use of org.candlepin.controller.AutobindDisabledForOwnerException in project candlepin by candlepin.
the class ConsumerResource method revokeOnGuestMigration.
/*
* Check if this consumer is a guest, and if it appears to have migrated.
* We only check for existing entitlements, restricted to a host that does not match
* the guest's current host, as determined by the most recent guest ID report in the
* db. If autobind has been disabled for the guest's owner, the host_restricted entitlements
* from the old host are still removed, but no auto-bind occurs.
*/
protected void revokeOnGuestMigration(Consumer guest) {
if (guest == null || !guest.isGuest() || !guest.hasFact("virt.uuid")) {
// No consumer provided, it's not a guest or it doesn't have a virt UUID
return;
}
Consumer host = consumerCurator.getHost(guest);
// we need to create a list of entitlements to delete before actually
// deleting, otherwise we are tampering with the loop iterator (BZ #786730)
Set<Entitlement> deletableGuestEntitlements = new HashSet<>();
log.debug("Revoking {} entitlements not matching host: {}", guest, host);
for (Entitlement entitlement : guest.getEntitlements()) {
Pool pool = entitlement.getPool();
// virt-only then the host-guest dynamic doesn't apply, so skip it.
if (!pool.hasAttribute(Pool.Attributes.REQUIRES_HOST) && !pool.isUnmappedGuestPool() && !isVirtOnly(pool)) {
continue;
}
if (pool.hasAttribute(Pool.Attributes.REQUIRES_HOST)) {
String requiredHost = getRequiredHost(pool);
if (host != null && !requiredHost.equals(host.getUuid())) {
log.debug("Removing entitlement {} from guest {} due to host mismatch.", entitlement.getId(), guest.getUuid());
deletableGuestEntitlements.add(entitlement);
}
} else if (pool.isUnmappedGuestPool() && host != null) {
log.debug("Removing unmapped guest pool from {} now that it is mapped", guest.getUuid());
deletableGuestEntitlements.add(entitlement);
}
}
// perform the entitlement revocation
for (Entitlement entitlement : deletableGuestEntitlements) {
poolManager.revokeEntitlement(entitlement);
}
if (deletableGuestEntitlements.size() > 0) {
// auto heal guests after revocations
boolean hasInstalledProducts = guest.getInstalledProducts() != null && !guest.getInstalledProducts().isEmpty();
if (guest.isAutoheal() && !deletableGuestEntitlements.isEmpty() && hasInstalledProducts) {
Owner owner = ownerCurator.findOwnerById(guest.getOwnerId());
AutobindData autobindData = AutobindData.create(guest, owner).on(new Date());
// perform the autobind for the guest.
try {
List<Entitlement> ents = entitler.bindByProducts(autobindData);
entitler.sendEvents(ents);
} catch (AutobindDisabledForOwnerException e) {
log.warn("Guest auto-attach skipped. {}", e.getMessage());
}
}
}
}
use of org.candlepin.controller.AutobindDisabledForOwnerException in project candlepin by candlepin.
the class ConsumerResource method bind.
@ApiOperation(notes = "If a pool ID is specified, we know we're binding to that exact pool. " + "Specifying an entitle date in this case makes no sense and will throw an " + "error. If a list of product IDs are specified, we attempt to auto-bind to" + " subscriptions which will provide those products. An optional date can be" + " specified allowing the consumer to get compliant for some date in the " + "future. If no date is specified we assume the current date. If neither a " + "pool nor an ID is specified, this is a healing request. The path is similar " + "to the bind by products, but in this case we use the installed products on " + "the consumer, and their current compliant status, to determine which product" + " IDs should be requested. The entitle date is used the same as with bind by " + "products. The response will contain a list of Entitlement objects if async is" + " false, or a JobDetail object if async is true.", value = "Bind Entitlements")
@ApiResponses({ @ApiResponse(code = 400, message = ""), @ApiResponse(code = 403, message = "Binds Entitlements"), @ApiResponse(code = 404, message = "") })
@POST
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
@Path("/{consumer_uuid}/entitlements")
@SuppressWarnings("checkstyle:indentation")
public Response bind(@PathParam("consumer_uuid") @Verify(Consumer.class) String consumerUuid, @QueryParam("pool") @Verify(value = Pool.class, nullable = true, subResource = SubResource.ENTITLEMENTS) String poolIdString, @QueryParam("product") String[] productIds, @QueryParam("quantity") Integer quantity, @QueryParam("email") String email, @QueryParam("email_locale") String emailLocale, @QueryParam("async") @DefaultValue("false") boolean async, @QueryParam("entitle_date") String entitleDateStr, @QueryParam("from_pool") List<String> fromPools) {
/* NOTE: This method should NEVER be provided with a POST body.
While technically that change would be backwards compatible,
there are older clients which erroneously provide an empty string
as a post body and hence result in a serialization error.
ref: BZ: 1502807
*/
// TODO: really should do this in a before we get to this call
// so the method takes in a real Date object and not just a String.
Date entitleDate = ResourceDateParser.parseDateString(entitleDateStr);
// Verify consumer exists:
Consumer consumer = consumerCurator.verifyAndLookupConsumerWithEntitlements(consumerUuid);
ConsumerType ctype = this.consumerTypeCurator.getConsumerType(consumer);
log.debug("Consumer (post verify): {}", consumer);
// Check that only one query param was set, and some other validations
validateBindArguments(poolIdString, quantity, productIds, fromPools, entitleDate, consumer, async);
Owner owner = ownerCurator.findOwnerById(consumer.getOwnerId());
try {
// I hate double negatives, but if they have accepted all
// terms, we want comeToTerms to be true.
long subTermsStart = System.currentTimeMillis();
if (!ctype.isType(ConsumerTypeEnum.SHARE) && subAdapter.hasUnacceptedSubscriptionTerms(owner)) {
return Response.serverError().build();
}
log.debug("Checked if consumer has unaccepted subscription terms in {}ms", (System.currentTimeMillis() - subTermsStart));
} catch (CandlepinException e) {
log.debug(e.getMessage());
throw e;
}
if (poolIdString != null && quantity == null) {
Pool pool = poolManager.find(poolIdString);
quantity = pool != null ? consumerBindUtil.getQuantityToBind(pool, consumer) : 1;
}
//
if (async) {
JobDetail detail = null;
if (poolIdString != null) {
detail = EntitlerJob.bindByPool(poolIdString, consumer, owner.getKey(), quantity);
} else {
detail = EntitleByProductsJob.bindByProducts(productIds, consumer, entitleDate, fromPools, owner.getKey());
}
// events will be triggered by the job
return Response.status(Response.Status.OK).type(MediaType.APPLICATION_JSON).entity(detail).build();
}
//
// otherwise we do what we do today.
//
List<Entitlement> entitlements = null;
if (poolIdString != null) {
entitlements = entitler.bindByPoolQuantity(consumer, poolIdString, quantity);
} else {
try {
AutobindData autobindData = AutobindData.create(consumer, owner).on(entitleDate).forProducts(productIds).withPools(fromPools);
entitlements = entitler.bindByProducts(autobindData);
} catch (AutobindDisabledForOwnerException e) {
throw new BadRequestException(i18n.tr("Ignoring request to auto-attach. " + "It is disabled for org \"{0}\".", owner.getKey()));
}
}
List<EntitlementDTO> entitlementDTOs = null;
if (entitlements != null) {
entitlementDTOs = new ArrayList<>();
for (Entitlement ent : entitlements) {
// we need to supply the compliance type for the pools
// the method in this class does not do quantity
addCalculatedAttributes(ent);
entitlementDTOs.add(this.translator.translate(ent, EntitlementDTO.class));
}
}
// Trigger events:
entitler.sendEvents(entitlements);
return Response.status(Response.Status.OK).type(MediaType.APPLICATION_JSON).entity(entitlementDTOs).build();
}
Aggregations