use of org.sonatype.nexus.common.stateguard.Guarded in project nexus-blobstore-google-cloud by sonatype-nexus-community.
the class GoogleCloudBlobStore method get.
@Nullable
@Override
@Guarded(by = STARTED)
@Timed
public Blob get(final BlobId blobId, final boolean includeDeleted) {
checkNotNull(blobId);
final GoogleCloudStorageBlob blob = liveBlobs.getUnchecked(blobId);
if (blob.isStale()) {
Lock lock = blob.lock();
try {
if (blob.isStale()) {
GoogleCloudBlobAttributes blobAttributes = new GoogleCloudBlobAttributes(bucket, attributePath(blobId));
boolean loaded = blobAttributes.load();
if (!loaded) {
log.warn("Attempt to access non-existent blob {} ({})", blobId, blobAttributes);
return null;
}
if (blobAttributes.isDeleted() && !includeDeleted) {
log.warn("Attempt to access soft-deleted blob {} ({})", blobId, blobAttributes);
return null;
}
blob.refresh(blobAttributes.getHeaders(), blobAttributes.getMetrics());
}
} catch (IOException e) {
throw new BlobStoreException(e, blobId);
} finally {
lock.unlock();
}
}
log.debug("Accessing blob {}", blobId);
return blob;
}
use of org.sonatype.nexus.common.stateguard.Guarded in project nexus-public by sonatype.
the class SelectorManagerImpl method browseActive.
@Override
@Guarded(by = STARTED)
public List<SelectorConfiguration> browseActive(final List<String> repositoryNames, final List<String> formats) {
AuthorizationManager authorizationManager;
User currentUser;
try {
authorizationManager = securitySystem.getAuthorizationManager(DEFAULT_SOURCE);
currentUser = securitySystem.currentUser();
} catch (NoSuchAuthorizationManagerException | UserNotFoundException e) {
log.warn("Unable to load active content selectors", e);
return Collections.emptyList();
}
if (currentUser == null) {
return Collections.emptyList();
}
List<String> roleIds = currentUser.getRoles().stream().map(RoleIdentifier::getRoleId).collect(toList());
List<Role> roles = getRoles(roleIds, authorizationManager, new ArrayList<>());
List<String> contentSelectorNames = roles.stream().map(Role::getPrivileges).flatMap(Collection::stream).map(id -> {
try {
return authorizationManager.getPrivilege(id);
} catch (NoSuchPrivilegeException e) {
log.debug("Unable to find privilege for id={}, continuing to check privileges", id, e);
return null;
}
}).filter(Objects::nonNull).filter(repositoryFormatOrNameMatcher(repositoryNames, formats)).map(this::getContentSelector).collect(toList());
return browse().stream().filter(selector -> contentSelectorNames.contains(selector.getName())).collect(toList());
}
use of org.sonatype.nexus.common.stateguard.Guarded in project nexus-public by sonatype.
the class StorageTxImpl method attachBlob.
@Override
@Guarded(by = ACTIVE)
public void attachBlob(final Asset asset, final AssetBlob assetBlob) {
checkNotNull(asset);
checkNotNull(assetBlob);
checkArgument(!assetBlob.isAttached(), "Blob is already attached to an asset");
final WritePolicy effectiveWritePolicy = writePolicySelector.select(asset, writePolicy);
if (!effectiveWritePolicy.checkCreateAllowed()) {
throw new IllegalOperationException("Repository is read only: " + repositoryName);
}
NestedAttributesMap checksums = asset.attributes().child(CHECKSUM);
if (!isDuplicateBlob(asset, assetBlob, effectiveWritePolicy, checksums)) {
maybeDeleteBlob(asset, assetBlob, effectiveWritePolicy);
asset.blobRef(assetBlob.getBlobRef());
asset.size(assetBlob.getSize());
asset.contentType(assetBlob.getContentType());
// Set attributes map to contain computed checksum metadata
for (Entry<HashAlgorithm, HashCode> entry : assetBlob.getHashes().entrySet()) {
HashAlgorithm algorithm = entry.getKey();
HashCode checksum = entry.getValue();
checksums.set(algorithm.name(), checksum.toString());
}
// Mark assets whose checksums were not verified locally, for possible later verification
NestedAttributesMap provenance = asset.attributes().child(PROVENANCE);
provenance.set(HASHES_NOT_VERIFIED, !assetBlob.getHashesVerified());
Map<String, String> blobHeaders = assetBlob.getBlob().getHeaders();
if (blobHeaders.containsKey(BlobStore.CREATED_BY_HEADER)) {
asset.createdBy(blobHeaders.get(BlobStore.CREATED_BY_HEADER));
}
if (blobHeaders.containsKey(BlobStore.CREATED_BY_IP_HEADER)) {
asset.createdByIp(blobHeaders.get(BlobStore.CREATED_BY_IP_HEADER));
}
assetBlob.setAttached(true);
}
}
use of org.sonatype.nexus.common.stateguard.Guarded in project nexus-public by sonatype.
the class StorageTxImpl method setBlob.
@Override
@Guarded(by = ACTIVE)
public AssetBlob setBlob(final Asset asset, final String blobName, final InputStreamSupplier streamSupplier, final Iterable<HashAlgorithm> hashAlgorithms, @Nullable final Map<String, String> headers, @Nullable final String declaredContentType, final boolean skipContentVerification) throws IOException {
checkNotNull(asset);
// Enforce write policy ahead, as we have asset here
BlobRef oldBlobRef = asset.blobRef();
if (oldBlobRef != null) {
if (!writePolicySelector.select(asset, writePolicy).checkUpdateAllowed()) {
throw new IllegalOperationException("Repository does not allow updating assets: " + repositoryName);
}
}
final AssetBlob assetBlob = createBlob(blobName, streamSupplier, hashAlgorithms, headers, declaredContentType, skipContentVerification);
attachBlob(asset, assetBlob);
return assetBlob;
}
use of org.sonatype.nexus.common.stateguard.Guarded in project nexus-public by sonatype.
the class SelectorManagerImpl method browseActive.
@Override
@Guarded(by = STARTED)
public List<SelectorConfiguration> browseActive(final Collection<String> repositoryNames, final Collection<String> formats) {
AuthorizationManager authorizationManager;
User currentUser;
try {
authorizationManager = securitySystem.getAuthorizationManager(DEFAULT_SOURCE);
currentUser = securitySystem.currentUser();
} catch (NoSuchAuthorizationManagerException | UserNotFoundException e) {
log.warn("Unable to load active content selectors", e);
return Collections.emptyList();
}
if (currentUser == null) {
return Collections.emptyList();
}
List<String> roleIds = currentUser.getRoles().stream().map(RoleIdentifier::getRoleId).collect(toList());
Set<String> privilegeIds = getRoles(roleIds, authorizationManager).stream().map(Role::getPrivileges).flatMap(Collection::stream).collect(Collectors.toSet());
List<String> contentSelectorNames = authorizationManager.getPrivileges(privilegeIds).stream().filter(repositoryFormatOrNameMatcher(repositoryNames, formats)).map(this::getContentSelector).collect(toList());
return browse().stream().filter(selector -> contentSelectorNames.contains(selector.getName())).collect(toList());
}
Aggregations