use of org.bf2.srs.fleetmanager.spi.common.model.AccountInfo in project srs-fleet-manager by bf2fc6cc711aee1a0c2a.
the class AuditingServletFilter method doFilter.
@Override
@ActivateRequestContext
public void doFilter(ServletRequest request, ServletResponse response, FilterChain chain) throws IOException, ServletException {
// Activate Operation Context
if (opCtx.isContextDataLoaded()) {
throw new IllegalStateException("Unexpected state: Operation Context is already loaded");
}
opCtx.loadNewContextData();
var req = (HttpServletRequest) request;
var res = (HttpServletResponse) response;
// TODO Unify logic to extract this using parameter extractors
auditing.addTraceMetadata(KEY_REQUEST_SOURCE_IP, req.getRemoteAddr());
auditing.addTraceMetadata(KEY_REQUEST_FORWARDED_FOR, req.getHeader(HEADER_X_FORWARDED_FOR));
auditing.addTraceMetadata(KEY_REQUEST_METHOD, req.getMethod());
auditing.addTraceMetadata(KEY_REQUEST_PATH, req.getRequestURI());
AccountInfo accountInfo = authService.extractAccountInfo();
auditing.addTraceMetadata(KEY_USER_ACCOUNT_ID, accountInfo.getAccountId());
auditing.addTraceMetadata(KEY_USER_ACCOUNT_NAME, accountInfo.getAccountUsername());
auditing.addTraceMetadata(KEY_USER_ORG_ID, accountInfo.getOrganizationId());
auditing.addTraceMetadata(KEY_USER_IS_ORG_ADMIN, accountInfo.isAdmin());
chain.doFilter(request, response);
if (res.getStatus() >= 400) {
var event = new AuditingEvent();
event.setEventId("request_failure");
event.addData(KEY_RESPONSE_CODE, res.getStatus());
event.setSuccessful(false);
auditing.recordEvent(event);
}
}
use of org.bf2.srs.fleetmanager.spi.common.model.AccountInfo in project srs-fleet-manager by bf2fc6cc711aee1a0c2a.
the class CheckReadPermissionsInterceptor method intercept.
@AroundInvoke
public Object intercept(InvocationContext context) throws Exception {
if (isResolvable(securityIdentity)) {
final AccountInfo accountInfo = authService.extractAccountInfo();
final Optional<RegistryData> registry = storage.getRegistryById(context.getParameters()[0].toString());
if (userCanReadInstance(accountInfo, registry)) {
return context.proceed();
}
} else {
return context.proceed();
}
// TODO Refactor for readability
log.info("Attempt to read registry instance without the proper permissions");
throw new ForbiddenException();
}
use of org.bf2.srs.fleetmanager.spi.common.model.AccountInfo in project srs-fleet-manager by bf2fc6cc711aee1a0c2a.
the class RegistryDeprovisioningIT method testDeprovisionRegistryBasic.
@Test
void testDeprovisionRegistryBasic() {
FleetManagerApi.verifyApiIsSecured();
var alice = new AccountInfo("testDeprovisionRegistry", "alice", false, 10L);
var registry1 = new RegistryCreate();
registry1.setName("registry1");
var createdRegistry1 = FleetManagerApi.createRegistry(registry1, alice);
assertNotEquals(RegistryStatusValue.failed, createdRegistry1.getStatus());
Awaitility.await("registry1 available").atMost(30, SECONDS).pollInterval(5, SECONDS).until(() -> {
var reg = FleetManagerApi.getRegistry(createdRegistry1.getId(), alice);
return reg.getStatus().equals(RegistryStatusValue.ready);
});
Registry registry = FleetManagerApi.getRegistry(createdRegistry1.getId(), alice);
TenantManagerClient tenantManager = Utils.createTenantManagerClient();
var internalTenant = tenantManager.getTenant(registry.getId());
assertEquals(TenantStatusValue.READY, internalTenant.getStatus());
FleetManagerApi.deleteRegistry(createdRegistry1.getId(), alice);
// We don't have to wait for the status to be RegistryStatusValueRest.deleting, since that happens almost immediately now.
Awaitility.await("registry1 deleting initiated").atMost(5, SECONDS).pollInterval(1, SECONDS).until(() -> {
var tenant1 = tenantManager.getTenant(registry.getId());
return TenantStatusValue.TO_BE_DELETED.equals(tenant1.getStatus());
});
var req = new UpdateRegistryTenantRequest();
req.setStatus(TenantStatusValue.DELETED);
tenantManager.updateTenant(registry.getId(), req);
Awaitility.await("registry1 deleted").atMost(5, SECONDS).pollInterval(1, SECONDS).until(() -> {
try {
FleetManagerApi.verifyRegistryNotExists(createdRegistry1.getId(), alice);
return true;
} catch (AssertionError ex) {
return false;
}
});
}
use of org.bf2.srs.fleetmanager.spi.common.model.AccountInfo in project srs-fleet-manager by bf2fc6cc711aee1a0c2a.
the class RegistryProvisioningIT method testProvisionRegistry.
@Test
void testProvisionRegistry() {
FleetManagerApi.verifyApiIsSecured();
var alice = new AccountInfo("testProvisionRegistry", "alice", false, 10L);
// verify static deployments config file feature
var deployment = new RegistryDeploymentCreateRest();
deployment.setName("test-deployment");
deployment.setTenantManagerUrl(infra.getTenantManagerUri());
deployment.setRegistryDeploymentUrl("http://registry-test");
FleetManagerApi.verifyCreateDeploymentNotAllowed(deployment, alice);
var registry1 = new RegistryCreate();
registry1.setName("test-registry-1");
var registry1Result = FleetManagerApi.createRegistry(registry1, alice);
assertNotEquals(RegistryStatusValue.failed, registry1Result.getStatus());
Awaitility.await("registry available").atMost(30, TimeUnit.SECONDS).pollInterval(5, TimeUnit.SECONDS).until(() -> {
var reg = FleetManagerApi.getRegistry(registry1Result.getId(), alice);
return reg.getStatus().equals(RegistryStatusValue.ready);
});
Registry registry = FleetManagerApi.getRegistry(registry1Result.getId(), alice);
TenantManagerClient tenantManager = Utils.createTenantManagerClient();
var internalTenant = tenantManager.getTenant(registry.getId());
var resources = internalTenant.getResources();
TenantResource maxTotalSchemas = null;
for (var r : resources) {
if (r.getType() == ResourceType.MAX_TOTAL_SCHEMAS_COUNT) {
maxTotalSchemas = r;
}
}
assertNotNull(maxTotalSchemas);
assertEquals(10, maxTotalSchemas.getLimit());
// TODO e2e test check limits are applied
// Delete
FleetManagerApi.deleteRegistry(registry1Result.getId(), alice);
}
use of org.bf2.srs.fleetmanager.spi.common.model.AccountInfo in project srs-fleet-manager by bf2fc6cc711aee1a0c2a.
the class RegistryServiceImpl method getRegistries.
@Override
public RegistryListDto getRegistries(Integer page, Integer size, String orderBy, String search) {
// Defaults
var sort = Sort.by("id", Sort.Direction.Ascending);
page = (page != null) ? page : 1;
size = (size != null) ? size : 10;
if (orderBy != null) {
var order = orderBy.split(" ");
if (order.length != 2) {
throw new ValidationException("invalid orderBy");
}
if ("asc".equals(order[1])) {
sort = Sort.by(order[0], Sort.Direction.Ascending);
} else {
sort = Sort.by(order[0], Sort.Direction.Descending);
}
}
List<Pair<String, Object>> conditions = new ArrayList<>();
if (search != null && !search.isEmpty()) {
var basicQuery = new BasicQuery(search, Arrays.asList("name", "status"));
conditions.add(Pair.of(basicQuery.getColumn(), basicQuery.getArgument()));
}
// list only registries from your organization or the ones the user owns
if (isResolvable(securityIdentity)) {
final AccountInfo accountInfo = authService.extractAccountInfo();
String orgId = accountInfo.getOrganizationId();
if (orgId != null) {
conditions.add(Pair.of("orgId", orgId));
} else {
conditions.add(Pair.of("ownerId", accountInfo.getAccountId()));
}
} else {
conditions.add(Pair.of("ownerId", OWNER_ID_PLACEHOLDER));
}
var query = new SearchQuery(conditions);
PanacheQuery<RegistryData> itemsQuery = storage.executeRegistrySearchQuery(query, sort);
var items = itemsQuery.page(Page.of(page - 1, size)).stream().map(convertRegistry::convert).collect(Collectors.toList());
return RegistryListDto.builder().items(items).page(page).size(size).total(itemsQuery.count()).build();
}
Aggregations