use of org.platformlayer.auth.crypto.SecretProvider in project platformlayer by platformlayer.
the class ItemServiceImpl method ensureItem.
<T extends ItemBase> T ensureItem(final ProjectAuthorization auth, final T item, final boolean canExist, final boolean generateUniqueName, final String uniqueTagKey) throws OpsException {
final ModelClass<T> modelClass = (ModelClass<T>) serviceProviderDirectory.getModelClass(item.getClass());
if (modelClass == null) {
throw new IllegalStateException("Unknown item type");
}
final Class<T> javaClass = modelClass.getJavaClass();
// JaxbHelper jaxbHelper = JaxbHelper.get(javaClass);
final ServiceProvider serviceProvider = modelClass.getProvider();
String id = item.getId();
if (Strings.isNullOrEmpty(id)) {
if (generateUniqueName) {
id = serviceProvider.buildItemId(modelClass, item);
} else {
// otherwise we end up with lots of randomly named items
throw new OpsException("Must specify item id");
// id = UUID.randomUUID().toString();
// item.setId(id);
}
}
ProjectId project = getProjectId(auth);
PlatformLayerKey itemKey = new PlatformLayerKey(null, project, modelClass.getServiceType(), modelClass.getItemType(), new ManagedItemId(id));
item.setKey(itemKey);
item.state = ManagedItemState.CREATION_REQUESTED;
final OpsContext opsContext = buildTemporaryOpsContext(modelClass.getServiceType(), auth);
T created = OpsContext.runInContext(opsContext, new CheckedCallable<T, Exception>() {
@Override
public T call() throws Exception {
PlatformLayerKey itemKey = item.getKey();
T existing;
SecretProvider secretProvider = SecretProvider.from(auth);
if (uniqueTagKey != null) {
boolean fetchTags = true;
Tag uniqueTag = null;
for (Tag tag : item.getTags()) {
if (Objects.equal(tag.getKey(), uniqueTagKey)) {
uniqueTag = tag;
}
}
if (uniqueTag == null) {
throw new IllegalArgumentException("Could not find unique tag");
}
Filter filter = TagFilter.byTag(uniqueTag);
filter = StateFilter.excludeDeleted(filter);
existing = null;
List<T> existingList = repository.findAll(modelClass, itemKey.getProject(), fetchTags, secretProvider, filter);
if (!existingList.isEmpty()) {
if (existingList.size() != 1) {
throw new IllegalArgumentException("Found multiple items with unique tag");
}
existing = existingList.get(0);
}
if (existing == null) {
itemKey = findUniqueId(item, itemKey, secretProvider);
}
} else {
if (generateUniqueName) {
itemKey = findUniqueId(item, itemKey, secretProvider);
}
try {
boolean fetchTags = true;
existing = Casts.checkedCast(repository.getManagedItem(itemKey, fetchTags, secretProvider), javaClass);
} catch (RepositoryException e) {
throw new OpsException("Error fetching item from database", e);
}
}
if (!canExist && existing != null) {
throw new OpsException("Item already exists");
}
serviceProvider.beforeCreateItem(item);
ProjectId project = getProjectId(auth);
T newItem;
try {
if (existing == null) {
newItem = repository.createManagedItem(project, item);
} else {
item.secret = existing.secret;
item.setKey(existing.getKey());
newItem = repository.updateManagedItem(project, item);
TagChanges tagChanges = new TagChanges();
for (Tag tag : item.getTags()) {
if (newItem.getTags().hasTag(tag)) {
continue;
}
boolean uniqueTagKey = false;
if (tag.getKey().equals(Tag.PARENT.getKey())) {
uniqueTagKey = true;
}
tagChanges.addTags.add(tag);
if (uniqueTagKey) {
for (Tag oldTag : newItem.getTags().findTags(tag.getKey())) {
tagChanges.removeTags.add(oldTag);
}
}
}
if (!tagChanges.isEmpty()) {
repository.changeTags(modelClass, project, newItem.getKey().getItemId(), tagChanges, null);
}
}
} catch (RepositoryException e) {
throw new OpsException("Error writing object to database", e);
}
itemKey = newItem.getKey();
JobData jobKey = changeQueue.notifyChange(auth, itemKey, ManagedItemState.CREATION_REQUESTED);
return newItem;
}
private <T extends ItemBase> PlatformLayerKey findUniqueId(final T item, final PlatformLayerKey itemKey, SecretProvider secretProvider) throws RepositoryException {
int sequence = 0;
while (true) {
String tryId = item.getId();
if (sequence != 0) {
tryId += sequence;
}
final PlatformLayerKey tryKey = itemKey.withId(new ManagedItemId(tryId));
boolean fetchTags = false;
ItemBase found = repository.getManagedItem(tryKey, fetchTags, secretProvider);
if (found == null) {
item.setKey(tryKey);
return tryKey;
}
sequence++;
}
}
});
return created;
}
use of org.platformlayer.auth.crypto.SecretProvider in project platformlayer by platformlayer.
the class ItemServiceImpl method deleteItem.
@Override
public JobData deleteItem(final ProjectAuthorization auth, final PlatformLayerKey targetItemKey) throws OpsException {
SecretProvider secretProvider = SecretProvider.from(auth);
boolean fetchTags = true;
ItemBase targetItem;
try {
targetItem = repository.getManagedItem(targetItemKey, fetchTags, secretProvider);
} catch (RepositoryException e) {
throw new OpsException("Error reading item", e);
}
if (targetItem == null) {
throw new IllegalStateException("Item not found");
}
targetItem.state = ManagedItemState.DELETE_REQUESTED;
final ServiceProvider serviceProvider = serviceProviderDirectory.getServiceProvider(targetItemKey.getServiceType());
if (serviceProvider == null) {
throw new IllegalStateException("Unknown service type");
}
final OpsContext opsContext = buildTemporaryOpsContext(targetItemKey.getServiceType(), auth);
JobData jobKey = OpsContext.runInContext(opsContext, new CheckedCallable<JobData, Exception>() {
@Override
public JobData call() throws Exception {
try {
repository.changeState(targetItemKey, ManagedItemState.DELETE_REQUESTED);
} catch (RepositoryException e) {
throw new OpsException("Error writing object to database", e);
}
return changeQueue.notifyChange(auth, targetItemKey, ManagedItemState.DELETE_REQUESTED);
}
});
return jobKey;
}
use of org.platformlayer.auth.crypto.SecretProvider in project platformlayer by platformlayer.
the class JdbcManagedItemRepository method updateManagedItem.
@Override
@JdbcTransaction
public <T extends ItemBase> T updateManagedItem(ProjectId project, T item) throws RepositoryException {
Class<T> itemClass = (Class<T>) item.getClass();
DbHelper db = new DbHelper(itemClass, project);
try {
ManagedItemId itemId = new ManagedItemId(item.getId());
ModelClass<T> modelClass = serviceProviderDirectory.getModelClass(itemClass);
int projectId = db.mapToValue(project);
int modelId = db.mapToValue(modelClass.getItemType());
int serviceId = db.mapToValue(modelClass.getServiceType());
ItemEntity rs = db.queries.findItem(serviceId, modelId, projectId, itemId.getKey());
if (rs == null) {
throw new RepositoryException("Item not found");
}
byte[] secretData = rs.secret;
CryptoKey itemSecret;
if (secretData == null) {
itemSecret = FathomdbCrypto.generateKey();
secretData = itemSecrets.encodeItemSecret(itemSecret);
db.updateSecret(itemId, secretData);
} else {
itemSecret = item.secret.getSecret();
}
byte[] data = serialize(item, itemSecret);
db.updateItem(itemId, data, item.state);
// Note: we can't change tags here (that needs a separate call to updateTags)
SecretProvider secretProvider = SecretProvider.forKey(itemSecret);
boolean fetchTags = true;
return fetchItem(db, modelClass.getServiceType(), modelClass.getItemType(), project, itemId, itemClass, secretProvider, fetchTags);
} catch (SQLException e) {
throw new RepositoryException("Error running query", e);
} finally {
db.close();
}
}
Aggregations