RoleAuthorizationResourceProvider.java example

Explorer
ambari-master
- ambari-trunk
/*
 * Licensed to the Apache Software Foundation (ASF) under one
 * or more contributor license agreements.  See the NOTICE file
 * distributed with this work for additional information
 * regarding copyright ownership.  The ASF licenses this file
 * to you under the Apache License, Version 2.0 (the
 * "License"); you may not use this file except in compliance
 * with the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.apache.ambari.server.controller.internal;

import java.util.Collection;
import java.util.Collections;
import java.util.HashMap;
import java.util.HashSet;
import java.util.Iterator;
import java.util.Map;
import java.util.Set;

import org.apache.ambari.server.StaticallyInject;
import org.apache.ambari.server.controller.AmbariManagementController;
import org.apache.ambari.server.controller.spi.NoSuchParentResourceException;
import org.apache.ambari.server.controller.spi.NoSuchResourceException;
import org.apache.ambari.server.controller.spi.Predicate;
import org.apache.ambari.server.controller.spi.Request;
import org.apache.ambari.server.controller.spi.Resource;
import org.apache.ambari.server.controller.spi.Resource.Type;
import org.apache.ambari.server.controller.spi.SystemException;
import org.apache.ambari.server.controller.spi.UnsupportedPropertyException;
import org.apache.ambari.server.controller.utilities.PropertyHelper;
import org.apache.ambari.server.orm.dao.PermissionDAO;
import org.apache.ambari.server.orm.dao.RoleAuthorizationDAO;
import org.apache.ambari.server.orm.entities.PermissionEntity;
import org.apache.ambari.server.orm.entities.RoleAuthorizationEntity;
import org.apache.commons.lang.StringUtils;

import com.google.inject.Inject;

/**
 * A write-only resource provider for securely stored credentials
 */
@StaticallyInject
public class RoleAuthorizationResourceProvider extends ReadOnlyResourceProvider {

  // ----- Property ID constants ---------------------------------------------

  public static final String AUTHORIZATION_ID_PROPERTY_ID = PropertyHelper.getPropertyId("AuthorizationInfo", "authorization_id");
  public static final String PERMISSION_ID_PROPERTY_ID = PropertyHelper.getPropertyId("AuthorizationInfo", "permission_id");
  public static final String AUTHORIZATION_NAME_PROPERTY_ID = PropertyHelper.getPropertyId("AuthorizationInfo", "authorization_name");

  private static final Set<String> PK_PROPERTY_IDS;
  private static final Set<String> PROPERTY_IDS;
  private static final Map<Type, String> KEY_PROPERTY_IDS;

  static {
    Set<String> set;
    set = new HashSet<>();
    set.add(AUTHORIZATION_ID_PROPERTY_ID);
    set.add(PERMISSION_ID_PROPERTY_ID);
    PK_PROPERTY_IDS = Collections.unmodifiableSet(set);

    set = new HashSet<>();
    set.add(AUTHORIZATION_ID_PROPERTY_ID);
    set.add(PERMISSION_ID_PROPERTY_ID);
    set.add(AUTHORIZATION_NAME_PROPERTY_ID);
    PROPERTY_IDS = Collections.unmodifiableSet(set);

    HashMap<Type, String> map = new HashMap<>();
    map.put(Type.Permission, PERMISSION_ID_PROPERTY_ID);
    map.put(Type.RoleAuthorization, AUTHORIZATION_ID_PROPERTY_ID);
    KEY_PROPERTY_IDS = Collections.unmodifiableMap(map);
  }

  /**
   * Data access object used to obtain authorization entities.
   */
  @Inject
  private static RoleAuthorizationDAO roleAuthorizationDAO;

  /**
   * Data access object used to obtain permission entities.
   */
  @Inject
  private static PermissionDAO permissionDAO;

  /**
   * Create a new resource provider.
   */
  public RoleAuthorizationResourceProvider(AmbariManagementController managementController) {
    super(PROPERTY_IDS, KEY_PROPERTY_IDS, managementController);
  }

  @Override
  public Set<Resource> getResources(Request request, Predicate predicate)
      throws SystemException, UnsupportedPropertyException, NoSuchResourceException, NoSuchParentResourceException {

    Set<String> requestedIds = getRequestPropertyIds(request, predicate);
    Set<Resource> resources = new HashSet<>();

    Set<Map<String, Object>> propertyMaps;

    if (predicate == null) {
      // The request must be from /
      propertyMaps = Collections.singleton(Collections.<String, Object>emptyMap());
    } else {
      propertyMaps = getPropertyMaps(predicate);
    }

    if (propertyMaps != null) {
      for (Map<String, Object> propertyMap : propertyMaps) {
        Object object = propertyMap.get(PERMISSION_ID_PROPERTY_ID);
        Collection<RoleAuthorizationEntity> authorizationEntities;
        Integer permissionId;

        if (object instanceof String) {
          try {
            permissionId = Integer.valueOf((String) object);
          } catch (NumberFormatException e) {
            LOG.warn(PERMISSION_ID_PROPERTY_ID + " is not a valid integer value", e);
            throw new NoSuchResourceException("The requested resource doesn't exist: Authorization not found, " + predicate, e);
          }
        } else if (object instanceof Number) {
          permissionId = ((Number) object).intValue();
        } else {
          permissionId = null;
        }

        if (permissionId == null) {
          authorizationEntities = roleAuthorizationDAO.findAll();
        } else {
          PermissionEntity permissionEntity = permissionDAO.findById(permissionId);

          if (permissionEntity == null) {
            authorizationEntities = null;
          } else {
            authorizationEntities = permissionEntity.getAuthorizations();
          }
        }

        if (authorizationEntities != null) {
          String authorizationId = (String) propertyMap.get(AUTHORIZATION_ID_PROPERTY_ID);

          if (!StringUtils.isEmpty(authorizationId)) {
            // Filter the entities
            Iterator<RoleAuthorizationEntity> iterator = authorizationEntities.iterator();
            while (iterator.hasNext()) {
              if (!authorizationId.equals(iterator.next().getAuthorizationId())) {
                iterator.remove();
              }
            }
          }

          for (RoleAuthorizationEntity entity : authorizationEntities) {
            resources.add(toResource(permissionId, entity, requestedIds));
          }
        }
      }
    }

    return resources;
  }

  @Override
  protected Set<String> getPKPropertyIds() {
    return PK_PROPERTY_IDS;
  }

  /**
   * Creates a new resource from the given RoleAuthorizationEntity and set of requested ids.
   *
   * @param entity       the RoleAuthorizationEntity
   * @param requestedIds the properties to include in the resulting resource instance
   * @return a resource
   */
  private Resource toResource(Integer permissionId, RoleAuthorizationEntity entity, Set<String> requestedIds) {
    Resource resource = new ResourceImpl(Type.RoleAuthorization);
    setResourceProperty(resource, AUTHORIZATION_ID_PROPERTY_ID, entity.getAuthorizationId(), requestedIds);
    if (permissionId != null) {
      setResourceProperty(resource, PERMISSION_ID_PROPERTY_ID, permissionId, requestedIds);
    }
    setResourceProperty(resource, AUTHORIZATION_NAME_PROPERTY_ID, entity.getAuthorizationName(), requestedIds);
    return resource;
  }
}