public static void checkRoleOrPermissions(StreamlineAuthorizer authorizer, SecurityContext securityContext, String role, String targetEntityNamespace, Long targetEntityId, Permission first, Permission... rest) { if (!SecurityUtil.hasRole(authorizer, securityContext, role)) { SecurityUtil.checkPermissions(authorizer, securityContext, targetEntityNamespace, targetEntityId, first, rest); } else { LOG.debug("Allowing since user has role: '{}'", role); } }
@DELETE @Path("/clusters/{clusterId}/services/{id}") @Timed public Response removeService(@PathParam("clusterId") Long clusterId, @PathParam("id") Long serviceId, @Context SecurityContext securityContext) { SecurityUtil.checkPermissions(authorizer, securityContext, Cluster.NAMESPACE, clusterId, WRITE); Service removedService = environmentService.removeService(serviceId); if (removedService != null) { return WSUtils.respondEntity(removedService, OK); } throw EntityNotFoundException.byId(serviceId.toString()); }
@DELETE @Path("/system/topologyeditortoolbar/{id}") @Timed public Response removeTopologyEditorToolbar(@PathParam("id") Long userIdToBeDeleted, @Context SecurityContext securityContext) { SecurityUtil.checkPermissions(authorizer, securityContext, TopologyEditorToolbar.NAMESPACE, userIdToBeDeleted, Permission.DELETE); return catalogService.removeTopologyEditorToolbar(userIdToBeDeleted) .map(toolbar -> { SecurityUtil.removeAcl(authorizer, securityContext, TopologyEditorToolbar.NAMESPACE, userIdToBeDeleted); return WSUtils.respondEntity(toolbar, OK); }) .orElseThrow(() -> EntityNotFoundException.byId(String.valueOf(userIdToBeDeleted))); }
@GET @Path("/files/{id}") @Timed public Response getFile(@PathParam("id") Long fileId, @Context SecurityContext securityContext) { SecurityUtil.checkPermissions(authorizer, securityContext, File.NAMESPACE, fileId, READ); File result = catalogService.getFile(fileId); if (result != null) { return WSUtils.respondEntity(result, OK); } throw EntityNotFoundException.byId(fileId.toString()); }
@GET @Path("/system/topologyeditortoolbar") @Timed public Response listTopologyEditorToolbar(@Context SecurityContext securityContext) { long userId = getUserId(securityContext); SecurityUtil.checkPermissions(authorizer, securityContext, TopologyEditorToolbar.NAMESPACE, userId, READ); return catalogService.getTopologyEditorToolbar(userId) .map(toolbar -> WSUtils.respondEntity(toolbar, OK)) .orElseThrow(() -> EntityNotFoundException.byId(String.valueOf(userId))); }
@DELETE @Path("/services/{serviceId}/components/{id}") @Timed public Response removeComponent(@PathParam("serviceId") Long serviceId, @PathParam("id") Long componentId, @Context SecurityContext securityContext) { SecurityUtil.checkPermissions(authorizer, securityContext, Cluster.NAMESPACE, getClusterId(serviceId), WRITE); Component removeComponent = environmentService.removeComponent(componentId); if (removeComponent != null) { return WSUtils.respondEntity(removeComponent, CREATED); } throw EntityNotFoundException.byId(componentId.toString()); }
@DELETE @Path("/services/{serviceId}/configurations/{id}") @Timed public Response removeServiceConfiguration(@PathParam("serviceId") Long serviceId, @PathParam("id") Long serviceConfigurationId, @Context SecurityContext securityContext) { SecurityUtil.checkPermissions(authorizer, securityContext, Cluster.NAMESPACE, getClusterId(serviceId), WRITE); ServiceConfiguration removedConfiguration = environmentService.removeServiceConfiguration(serviceConfigurationId); if (removedConfiguration != null) { return WSUtils.respondEntity(removedConfiguration, OK); } throw EntityNotFoundException.byId(serviceConfigurationId.toString()); }
@PUT @Path("/services/{serviceId}/components/{id}") @Timed public Response addOrUpdateComponent(@PathParam("serviceId") Long serviceId, @PathParam("id") Long componentId, Component component, @Context SecurityContext securityContext) { SecurityUtil.checkPermissions(authorizer, securityContext, Cluster.NAMESPACE, getClusterId(serviceId), WRITE); // overwrite service id to given path param component.setServiceId(serviceId); Component newComponent = environmentService.addOrUpdateComponent(serviceId, componentId, component); return WSUtils.respondEntity(newComponent, CREATED); }
@GET @Path("/clusters/{clusterId}/services/hbase/tables") @Timed public Response getTablesByClusterId(@PathParam("clusterId") Long clusterId, @Context SecurityContext securityContext) throws Exception { SecurityUtil.checkPermissions(authorizer, securityContext, Cluster.NAMESPACE, clusterId, READ); try (HBaseMetadataService hbaseMetadataService = HBaseMetadataService .newInstance(environmentService, clusterId, securityContext, subject)) { return WSUtils.respondEntity(Subject.doAs(subject, (PrivilegedExceptionAction<Tables>) hbaseMetadataService::getHBaseTables), OK); } catch (EntityNotFoundException ex) { throw com.hortonworks.streamline.common.exception.service.exception.request.EntityNotFoundException.byId(ex.getMessage()); } }
@DELETE @Path("/system/topologyeditortoolbar") @Timed public Response removeTopologyEditorToolbar(@Context SecurityContext securityContext) { long userId = getUserId(securityContext); SecurityUtil.checkPermissions(authorizer, securityContext, TopologyEditorToolbar.NAMESPACE, userId, Permission.DELETE); return catalogService.removeTopologyEditorToolbar(userId) .map(toolbar -> { SecurityUtil.removeAcl(authorizer, securityContext, TopologyEditorToolbar.NAMESPACE, userId); return WSUtils.respondEntity(toolbar, OK); }) .orElseThrow(() -> EntityNotFoundException.byId(String.valueOf(userId))); }
@PUT @Path("/services/{serviceId}/configurations/{id}") @Timed public Response addOrUpdateServiceConfiguration(@PathParam("serviceId") Long serviceId, @PathParam("id") Long serviceConfigurationId, ServiceConfiguration serviceConfiguration, @Context SecurityContext securityContext) { SecurityUtil.checkPermissions(authorizer, securityContext, Cluster.NAMESPACE, getClusterId(serviceId), WRITE); // overwrite service id to given path param serviceConfiguration.setServiceId(serviceId); ServiceConfiguration newConfiguration = environmentService.addOrUpdateServiceConfiguration(serviceId, serviceConfigurationId, serviceConfiguration); return WSUtils.respondEntity(newConfiguration, CREATED); }
@GET @Path("/clusters/{clusterId}/services/hbase/namespaces/{namespace}/tables") @Timed public Response getNamespaceTablesByClusterId(@PathParam("clusterId") Long clusterId, @PathParam("namespace") String namespace, @Context SecurityContext securityContext) throws Exception { SecurityUtil.checkPermissions(authorizer, securityContext, Cluster.NAMESPACE, clusterId, READ); try (HBaseMetadataService hbaseMetadataService = HBaseMetadataService .newInstance(environmentService, clusterId, securityContext, subject)) { return WSUtils.respondEntity(Subject.doAs(subject, (PrivilegedExceptionAction<Tables>)() -> hbaseMetadataService.getHBaseTables(namespace)), OK); } catch (EntityNotFoundException ex) { throw com.hortonworks.streamline.common.exception.service.exception.request.EntityNotFoundException.byId(ex.getMessage()); } } }
@PUT @Path("/system/topologyeditortoolbar") @Timed public Response addOrUpdateTopologyEditorToolbar(TopologyEditorToolbar toolbar, @Context SecurityContext securityContext) { Long userId = getUserId(securityContext); if (!userId.equals(toolbar.getUserId())) { throw new IllegalArgumentException("User id in the security context: '" + userId + "' does not match user id " + "in the request: '" + toolbar.getUserId() + "'"); } SecurityUtil.checkPermissions(authorizer, securityContext, TopologyEditorToolbar.NAMESPACE, userId, WRITE); TopologyEditorToolbar updated = catalogService.addOrUpdateTopologyEditorToolbar(toolbar); return WSUtils.respondEntity(updated, OK); }
@GET @Path("/clusters/{clusterId}/services/hive/databases/{dbName}/tables") @Timed public Response getDatabaseTablesByClusterId(@PathParam("clusterId") Long clusterId, @PathParam("dbName") String dbName, @Context SecurityContext securityContext) throws Exception { SecurityUtil.checkPermissions(authorizer, securityContext, Cluster.NAMESPACE, clusterId, READ); try(final HiveMetadataService hiveMetadataService = HiveMetadataService.newInstance(environmentService, clusterId, securityContext, subject)) { return WSUtils.respondEntity(hiveMetadataService.getHiveTables(dbName), OK); } catch (EntityNotFoundException ex) { throw com.hortonworks.streamline.common.exception.service.exception.request.EntityNotFoundException.byId(ex.getMessage()); } } }
@DELETE @Path("/notifiers/{id}") @Timed public Response removeNotifierInfo(@PathParam("id") Long id, @Context SecurityContext securityContext) { SecurityUtil.checkPermissions(authorizer, securityContext, Notifier.NAMESPACE, id, DELETE); Notifier removedNotifier = catalogService.removeNotifierInfo(id); if (removedNotifier != null) { SecurityUtil.removeAcl(authorizer, securityContext, Notifier.NAMESPACE, id); return WSUtils.respondEntity(removedNotifier, OK); } throw EntityNotFoundException.byId(id.toString()); }
@GET @Path("/clusters/{clusterId}/services/hive/databases") @Timed public Response getDatabasesByClusterId(@PathParam("clusterId") Long clusterId, @Context SecurityContext securityContext) throws Exception { SecurityUtil.checkPermissions(authorizer, securityContext, Cluster.NAMESPACE, clusterId, READ); try(final HiveMetadataService hiveMetadataService = HiveMetadataService.newInstance(environmentService, clusterId, securityContext, subject)) { return WSUtils.respondEntity(hiveMetadataService.getHiveDatabases(), OK); } catch (EntityNotFoundException ex) { throw com.hortonworks.streamline.common.exception.service.exception.request.EntityNotFoundException.byId(ex.getMessage()); } }
@GET @Path("/clusters/{clusterId}/services/hbase/namespaces") @Timed public Response getNamespacesByClusterId(@PathParam("clusterId") Long clusterId, @Context SecurityContext securityContext) throws Exception { SecurityUtil.checkPermissions(authorizer, securityContext, Cluster.NAMESPACE, clusterId, READ); try (HBaseMetadataService hbaseMetadataService = HBaseMetadataService .newInstance(environmentService, clusterId, securityContext, subject)) { return WSUtils.respondEntity(hbaseMetadataService.getHBaseNamespaces(), OK); } catch (EntityNotFoundException ex) { throw com.hortonworks.streamline.common.exception.service.exception.request.EntityNotFoundException.byId(ex.getMessage()); } }
@GET @Path("/clusters/{clusterId}/services/kafka/brokers") @Timed public Response getBrokersByClusterId(@PathParam("clusterId") Long clusterId, @Context SecurityContext securityContext) throws Exception { SecurityUtil.checkPermissions(authorizer, securityContext, Cluster.NAMESPACE, clusterId, READ); try(final KafkaMetadataService kafkaMetadataService = KafkaMetadataService .newInstance(environmentService, clusterId, securityContext)) { return WSUtils.respondEntity(kafkaMetadataService.getBrokerHostPortFromStreamsJson(), OK); } catch (EntityNotFoundException ex) { throw com.hortonworks.streamline.common.exception.service.exception.request.EntityNotFoundException.byId(ex.getMessage()); } }
@GET @Path("/clusters/{clusterId}/services/{id}") @Timed public Response getServiceById(@PathParam("clusterId") Long clusterId, @PathParam("id") Long serviceId, @Context SecurityContext securityContext) { SecurityUtil.checkPermissions(authorizer, securityContext, Cluster.NAMESPACE, clusterId, READ); Service result = environmentService.getService(serviceId); if (result != null) { if (result.getClusterId() == null || !result.getClusterId().equals(clusterId)) { throw EntityNotFoundException.byId("cluster: " + clusterId.toString()); } return WSUtils.respondEntity(result, OK); } throw EntityNotFoundException.byId(buildMessageForCompositeId(clusterId, serviceId)); }
@GET @Path("/services/{serviceId}/components/{id}") @Timed public Response getComponentById(@PathParam("serviceId") Long serviceId, @PathParam("id") Long componentId, @Context SecurityContext securityContext) { SecurityUtil.checkPermissions(authorizer, securityContext, Cluster.NAMESPACE, getClusterId(serviceId), READ); Component component = environmentService.getComponent(componentId); if (component != null) { if (component.getServiceId() == null || !component.getServiceId().equals(serviceId)) { throw EntityNotFoundException.byId("service: " + serviceId.toString()); } return WSUtils.respondEntity(component, OK); } throw EntityNotFoundException.byId(buildMessageForCompositeId(serviceId, componentId)); }