Examples with AuthorizationException org.apache.storm.generated.AuthorizationException used on opensource projects

Example 6 with AuthorizationException

use of org.apache.storm.generated.AuthorizationException in project storm by apache.

the class Nimbus method finishBlobUpload.

@SuppressWarnings("deprecation")
@Override
public void finishBlobUpload(String session) throws AuthorizationException, TException {
    try {
        OutputStream os = blobUploaders.get(session);
        if (os == null) {
            throw new RuntimeException("Blob for session " + session + " does not exist (or timed out)");
        }
        os.close();
        LOG.info("Finished uploading blob for session {}. Closing session.", session);
        blobUploaders.remove(session);
    } catch (Exception e) {
        LOG.warn("finish blob upload exception.", e);
        if (e instanceof TException) {
            throw (TException) e;
        }
        throw new RuntimeException(e);
    }
}

Example 7 with AuthorizationException

use of org.apache.storm.generated.AuthorizationException in project storm by apache.

the class Nimbus method beginBlobDownload.

@SuppressWarnings("deprecation")
@Override
public BeginDownloadResult beginBlobDownload(String key) throws AuthorizationException, KeyNotFoundException, TException {
    try {
        InputStreamWithMeta is = blobStore.getBlob(key, getSubject());
        String sessionId = Utils.uuid();
        BeginDownloadResult ret = new BeginDownloadResult(is.getVersion(), sessionId);
        ret.set_data_size(is.getFileLength());
        blobDownloaders.put(sessionId, new BufferInputStream(is, (int) conf.getOrDefault(Config.STORM_BLOBSTORE_INPUTSTREAM_BUFFER_SIZE_BYTES, 65536)));
        LOG.info("Created download session for {}", key);
        return ret;
    } catch (Exception e) {
        LOG.warn("begin blob download exception.", e);
        if (e instanceof TException) {
            throw (TException) e;
        }
        throw new RuntimeException(e);
    }
}

Example 8 with AuthorizationException

use of org.apache.storm.generated.AuthorizationException in project storm by apache.

the class Nimbus method getComponentPageInfo.

@Override
public ComponentPageInfo getComponentPageInfo(String topoId, String componentId, String window, boolean includeSys) throws NotAliveException, AuthorizationException, TException {
    try {
        getComponentPageInfoCalls.mark();
        CommonTopoInfo info = getCommonTopoInfo(topoId, "getComponentPageInfo");
        if (info.base == null) {
            throw new NotAliveException(topoId);
        }
        StormTopology topology = info.topology;
        Map<String, Object> topoConf = info.topoConf;
        Assignment assignment = info.assignment;
        Map<List<Long>, List<Object>> exec2NodePort = new HashMap<>();
        Map<String, String> nodeToHost;
        Map<List<Long>, List<Object>> exec2HostPort = new HashMap<>();
        if (assignment != null) {
            Map<List<Long>, NodeInfo> execToNodeInfo = assignment.get_executor_node_port();
            nodeToHost = assignment.get_node_host();
            for (Entry<List<Long>, NodeInfo> entry : execToNodeInfo.entrySet()) {
                NodeInfo ni = entry.getValue();
                List<Object> nodePort = Arrays.asList(ni.get_node(), ni.get_port_iterator().next());
                List<Object> hostPort = Arrays.asList(nodeToHost.get(ni.get_node()), ni.get_port_iterator().next());
                exec2NodePort.put(entry.getKey(), nodePort);
                exec2HostPort.put(entry.getKey(), hostPort);
            }
        } else {
            nodeToHost = Collections.emptyMap();
        }
        ComponentPageInfo compPageInfo = StatsUtil.aggCompExecsStats(exec2HostPort, info.taskToComponent, info.beats, window, includeSys, topoId, topology, componentId);
        if (compPageInfo.get_component_type() == ComponentType.SPOUT) {
            compPageInfo.set_resources_map(setResourcesDefaultIfNotSet(ResourceUtils.getSpoutsResources(topology, topoConf), componentId, topoConf));
        } else {
            //bolt
            compPageInfo.set_resources_map(setResourcesDefaultIfNotSet(ResourceUtils.getBoltsResources(topology, topoConf), componentId, topoConf));
        }
        compPageInfo.set_topology_name(info.topoName);
        compPageInfo.set_errors(stormClusterState.errors(topoId, componentId));
        compPageInfo.set_topology_status(extractStatusStr(info.base));
        if (info.base.is_set_component_debug()) {
            DebugOptions debug = info.base.get_component_debug().get(componentId);
            if (debug != null) {
                compPageInfo.set_debug_options(debug);
            }
        }
        // Add the event logger details.
        Map<String, List<Integer>> compToTasks = Utils.reverseMap(info.taskToComponent);
        if (compToTasks.containsKey(StormCommon.EVENTLOGGER_COMPONENT_ID)) {
            List<Integer> tasks = compToTasks.get(StormCommon.EVENTLOGGER_COMPONENT_ID);
            tasks.sort(null);
            // Find the task the events from this component route to.
            int taskIndex = TupleUtils.chooseTaskIndex(Collections.singletonList(componentId), tasks.size());
            int taskId = tasks.get(taskIndex);
            String host = null;
            Integer port = null;
            for (Entry<List<Long>, List<Object>> entry : exec2HostPort.entrySet()) {
                int start = entry.getKey().get(0).intValue();
                int end = entry.getKey().get(1).intValue();
                if (taskId >= start && taskId <= end) {
                    host = (String) entry.getValue().get(0);
                    port = ((Number) entry.getValue().get(1)).intValue();
                    break;
                }
            }
            if (host != null && port != null) {
                compPageInfo.set_eventlog_host(host);
                compPageInfo.set_eventlog_port(port);
            }
        }
        return compPageInfo;
    } catch (Exception e) {
        LOG.warn("getComponentPageInfo exception. (topo id='{}')", topoId, e);
        if (e instanceof TException) {
            throw (TException) e;
        }
        throw new RuntimeException(e);
    }
}

Example 9 with AuthorizationException

use of org.apache.storm.generated.AuthorizationException in project storm by apache.

the class Nimbus method submitTopologyWithOpts.

@Override
public void submitTopologyWithOpts(String topoName, String uploadedJarLocation, String jsonConf, StormTopology topology, SubmitOptions options) throws AlreadyAliveException, InvalidTopologyException, AuthorizationException, TException {
    try {
        submitTopologyWithOptsCalls.mark();
        assertIsLeader();
        assert (options != null);
        validateTopologyName(topoName);
        checkAuthorization(topoName, null, "submitTopology");
        assertTopoActive(topoName, false);
        @SuppressWarnings("unchecked") Map<String, Object> topoConf = (Map<String, Object>) JSONValue.parse(jsonConf);
        try {
            ConfigValidation.validateFields(topoConf);
        } catch (IllegalArgumentException ex) {
            throw new InvalidTopologyException(ex.getMessage());
        }
        validator.validate(topoName, topoConf, topology);
        Utils.validateTopologyBlobStoreMap(topoConf, Sets.newHashSet(blobStore.listKeys()));
        long uniqueNum = submittedCount.incrementAndGet();
        String topoId = topoName + "-" + uniqueNum + "-" + Time.currentTimeSecs();
        Map<String, String> creds = null;
        if (options.is_set_creds()) {
            creds = options.get_creds().get_creds();
        }
        topoConf.put(Config.STORM_ID, topoId);
        topoConf.put(Config.TOPOLOGY_NAME, topoName);
        topoConf = normalizeConf(conf, topoConf, topology);
        ReqContext req = ReqContext.context();
        Principal principal = req.principal();
        String submitterPrincipal = principal == null ? null : principal.toString();
        String submitterUser = principalToLocal.toLocal(principal);
        String systemUser = System.getProperty("user.name");
        @SuppressWarnings("unchecked") Set<String> topoAcl = new HashSet<>((List<String>) topoConf.getOrDefault(Config.TOPOLOGY_USERS, Collections.emptyList()));
        topoAcl.add(submitterPrincipal);
        topoAcl.add(submitterUser);
        topoConf.put(Config.TOPOLOGY_SUBMITTER_PRINCIPAL, OR(submitterPrincipal, ""));
        //Don't let the user set who we launch as
        topoConf.put(Config.TOPOLOGY_SUBMITTER_USER, OR(submitterUser, systemUser));
        topoConf.put(Config.TOPOLOGY_USERS, new ArrayList<>(topoAcl));
        topoConf.put(Config.STORM_ZOOKEEPER_SUPERACL, conf.get(Config.STORM_ZOOKEEPER_SUPERACL));
        if (!Utils.isZkAuthenticationConfiguredStormServer(conf)) {
            topoConf.remove(Config.STORM_ZOOKEEPER_TOPOLOGY_AUTH_SCHEME);
            topoConf.remove(Config.STORM_ZOOKEEPER_TOPOLOGY_AUTH_PAYLOAD);
        }
        if (!(Boolean) conf.getOrDefault(Config.STORM_TOPOLOGY_CLASSPATH_BEGINNING_ENABLED, false)) {
            topoConf.remove(Config.TOPOLOGY_CLASSPATH_BEGINNING);
        }
        Map<String, Object> totalConf = merge(conf, topoConf);
        topology = normalizeTopology(totalConf, topology);
        IStormClusterState state = stormClusterState;
        if (creds != null) {
            Map<String, Object> finalConf = Collections.unmodifiableMap(topoConf);
            for (INimbusCredentialPlugin autocred : nimbusAutocredPlugins) {
                autocred.populateCredentials(creds, finalConf);
            }
        }
        if (Utils.getBoolean(conf.get(Config.SUPERVISOR_RUN_WORKER_AS_USER), false) && (submitterUser == null || submitterUser.isEmpty())) {
            throw new AuthorizationException("Could not determine the user to run this topology as.");
        }
        //this validates the structure of the topology
        StormCommon.systemTopology(totalConf, topology);
        validateTopologySize(topoConf, conf, topology);
        if (Utils.isZkAuthenticationConfiguredStormServer(conf) && !Utils.isZkAuthenticationConfiguredTopology(topoConf)) {
            throw new IllegalArgumentException("The cluster is configured for zookeeper authentication, but no payload was provided.");
        }
        LOG.info("Received topology submission for {} with conf {}", topoName, Utils.redactValue(topoConf, Config.STORM_ZOOKEEPER_TOPOLOGY_AUTH_PAYLOAD));
        // cleanup thread killing topology in b/w assignment and starting the topology
        synchronized (submitLock) {
            assertTopoActive(topoName, false);
            //cred-update-lock is not needed here because creds are being added for the first time.
            if (creds != null) {
                state.setCredentials(topoId, new Credentials(creds), topoConf);
            }
            LOG.info("uploadedJar {}", uploadedJarLocation);
            setupStormCode(conf, topoId, uploadedJarLocation, totalConf, topology);
            waitForDesiredCodeReplication(totalConf, topoId);
            state.setupHeatbeats(topoId);
            if (Utils.getBoolean(totalConf.get(Config.TOPOLOGY_BACKPRESSURE_ENABLE), false)) {
                state.setupBackpressure(topoId);
            }
            notifyTopologyActionListener(topoName, "submitTopology");
            TopologyStatus status = null;
            switch(options.get_initial_status()) {
                case INACTIVE:
                    status = TopologyStatus.INACTIVE;
                    break;
                case ACTIVE:
                    status = TopologyStatus.ACTIVE;
                    break;
                default:
                    throw new IllegalArgumentException("Inital Status of " + options.get_initial_status() + " is not allowed.");
            }
            startTopology(topoName, topoId, status);
        }
    } catch (Exception e) {
        LOG.warn("Topology submission exception. (topology name='{}')", topoName, e);
        if (e instanceof TException) {
            throw (TException) e;
        }
        throw new RuntimeException(e);
    }
}

Example 10 with AuthorizationException

use of org.apache.storm.generated.AuthorizationException in project storm by apache.

the class Nimbus method getSupervisorPageInfo.

@Override
public SupervisorPageInfo getSupervisorPageInfo(String superId, String host, boolean includeSys) throws NotAliveException, AuthorizationException, TException {
    try {
        getSupervisorPageInfoCalls.mark();
        IStormClusterState state = stormClusterState;
        Map<String, SupervisorInfo> superInfos = state.allSupervisorInfo();
        Map<String, List<String>> hostToSuperId = new HashMap<>();
        for (Entry<String, SupervisorInfo> entry : superInfos.entrySet()) {
            String h = entry.getValue().get_hostname();
            List<String> superIds = hostToSuperId.get(h);
            if (superIds == null) {
                superIds = new ArrayList<>();
                hostToSuperId.put(h, superIds);
            }
            superIds.add(entry.getKey());
        }
        List<String> supervisorIds = null;
        if (superId == null) {
            supervisorIds = hostToSuperId.get(host);
        } else {
            supervisorIds = Arrays.asList(superId);
        }
        SupervisorPageInfo pageInfo = new SupervisorPageInfo();
        Map<String, Assignment> topoToAssignment = state.topologyAssignments();
        for (String sid : supervisorIds) {
            SupervisorInfo info = superInfos.get(sid);
            LOG.info("SIDL {} SI: {} ALL: {}", sid, info, superInfos);
            SupervisorSummary supSum = makeSupervisorSummary(sid, info);
            pageInfo.add_to_supervisor_summaries(supSum);
            List<String> superTopologies = topologiesOnSupervisor(topoToAssignment, sid);
            Set<String> userTopologies = filterAuthorized("getTopology", superTopologies);
            for (String topoId : superTopologies) {
                CommonTopoInfo common = getCommonTopoInfo(topoId, "getSupervisorPageInfo");
                String topoName = common.topoName;
                Assignment assignment = common.assignment;
                Map<List<Integer>, Map<String, Object>> beats = common.beats;
                Map<Integer, String> taskToComp = common.taskToComponent;
                Map<List<Long>, List<Object>> exec2NodePort = new HashMap<>();
                Map<String, String> nodeToHost;
                if (assignment != null) {
                    Map<List<Long>, NodeInfo> execToNodeInfo = assignment.get_executor_node_port();
                    for (Entry<List<Long>, NodeInfo> entry : execToNodeInfo.entrySet()) {
                        NodeInfo ni = entry.getValue();
                        List<Object> nodePort = Arrays.asList(ni.get_node(), ni.get_port_iterator().next());
                        exec2NodePort.put(entry.getKey(), nodePort);
                    }
                    nodeToHost = assignment.get_node_host();
                } else {
                    nodeToHost = Collections.emptyMap();
                }
                Map<WorkerSlot, WorkerResources> workerResources = getWorkerResourcesForTopology(topoId);
                boolean isAllowed = userTopologies.contains(topoId);
                for (WorkerSummary workerSummary : StatsUtil.aggWorkerStats(topoId, topoName, taskToComp, beats, exec2NodePort, nodeToHost, workerResources, includeSys, isAllowed, sid)) {
                    pageInfo.add_to_worker_summaries(workerSummary);
                }
            }
        }
        return pageInfo;
    } catch (Exception e) {
        LOG.warn("Get super page info exception. (super id='{}')", superId, e);
        if (e instanceof TException) {
            throw (TException) e;
        }
        throw new RuntimeException(e);
    }
}