Example 26 with KubernetesNamespaceMeta
use of org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta in project che-server by eclipse-che.
the class KubernetesNamespaceFactory method checkIfNamespaceIsAllowed.
/**
* Checks if the current user is able to use the specified namespace for their new workspaces.
*
* @param namespaceName namespace name to check
* @throws ValidationException if the specified namespace is not permitted for the current user
*/
public void checkIfNamespaceIsAllowed(String namespaceName) throws ValidationException {
NamespaceResolutionContext context = new NamespaceResolutionContext(EnvironmentContext.getCurrent().getSubject());
final String defaultNamespace = findStoredNamespace(context).orElse(evalPlaceholders(defaultNamespaceName, context));
if (!namespaceName.equals(defaultNamespace)) {
try {
List<KubernetesNamespaceMeta> labeledNamespaces = findPreparedNamespaces(context);
if (labeledNamespaces.stream().noneMatch(n -> n.getName().equals(namespaceName))) {
throw new ValidationException(format("User defined namespaces are not allowed. Only the default namespace '%s' is available.", defaultNamespace));
}
} catch (InfrastructureException e) {
throw new ValidationException("Some infrastructure failure caused failed validation.", e);
}
}
}
Also used :
NamespaceResolutionContext(org.eclipse.che.api.workspace.server.spi.NamespaceResolutionContext)
ValidationException(org.eclipse.che.api.core.ValidationException)
KubernetesNamespaceMeta(org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)
InfrastructureException(org.eclipse.che.api.workspace.server.spi.InfrastructureException)
Example 27 with KubernetesNamespaceMeta
use of org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta in project che-server by eclipse-che.
the class KubernetesNamespaceFactory method getDefaultNamespace.
/**
* Returns default namespace, it's based on existing namespace if there is such or just object
* holder if there is no such namespace on cluster.
*/
private KubernetesNamespaceMeta getDefaultNamespace(NamespaceResolutionContext resolutionCtx) throws InfrastructureException {
String evaluatedName = evaluateNamespaceName(resolutionCtx);
Optional<KubernetesNamespaceMeta> defaultNamespaceOpt = fetchNamespace(evaluatedName);
KubernetesNamespaceMeta defaultNamespace = defaultNamespaceOpt.orElseGet(() -> new KubernetesNamespaceMetaImpl(evaluatedName));
defaultNamespace.getAttributes().put(DEFAULT_ATTRIBUTE, "true");
return defaultNamespace;
}
Also used :
KubernetesNamespaceMetaImpl(org.eclipse.che.workspace.infrastructure.kubernetes.api.server.impls.KubernetesNamespaceMetaImpl)
KubernetesNamespaceMeta(org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)
Example 28 with KubernetesNamespaceMeta
use of org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta in project che-server by eclipse-che.
the class OpenShiftProjectFactoryTest method shouldNotThrowAnExceptionWhenNotAllowedToListNamespaces.
@Test
public void shouldNotThrowAnExceptionWhenNotAllowedToListNamespaces() throws Exception {
// given
Project p = createProject("ns1", "project1", "desc1", "Active");
doThrow(new KubernetesClientException("Not allowed.", 403, new Status())).when(projectList).getItems();
prepareNamespaceToBeFoundByName("u123-che", p);
projectFactory = new OpenShiftProjectFactory("<userid>-che", true, true, true, NAMESPACE_LABELS, NAMESPACE_ANNOTATIONS, true, emptySet(), clientFactory, cheClientFactory, cheServerOpenshiftClientFactory, userManager, preferenceManager, pool, NO_OAUTH_IDENTITY_PROVIDER);
EnvironmentContext.getCurrent().setSubject(new SubjectImpl("jondoe", "u123", null, false));
// when
List<KubernetesNamespaceMeta> availableNamespaces = projectFactory.list();
// then
assertEquals(availableNamespaces.get(0).getName(), "ns1");
}
Also used :
Status(io.fabric8.kubernetes.api.model.Status)
Project(io.fabric8.openshift.api.model.Project)
KubernetesNamespaceMeta(org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)
SubjectImpl(org.eclipse.che.commons.subject.SubjectImpl)
KubernetesClientException(io.fabric8.kubernetes.client.KubernetesClientException)
Test(org.testng.annotations.Test)
Example 29 with KubernetesNamespaceMeta
use of org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta in project che-server by eclipse-che.
the class OpenShiftProjectFactoryTest method shouldReturnPreparedNamespacesWhenFound.
@Test
public void shouldReturnPreparedNamespacesWhenFound() throws InfrastructureException {
// given
List<Project> projects = Arrays.asList(createProject("ns1", "project1", "desc1", "Active", Map.of(NAMESPACE_ANNOTATION_NAME, "jondoe")), createProject("ns3", "project3", "desc3", "Active", Map.of(NAMESPACE_ANNOTATION_NAME, "some_other_user")), createProject("ns2", "project2", "desc2", "Active", Map.of(NAMESPACE_ANNOTATION_NAME, "jondoe")));
doReturn(projects).when(projectList).getItems();
projectFactory = new OpenShiftProjectFactory("<userid>-che", true, true, true, NAMESPACE_LABELS, NAMESPACE_ANNOTATIONS, true, emptySet(), clientFactory, cheClientFactory, cheServerOpenshiftClientFactory, userManager, preferenceManager, pool, NO_OAUTH_IDENTITY_PROVIDER);
EnvironmentContext.getCurrent().setSubject(new SubjectImpl("jondoe", "123", null, false));
// when
List<KubernetesNamespaceMeta> availableNamespaces = projectFactory.list();
// then
assertEquals(availableNamespaces.size(), 2);
assertEquals(availableNamespaces.get(0).getName(), "ns1");
assertEquals(availableNamespaces.get(1).getName(), "ns2");
}
Also used :
Project(io.fabric8.openshift.api.model.Project)
KubernetesNamespaceMeta(org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)
SubjectImpl(org.eclipse.che.commons.subject.SubjectImpl)
Test(org.testng.annotations.Test)
Example 30 with KubernetesNamespaceMeta
use of org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta in project che-server by eclipse-che.
the class OpenShiftProjectFactoryTest method shouldReturnDefaultProjectWhenItExistsAndUserDefinedIsNotAllowed.
@Test
public void shouldReturnDefaultProjectWhenItExistsAndUserDefinedIsNotAllowed() throws Exception {
prepareNamespaceToBeFoundByName(USER_NAME + "-che", new ProjectBuilder().withNewMetadata().withName(USER_NAME + "-che").withAnnotations(ImmutableMap.of(PROJECT_DISPLAY_NAME_ANNOTATION, "Default Che Project", PROJECT_DESCRIPTION_ANNOTATION, "some description")).endMetadata().withNewStatus().withPhase("Active").endStatus().build());
projectFactory = new OpenShiftProjectFactory("<username>-che", true, true, true, NAMESPACE_LABELS, NAMESPACE_ANNOTATIONS, true, emptySet(), clientFactory, cheClientFactory, cheServerOpenshiftClientFactory, userManager, preferenceManager, pool, NO_OAUTH_IDENTITY_PROVIDER);
List<KubernetesNamespaceMeta> availableNamespaces = projectFactory.list();
assertEquals(availableNamespaces.size(), 1);
KubernetesNamespaceMeta defaultNamespace = availableNamespaces.get(0);
assertEquals(defaultNamespace.getName(), USER_NAME + "-che");
assertEquals(defaultNamespace.getAttributes().get(DEFAULT_ATTRIBUTE), "true");
assertEquals(defaultNamespace.getAttributes().get(PROJECT_DISPLAY_NAME_ATTRIBUTE), "Default Che Project");
assertEquals(defaultNamespace.getAttributes().get(PROJECT_DESCRIPTION_ATTRIBUTE), "some description");
assertEquals(defaultNamespace.getAttributes().get(PHASE_ATTRIBUTE), "Active");
}
Also used :
ProjectBuilder(io.fabric8.openshift.api.model.ProjectBuilder)
KubernetesNamespaceMeta(org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)
Test(org.testng.annotations.Test)
Aggregations
KubernetesNamespaceMeta (org.eclipse.che.workspace.infrastructure.kubernetes.api.shared.KubernetesNamespaceMeta)42
Test (org.testng.annotations.Test)34
KubernetesNamespaceMetaImpl (org.eclipse.che.workspace.infrastructure.kubernetes.api.server.impls.KubernetesNamespaceMetaImpl)20
Secret (io.fabric8.kubernetes.api.model.Secret)18
PersonalAccessToken (org.eclipse.che.api.factory.server.scm.PersonalAccessToken)18
SubjectImpl (org.eclipse.che.commons.subject.SubjectImpl)16
ObjectMeta (io.fabric8.kubernetes.api.model.ObjectMeta)10
ObjectMetaBuilder (io.fabric8.kubernetes.api.model.ObjectMetaBuilder)10
SecretBuilder (io.fabric8.kubernetes.api.model.SecretBuilder)10
LabelSelector (io.fabric8.kubernetes.api.model.LabelSelector)8
KubernetesNamespace (org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesNamespace)8
KubernetesSecrets (org.eclipse.che.workspace.infrastructure.kubernetes.namespace.KubernetesSecrets)8
NamespaceBuilder (io.fabric8.kubernetes.api.model.NamespaceBuilder)6
KubernetesClientException (io.fabric8.kubernetes.client.KubernetesClientException)6
NamespaceResolutionContext (org.eclipse.che.api.workspace.server.spi.NamespaceResolutionContext)6
Namespace (io.fabric8.kubernetes.api.model.Namespace)4
Status (io.fabric8.kubernetes.api.model.Status)4
InfrastructureException (org.eclipse.che.api.workspace.server.spi.InfrastructureException)4
Project (io.fabric8.openshift.api.model.Project)3
SecretList (io.fabric8.kubernetes.api.model.SecretList)2
