use of org.sonatype.siesta.ValidationErrorsException in project concord by walmartlabs.
the class AuditLogResource method getEffectiveProjectId.
private UUID getEffectiveProjectId(UUID effectiveOrgId, Map<String, String> details) {
UUID projectId = getUUID(details, "projectId");
String projectName = details.get("projectName");
if (effectiveOrgId == null && projectId == null && projectName != null) {
throw new ValidationErrorsException("'orgId' or 'orgName' is required");
}
if (projectId != null || projectName != null) {
ProjectEntry project = projectAccessManager.assertAccess(effectiveOrgId, projectId, projectName, ResourceAccessLevel.READER, true);
return project.getId();
}
return null;
}
use of org.sonatype.siesta.ValidationErrorsException in project concord by walmartlabs.
the class AuditLogResource method getEffectiveSecretId.
private UUID getEffectiveSecretId(UUID effectiveOrgId, Map<String, String> details) {
UUID secretId = getUUID(details, "secretId");
String secretName = details.get("secretName");
if (effectiveOrgId == null && secretId == null && secretName != null) {
throw new ValidationErrorsException("'orgId' or 'orgName' is required");
}
if (secretId != null || secretName != null) {
SecretEntry secret = secretManager.assertAccess(effectiveOrgId, secretId, secretName, ResourceAccessLevel.READER, true);
return secret.getId();
}
return null;
}
use of org.sonatype.siesta.ValidationErrorsException in project concord by walmartlabs.
the class SecretManager method validateOwner.
private UserEntry validateOwner(UUID newOwnerId, SecretEntry e) {
if (newOwnerId == null) {
return null;
}
UUID currentOwnerId = e.getOwner() != null ? e.getOwner().id() : null;
if (newOwnerId.equals(currentOwnerId)) {
return null;
}
UserEntry owner = userManager.get(newOwnerId).orElseThrow(() -> new ValidationErrorsException("User not found: " + newOwnerId));
assertAccess(e.getOrgId(), e.getId(), e.getName(), ResourceAccessLevel.OWNER, true);
return owner;
}
use of org.sonatype.siesta.ValidationErrorsException in project concord by walmartlabs.
the class SecretResource method create.
@POST
@ApiOperation("Creates a new secret")
@Path("/{orgName}/secret")
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_JSON)
@Validate
public SecretOperationResponse create(@ApiParam @PathParam("orgName") @ConcordKey String orgName, @ApiParam MultipartInput input) {
OrganizationEntry org = orgManager.assertAccess(orgName, true);
try {
SecretType type = assertType(input);
String storeType = assertStoreType(input);
String name = assertName(input);
assertUnique(org.getId(), name);
boolean generatePwd = MultipartUtils.getBoolean(input, Constants.Multipart.GENERATE_PASSWORD, false);
String storePwd = getOrGenerateStorePassword(input, generatePwd);
SecretVisibility visibility = getVisibility(input);
UUID projectId = getProject(input, org.getId());
switch(type) {
case KEY_PAIR:
{
return createKeyPair(org.getId(), projectId, name, storePwd, visibility, input, storeType);
}
case USERNAME_PASSWORD:
{
return createUsernamePassword(org.getId(), projectId, name, storePwd, visibility, input, storeType);
}
case DATA:
{
return createData(org.getId(), projectId, name, storePwd, visibility, input, storeType);
}
default:
throw new ValidationErrorsException("Unsupported secret type: " + type);
}
} catch (IOException e) {
throw new ConcordApplicationException("Error while processing the request: " + e.getMessage(), e);
}
}
use of org.sonatype.siesta.ValidationErrorsException in project concord by walmartlabs.
the class SecretResource method getData.
@POST
@ApiOperation(value = "Get an existing secret's data", response = File.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "OK", response = File.class, responseHeaders = @ResponseHeader(name = "X-Concord-SecretType", description = "Secret type", response = String.class)) })
@Path("/{orgName}/secret/{secretName}/data")
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_OCTET_STREAM)
@WithTimer
public Response getData(@ApiParam @PathParam("orgName") @ConcordKey String orgName, @ApiParam @PathParam("secretName") @ConcordKey String secretName, @ApiParam MultipartInput input) {
OrganizationEntry org = orgManager.assertAccess(orgName, false);
String password = MultipartUtils.getString(input, Constants.Multipart.STORE_PASSWORD);
SecretDao.SecretDataEntry entry;
try {
entry = secretManager.getRaw(SecretManager.AccessScope.apiRequest(), org.getId(), secretName, password);
if (entry == null) {
throw new WebApplicationException("Secret not found: " + secretName, Status.NOT_FOUND);
}
} catch (SecurityException e) {
log.warn("fetchSecret -> error: {}", e.getMessage());
throw new SecretException("Error while fetching a secret '" + secretName + "': " + e.getMessage());
} catch (ValidationErrorsException e) {
log.warn("fetchSecret -> error: {}", e.getMessage());
return null;
}
try {
return Response.ok((StreamingOutput) output -> output.write(entry.getData()), MediaType.APPLICATION_OCTET_STREAM).header(Constants.Headers.SECRET_TYPE, entry.getType().name()).build();
} catch (Exception e) {
log.error("fetchSecret ['{}'] -> error while fetching a secret", secretName, e);
throw new ConcordApplicationException("Error while fetching a secret '" + secretName + "': " + e.getMessage());
}
}
Aggregations