Search in sources :

Example 1 with ValidationErrorsException

use of org.sonatype.siesta.ValidationErrorsException in project concord by walmartlabs.

the class AuditLogResource method getEffectiveProjectId.

private UUID getEffectiveProjectId(UUID effectiveOrgId, Map<String, String> details) {
    UUID projectId = getUUID(details, "projectId");
    String projectName = details.get("projectName");
    if (effectiveOrgId == null && projectId == null && projectName != null) {
        throw new ValidationErrorsException("'orgId' or 'orgName' is required");
    }
    if (projectId != null || projectName != null) {
        ProjectEntry project = projectAccessManager.assertAccess(effectiveOrgId, projectId, projectName, ResourceAccessLevel.READER, true);
        return project.getId();
    }
    return null;
}
Also used : ProjectEntry(com.walmartlabs.concord.server.org.project.ProjectEntry) UUID(java.util.UUID) ValidationErrorsException(org.sonatype.siesta.ValidationErrorsException)

Example 2 with ValidationErrorsException

use of org.sonatype.siesta.ValidationErrorsException in project concord by walmartlabs.

the class AuditLogResource method getEffectiveSecretId.

private UUID getEffectiveSecretId(UUID effectiveOrgId, Map<String, String> details) {
    UUID secretId = getUUID(details, "secretId");
    String secretName = details.get("secretName");
    if (effectiveOrgId == null && secretId == null && secretName != null) {
        throw new ValidationErrorsException("'orgId' or 'orgName' is required");
    }
    if (secretId != null || secretName != null) {
        SecretEntry secret = secretManager.assertAccess(effectiveOrgId, secretId, secretName, ResourceAccessLevel.READER, true);
        return secret.getId();
    }
    return null;
}
Also used : SecretEntry(com.walmartlabs.concord.server.org.secret.SecretEntry) UUID(java.util.UUID) ValidationErrorsException(org.sonatype.siesta.ValidationErrorsException)

Example 3 with ValidationErrorsException

use of org.sonatype.siesta.ValidationErrorsException in project concord by walmartlabs.

the class SecretManager method validateOwner.

private UserEntry validateOwner(UUID newOwnerId, SecretEntry e) {
    if (newOwnerId == null) {
        return null;
    }
    UUID currentOwnerId = e.getOwner() != null ? e.getOwner().id() : null;
    if (newOwnerId.equals(currentOwnerId)) {
        return null;
    }
    UserEntry owner = userManager.get(newOwnerId).orElseThrow(() -> new ValidationErrorsException("User not found: " + newOwnerId));
    assertAccess(e.getOrgId(), e.getId(), e.getName(), ResourceAccessLevel.OWNER, true);
    return owner;
}
Also used : UserEntry(com.walmartlabs.concord.server.user.UserEntry) ValidationErrorsException(org.sonatype.siesta.ValidationErrorsException)

Example 4 with ValidationErrorsException

use of org.sonatype.siesta.ValidationErrorsException in project concord by walmartlabs.

the class SecretResource method create.

@POST
@ApiOperation("Creates a new secret")
@Path("/{orgName}/secret")
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_JSON)
@Validate
public SecretOperationResponse create(@ApiParam @PathParam("orgName") @ConcordKey String orgName, @ApiParam MultipartInput input) {
    OrganizationEntry org = orgManager.assertAccess(orgName, true);
    try {
        SecretType type = assertType(input);
        String storeType = assertStoreType(input);
        String name = assertName(input);
        assertUnique(org.getId(), name);
        boolean generatePwd = MultipartUtils.getBoolean(input, Constants.Multipart.GENERATE_PASSWORD, false);
        String storePwd = getOrGenerateStorePassword(input, generatePwd);
        SecretVisibility visibility = getVisibility(input);
        UUID projectId = getProject(input, org.getId());
        switch(type) {
            case KEY_PAIR:
                {
                    return createKeyPair(org.getId(), projectId, name, storePwd, visibility, input, storeType);
                }
            case USERNAME_PASSWORD:
                {
                    return createUsernamePassword(org.getId(), projectId, name, storePwd, visibility, input, storeType);
                }
            case DATA:
                {
                    return createData(org.getId(), projectId, name, storePwd, visibility, input, storeType);
                }
            default:
                throw new ValidationErrorsException("Unsupported secret type: " + type);
        }
    } catch (IOException e) {
        throw new ConcordApplicationException("Error while processing the request: " + e.getMessage(), e);
    }
}
Also used : ConcordApplicationException(com.walmartlabs.concord.server.sdk.ConcordApplicationException) IOException(java.io.IOException) UUID(java.util.UUID) ValidationErrorsException(org.sonatype.siesta.ValidationErrorsException) Validate(org.sonatype.siesta.Validate)

Example 5 with ValidationErrorsException

use of org.sonatype.siesta.ValidationErrorsException in project concord by walmartlabs.

the class SecretResource method getData.

@POST
@ApiOperation(value = "Get an existing secret's data", response = File.class)
@ApiResponses(value = { @ApiResponse(code = 200, message = "OK", response = File.class, responseHeaders = @ResponseHeader(name = "X-Concord-SecretType", description = "Secret type", response = String.class)) })
@Path("/{orgName}/secret/{secretName}/data")
@Consumes(MediaType.MULTIPART_FORM_DATA)
@Produces(MediaType.APPLICATION_OCTET_STREAM)
@WithTimer
public Response getData(@ApiParam @PathParam("orgName") @ConcordKey String orgName, @ApiParam @PathParam("secretName") @ConcordKey String secretName, @ApiParam MultipartInput input) {
    OrganizationEntry org = orgManager.assertAccess(orgName, false);
    String password = MultipartUtils.getString(input, Constants.Multipart.STORE_PASSWORD);
    SecretDao.SecretDataEntry entry;
    try {
        entry = secretManager.getRaw(SecretManager.AccessScope.apiRequest(), org.getId(), secretName, password);
        if (entry == null) {
            throw new WebApplicationException("Secret not found: " + secretName, Status.NOT_FOUND);
        }
    } catch (SecurityException e) {
        log.warn("fetchSecret -> error: {}", e.getMessage());
        throw new SecretException("Error while fetching a secret '" + secretName + "': " + e.getMessage());
    } catch (ValidationErrorsException e) {
        log.warn("fetchSecret -> error: {}", e.getMessage());
        return null;
    }
    try {
        return Response.ok((StreamingOutput) output -> output.write(entry.getData()), MediaType.APPLICATION_OCTET_STREAM).header(Constants.Headers.SECRET_TYPE, entry.getType().name()).build();
    } catch (Exception e) {
        log.error("fetchSecret ['{}'] -> error while fetching a secret", secretName, e);
        throw new ConcordApplicationException("Error while fetching a secret '" + secretName + "': " + e.getMessage());
    }
}
Also used : Resource(org.sonatype.siesta.Resource) ConcordKey(com.walmartlabs.concord.common.validation.ConcordKey) UserType(com.walmartlabs.concord.server.user.UserType) LoggerFactory(org.slf4j.LoggerFactory) MultipartInput(org.jboss.resteasy.plugins.providers.multipart.MultipartInput) GenericOperationResult(com.walmartlabs.concord.server.GenericOperationResult) DecryptedKeyPair(com.walmartlabs.concord.server.org.secret.SecretManager.DecryptedKeyPair) Singleton(javax.inject.Singleton) Inject(javax.inject.Inject) Valid(javax.validation.Valid) MultipartUtils(com.walmartlabs.concord.server.MultipartUtils) OperationResult(com.walmartlabs.concord.server.OperationResult) MediaType(javax.ws.rs.core.MediaType) Constants(com.walmartlabs.concord.sdk.Constants) ByteArrayInputStream(java.io.ByteArrayInputStream) TeamDao(com.walmartlabs.concord.server.org.team.TeamDao) DecryptedUsernamePassword(com.walmartlabs.concord.server.org.secret.SecretManager.DecryptedUsernamePassword) WithTimer(com.walmartlabs.concord.server.sdk.metrics.WithTimer) io.swagger.annotations(io.swagger.annotations) Named(javax.inject.Named) Status(javax.ws.rs.core.Response.Status) UserManager(com.walmartlabs.concord.server.user.UserManager) Logger(org.slf4j.Logger) Collection(java.util.Collection) Validate(org.sonatype.siesta.Validate) StreamingOutput(javax.ws.rs.core.StreamingOutput) IOException(java.io.IOException) UUID(java.util.UUID) com.walmartlabs.concord.server.org(com.walmartlabs.concord.server.org) File(java.io.File) DecryptedBinaryData(com.walmartlabs.concord.server.org.secret.SecretManager.DecryptedBinaryData) Objects(java.util.Objects) ProjectDao(com.walmartlabs.concord.server.org.project.ProjectDao) List(java.util.List) javax.ws.rs(javax.ws.rs) Response(javax.ws.rs.core.Response) ValidationErrorsException(org.sonatype.siesta.ValidationErrorsException) ConcordApplicationException(com.walmartlabs.concord.server.sdk.ConcordApplicationException) InputStream(java.io.InputStream) ConcordApplicationException(com.walmartlabs.concord.server.sdk.ConcordApplicationException) ValidationErrorsException(org.sonatype.siesta.ValidationErrorsException) IOException(java.io.IOException) ValidationErrorsException(org.sonatype.siesta.ValidationErrorsException) ConcordApplicationException(com.walmartlabs.concord.server.sdk.ConcordApplicationException) WithTimer(com.walmartlabs.concord.server.sdk.metrics.WithTimer)

Aggregations

ValidationErrorsException (org.sonatype.siesta.ValidationErrorsException)35 UUID (java.util.UUID)22 ApiOperation (io.swagger.annotations.ApiOperation)9 ConcordApplicationException (com.walmartlabs.concord.server.sdk.ConcordApplicationException)7 OrganizationEntry (com.walmartlabs.concord.server.org.OrganizationEntry)5 UserEntry (com.walmartlabs.concord.server.user.UserEntry)4 InputStream (java.io.InputStream)4 Validate (org.sonatype.siesta.Validate)4 ProjectEntry (com.walmartlabs.concord.server.org.project.ProjectEntry)3 WithTimer (com.walmartlabs.concord.server.sdk.metrics.WithTimer)3 IOException (java.io.IOException)3 ProcessDefinition (com.walmartlabs.concord.process.loader.model.ProcessDefinition)2 GenericOperationResult (com.walmartlabs.concord.server.GenericOperationResult)2 AuditObject (com.walmartlabs.concord.server.audit.AuditObject)2 JsonStoreEntry (com.walmartlabs.concord.server.org.jsonstore.JsonStoreEntry)2 DecryptedKeyPair (com.walmartlabs.concord.server.org.secret.SecretManager.DecryptedKeyPair)2 ProcessKey (com.walmartlabs.concord.server.sdk.ProcessKey)2 UserPrincipal (com.walmartlabs.concord.server.security.UserPrincipal)2 UserType (com.walmartlabs.concord.server.user.UserType)2 ByteArrayInputStream (java.io.ByteArrayInputStream)2