanitizedSecretWithGroups> secretsWithGroups = secrets.stream().map(s -> {
List<Group> groups = groupsForSecrets.get(s.series().id());
if (groups == null) {
groups = ImmutableList.of();
}
return fromSecretSeriesAndContentAndGroups(s, groups);
}).collect(toList());
try {
return SanitizedSecretWithGroupsListAndCursor.of(secretsWithGroups, SecretRetrievalCursor.toUrlEncodedString(newCursor));
} catch (Exception e) {
logger.warn("Unable to encode cursor to string (cursor: {}): {}", newCursor, e.getMessage());
// The cursor is malformed; return what information could be gathered
return SanitizedSecretWithGroupsListAndCursor.of(secretsWithGroups, null);
}
}
Also used :
Secret(keywhiz.api.model.Secret)
SanitizedSecretWithGroups(keywhiz.api.model.SanitizedSecretWithGroups)
LoggerFactory(org.slf4j.LoggerFactory)
KeywhizConfig(keywhiz.KeywhizConfig)
Preconditions.checkArgument(com.google.common.base.Preconditions.checkArgument)
ImmutableList(com.google.common.collect.ImmutableList)
Collectors.toMap(java.util.stream.Collectors.toMap)
SecretTransformer(keywhiz.service.crypto.SecretTransformer)
Map(java.util.Map)
ContentEncodingException(keywhiz.service.crypto.ContentEncodingException)
ContentCryptographer(keywhiz.service.crypto.ContentCryptographer)
Nullable(javax.annotation.Nullable)
Collectors.toSet(java.util.stream.Collectors.toSet)
Group(keywhiz.api.model.Group)
SanitizedSecretWithGroupsListAndCursor(keywhiz.api.model.SanitizedSecretWithGroupsListAndCursor)
Logger(org.slf4j.Logger)
ImmutableMap(com.google.common.collect.ImmutableMap)
UTF_8(java.nio.charset.StandardCharsets.UTF_8)
SecretRetrievalCursor(keywhiz.api.model.SecretRetrievalCursor)
Preconditions.checkNotNull(com.google.common.base.Preconditions.checkNotNull)
Set(java.util.Set)
Base64(java.util.Base64)
List(java.util.List)
Collectors.toList(java.util.stream.Collectors.toList)
SecretSeriesAndContent(keywhiz.api.model.SecretSeriesAndContent)
Optional(java.util.Optional)
SanitizedSecret(keywhiz.api.model.SanitizedSecret)
SanitizedSecretWithGroups.fromSecretSeriesAndContentAndGroups(keywhiz.api.model.SanitizedSecretWithGroups.fromSecretSeriesAndContentAndGroups)
SanitizedSecretWithGroups(keywhiz.api.model.SanitizedSecretWithGroups)
SecretRetrievalCursor(keywhiz.api.model.SecretRetrievalCursor)
SecretSeriesAndContent(keywhiz.api.model.SecretSeriesAndContent)
ImmutableList(com.google.common.collect.ImmutableList)
List(java.util.List)
Collectors.toList(java.util.stream.Collectors.toList)
ContentEncodingException(keywhiz.service.crypto.ContentEncodingException)
Aggregations
SanitizedSecretWithGroups (keywhiz.api.model.SanitizedSecretWithGroups)3
SanitizedSecretWithGroupsListAndCursor (keywhiz.api.model.SanitizedSecretWithGroupsListAndCursor)3
SecretRetrievalCursor (keywhiz.api.model.SecretRetrievalCursor)3
ArrayList (java.util.ArrayList)2
Preconditions.checkArgument (com.google.common.base.Preconditions.checkArgument)1
Preconditions.checkNotNull (com.google.common.base.Preconditions.checkNotNull)1
ImmutableList (com.google.common.collect.ImmutableList)1
ImmutableMap (com.google.common.collect.ImmutableMap)1
UTF_8 (java.nio.charset.StandardCharsets.UTF_8)1
Base64 (java.util.Base64)1
List (java.util.List)1
Map (java.util.Map)1
Optional (java.util.Optional)1
Set (java.util.Set)1
Collectors.toList (java.util.stream.Collectors.toList)1
Collectors.toMap (java.util.stream.Collectors.toMap)1
Collectors.toSet (java.util.stream.Collectors.toSet)1
Nullable (javax.annotation.Nullable)1
KeywhizConfig (keywhiz.KeywhizConfig)1
Group (keywhiz.api.model.Group)1
