Example 1 with User
use of org.finra.gatekeeper.services.accessrequest.model.User in project Gatekeeper by FINRAOS.
the class RevokeAccessServiceTask method execute.
/**
* @param execution - the request to execute on
* @throws Exception - if the revocation fails
*/
public void execute(DelegateExecution execution) throws Exception {
Job job = managementService.createJobQuery().processInstanceId(execution.getProcessInstanceId()).singleResult();
AccessRequest accessRequest = (AccessRequest) execution.getVariable("accessRequest");
try {
logger.info("Revoking access for Users, Attempts remaining: " + job.getRetries());
for (User user : accessRequest.getUsers()) {
for (UserRole role : accessRequest.getRoles()) {
databaseConnectionService.revokeAccess(accessRequest.getAwsRdsInstances(), RoleType.valueOf(role.getRole().toUpperCase()), user.getUserId());
}
}
} catch (Exception e) {
if (job.getRetries() - 1 == 0) {
logger.error("Maximum attempt limit reached. Notify Ops team for manual removal");
emailServiceWrapper.notifyOps(accessRequest);
emailServiceWrapper.notifyAdminsOfFailure(accessRequest, e);
} else {
throw e;
}
}
}
Also used :
User(org.finra.gatekeeper.services.accessrequest.model.User)
AccessRequest(org.finra.gatekeeper.services.accessrequest.model.AccessRequest)
UserRole(org.finra.gatekeeper.services.accessrequest.model.UserRole)
Job(org.activiti.engine.runtime.Job)
Aggregations
Job (org.activiti.engine.runtime.Job)1
AccessRequest (org.finra.gatekeeper.services.accessrequest.model.AccessRequest)1
User (org.finra.gatekeeper.services.accessrequest.model.User)1
UserRole (org.finra.gatekeeper.services.accessrequest.model.UserRole)1
