@Override public void update(String table, String key, UUID changeId, Delta delta, Audit audit, WriteConsistency consistency) { updateAll(Collections.singletonList(new Update(table, key, changeId, delta, audit, consistency))); }
@Override public void update(String table, String key, UUID changeId, Delta delta, Audit audit, WriteConsistency consistency) { updateAll(Collections.singletonList(new Update(table, key, changeId, delta, audit, consistency))); }
Update newIdentityCreate = new Update(_identityTableName, newHashedAuthenticationId, changeId, Deltas.literal(map), audit, WriteConsistency.GLOBAL); Update oldIdentityDelete = new Update(_identityTableName, oldHashedAuthenticationId, changeId, Deltas.delete(), audit, WriteConsistency.GLOBAL); Update idUpdate = new Update(_idIndexTableName, id, changeId, Deltas.literal(map), audit, WriteConsistency.GLOBAL);
Update newIdentityCreate = new Update(_identityTableName, newHashedAuthenticationId, changeId, Deltas.literal(map), audit, WriteConsistency.GLOBAL); Update oldIdentityDelete = new Update(_identityTableName, oldHashedAuthenticationId, changeId, Deltas.delete(), audit, WriteConsistency.GLOBAL); Update idUpdate = new Update(_idIndexTableName, id, changeId, Deltas.literal(map), audit, WriteConsistency.GLOBAL);
@Override public String createIdentity(String authenticationId, AuthIdentityModification<T> modification) throws IdentityExistsException { checkNotNull(authenticationId, "authenticationId"); checkNotNull(modification, "modification"); validateTables(); // Check whether the authentication ID conflicts with an existing identity. Note that we can't protect from a // race condition here; we rely on this method being run inside a global synchronization lock. if (getIdentityByAuthenticationId(authenticationId) != null) { throw new IdentityExistsException(); } String id = _uniqueIdSupplier.get(); String hashedAuthenticationId = hash(authenticationId); UUID changeId = TimeUUIDs.newUUID(); Audit audit = new AuditBuilder().setLocalHost().setComment("create identity").build(); T identity = modification.buildNew(id); // Ignore whatever masked ID was set; mask it now identity.setMaskedId(mask(authenticationId)); identity.setIssued(new Date()); Map<String, Object> map = convertIdentityToDataStoreEntry(identity); Update identityUpdate = new Update(_identityTableName, hashedAuthenticationId, changeId, Deltas.literal(map), audit, WriteConsistency.GLOBAL); map = ImmutableMap.<String, Object>of(HASHED_ID, hashedAuthenticationId); Update idUpdate = new Update(_idIndexTableName, id, changeId, Deltas.literal(map), audit, WriteConsistency.GLOBAL); // Update the identity and ID index in a single update _dataStore.updateAll(ImmutableList.of(identityUpdate, idUpdate)); return id; }
@Override public String createIdentity(String authenticationId, AuthIdentityModification<T> modification) throws IdentityExistsException { checkNotNull(authenticationId, "authenticationId"); checkNotNull(modification, "modification"); validateTables(); // Check whether the authentication ID conflicts with an existing identity. Note that we can't protect from a // race condition here; we rely on this method being run inside a global synchronization lock. if (getIdentityByAuthenticationId(authenticationId) != null) { throw new IdentityExistsException(); } String id = _uniqueIdSupplier.get(); String hashedAuthenticationId = hash(authenticationId); UUID changeId = TimeUUIDs.newUUID(); Audit audit = new AuditBuilder().setLocalHost().setComment("create identity").build(); T identity = modification.buildNew(id); // Ignore whatever masked ID was set; mask it now identity.setMaskedId(mask(authenticationId)); identity.setIssued(new Date()); Map<String, Object> map = convertIdentityToDataStoreEntry(identity); Update identityUpdate = new Update(_identityTableName, hashedAuthenticationId, changeId, Deltas.literal(map), audit, WriteConsistency.GLOBAL); map = ImmutableMap.<String, Object>of(HASHED_ID, hashedAuthenticationId); Update idUpdate = new Update(_idIndexTableName, id, changeId, Deltas.literal(map), audit, WriteConsistency.GLOBAL); // Update the identity and ID index in a single update _dataStore.updateAll(ImmutableList.of(identityUpdate, idUpdate)); return id; }
Iterable<Update> updates = asSubjectSafeUpdateIterable(Collections.singletonList(new Update(table, key, changeId, delta, audit, consistency.get())).iterator(), subject, facade); if (facade) {
private SuccessResponse doSimpleUpdateStream(final Optional<String> tableParam, final TimeUUIDParam changeIdParam, AuditParam auditParam, WriteConsistencyParam consistencyParam, Reader in, BooleanParam facade, Subject subject) { final Audit audit = getRequired(auditParam, "audit"); final WriteConsistency consistency = consistencyParam.get(); Iterator<Update> updates = Iterators.transform(Deltas.fromStream(in), new Function<Delta, Update>() { @Override public Update apply(Delta delta) { String table = tableParam.isPresent() ? tableParam.get() : extractKey(delta, Intrinsic.TABLE, String.class); checkArgument(table != null, "JSON object is missing field required by streaming update: %s", Intrinsic.TABLE); String key = extractKey(delta, Intrinsic.ID, String.class); checkArgument(key != null, "JSON object is missing field required by streaming update: %s", Intrinsic.ID); UUID changeId = (changeIdParam != null) ? changeIdParam.get() : TimeUUIDs.newUUID(); // optional, defaults to new uuid return new Update(table, key, changeId, delta, audit, consistency); } }); if (facade != null && facade.get()) { _dataStore.updateAllForFacade(asSubjectSafeUpdateIterable(updates, subject, true)); } else { // Parse and iterate through the deltas such that we never hold all the deltas in memory at once. _dataStore.updateAll(asSubjectSafeUpdateIterable(updates, subject, false)); } return SuccessResponse.instance(); }
@Override public void deleteRole(RoleIdentifier id) { // First, verify the role exists Role role = getRole(id); if (role == null) { // Role doesn't exist. Don't raise an exception, just return now since there is no work to be done. return; } // Start by revoking all permissions. Even if the subsequent steps fail any users with this role won't have // any permissions from it once this step completes. _permissionManager.revokePermissions(PermissionIDs.forRole(id)); // As the inverse for creating roles the role is deleted before the group. UUID changeId = TimeUUIDs.newUUID(); String groupKey = checkGroup(role.getGroup()); Delta groupTableDelta = Deltas.mapBuilder() .update(IDS_ATTR, Deltas.setBuilder() .remove(role.getId()) .deleteIfEmpty() .build()) .deleteIfEmpty() .build(); Delta roleTableDelta = Deltas.delete(); Audit audit = new AuditBuilder().setLocalHost().setComment("Delete role " + id).build(); _dataStore.updateAll(ImmutableList.of( new Update(_groupTableName, groupKey, changeId, groupTableDelta, audit, WriteConsistency.GLOBAL), new Update(_roleTableName, id.toString(), changeId, roleTableDelta, audit, WriteConsistency.GLOBAL))); }
@Override public void deleteRole(RoleIdentifier id) { // First, verify the role exists Role role = getRole(id); if (role == null) { // Role doesn't exist. Don't raise an exception, just return now since there is no work to be done. return; } // Start by revoking all permissions. Even if the subsequent steps fail any users with this role won't have // any permissions from it once this step completes. _permissionManager.revokePermissions(PermissionIDs.forRole(id)); // As the inverse for creating roles the role is deleted before the group. UUID changeId = TimeUUIDs.newUUID(); String groupKey = checkGroup(role.getGroup()); Delta groupTableDelta = Deltas.mapBuilder() .update(IDS_ATTR, Deltas.setBuilder() .remove(role.getId()) .deleteIfEmpty() .build()) .deleteIfEmpty() .build(); Delta roleTableDelta = Deltas.delete(); Audit audit = new AuditBuilder().setLocalHost().setComment("Delete role " + id).build(); _dataStore.updateAll(ImmutableList.of( new Update(_groupTableName, groupKey, changeId, groupTableDelta, audit, WriteConsistency.GLOBAL), new Update(_roleTableName, id.toString(), changeId, roleTableDelta, audit, WriteConsistency.GLOBAL))); }
new Update(_groupTableName, groupKey, changeId, groupTableDelta, audit, WriteConsistency.GLOBAL), new Update(_roleTableName, id.toString(), changeId, roleTableDelta, audit, WriteConsistency.GLOBAL))); new Update(_groupTableName, groupKey, changeId, groupTableDelta, audit, WriteConsistency.GLOBAL), new Update(_roleTableName, id.toString(), changeId, roleTableDelta, audit, WriteConsistency.GLOBAL))); } catch (Exception rollbackException) {
new Update(_groupTableName, groupKey, changeId, groupTableDelta, audit, WriteConsistency.GLOBAL), new Update(_roleTableName, id.toString(), changeId, roleTableDelta, audit, WriteConsistency.GLOBAL))); new Update(_groupTableName, groupKey, changeId, groupTableDelta, audit, WriteConsistency.GLOBAL), new Update(_roleTableName, id.toString(), changeId, roleTableDelta, audit, WriteConsistency.GLOBAL))); } catch (Exception rollbackException) {