Example 1 with SecretProvider
use of org.platformlayer.auth.crypto.SecretProvider in project platformlayer by platformlayer.
the class ItemServiceImpl method ensureItem.
<T extends ItemBase> T ensureItem(final ProjectAuthorization auth, final T item, final boolean canExist, final boolean generateUniqueName, final String uniqueTagKey) throws OpsException {
final ModelClass<T> modelClass = (ModelClass<T>) serviceProviderDirectory.getModelClass(item.getClass());
if (modelClass == null) {
throw new IllegalStateException("Unknown item type");
}
final Class<T> javaClass = modelClass.getJavaClass();
// JaxbHelper jaxbHelper = JaxbHelper.get(javaClass);
final ServiceProvider serviceProvider = modelClass.getProvider();
String id = item.getId();
if (Strings.isNullOrEmpty(id)) {
if (generateUniqueName) {
id = serviceProvider.buildItemId(modelClass, item);
} else {
// otherwise we end up with lots of randomly named items
throw new OpsException("Must specify item id");
// id = UUID.randomUUID().toString();
// item.setId(id);
}
}
ProjectId project = getProjectId(auth);
PlatformLayerKey itemKey = new PlatformLayerKey(null, project, modelClass.getServiceType(), modelClass.getItemType(), new ManagedItemId(id));
item.setKey(itemKey);
item.state = ManagedItemState.CREATION_REQUESTED;
final OpsContext opsContext = buildTemporaryOpsContext(modelClass.getServiceType(), auth);
T created = OpsContext.runInContext(opsContext, new CheckedCallable<T, Exception>() {
@Override
public T call() throws Exception {
PlatformLayerKey itemKey = item.getKey();
T existing;
SecretProvider secretProvider = SecretProvider.from(auth);
if (uniqueTagKey != null) {
boolean fetchTags = true;
Tag uniqueTag = null;
for (Tag tag : item.getTags()) {
if (Objects.equal(tag.getKey(), uniqueTagKey)) {
uniqueTag = tag;
}
}
if (uniqueTag == null) {
throw new IllegalArgumentException("Could not find unique tag");
}
Filter filter = TagFilter.byTag(uniqueTag);
filter = StateFilter.excludeDeleted(filter);
existing = null;
List<T> existingList = repository.findAll(modelClass, itemKey.getProject(), fetchTags, secretProvider, filter);
if (!existingList.isEmpty()) {
if (existingList.size() != 1) {
throw new IllegalArgumentException("Found multiple items with unique tag");
}
existing = existingList.get(0);
}
if (existing == null) {
itemKey = findUniqueId(item, itemKey, secretProvider);
}
} else {
if (generateUniqueName) {
itemKey = findUniqueId(item, itemKey, secretProvider);
}
try {
boolean fetchTags = true;
existing = Casts.checkedCast(repository.getManagedItem(itemKey, fetchTags, secretProvider), javaClass);
} catch (RepositoryException e) {
throw new OpsException("Error fetching item from database", e);
}
}
if (!canExist && existing != null) {
throw new OpsException("Item already exists");
}
serviceProvider.beforeCreateItem(item);
ProjectId project = getProjectId(auth);
T newItem;
try {
if (existing == null) {
newItem = repository.createManagedItem(project, item);
} else {
item.secret = existing.secret;
item.setKey(existing.getKey());
newItem = repository.updateManagedItem(project, item);
TagChanges tagChanges = new TagChanges();
for (Tag tag : item.getTags()) {
if (newItem.getTags().hasTag(tag)) {
continue;
}
boolean uniqueTagKey = false;
if (tag.getKey().equals(Tag.PARENT.getKey())) {
uniqueTagKey = true;
}
tagChanges.addTags.add(tag);
if (uniqueTagKey) {
for (Tag oldTag : newItem.getTags().findTags(tag.getKey())) {
tagChanges.removeTags.add(oldTag);
}
}
}
if (!tagChanges.isEmpty()) {
repository.changeTags(modelClass, project, newItem.getKey().getItemId(), tagChanges, null);
}
}
} catch (RepositoryException e) {
throw new OpsException("Error writing object to database", e);
}
itemKey = newItem.getKey();
JobData jobKey = changeQueue.notifyChange(auth, itemKey, ManagedItemState.CREATION_REQUESTED);
return newItem;
}
private <T extends ItemBase> PlatformLayerKey findUniqueId(final T item, final PlatformLayerKey itemKey, SecretProvider secretProvider) throws RepositoryException {
int sequence = 0;
while (true) {
String tryId = item.getId();
if (sequence != 0) {
tryId += sequence;
}
final PlatformLayerKey tryKey = itemKey.withId(new ManagedItemId(tryId));
boolean fetchTags = false;
ItemBase found = repository.getManagedItem(tryKey, fetchTags, secretProvider);
if (found == null) {
item.setKey(tryKey);
return tryKey;
}
sequence++;
}
}
});
return created;
}
Also used :
OpsException(org.platformlayer.ops.OpsException)
ItemBase(org.platformlayer.core.model.ItemBase)
ProjectId(org.platformlayer.ids.ProjectId)
PlatformLayerKey(org.platformlayer.core.model.PlatformLayerKey)
RepositoryException(org.platformlayer.RepositoryException)
OpsContext(org.platformlayer.ops.OpsContext)
TagChanges(org.platformlayer.core.model.TagChanges)
ManagedItemId(org.platformlayer.ids.ManagedItemId)
RepositoryException(org.platformlayer.RepositoryException)
OpsException(org.platformlayer.ops.OpsException)
ModelClass(org.platformlayer.xaas.services.ModelClass)
StateFilter(org.platformlayer.StateFilter)
TagFilter(org.platformlayer.TagFilter)
Filter(org.platformlayer.Filter)
ServiceProvider(org.platformlayer.xaas.services.ServiceProvider)
List(java.util.List)
Tag(org.platformlayer.core.model.Tag)
JobData(org.platformlayer.jobs.model.JobData)
SecretProvider(org.platformlayer.auth.crypto.SecretProvider)
Example 2 with SecretProvider
use of org.platformlayer.auth.crypto.SecretProvider in project platformlayer by platformlayer.
the class ItemServiceImpl method deleteItem.
@Override
public JobData deleteItem(final ProjectAuthorization auth, final PlatformLayerKey targetItemKey) throws OpsException {
SecretProvider secretProvider = SecretProvider.from(auth);
boolean fetchTags = true;
ItemBase targetItem;
try {
targetItem = repository.getManagedItem(targetItemKey, fetchTags, secretProvider);
} catch (RepositoryException e) {
throw new OpsException("Error reading item", e);
}
if (targetItem == null) {
throw new IllegalStateException("Item not found");
}
targetItem.state = ManagedItemState.DELETE_REQUESTED;
final ServiceProvider serviceProvider = serviceProviderDirectory.getServiceProvider(targetItemKey.getServiceType());
if (serviceProvider == null) {
throw new IllegalStateException("Unknown service type");
}
final OpsContext opsContext = buildTemporaryOpsContext(targetItemKey.getServiceType(), auth);
JobData jobKey = OpsContext.runInContext(opsContext, new CheckedCallable<JobData, Exception>() {
@Override
public JobData call() throws Exception {
try {
repository.changeState(targetItemKey, ManagedItemState.DELETE_REQUESTED);
} catch (RepositoryException e) {
throw new OpsException("Error writing object to database", e);
}
return changeQueue.notifyChange(auth, targetItemKey, ManagedItemState.DELETE_REQUESTED);
}
});
return jobKey;
}
Also used :
OpsException(org.platformlayer.ops.OpsException)
ItemBase(org.platformlayer.core.model.ItemBase)
ServiceProvider(org.platformlayer.xaas.services.ServiceProvider)
RepositoryException(org.platformlayer.RepositoryException)
JobData(org.platformlayer.jobs.model.JobData)
OpsContext(org.platformlayer.ops.OpsContext)
RepositoryException(org.platformlayer.RepositoryException)
OpsException(org.platformlayer.ops.OpsException)
SecretProvider(org.platformlayer.auth.crypto.SecretProvider)
Example 3 with SecretProvider
use of org.platformlayer.auth.crypto.SecretProvider in project platformlayer by platformlayer.
the class JdbcManagedItemRepository method updateManagedItem.
@Override
@JdbcTransaction
public <T extends ItemBase> T updateManagedItem(ProjectId project, T item) throws RepositoryException {
Class<T> itemClass = (Class<T>) item.getClass();
DbHelper db = new DbHelper(itemClass, project);
try {
ManagedItemId itemId = new ManagedItemId(item.getId());
ModelClass<T> modelClass = serviceProviderDirectory.getModelClass(itemClass);
int projectId = db.mapToValue(project);
int modelId = db.mapToValue(modelClass.getItemType());
int serviceId = db.mapToValue(modelClass.getServiceType());
ItemEntity rs = db.queries.findItem(serviceId, modelId, projectId, itemId.getKey());
if (rs == null) {
throw new RepositoryException("Item not found");
}
byte[] secretData = rs.secret;
CryptoKey itemSecret;
if (secretData == null) {
itemSecret = FathomdbCrypto.generateKey();
secretData = itemSecrets.encodeItemSecret(itemSecret);
db.updateSecret(itemId, secretData);
} else {
itemSecret = item.secret.getSecret();
}
byte[] data = serialize(item, itemSecret);
db.updateItem(itemId, data, item.state);
// Note: we can't change tags here (that needs a separate call to updateTags)
SecretProvider secretProvider = SecretProvider.forKey(itemSecret);
boolean fetchTags = true;
return fetchItem(db, modelClass.getServiceType(), modelClass.getItemType(), project, itemId, itemClass, secretProvider, fetchTags);
} catch (SQLException e) {
throw new RepositoryException("Error running query", e);
} finally {
db.close();
}
}
Also used :
SQLException(java.sql.SQLException)
CryptoKey(com.fathomdb.crypto.CryptoKey)
AesCryptoKey(com.fathomdb.crypto.AesCryptoKey)
RepositoryException(org.platformlayer.RepositoryException)
ManagedItemId(org.platformlayer.ids.ManagedItemId)
ModelClass(org.platformlayer.xaas.services.ModelClass)
SecretProvider(org.platformlayer.auth.crypto.SecretProvider)
JdbcTransaction(com.fathomdb.jdbc.JdbcTransaction)
Aggregations
RepositoryException (org.platformlayer.RepositoryException)3
SecretProvider (org.platformlayer.auth.crypto.SecretProvider)3
ItemBase (org.platformlayer.core.model.ItemBase)2
ManagedItemId (org.platformlayer.ids.ManagedItemId)2
JobData (org.platformlayer.jobs.model.JobData)2
OpsContext (org.platformlayer.ops.OpsContext)2
OpsException (org.platformlayer.ops.OpsException)2
ModelClass (org.platformlayer.xaas.services.ModelClass)2
ServiceProvider (org.platformlayer.xaas.services.ServiceProvider)2
AesCryptoKey (com.fathomdb.crypto.AesCryptoKey)1
CryptoKey (com.fathomdb.crypto.CryptoKey)1
JdbcTransaction (com.fathomdb.jdbc.JdbcTransaction)1
SQLException (java.sql.SQLException)1
List (java.util.List)1
Filter (org.platformlayer.Filter)1
StateFilter (org.platformlayer.StateFilter)1
TagFilter (org.platformlayer.TagFilter)1
PlatformLayerKey (org.platformlayer.core.model.PlatformLayerKey)1
Tag (org.platformlayer.core.model.Tag)1
TagChanges (org.platformlayer.core.model.TagChanges)1
