Search in sources :

Example 16 with EventAuditRecordParameters

use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.

the class CertificatesHandler method handleUpdateTransitionalVersion.

public List<CertificateView> handleUpdateTransitionalVersion(String certificateId, UpdateTransitionalVersionRequest requestBody, List<EventAuditRecordParameters> auditRecordParameters) {
    List<CredentialVersion> credentialList;
    UUID versionUUID = null;
    if (requestBody.getVersionUuid() != null) {
        versionUUID = UUID.fromString(requestBody.getVersionUuid());
    }
    credentialList = permissionedCertificateService.updateTransitionalVersion(UUID.fromString(certificateId), versionUUID, auditRecordParameters);
    List<CertificateView> list = credentialList.stream().map(credential -> new CertificateView((CertificateCredentialVersion) credential)).collect(Collectors.toList());
    return list;
}
Also used : CredentialView(org.cloudfoundry.credhub.view.CredentialView) PermissionedCertificateService(org.cloudfoundry.credhub.service.PermissionedCertificateService) BaseCredentialGenerateRequest(org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest) CertificateCredentialsView(org.cloudfoundry.credhub.view.CertificateCredentialsView) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion) CreateVersionRequest(org.cloudfoundry.credhub.request.CreateVersionRequest) UUID(java.util.UUID) CertificateView(org.cloudfoundry.credhub.view.CertificateView) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion) Collectors(java.util.stream.Collectors) CertificateCredentialView(org.cloudfoundry.credhub.view.CertificateCredentialView) CertificateRegenerateRequest(org.cloudfoundry.credhub.request.CertificateRegenerateRequest) UpdateTransitionalVersionRequest(org.cloudfoundry.credhub.request.UpdateTransitionalVersionRequest) List(java.util.List) Credential(org.cloudfoundry.credhub.entity.Credential) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) AuditingOperationCode(org.cloudfoundry.credhub.audit.AuditingOperationCode) Service(org.springframework.stereotype.Service) CertificateCredentialValue(org.cloudfoundry.credhub.credential.CertificateCredentialValue) EntryNotFoundException(org.cloudfoundry.credhub.exceptions.EntryNotFoundException) CertificateService(org.cloudfoundry.credhub.service.CertificateService) UUID(java.util.UUID) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion) CertificateView(org.cloudfoundry.credhub.view.CertificateView)

Example 17 with EventAuditRecordParameters

use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.

the class PermissionedCertificateService method deleteVersion.

public CertificateCredentialVersion deleteVersion(UUID certificateUuid, UUID versionUuid, List<EventAuditRecordParameters> auditRecordParameters) {
    EventAuditRecordParameters eventAuditRecordParameters = new EventAuditRecordParameters(AuditingOperationCode.CREDENTIAL_DELETE, null);
    auditRecordParameters.add(eventAuditRecordParameters);
    Credential certificate = certificateDataService.findByUuid(certificateUuid);
    if (certificate == null || !permissionCheckingService.hasPermission(userContextHolder.getUserContext().getActor(), certificate.getName(), PermissionOperation.DELETE)) {
        throw new EntryNotFoundException("error.credential.invalid_access");
    }
    eventAuditRecordParameters.setCredentialName(certificate.getName());
    CertificateCredentialVersion versionToDelete = certificateVersionDataService.findVersion(versionUuid);
    if (versionDoesNotBelongToCertificate(certificate, versionToDelete)) {
        throw new EntryNotFoundException("error.credential.invalid_access");
    }
    if (certificateHasOnlyOneVersion(certificateUuid)) {
        throw new ParameterizedValidationException("error.credential.cannot_delete_last_version");
    }
    certificateVersionDataService.deleteVersion(versionUuid);
    return versionToDelete;
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) EntryNotFoundException(org.cloudfoundry.credhub.exceptions.EntryNotFoundException) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) ParameterizedValidationException(org.cloudfoundry.credhub.exceptions.ParameterizedValidationException) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)

Example 18 with EventAuditRecordParameters

use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.

the class PermissionedCertificateService method set.

public CertificateCredentialVersion set(UUID certificateUuid, CertificateCredentialValue value, List<EventAuditRecordParameters> auditRecordParameters) {
    Credential credential = findCertificateCredential(certificateUuid);
    EventAuditRecordParameters eventAuditRecordParameters = new EventAuditRecordParameters(AuditingOperationCode.CREDENTIAL_UPDATE, credential.getName());
    auditRecordParameters.add(eventAuditRecordParameters);
    if (!permissionCheckingService.hasPermission(userContextHolder.getUserContext().getActor(), credential.getName(), PermissionOperation.WRITE)) {
        throw new EntryNotFoundException("error.credential.invalid_access");
    }
    if (value.isTransitional()) {
        validateNoTransitionalVersionsAlreadyExist(credential.getName(), auditRecordParameters);
    }
    CertificateCredentialVersion certificateCredentialVersion = certificateCredentialFactory.makeNewCredentialVersion(credential, value);
    return credentialVersionDataService.save(certificateCredentialVersion);
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) EntryNotFoundException(org.cloudfoundry.credhub.exceptions.EntryNotFoundException) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion)

Example 19 with EventAuditRecordParameters

use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.

the class PermissionedCertificateService method getVersions.

public List<CredentialVersion> getVersions(UUID uuid, boolean current, List<EventAuditRecordParameters> auditRecordParameters) {
    List<CredentialVersion> list;
    String name;
    try {
        if (current) {
            Credential credential = findCertificateCredential(uuid);
            name = credential.getName();
            list = certificateVersionDataService.findActiveWithTransitional(name);
        } else {
            list = certificateVersionDataService.findAllVersions(uuid);
            name = !list.isEmpty() ? list.get(0).getName() : null;
        }
    } catch (IllegalArgumentException e) {
        auditRecordParameters.add(new EventAuditRecordParameters(AuditingOperationCode.CREDENTIAL_ACCESS, null));
        throw new InvalidQueryParameterException("error.bad_request", "uuid");
    }
    auditRecordParameters.add(new EventAuditRecordParameters(AuditingOperationCode.CREDENTIAL_ACCESS, name));
    if (list.isEmpty() || !permissionCheckingService.hasPermission(userContextHolder.getUserContext().getActor(), name, PermissionOperation.READ)) {
        throw new EntryNotFoundException("error.credential.invalid_access");
    }
    return list;
}
Also used : Credential(org.cloudfoundry.credhub.entity.Credential) EntryNotFoundException(org.cloudfoundry.credhub.exceptions.EntryNotFoundException) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters) InvalidQueryParameterException(org.cloudfoundry.credhub.exceptions.InvalidQueryParameterException) CertificateCredentialVersion(org.cloudfoundry.credhub.domain.CertificateCredentialVersion) CredentialVersion(org.cloudfoundry.credhub.domain.CredentialVersion)

Example 20 with EventAuditRecordParameters

use of org.cloudfoundry.credhub.audit.EventAuditRecordParameters in project credhub by cloudfoundry-incubator.

the class PermissionedCredentialService method writeSaveAuditRecord.

private void writeSaveAuditRecord(String credentialName, List<EventAuditRecordParameters> auditRecordParameters, boolean shouldWriteNewEntity) {
    AuditingOperationCode credentialOperationCode = shouldWriteNewEntity ? CREDENTIAL_UPDATE : CREDENTIAL_ACCESS;
    auditRecordParameters.add(new EventAuditRecordParameters(credentialOperationCode, credentialName));
}
Also used : AuditingOperationCode(org.cloudfoundry.credhub.audit.AuditingOperationCode) EventAuditRecordParameters(org.cloudfoundry.credhub.audit.EventAuditRecordParameters)

Aggregations

EventAuditRecordParameters (org.cloudfoundry.credhub.audit.EventAuditRecordParameters)41 Test (org.junit.Test)21 SpringBootTest (org.springframework.boot.test.context.SpringBootTest)12 CertificateCredentialVersion (org.cloudfoundry.credhub.domain.CertificateCredentialVersion)11 EntryNotFoundException (org.cloudfoundry.credhub.exceptions.EntryNotFoundException)11 Credential (org.cloudfoundry.credhub.entity.Credential)9 CredentialVersion (org.cloudfoundry.credhub.domain.CredentialVersion)7 PermissionsView (org.cloudfoundry.credhub.view.PermissionsView)7 ArrayList (java.util.ArrayList)6 ParameterizedValidationException (org.cloudfoundry.credhub.exceptions.ParameterizedValidationException)6 AuditingOperationCode (org.cloudfoundry.credhub.audit.AuditingOperationCode)5 CertificateCredentialValue (org.cloudfoundry.credhub.credential.CertificateCredentialValue)5 PermissionEntry (org.cloudfoundry.credhub.request.PermissionEntry)5 List (java.util.List)4 UUID (java.util.UUID)4 Collectors (java.util.stream.Collectors)4 StringCredentialValue (org.cloudfoundry.credhub.credential.StringCredentialValue)4 MockHttpServletRequestBuilder (org.springframework.test.web.servlet.request.MockHttpServletRequestBuilder)4 BaseCredentialGenerateRequest (org.cloudfoundry.credhub.request.BaseCredentialGenerateRequest)3 Service (org.springframework.stereotype.Service)3