/** * Returns the {@link ProgramSpecification} for the specified {@link ProgramId program}. * * @param programId the {@link ProgramId program} for which the {@link ProgramSpecification} is requested * @return the {@link ProgramSpecification} for the specified {@link ProgramId program} */ @Nullable public ProgramSpecification getProgramSpecification(ProgramId programId) throws Exception { AuthorizationUtil.ensureOnePrivilege(programId, EnumSet.allOf(Action.class), authorizationEnforcer, authenticationContext.getPrincipal()); return getProgramSpecificationWithoutAuthz(programId); }
/** * Returns the {@link ProgramSpecification} for the specified {@link ProgramId program}. * * @param programId the {@link ProgramId program} for which the {@link ProgramSpecification} is requested * @return the {@link ProgramSpecification} for the specified {@link ProgramId program} */ @Nullable public ProgramSpecification getProgramSpecification(ProgramId programId) throws Exception { AuthorizationUtil.ensureOnePrivilege(programId, EnumSet.allOf(Action.class), authorizationEnforcer, authenticationContext.getPrincipal()); return getProgramSpecificationWithoutAuthz(programId); }
@Override public StreamProperties getProperties(StreamId streamId) throws Exception { // User should have at least one privilege to read stream properties AuthorizationUtil.ensureOnePrivilege(streamId, EnumSet.allOf(Action.class), authorizationEnforcer, authenticationContext.getPrincipal()); return delegate.getProperties(streamId); }
@Override public DatasetModuleMeta getModule(DatasetModuleId datasetModuleId) throws Exception { // No authorization for system modules if (!NamespaceId.SYSTEM.equals(datasetModuleId.getNamespaceId())) { AuthorizationUtil.ensureOnePrivilege(datasetModuleId, EnumSet.allOf(Action.class), authorizationEnforcer, authenticationContext.getPrincipal()); } return delegate.getModule(datasetModuleId); }
@Override public DatasetTypeMeta getType(DatasetTypeId datasetTypeId) throws Exception { // No authorization for system dataset types if (!NamespaceId.SYSTEM.equals(datasetTypeId.getNamespaceId())) { AuthorizationUtil.ensureOnePrivilege(datasetTypeId, EnumSet.allOf(Action.class), authorizationEnforcer, authenticationContext.getPrincipal()); } return delegate.getType(datasetTypeId); } }
@Override public DatasetTypeMeta getType(DatasetTypeId datasetTypeId) throws Exception { // No authorization for system dataset types if (!NamespaceId.SYSTEM.equals(datasetTypeId.getNamespaceId())) { AuthorizationUtil.ensureOnePrivilege(datasetTypeId, EnumSet.allOf(Action.class), authorizationEnforcer, authenticationContext.getPrincipal()); } return delegate.getType(datasetTypeId); } }
@Override public DatasetModuleMeta getModule(DatasetModuleId datasetModuleId) throws Exception { // No authorization for system modules if (!NamespaceId.SYSTEM.equals(datasetModuleId.getNamespaceId())) { AuthorizationUtil.ensureOnePrivilege(datasetModuleId, EnumSet.allOf(Action.class), authorizationEnforcer, authenticationContext.getPrincipal()); } return delegate.getModule(datasetModuleId); }
AuthorizationUtil.ensureOnePrivilege(instance, EnumSet.allOf(Action.class), authorizationEnforcer, authenticationContext.getPrincipal()); LOG.trace("Authorized GET for dataset {}", instance.getDataset());
AuthorizationUtil.ensureOnePrivilege(instance, EnumSet.allOf(Action.class), authorizationEnforcer, authenticationContext.getPrincipal()); LOG.trace("Authorized GET for dataset {}", instance.getDataset());
@Override public ArtifactDetail getArtifact(Id.Artifact artifactId) throws Exception { ArtifactId artifact = artifactId.toEntityId(); // No authorization for system artifacts if (!NamespaceId.SYSTEM.equals(artifact.getParent())) { // need at least one privilege to get the artifact detail AuthorizationUtil.ensureOnePrivilege(artifact, EnumSet.allOf(Action.class), authorizationEnforcer, authenticationContext.getPrincipal()); } return delegate.getArtifact(artifactId); }
@Override public ArtifactDetail getArtifact(Id.Artifact artifactId) throws Exception { ArtifactId artifact = artifactId.toEntityId(); // No authorization for system artifacts if (!NamespaceId.SYSTEM.equals(artifact.getParent())) { // need at least one privilege to get the artifact detail AuthorizationUtil.ensureOnePrivilege(artifact, EnumSet.allOf(Action.class), authorizationEnforcer, authenticationContext.getPrincipal()); } return delegate.getArtifact(artifactId); }
/** * Gets runtime arguments for the program from the {@link PreferencesService} * * @param programId the {@link ProgramId program} for which runtime arguments needs to be retrieved * @return {@link Map} containing runtime arguments of the program * @throws NotFoundException if the specified program was not found * @throws UnauthorizedException if the current user does not have sufficient privileges to get runtime arguments for * the specified program. To get runtime arguments for a program, a user requires * {@link Action#READ} privileges on the program. */ public Map<String, String> getRuntimeArgs(@Name("programId") ProgramId programId) throws Exception { // user can have READ, ADMIN or EXECUTE to retrieve the runtime arguments AuthorizationUtil.ensureOnePrivilege(programId, EnumSet.of(Action.READ, Action.EXECUTE, Action.ADMIN), authorizationEnforcer, authenticationContext.getPrincipal()); if (!store.programExists(programId)) { throw new NotFoundException(programId); } return preferencesService.getProperties(programId); }
/** * Gets runtime arguments for the program from the {@link PreferencesService} * * @param programId the {@link ProgramId program} for which runtime arguments needs to be retrieved * @return {@link Map} containing runtime arguments of the program * @throws NotFoundException if the specified program was not found * @throws UnauthorizedException if the current user does not have sufficient privileges to get runtime arguments for * the specified program. To get runtime arguments for a program, a user requires * {@link Action#READ} privileges on the program. */ public Map<String, String> getRuntimeArgs(@Name("programId") ProgramId programId) throws Exception { // user can have READ, ADMIN or EXECUTE to retrieve the runtime arguments AuthorizationUtil.ensureOnePrivilege(programId, EnumSet.of(Action.READ, Action.EXECUTE, Action.ADMIN), authorizationEnforcer, authenticationContext.getPrincipal()); if (!store.programExists(programId)) { throw new NotFoundException(programId); } return preferencesService.getProperties(programId); }