public ProjectLock(Account project) { super("PROJECT.LOCK." + project.getId()); } }
/** * {@inheritDoc} */ @Override public void from(io.cattle.platform.core.model.Account from) { setId(from.getId()); setName(from.getName()); setKind(from.getKind()); setUuid(from.getUuid()); setDescription(from.getDescription()); setState(from.getState()); setCreated(from.getCreated()); setRemoved(from.getRemoved()); setRemoveTime(from.getRemoveTime()); setData(from.getData()); setExternalId(from.getExternalId()); setExternalIdType(from.getExternalIdType()); setHealthState(from.getHealthState()); setProjectTemplateId(from.getProjectTemplateId()); setDefaultNetworkId(from.getDefaultNetworkId()); setVersion(from.getVersion()); setRevision(from.getRevision()); }
@Override public Object perform(String name, Object obj, ApiRequest request) { if (obj instanceof Account) { Account accountToDeactivate = (Account) obj; if (AccountConstants.ADMIN_KIND.equalsIgnoreCase(accountToDeactivate.getKind())) { Account anAdminAccount = accountDao.getAdminAccountExclude(accountToDeactivate.getId()); if (anAdminAccount == null) { throw new ClientVisibleException(ResponseCodes.METHOD_NOT_ALLOWED, AccountConstants.LAST_ADMIN_ACCOUNT, "Cannot deactivate the last admin account.", AccountConstants.ADMIN_REQUIRED_MESSAGE); } } else if(AccountConstants.PROJECT_KIND.equalsIgnoreCase(accountToDeactivate.getKind())) { accountToDeactivate = accountDao.getAccountById(accountToDeactivate.getId()); if (accountToDeactivate == null) { throw new ClientVisibleException(ResponseCodes.NOT_FOUND); } } objectProcessManager.scheduleStandardProcess(StandardProcess.DEACTIVATE, accountToDeactivate, null); accountToDeactivate = objectManager.reload(accountToDeactivate); return accountToDeactivate; } else { return null; } }
@Override public Resource filter(ApiRequest request, Object original, Resource converted) { IdFormatter idFormatter = ApiContext.getContext().getIdFormatter(); Identity identity = null; if (original instanceof Account) { Account account = (Account) original; if (AccountConstants.PROJECT_KIND.equalsIgnoreCase(account.getKind())) { return converted; } if (account.getExternalId() != null && account.getExternalIdType() != null) { identity = new Identity(account.getExternalIdType(), account.getExternalId()); } else { if (!AccountConstants.PROJECT_KIND.equalsIgnoreCase(account.getKind())) { identity = new Identity(ProjectConstants.RANCHER_ID, String.valueOf(account.getId())); } } } if (identity != null) { if (idFormatter != null) { converted.getFields().put("identity", idFormatter.formatId("identity", identity.getId())); } else { converted.getFields().put("identity", identity.getId()); } } return converted; }
public boolean shouldCreateCredentials(Account account, ProcessState state) { return ACCOUNT_KIND_CREDENTIALS.get().contains(account.getKind()); }
@Override public Identity getIdentity(Long id, IdFormatter idFormatter) { Account account = getAccountById(id); if (account == null || account.getKind().equalsIgnoreCase(ProjectConstants.TYPE) || !accountDao.isActiveAccount(account)) { return null; } Credential credential = create() .selectFrom(CREDENTIAL) .where(CREDENTIAL.KIND.equalIgnoreCase(CredentialConstants.KIND_PASSWORD) .and(CREDENTIAL.ACCOUNT_ID.eq(id)) .and(CREDENTIAL.STATE.equalIgnoreCase(CommonStatesConstants.ACTIVE))).fetchAny(); String accountId = idFormatter != null ? (String) idFormatter.formatId(objectManager.getType(Account.class), account.getId()) : String.valueOf(id); return new Identity(ProjectConstants.RANCHER_ID, accountId, account.getName(), null, null, credential == null ? null : credential.getPublicValue(), false); }
protected void startStacks(Account account) throws IOException { if (account.getRemoved() != null) { return; } List<Long> createdStackIds = DataAccessor.fieldLongList(account, AccountConstants.FIELD_CREATED_STACKS); List<Long> startedStackIds = DataAccessor.fieldLongList(account, AccountConstants.FIELD_STARTED_STACKS); if (!startedStackIds.isEmpty() || createdStackIds.isEmpty()) { return; } if (!hostDao.hasActiveHosts(account.getId())) { return; } startedStackIds = new ArrayList<>(); for (Long stackId : createdStackIds) { Stack stack = objectManager.loadResource(Stack.class, stackId); if (stack == null) { continue; } stack = resourceMonitor.waitForNotTransitioning(stack); if (CommonStatesConstants.ACTIVE.equals(stack.getState())) { for (Service service : objectManager.find(Service.class, SERVICE.STACK_ID, stackId, SERVICE.REMOVED, null)) { processManager.scheduleStandardProcess(StandardProcess.ACTIVATE, service, null); } } startedStackIds.add(stackId); } objectManager.setFields(account, AccountConstants.FIELD_STARTED_STACKS, startedStackIds); }
@Override public HandlerResult handle(ProcessState state, ProcessInstance process) { ProjectTemplate template = (ProjectTemplate)state.getResource(); if (!Boolean.TRUE.equals(template.getIsPublic()) || !CatalogService.DEFAULT_TEMPLATE.get().equalsIgnoreCase(template.getName())) { return null; } sampleDataStartupV3.start(); Account defaultProject = getDefaultProject(); if (defaultProject == null || defaultProject.getProjectTemplateId() != null) { return null; } if (!AccountConstants.ACCOUNT_VERSION.get().equals(defaultProject.getVersion())) { return null; } Long projectTemplateId = defaultProject.getProjectTemplateId(); if (projectTemplateId == null) { projectTemplateId = template.getId(); } systemStackTrigger.trigger(defaultProject.getId()); objectManager.setFields(defaultProject, ACCOUNT.PROJECT_TEMPLATE_ID, projectTemplateId); return null; }
@Override public Set<Identity> getIdentities(Account account) { if (!isConfigured() || !getConstantsConfig().getUserScope().equalsIgnoreCase(account.getExternalIdType())) { return new HashSet<>(); } if(!getTokenUtils().findAndSetJWT() && SecurityConstants.SECURITY.get() && getConstantsConfig().getConfig().equalsIgnoreCase(SecurityConstants.AUTH_PROVIDER.get())) { AuthToken authToken = authTokenDao.getTokenByAccountId(account.getId()); if (authToken == null){ LdapName dn; try { dn = new LdapName(account.getExternalId()); } catch (NamingException e) { throw new ClientVisibleException(ResponseCodes.UNAUTHORIZED); } Set<Identity> identities = getIdentities(dn); Token token = getTokenUtils().createToken(identities, null); authToken = authTokenDao.createToken(token.getJwt(), getConstantsConfig().getConfig(), account.getId(), account.getId()); } if (authToken != null && authToken.getKey() != null) { ApiRequest request = ApiContext.getContext().getApiRequest(); request.setAttribute(getConstantsConfig().getJWTType(), authToken.getKey()); } } return getTokenUtils().getIdentities(); }
public List<Long> createStacks(Account account) throws IOException { List<Long> createdStackIds = DataAccessor.fieldLongList(account, AccountConstants.FIELD_CREATED_STACKS); if (!createdStackIds.isEmpty()) { return createdStackIds; } ProjectTemplate projectTemplate = objectManager.loadResource(ProjectTemplate.class, account.getProjectTemplateId()); if (projectTemplate == null) { return Collections.emptyList(); } List<CatalogTemplate> templates = DataAccessor.fieldObjectList(projectTemplate, ProjectTemplateConstants.FIELD_STACKS, CatalogTemplate.class, jsonMapper); Map<String, CatalogTemplate> templatesById = catalogService.resolvedExternalIds(templates); createdStackIds = new ArrayList<>(); boolean executorRunning = false; for (Map.Entry<String, CatalogTemplate> entry : templatesById.entrySet()) { String externalId = entry.getKey(); Stack stack = objectManager.findAny(Stack.class, STACK.ACCOUNT_ID, account.getId(), STACK.EXTERNAL_ID, externalId, STACK.REMOVED, null); if (stack == null) { executorRunning = waitForExecutor(executorRunning); stack = catalogService.deploy(account.getId(), entry.getValue()); } createdStackIds.add(stack.getId()); } objectManager.reload(account); objectManager.setFields(account, AccountConstants.FIELD_CREATED_STACKS, createdStackIds); return createdStackIds; }
protected void setDefaultNetwork(Long accountId) { Account account = objectManager.loadResource(Account.class, accountId); if (account == null) { return; } Long defaultNetworkId = account.getDefaultNetworkId(); Long newDefaultNetworkId = null; for (Network network : networkDao.getActiveNetworks(account.getId())) { if (network.getKind().startsWith(NetworkConstants.PREFIX_KIND_DOCKER) || network.getKind().equals("hostOnlyNetwork")) { continue; } if (network.getId().equals(defaultNetworkId)) { newDefaultNetworkId = defaultNetworkId; break; } if ((CommonStatesConstants.ACTIVATING.equals(network.getState()) || CommonStatesConstants.UPDATING_ACTIVE.equals(network.getState())) && newDefaultNetworkId == null) { newDefaultNetworkId = network.getId(); } else if (CommonStatesConstants.ACTIVE.equals(network.getState())) { newDefaultNetworkId = network.getId(); } } if (!ObjectUtils.equals(defaultNetworkId, newDefaultNetworkId)) { objectManager.setFields(account, AccountConstants.FIELD_DEFAULT_NETWORK_ID, newDefaultNetworkId); } }
.set(CREDENTIAL.REMOVED, now) .set(CREDENTIAL.REMOVE_TIME, now) .where(CREDENTIAL.ACCOUNT_ID.eq(account.getId()) .and(CREDENTIAL.KIND.eq("password"))) .execute(); account.setName(name); properties.put(CREDENTIAL.SECRET_VALUE, transformationService.transform(password, EncryptionConstants.HASH)); properties.put(CREDENTIAL.KIND, LocalAuthConstants.PASSWORD); properties.put(CREDENTIAL.ACCOUNT_ID, account.getId()); properties.put(CREDENTIAL.STATE, CommonStatesConstants.ACTIVE);
protected void saveInContext(ApiRequest request, Policy policy, SchemaFactory schemaFactory, Account authorizedAccount) { if (schemaFactory != null) { request.setSchemaFactory(schemaFactory); } String accountId = (String) ApiContext.getContext().getIdFormatter().formatId(objectManager.getType(Account.class), policy.getAccountId()); request.getServletContext().getResponse().addHeader(ACCOUNT_ID_HEADER, accountId); String userId = (String) ApiContext.getContext().getIdFormatter().formatId(objectManager.getType(Account.class), policy.getAuthenticatedAsAccountId()); request.getServletContext().getResponse().addHeader(USER_ID_HEADER, userId); request.getServletContext().getResponse().addHeader(ACCOUNT_KIND_HEADER, authorizedAccount.getKind()); request.getServletContext().getResponse().addHeader(ACCOUNT_NAME_HEADER, authorizedAccount.getName()); ApiContext.getContext().setPolicy(policy); }
@Override public HandlerResult handle(ProcessState state, ProcessInstance process) { Account account = (Account)state.getResource(); if (account.getProjectTemplateId() != null || !AccountConstants.PROJECT_KIND.equals(account.getKind())) { return null; } if (StringUtils.isBlank(DEFAULT_TEMPLATE.get())) { return null; } ProjectTemplate template = objectManager.findAny(ProjectTemplate.class, PROJECT_TEMPLATE.NAME, DEFAULT_TEMPLATE.get(), PROJECT_TEMPLATE.IS_PUBLIC, true, PROJECT_TEMPLATE.REMOVED, null); return new HandlerResult( ACCOUNT.PROJECT_TEMPLATE_ID, template == null ? null : template.getId()); }
@Override public HandlerResult handle(ProcessState state, ProcessInstance process) { Account env = (Account)state.getResource(); if (!AccountConstants.PROJECT_KIND.equals(env.getKind())) { return null; } String version = env.getVersion(); if (AccountConstants.ACCOUNT_VERSION.get().equals(version)) { return null; } checkDefaultNetwork(env); assignTemplate(env); Network network = getIpSectNetwork(env); networkDao.migrateToNetwork(network); migrateInstances(network); upgradeHosts(env); objectManager.reload(env); return null; }
public NetworkMetaData(String name, String uuid, boolean is_default, boolean host_ports, Map<String, Object> metadata, String defaultPolicyAction, Object policy, Account account) { super(); this.name = name; this.uuid = uuid; this.is_default = is_default; this.host_ports = host_ports; this.metadata = metadata; this.default_policy_action = defaultPolicyAction; this.policy = policy; this.metadata_kind = "network"; this.environment_uuid = account.getUuid(); }
@SuppressWarnings("unchecked") private Account createProject(String type, ApiRequest apiRequest) { Policy policy = (Policy) ApiContext.getContext().getPolicy(); Map<String, Object> project = CollectionUtils.toMap(apiRequest.getRequestObject()); if (authDao.getAccountById(policy.getAccountId()).getKind().equalsIgnoreCase(ProjectConstants.TYPE)) { throw new ClientVisibleException(ResponseCodes.FORBIDDEN); } Object object = super.createInternal(type, apiRequest); if (object instanceof Account) { Account newProject = (Account) object; newProject.setKind(AccountConstants.PROJECT_KIND); objectManager.persist(newProject); List<Map<String, String>> members = (ArrayList<Map<String, String>>) project.get("members"); projectMemberResourceManager.setMembers(newProject, members, true); policy.grantObjectAccess(newProject); return objectManager.reload(newProject); } else { throw new ClientVisibleException(ResponseCodes.INTERNAL_SERVER_ERROR); } }
String targetAgentUri = RegionUtil.getTargetAgentUri(localRegion.getName(), account.getName(), agent.getUuid(), targetResourceAccount.getUuid()); log.info(String.format("Creating external agent with uri [%s] in environment [%s] in region [%s]", targetAgentUri,