SystemRoleObjectPostProcessor.java

package io.cattle.platform.service.account;

import io.cattle.platform.core.constants.AccountConstants;
import io.cattle.platform.core.constants.AgentConstants;
import io.cattle.platform.core.constants.InstanceConstants;
import io.cattle.platform.core.model.Account;
import io.cattle.platform.core.model.Credential;
import io.cattle.platform.core.model.Instance;
import io.cattle.platform.core.util.SystemLabels;
import io.cattle.platform.object.ObjectManager;
import io.cattle.platform.object.serialization.ObjectTypeSerializerPostProcessor;
import io.cattle.platform.object.util.DataAccessor;
import io.cattle.platform.object.util.DataUtils;
import io.cattle.platform.server.context.ServerContext;
import io.cattle.platform.server.context.ServerContext.BaseProtocol;
import io.cattle.platform.service.launcher.ServiceAccountCreateStartup;

import java.util.Map;

import javax.inject.Inject;

import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

public class SystemRoleObjectPostProcessor implements ObjectTypeSerializerPostProcessor {

    private static final Logger log = LoggerFactory.getLogger(SystemRoleObjectPostProcessor.class);

    @Inject
    ObjectManager objectManager;

    @Inject
    ServiceAccountCreateStartup serviceAccount;

    @Override
    public String[] getTypes() {
        return new String[] { InstanceConstants.TYPE };
    }

    @Override
    public void process(Object obj, String type, Map<String, Object> data) {
        if (!(obj instanceof Instance)) {
            return;
        }

        boolean setCreds = false;
        Instance instance = (Instance) obj;
        Object value = DataAccessor.fieldMap(instance, InstanceConstants.FIELD_LABELS).get(SystemLabels.LABEL_AGENT_ROLE);
        if (AgentConstants.SYSTEM_ROLE.equals(value)) {
            Account account = objectManager.loadResource(Account.class, instance.getAccountId());
            if (DataAccessor.fieldBool(account, AccountConstants.FIELD_ALLOW_SYSTEM_ROLE)) {
                setCreds = true;
            }
        }

        if (!setCreds) {
            return;
        }

        Credential cred = serviceAccount.getCredential();
        if (cred == null) {
            log.error("Failed to find credential for service account");
            return;
        }

        Map<String, Object> fields = DataUtils.getWritableFields(data);
        DataAccessor.fromMap(fields)
            .withScopeKey(InstanceConstants.FIELD_ENVIRONMENT)
            .withKey("CATTLE_ACCESS_KEY").set(cred.getPublicValue());
        DataAccessor.fromMap(fields)
            .withScopeKey(InstanceConstants.FIELD_ENVIRONMENT)
            .withKey("CATTLE_SECRET_KEY").set(cred.getSecretValue());
        DataAccessor.fromMap(fields)
            .withScopeKey(InstanceConstants.FIELD_ENVIRONMENT)
            .withKey("CATTLE_URL").set(ServerContext.getHostApiBaseUrl(BaseProtocol.HTTP));
    }

}