Examples with ProjectAuthorization org.platformlayer.model.ProjectAuthorization used on opensource projects

Search in sources :

Example 1 with ProjectAuthorization

use of org.platformlayer.model.ProjectAuthorization in project platformlayer by platformlayer.

the class OperationWorker method doOperation.

Object doOperation() throws OpsException {
    final Action action = activeJob.getAction();
    final PlatformLayerKey targetItemKey = activeJob.getTargetItemKey();
    RenameThread rename = new RenameThread(action.getClass().getSimpleName() + " " + targetItemKey);
    try {
        OpsContextBuilder opsContextBuilder = opsSystem.getInjector().getInstance(OpsContextBuilder.class);
        final ProjectAuthorization project = activeJob.getProjectAuthorization();
        final OpsContext opsContext = opsContextBuilder.buildOpsContext(activeJob);
        final ServiceType serviceType = activeJob.getServiceType();
        final ServiceProvider serviceProvider = opsSystem.getServiceProvider(serviceType);
        try {
            return OpsContext.runInContext(opsContext, new CheckedCallable<Object, Exception>() {

                @Override
                public Object call() throws Exception {
                    log.info("Starting job");
                    activeJob.setState(JobState.RUNNING);
                    ItemBase item;
                    ManagedItemRepository repository = opsSystem.getManagedItemRepository();
                    try {
                        boolean fetchTags = true;
                        item = repository.getManagedItem(targetItemKey, fetchTags, SecretProvider.from(project));
                    } catch (RepositoryException e) {
                        throw new OpsException("Error reading item from repository", e);
                    }
                    if (item == null) {
                        throw new WebApplicationException(404);
                    }
                    List<Object> scopeItems = Lists.newArrayList();
                    addActionScopeItems(action, item, scopeItems);
                    Object controller = serviceProvider.getController(item);
                    scopeItems.add(item);
                    scopeItems.add(action);
                    BindingScope scope = BindingScope.push(scopeItems);
                    opsContext.recurseOperation(scope, controller);
                    // TODO: Should we run a verify operation before -> ACTIVE??
                    // (we need to fix the states as well)
                    ManagedItemState newState = finishAction(action, scope);
                    if (newState != null) {
                        repository.changeState(targetItemKey, newState);
                        item.state = newState;
                    }
                    log.info("Job finished with SUCCESS");
                    activeJob.setState(JobState.SUCCESS);
                    return null;
                }

                private ManagedItemState finishAction(Action action, BindingScope scope) throws OpsException {
                    ManagedItemState newState = null;
                    if (action instanceof ConfigureAction) {
                        newState = ManagedItemState.ACTIVE;
                    }
                    if (action instanceof ValidateAction) {
                    // TODO: Change state to healthy??
                    }
                    if (action instanceof DeleteAction) {
                        newState = ManagedItemState.DELETED;
                    }
                    if (action instanceof BackupAction) {
                        BackupContext backupContext = scope.getInstance(BackupContext.class);
                        backupContext.writeDescriptor();
                    }
                    return newState;
                }

                private void addActionScopeItems(Action action, ItemBase item, List<Object> scopeItems) throws OpsException {
                    if (action instanceof BackupAction) {
                        // TODO: Don't hard-code this
                        BackupHelpers backupHelpers = opsSystem.getInjector().getInstance(BackupHelpers.class);
                        BackupContext backupContext = backupHelpers.createBackupContext(item);
                        scopeItems.add(backupContext);
                    }
                }
            });
        } catch (Throwable e) {
            log.warn("Error running operation", e);
            log.warn("Job finished with FAILED");
            // boolean isDone = false; // We will retry
            activeJob.setState(JobState.FAILED);
            TimeSpan retry = null;
            HasRetryInfo retryInfo = ExceptionHelpers.findRetryInfo(e);
            if (retryInfo != null) {
                retry = retryInfo.getRetry();
            }
            if (retry == null) {
                // TODO: Eventually give up??
                retry = ApplicationMode.isDevelopment() ? TimeSpan.ONE_MINUTE : TimeSpan.FIVE_MINUTES;
            }
            // TODO: State transition??
            // managedItem.setState(ManagedItemState.ACTIVE, true);
            log.warn("Scheduling retry in " + retry);
            activeJob.enqueueRetry(retry);
            return null;
        } finally {
            try {
                activeJob.recordJobEnd();
            } catch (OpsException e) {
                log.error("Error recording job in registry", e);
            }
        }
    } finally {
        IoUtils.safeClose(rename);
    }
}
Also used : ValidateAction(org.platformlayer.core.model.ValidateAction) ConfigureAction(org.platformlayer.core.model.ConfigureAction) DeleteAction(org.platformlayer.core.model.DeleteAction) BackupAction(org.platformlayer.core.model.BackupAction) Action(org.platformlayer.core.model.Action) OpsException(org.platformlayer.ops.OpsException) WebApplicationException(javax.ws.rs.WebApplicationException) BackupHelpers(org.platformlayer.ops.backups.BackupHelpers) ManagedItemRepository(org.platformlayer.xaas.repository.ManagedItemRepository) OpsContext(org.platformlayer.ops.OpsContext) TimeSpan(com.fathomdb.TimeSpan) BackupAction(org.platformlayer.core.model.BackupAction) ServiceType(org.platformlayer.ids.ServiceType) BackupContext(org.platformlayer.ops.backups.BackupContext) HasRetryInfo(org.platformlayer.exceptions.HasRetryInfo) List(java.util.List) BindingScope(org.platformlayer.ops.BindingScope) ConfigureAction(org.platformlayer.core.model.ConfigureAction) ItemBase(org.platformlayer.core.model.ItemBase) PlatformLayerKey(org.platformlayer.core.model.PlatformLayerKey) RepositoryException(org.platformlayer.RepositoryException) RepositoryException(org.platformlayer.RepositoryException) OpsException(org.platformlayer.ops.OpsException) WebApplicationException(javax.ws.rs.WebApplicationException) ServiceProvider(org.platformlayer.xaas.services.ServiceProvider) ProjectAuthorization(org.platformlayer.model.ProjectAuthorization) DeleteAction(org.platformlayer.core.model.DeleteAction) ValidateAction(org.platformlayer.core.model.ValidateAction) ManagedItemState(org.platformlayer.core.model.ManagedItemState)

Example 2 with ProjectAuthorization

use of org.platformlayer.model.ProjectAuthorization in project platformlayer by platformlayer.

the class OpsContextBuilder method buildOpsContext.

public OpsContext buildOpsContext(ActiveJobExecution activeJob) throws OpsException {
    ServiceType serviceType = activeJob.getServiceType();
    ProjectAuthorization projectAuthz = activeJob.getProjectAuthorization();
    List<ProjectAuthorization> projects = Lists.newArrayList();
    // .getProject();
    ProjectAuthorization runAsProject = projectAuthz;
    projects.add(runAsProject);
    MultitenantConfiguration multitenant = opsSystem.getMultitenantConfiguration();
    if (multitenant != null) {
        ProjectAuthorization masterProject = multitenant.getMasterProject();
        if (runAsProject.getName().equals(masterProject.getName())) {
            // We're in the master project
            multitenant = null;
        } else {
            runAsProject = masterProject;
            projects.add(runAsProject);
        }
    }
    TypedPlatformLayerClient defaultClient = buildClient(runAsProject);
    FederationConfiguration federationMapConfig = FederatedPlatformLayerClient.buildFederationConfiguration(defaultClient);
    FederationMap federationMap = new FederationMap(httpStrategy, mapper, federationMapConfig);
    if (multitenant != null) {
        // .getProject();
        ProjectAuthorization localProject = projectAuthz;
        TypedPlatformLayerClient localClient = buildClient(localProject);
        FederationKey host = FederationKey.LOCAL;
        ProjectId project = localClient.getProject();
        FederationMapping mapKey = new FederationMapping(host, project);
        federationMap.addMapping(mapKey, localClient);
        for (PlatformLayerKey mappedService : multitenant.getMappedItems()) {
            FederationMap.Rule rule = new FederationMap.Rule();
            rule.mappedItems = mappedService;
            rule.targetKey = mapKey;
            federationMap.addRule(rule);
        }
    }
    ProjectId runAsProjectId = new ProjectId(runAsProject.getName());
    PlatformLayerClient platformLayerClient;
    if (federationMap.isEmpty()) {
        platformLayerClient = defaultClient;
    } else {
        federationMap.addDefault(defaultClient);
        platformLayerClient = FederatedPlatformLayerClient.build(runAsProjectId, federationMap);
    }
    ServiceConfiguration serviceConfiguration = new ServiceConfiguration(runAsProjectId, serviceType);
    ServiceAuthorization serviceAuthorization;
    try {
        serviceAuthorization = serviceAuthorizationService.findServiceAuthorization(serviceType, runAsProjectId);
        // }
        if (serviceAuthorization == null) {
            serviceAuthorization = new ServiceAuthorization();
            serviceAuthorization.serviceType = serviceConfiguration.getServiceType().getKey();
        }
    } catch (RepositoryException e) {
        throw new OpsException("Error reading from repository", e);
    }
    // OpsConfig opsConfig = OpsConfig.build(serviceAuthorization);
    // UserInfo userInfo = new SimpleUserInfo(auth, opsConfig);
    OpsContext opsContext = new OpsContext(opsSystem, activeJob, serviceConfiguration, platformLayerClient, projects);
    return opsContext;
}
Also used : TypedPlatformLayerClient(org.platformlayer.TypedPlatformLayerClient) OpsException(org.platformlayer.ops.OpsException) ProjectId(org.platformlayer.ids.ProjectId) FederationMap(org.platformlayer.federation.FederationMap) PlatformLayerKey(org.platformlayer.core.model.PlatformLayerKey) RepositoryException(org.platformlayer.RepositoryException) OpsContext(org.platformlayer.ops.OpsContext) MultitenantConfiguration(org.platformlayer.ops.MultitenantConfiguration) FederationKey(org.platformlayer.ids.FederationKey) ServiceAuthorization(org.platformlayer.xaas.model.ServiceAuthorization) DirectPlatformLayerClient(org.platformlayer.ops.DirectPlatformLayerClient) FederatedPlatformLayerClient(org.platformlayer.federation.FederatedPlatformLayerClient) PlatformLayerClient(org.platformlayer.PlatformLayerClient) TypedPlatformLayerClient(org.platformlayer.TypedPlatformLayerClient) FederationConfiguration(org.platformlayer.federation.model.FederationConfiguration) ServiceConfiguration(org.platformlayer.ops.ServiceConfiguration) ServiceType(org.platformlayer.ids.ServiceType) ProjectAuthorization(org.platformlayer.model.ProjectAuthorization) FederationMapping(org.platformlayer.federation.FederationMapping)

Example 3 with ProjectAuthorization

use of org.platformlayer.model.ProjectAuthorization in project platformlayer by platformlayer.

the class ScopeProjectAuthorizationProvider method get.

@Override
public ProjectAuthorization get() {
    ProjectAuthorization authentication = null;
    Scope scope = scopeProvider.get();
    if (scope != null) {
        authentication = scope.get(ProjectAuthorization.class);
    }
    return authentication;
}
Also used : Scope(org.platformlayer.Scope) ProjectAuthorization(org.platformlayer.model.ProjectAuthorization)

Example 4 with ProjectAuthorization

use of org.platformlayer.model.ProjectAuthorization in project platformlayer by platformlayer.

the class OpsContextBuilder method getRunAsProjectId.

public ProjectId getRunAsProjectId(ProjectAuthorization project) throws OpsException {
    // authentication.getProject();
    ProjectAuthorization runAsProject = project;
    MultitenantConfiguration multitenant = opsSystem.getMultitenantConfiguration();
    if (multitenant != null) {
        runAsProject = multitenant.getMasterProject();
    }
    ProjectId runAsProjectId = new ProjectId(runAsProject.getName());
    return runAsProjectId;
}
Also used : ProjectAuthorization(org.platformlayer.model.ProjectAuthorization) ProjectId(org.platformlayer.ids.ProjectId) MultitenantConfiguration(org.platformlayer.ops.MultitenantConfiguration)

Example 5 with ProjectAuthorization

use of org.platformlayer.model.ProjectAuthorization in project platformlayer by platformlayer.

the class SecretHelper method encodeItemSecret.

// TODO: We need to use the project secret, not the item secret
public byte[] encodeItemSecret(CryptoKey itemSecret) {
    try {
        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        SecretStore.Writer writer = new SecretStore.Writer(baos);
        byte[] plaintext = FathomdbCrypto.serialize(itemSecret);
        for (int backend : keyStore.getBackends()) {
            PublicKey publicKey = keyStore.findPublicKey(backend);
            if (publicKey != null) {
                writer.writeAsymetricSystemKey(plaintext, backend, publicKey);
            } else {
                throw new IllegalStateException();
            }
        }
        for (ProjectAuthorization project : OpsContext.get().getEncryptingProjects()) {
            if (project.isLocked()) {
                throw new IllegalStateException();
            // {
            // UserInfo user = OpsContext.get().getUserInfo();
            // ProjectId projectId = user.getProjectId();
            // OpsProject project = userRepository.findProjectByKey(projectId.getKey());
            // if (project == null) {
            // throw new IllegalStateException("Project not found");
            // }
            //
            // OpsUser opsUser = userRepository.findUser(user.getUserKey());
            // if (project == null) {
            // throw new IllegalStateException("User not found");
            // }
            //
            // SecretStore secretStore = new SecretStore(project.secretData);
            // projectKey = secretStore.getSecretFromUser(opsUser);
            //
            // project.unlockWithUser(opsUser);
            //
            // SecretKey projectSecret = project.getProjectSecret();
            // }
            }
            writer.writeLockedByProjectKey(plaintext, project.getId(), project.getProjectSecret());
        }
        // for (int userId : keyStore.getProjectIds()) {
        // SecretKey secretKey = keyStore.findUserSecret(userId);
        // if (secretKey != null) {
        // writer.writeLockedByUserKey(plaintext, userId, secretKey);
        // } else {
        // throw new IllegalStateException();
        // }
        // }
        writer.close();
        baos.close();
        return baos.toByteArray();
    } catch (IOException e) {
        throw new IllegalStateException("Error serializing key", e);
    }
}
Also used : PublicKey(java.security.PublicKey) ProjectAuthorization(org.platformlayer.model.ProjectAuthorization) ByteArrayOutputStream(java.io.ByteArrayOutputStream) IOException(java.io.IOException) SecretStore(org.platformlayer.auth.crypto.SecretStore)

Aggregations

ProjectAuthorization (org.platformlayer.model.ProjectAuthorization)10 ProjectId (org.platformlayer.ids.ProjectId)4 PlatformLayerKey (org.platformlayer.core.model.PlatformLayerKey)3 MultitenantConfiguration (org.platformlayer.ops.MultitenantConfiguration)3 OpsException (org.platformlayer.ops.OpsException)3 CryptoKey (com.fathomdb.crypto.CryptoKey)2 WebApplicationException (javax.ws.rs.WebApplicationException)2 RepositoryException (org.platformlayer.RepositoryException)2 SecretStore (org.platformlayer.auth.crypto.SecretStore)2 ServiceType (org.platformlayer.ids.ServiceType)2 OpsContext (org.platformlayer.ops.OpsContext)2 TimeSpan (com.fathomdb.TimeSpan)1 CertificateAndKey (com.fathomdb.crypto.CertificateAndKey)1 SimpleCertificateAndKey (com.fathomdb.crypto.SimpleCertificateAndKey)1 ByteArrayOutputStream (java.io.ByteArrayOutputStream)1 IOException (java.io.IOException)1 KeyPair (java.security.KeyPair)1 PublicKey (java.security.PublicKey)1 X509Certificate (java.security.cert.X509Certificate)1 List (java.util.List)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial