Examples with PreAuthorize org.springframework.security.access.prepost.PreAuthorize used on opensource projects

Example 31 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project geode by apache.

the class CommonCrudController method servers.

@RequestMapping(method = { RequestMethod.GET }, value = "/servers", produces = { MediaType.APPLICATION_JSON_UTF8_VALUE })
@ApiOperation(value = "fetch all REST enabled servers in the DS", notes = "Find all gemfire node where developer REST service is up and running!", response = void.class)
@ApiResponses({ @ApiResponse(code = 200, message = "OK"), @ApiResponse(code = 401, message = "Invalid Username or Password."), @ApiResponse(code = 403, message = "Insufficient privileges for operation."), @ApiResponse(code = 500, message = "if GemFire throws an error or exception") })
@PreAuthorize("@securityService.authorize('CLUSTER', 'READ')")
public ResponseEntity<?> servers() {
    logger.debug("Executing function to get REST enabled gemfire nodes in the DS!");
    Execution function;
    try {
        function = FunctionService.onMembers(getAllMembersInDS());
    } catch (FunctionException fe) {
        throw new GemfireRestException("Disributed system does not contain any valid data node that can host REST service!", fe);
    }
    try {
        final ResultCollector<?, ?> results = function.withCollector(new RestServersResultCollector()).execute(FindRestEnabledServersFunction.FIND_REST_ENABLED_SERVERS_FUNCTION_ID);
        Object functionResult = results.getResult();
        if (functionResult instanceof List<?>) {
            final HttpHeaders headers = new HttpHeaders();
            headers.setLocation(toUri("servers"));
            try {
                String functionResultAsJson = JSONUtils.convertCollectionToJson((ArrayList<Object>) functionResult);
                return new ResponseEntity<>(functionResultAsJson, headers, HttpStatus.OK);
            } catch (JSONException e) {
                throw new GemfireRestException("Could not convert function results into Restful (JSON) format!", e);
            }
        } else {
            throw new GemfireRestException("Function has returned results that could not be converted into Restful (JSON) format!");
        }
    } catch (ClassCastException cce) {
        throw new GemfireRestException("Key is of an inappropriate type for this region!", cce);
    } catch (NullPointerException npe) {
        throw new GemfireRestException("Specified key is null and this region does not permit null keys!", npe);
    } catch (LowMemoryException lme) {
        throw new GemfireRestException("Server has encountered low memory condition!", lme);
    } catch (IllegalArgumentException ie) {
        throw new GemfireRestException("Input parameter is null! ", ie);
    } catch (FunctionException fe) {
        throw new GemfireRestException("Server has encountered error while executing the function!", fe);
    }
}

Example 32 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project geode by apache.

the class CommonCrudController method keys.

/**
   * List all keys for the given region in the GemFire cluster
   *
   * @param region gemfire region
   * @return JSON document containing result
   */
@RequestMapping(method = RequestMethod.GET, value = "/{region}/keys", produces = { MediaType.APPLICATION_JSON_UTF8_VALUE })
@ApiOperation(value = "list all keys", notes = "List all keys in region", response = void.class)
@ApiResponses({ @ApiResponse(code = 200, message = "OK"), @ApiResponse(code = 401, message = "Invalid Username or Password."), @ApiResponse(code = 403, message = "Insufficient privileges for operation."), @ApiResponse(code = 404, message = "Region does not exist"), @ApiResponse(code = 500, message = "GemFire throws an error or exception") })
@PreAuthorize("@securityService.authorize('DATA', 'READ', #region)")
public ResponseEntity<?> keys(@PathVariable("region") String region) {
    logger.debug("Reading all Keys in Region ({})...", region);
    region = decode(region);
    Object[] keys = getKeys(region, null);
    String listKeysAsJson = JSONUtils.formulateJsonForListKeys(keys, "keys");
    final HttpHeaders headers = new HttpHeaders();
    headers.setLocation(toUri(region, "keys"));
    return new ResponseEntity<>(listKeysAsJson, headers, HttpStatus.OK);
}

Example 33 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project geode by apache.

the class FunctionAccessController method execute.

/**
   * Execute a function on Gemfire data node using REST API call. Arguments to the function are
   * passed as JSON string in the request body.
   * 
   * @param functionId represents function to be executed
   * @param region list of regions on which function to be executed.
   * @param members list of nodes on which function to be executed.
   * @param groups list of groups on which function to be executed.
   * @param filter list of keys which the function will use to determine on which node to execute
   *        the function.
   * @param argsInBody function argument as a JSON document
   *
   * @return result as a JSON document
   */
@RequestMapping(method = RequestMethod.POST, value = "/{functionId:.+}", produces = { MediaType.APPLICATION_JSON_VALUE })
@ApiOperation(value = "execute function", notes = "Execute function with arguments on regions, members, or group(s). By default function will be executed on all nodes if none of (onRegion, onMembers, onGroups) specified", response = void.class)
@ApiResponses({ @ApiResponse(code = 200, message = "OK."), @ApiResponse(code = 401, message = "Invalid Username or Password."), @ApiResponse(code = 403, message = "Insufficient privileges for operation."), @ApiResponse(code = 500, message = "if GemFire throws an error or exception"), @ApiResponse(code = 400, message = "if Function arguments specified as JSON document in the request body is invalid") })
@ResponseBody
@ResponseStatus(HttpStatus.OK)
@PreAuthorize("@securityService.authorize('DATA', 'WRITE')")
public ResponseEntity<String> execute(@PathVariable("functionId") String functionId, @RequestParam(value = "onRegion", required = false) String region, @RequestParam(value = "onMembers", required = false) final String[] members, @RequestParam(value = "onGroups", required = false) final String[] groups, @RequestParam(value = "filter", required = false) final String[] filter, @RequestBody(required = false) final String argsInBody) {
    Execution function = null;
    functionId = decode(functionId);
    if (StringUtils.hasText(region)) {
        logger.debug("Executing Function ({}) with arguments ({}) on Region ({})...", functionId, ArrayUtils.toString(argsInBody), region);
        region = decode(region);
        try {
            function = FunctionService.onRegion(getRegion(region));
        } catch (FunctionException fe) {
            throw new GemfireRestException(String.format("The Region identified by name (%1$s) could not found!", region), fe);
        }
    } else if (ArrayUtils.isNotEmpty(members)) {
        logger.debug("Executing Function ({}) with arguments ({}) on Member ({})...", functionId, ArrayUtils.toString(argsInBody), ArrayUtils.toString(members));
        try {
            function = FunctionService.onMembers(getMembers(members));
        } catch (FunctionException fe) {
            throw new GemfireRestException("Could not found the specified members in distributed system!", fe);
        }
    } else if (ArrayUtils.isNotEmpty(groups)) {
        logger.debug("Executing Function ({}) with arguments ({}) on Groups ({})...", functionId, ArrayUtils.toString(argsInBody), ArrayUtils.toString(groups));
        try {
            function = FunctionService.onMembers(groups);
        } catch (FunctionException fe) {
            throw new GemfireRestException("no member(s) are found belonging to the provided group(s)!", fe);
        }
    } else {
        // Default case is to execute function on all existing data node in DS, document this.
        logger.debug("Executing Function ({}) with arguments ({}) on all Members...", functionId, ArrayUtils.toString(argsInBody));
        try {
            function = FunctionService.onMembers(getAllMembersInDS());
        } catch (FunctionException fe) {
            throw new GemfireRestException("Distributed system does not contain any valid data node to run the specified  function!", fe);
        }
    }
    if (!ArrayUtils.isEmpty(filter)) {
        logger.debug("Executing Function ({}) with filter ({})", functionId, ArrayUtils.toString(filter));
        Set filter1 = ArrayUtils.asSet(filter);
        function = function.withFilter(filter1);
    }
    final ResultCollector<?, ?> results;
    try {
        if (argsInBody != null) {
            Object[] args = jsonToObjectArray(argsInBody);
            // execute function with specified arguments
            if (args.length == 1) {
                results = function.setArguments(args[0]).execute(functionId);
            } else {
                results = function.setArguments(args).execute(functionId);
            }
        } else {
            // execute function with no args
            results = function.execute(functionId);
        }
    } catch (ClassCastException cce) {
        throw new GemfireRestException("Key is of an inappropriate type for this region!", cce);
    } catch (NullPointerException npe) {
        throw new GemfireRestException("Specified key is null and this region does not permit null keys!", npe);
    } catch (LowMemoryException lme) {
        throw new GemfireRestException("Server has encountered low memory condition!", lme);
    } catch (IllegalArgumentException ie) {
        throw new GemfireRestException("Input parameter is null! ", ie);
    } catch (FunctionException fe) {
        throw new GemfireRestException("Server has encountered error while executing the function!", fe);
    }
    try {
        final HttpHeaders headers = new HttpHeaders();
        headers.setLocation(toUri("functions", functionId));
        Object functionResult = null;
        if (results instanceof NoResult)
            return new ResponseEntity<>("", headers, HttpStatus.OK);
        functionResult = results.getResult();
        if (functionResult instanceof List<?>) {
            try {
                @SuppressWarnings("unchecked") String functionResultAsJson = JSONUtils.convertCollectionToJson((ArrayList<Object>) functionResult);
                return new ResponseEntity<>(functionResultAsJson, headers, HttpStatus.OK);
            } catch (JSONException e) {
                throw new GemfireRestException("Could not convert function results into Restful (JSON) format!", e);
            }
        } else {
            throw new GemfireRestException("Function has returned results that could not be converted into Restful (JSON) format!");
        }
    } catch (FunctionException fe) {
        fe.printStackTrace();
        throw new GemfireRestException("Server has encountered an error while processing function execution!", fe);
    }
}

Example 34 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project geode by apache.

the class FunctionAccessController method list.

/**
   * list all registered functions in Gemfire data node
   * 
   * @return result as a JSON document.
   */
@RequestMapping(method = RequestMethod.GET, produces = { MediaType.APPLICATION_JSON_UTF8_VALUE })
@ApiOperation(value = "list all functions", notes = "list all functions available in the GemFire cluster", response = void.class)
@ApiResponses({ @ApiResponse(code = 200, message = "OK."), @ApiResponse(code = 401, message = "Invalid Username or Password."), @ApiResponse(code = 403, message = "Insufficient privileges for operation."), @ApiResponse(code = 500, message = "GemFire throws an error or exception.") })
@ResponseBody
@ResponseStatus(HttpStatus.OK)
@PreAuthorize("@securityService.authorize('DATA', 'READ')")
public ResponseEntity<?> list() {
    logger.debug("Listing all registered Functions in GemFire...");
    final Map<String, Function> registeredFunctions = FunctionService.getRegisteredFunctions();
    String listFunctionsAsJson = JSONUtils.formulateJsonForListFunctionsCall(registeredFunctions.keySet());
    final HttpHeaders headers = new HttpHeaders();
    headers.setLocation(toUri("functions"));
    return new ResponseEntity<>(listFunctionsAsJson, headers, HttpStatus.OK);
}

Example 35 with PreAuthorize

use of org.springframework.security.access.prepost.PreAuthorize in project geode by apache.

the class PdxBasedCrudController method size.

@RequestMapping(method = RequestMethod.HEAD, value = "/{region}", produces = MediaType.APPLICATION_JSON_VALUE)
@ApiOperation(value = "Get total number of entries", notes = "Get total number of entries into the specified region", response = void.class)
@ApiResponses({ @ApiResponse(code = 200, message = "OK."), @ApiResponse(code = 400, message = "Bad request."), @ApiResponse(code = 401, message = "Invalid Username or Password."), @ApiResponse(code = 403, message = "Insufficient privileges for operation."), @ApiResponse(code = 404, message = "Region does not exist."), @ApiResponse(code = 500, message = "GemFire throws an error or exception.") })
@PreAuthorize("@securityService.authorize('DATA', 'READ', #region)")
public ResponseEntity<?> size(@PathVariable("region") String region) {
    logger.debug("Determining the number of entries in Region ({})...", region);
    region = decode(region);
    final HttpHeaders headers = new HttpHeaders();
    headers.set("Resource-Count", String.valueOf(getRegion(region).size()));
    return new ResponseEntity<RegionData<?>>(headers, HttpStatus.OK);
}