@GET @Path("{id}") @ApiOperation("Gets info about a single plugin") public Response getPluginInfo( @ApiParam("The id of the plugin") @PathParam("id") int id, @Context HttpHeaders headers) { PluginCriteria crit = new PluginCriteria(); crit.addFilterId(id); PageList<Plugin> plugins = pluginManager.findPluginsByCriteria(caller, crit); if (plugins.isEmpty()) { throw new StuffNotFoundException("Plugin"); } return withMediaType(Response.ok(PluginRest.from(plugins.get(0))), headers).build(); }
@Override public List<BundleResourceDeploymentHistory> getBundleResourceDeploymentHistories(Subject subject, int resourceDeploymentId) { // First check if this user can actually see this resource deployment // by calling #findBundleResourceDeploymentsByCriteria) BundleResourceDeploymentCriteria criteria = new BundleResourceDeploymentCriteria(); criteria.addFilterId(resourceDeploymentId); criteria.fetchHistories(true); criteria.setPageControl(PageControl.getSingleRowInstance()); PageList<BundleResourceDeployment> bundleResourceDeploymentsByCriteria = findBundleResourceDeploymentsByCriteria( subject, criteria); if (bundleResourceDeploymentsByCriteria.isEmpty()) { return Collections.emptyList(); } BundleResourceDeployment resourceDeployment = bundleResourceDeploymentsByCriteria.iterator().next(); return new ArrayList<BundleResourceDeploymentHistory>(resourceDeployment.getBundleResourceDeploymentHistories()); }
@Override @RequiredPermission(Permission.MANAGE_BUNDLE_GROUPS) public BundleGroup createBundleGroup(Subject subject, BundleGroup bundleGroup) throws Exception { String name = bundleGroup.getName(); if (null == name || "".equals(name.trim())) { throw new IllegalArgumentException("Invalid bundleGroupName: " + name); } BundleGroupCriteria c = new BundleGroupCriteria(); c.addFilterName(name); c.setStrict(true); if (!bundleManager.findBundleGroupsByCriteria(subject, c).isEmpty()) { throw new IllegalArgumentException("Invalid bundleGroupName, bundle group already exists with name: " + name); } entityManager.persist(bundleGroup); Set<Bundle> bundles = bundleGroup.getBundles(); if (null != bundles) { int[] bundleIds = new int[bundles.size()]; int i = 0; for (Bundle b : bundles) { bundleIds[i++] = b.getId(); } assignBundlesToBundleGroups(subject, new int[] { bundleGroup.getId() }, bundleIds); } return bundleGroup; }
nextCategory, pc); if (alertConditions.isEmpty()) { break; // didn't get any rows back, must not have any data or no more rows left to process
pc); if (alertConditions.isEmpty()) { break; // didn't get any rows back, must not have any data or no more rows left to process
/** * @see org.rhq.enterprise.server.auth.SubjectManagerRemote#getSubjectByName(String) */ public Subject getSubjectByName(String username) { //TODO: this method needs to be modified to require a Subject and probably MANAGE_SECURITY // permissions to defend against unrestricted access to subjects. SubjectCriteria c = new SubjectCriteria(); c.addFilterName(username); //to return the right user and to be deterministic the criteria should be strict. c.setStrict(true); PageList<Subject> result = findSubjectsByCriteria(getOverlord(), c); return result.isEmpty() ? null : result.get(0); }
(results.isEmpty() && pageControl.getPageNumber() != 0)) { if (log.isTraceEnabled()) { if (results.getTotalSize() != 0 && results.getTotalSize() <= pageControl.getStartRow()) {
private boolean isScheduleAccessible(int scheduleId) { // our Key is hopefully unique combination of scheduleId and caller (user) ID // it cannot be just scheduleId, because different users can have access different schedules CacheKey key = new CacheKey("existsScheduleForCaller", (31 * (1 + scheduleId) * 31 * (1 + caller.getId()))); Boolean accessible = (Boolean) cache.get(key); if (accessible != null) { return accessible.booleanValue(); } else { MeasurementScheduleCriteria criteria = new MeasurementScheduleCriteria(); criteria.addFilterId(scheduleId); PageList<MeasurementSchedule> schedules = scheduleManager.findSchedulesByCriteria(caller, criteria); if (schedules.isEmpty()) { cache.put(key, Boolean.FALSE); return false; } cache.put(key, Boolean.TRUE); return true; } }
@Override public PageList<BundleDeployment> findBundleDeploymentsByCriteria(Subject subject, BundleDeploymentCriteria criteria) { CriteriaQueryGenerator generator = new CriteriaQueryGenerator(subject, criteria); // filter by bundles that are viewable if (!authorizationManager.hasGlobalPermission(subject, Permission.VIEW_BUNDLES)) { generator.setAuthorizationBundleFragment(CriteriaQueryGenerator.AuthorizationTokenType.BUNDLE, subject.getId(), "bundleVersion.bundle"); } CriteriaQueryRunner<BundleDeployment> queryRunner = new CriteriaQueryRunner<BundleDeployment>(criteria, generator, entityManager); PageList<BundleDeployment> result = queryRunner.execute(); // The result currently holds bundle deployments for bundles viewable by the caller, but we must remove // those bundle deployments for destinations not viewable by the user. In essence we wanted two authz tokens, // one for bundle and one for resource group, but we can only supply one. if (!(result.isEmpty() || authorizationManager.isInventoryManager(subject))) { for (Iterator<BundleDeployment> i = result.iterator(); i.hasNext();) { BundleDeployment bd = i.next(); int groupId = bd.getDestination().getGroup().getId(); if (!authorizationManager.canViewGroup(subject, groupId)) { i.remove(); } } } return result; }
if (!result.isEmpty() && criteria.isInventoryManagerRequired() && !authorizationManager.isInventoryManager(subject)) {
if (schedules.isEmpty()) { throw new MeasurementException("Could not fine MeasurementSchedule with the id[" + scheduleId + "]");
@Override public void updateCompliance(int resourceId, String driftDefName, DriftComplianceStatus complianceStatus) { DriftDefinitionCriteria criteria = new DriftDefinitionCriteria(); criteria.setStrict(true); criteria.addFilterResourceIds(resourceId); criteria.addFilterName(driftDefName); DriftManagerLocal driftMgr = getDriftManager(); SubjectManagerLocal subjectMgr = getSubjectManager(); Subject overlord = subjectMgr.getOverlord(); PageList<DriftDefinition> definitions = driftMgr.findDriftDefinitionsByCriteria(overlord, criteria); if (definitions.isEmpty()) { log.warn("Cannot update compliance for [resourceId: " + resourceId + ", driftDefinitionName: " + driftDefName + "]. Could not find drift definition."); return; } DriftDefinition definition = definitions.get(0); definition.setComplianceStatus(complianceStatus); driftMgr.updateDriftDefinition(overlord, definition); } }
@Override public PageList<DriftDefinitionComposite> findDriftDefinitionCompositesByCriteria(Subject subject, DriftDefinitionCriteria criteria) { PageList<DriftDefinition> defs = findDriftDefinitionsByCriteria(subject, criteria); PageList<DriftDefinitionComposite> result = new PageList<DriftDefinitionComposite>(defs.getPageControl()); List<DriftDefinitionComposite> composites = new ArrayList<DriftDefinitionComposite>(defs.size()); GenericDriftChangeSetCriteria csCriteria = new GenericDriftChangeSetCriteria(); for (DriftDefinition def : defs) { DriftDefinitionComposite composite = new DriftDefinitionComposite(def, null); csCriteria.addFilterDriftDefinitionId(def.getId()); csCriteria.addSortVersion(PageOrdering.DESC); csCriteria.setPageControl(PageControl.getSingleRowInstance()); PageList<? extends DriftChangeSet<?>> changeSets = findDriftChangeSetsByCriteria(subject, csCriteria); if (!changeSets.isEmpty()) { composite.setMostRecentChangeset(changeSets.get(0)); } composites.add(composite); } result.addAll(composites); return result; }
if (defs.isEmpty()) { log.warn("Cannot process repeat change set. No drift definition found for [resourceId: " + resourceId + ", driftDefinitionName: " + driftDefName + "]"); if (changeSets.isEmpty()) { log.warn("Cannot process repeat change set. No change set found for [driftDefinitionId: " + driftDef.getId() + ", version: " + version + "]");
@Deprecated @Override @TransactionAttribute(TransactionAttributeType.NOT_SUPPORTED) public org.rhq.enterprise.server.measurement.MeasurementAggregate getAggregate(Subject subject, int scheduleId, long startTime, long endTime) { MeasurementScheduleCriteria criteria = new MeasurementScheduleCriteria(); criteria.addFilterId(scheduleId); criteria.fetchResource(true); PageList<MeasurementSchedule> schedules = measurementScheduleManager.findSchedulesByCriteria( subjectManager.getOverlord(), criteria); if (schedules.isEmpty()) { throw new MeasurementException("Could not fine MeasurementSchedule with the id[" + scheduleId + "]"); } MeasurementSchedule schedule = schedules.get(0); if (authorizationManager.canViewResource(subject, schedule.getResource().getId()) == false) { throw new PermissionException("User[" + subject.getName() + "] does not have permission to view schedule[id=" + scheduleId + "]"); } if (schedule.getDefinition().getDataType() != DataType.MEASUREMENT) { throw new IllegalArgumentException(schedule + " is not about numerical values. Can't compute aggregates"); } if (startTime > endTime) { throw new IllegalArgumentException("Start date " + startTime + " is not before " + endTime); } MetricsServer metricsServer = storageClientManager.getMetricsServer(); AggregateNumericMetric summary = metricsServer.getSummaryAggregate(scheduleId, startTime, endTime); return new org.rhq.enterprise.server.measurement.MeasurementAggregate(summary.getMin(), summary.getAvg(), summary.getMax()); }
criteria.setStrict(true); PageList<Role> roles = findRolesByCriteria(whoami, criteria); if (!roles.isEmpty()) { throw new EntityExistsException("A user role [" + newRole.getName() + "] already exists.");
private DriftChangeSet<? extends Drift<?, ?>> loadInitialChangeSet(Subject subject, DriftSnapshotRequest request) { DriftChangeSetCriteria criteria = new GenericDriftChangeSetCriteria(); criteria.addFilterCategory(COVERAGE); criteria.addFilterVersion("0"); // One of the next two filters will be null criteria.addFilterDriftDefinitionId(request.getDriftDefinitionId()); criteria.addFilterId(request.getTemplateChangeSetId()); criteria.fetchDrifts(true); criteria.setPageControl(PageControl.getUnlimitedInstance());//disable paging as the code assumes all the results will be returned. PageList<? extends DriftChangeSet<?>> changeSets = findDriftChangeSetsByCriteria(subject, criteria); if (changeSets.isEmpty()) { return null; } return changeSets.get(0); }
if (!result.isEmpty() && criteria.isInventoryManagerRequired() && !authorizationManager.isInventoryManager(subject)) {
@Override @TransactionAttribute(REQUIRES_NEW) public DriftChangeSetSummary saveChangeSet(Subject subject, int resourceId, File changeSetZip) throws Exception { authorizeOrFail(subject, resourceId, "Can not update/create drifts"); DriftServerPluginFacet driftServerPlugin = getServerPlugin(); DriftChangeSetSummary summary = driftServerPlugin.saveChangeSet(subject, resourceId, changeSetZip); if (DriftHandlingMode.plannedChanges != summary.getDriftHandlingMode()) { notifyAlertConditionCacheManager("saveChangeSet", summary); } DriftDefinitionCriteria criteria = new DriftDefinitionCriteria(); criteria.setStrict(true); criteria.addFilterName(summary.getDriftDefinitionName()); criteria.addFilterResourceIds(resourceId); criteria.clearPaging();//disable paging as the code assumes all the results will be returned. PageList<DriftDefinition> definitions = findDriftDefinitionsByCriteria(subject, criteria); if (definitions.isEmpty()) { log.warn("Could not find drift definition for [resourceId: " + resourceId + ", driftDefinitionName: " + summary.getDriftDefinitionName() + "]. Will not be able check compliance for thiis drift definition"); } else { updateCompliance(subject, definitions.get(0), summary); } return summary; }
@Override public PageList<Bundle> findBundlesByCriteria(Subject subject, BundleCriteria criteria) { CriteriaQueryGenerator generator = new CriteriaQueryGenerator(subject, criteria); if (!authorizationManager.hasGlobalPermission(subject, Permission.VIEW_BUNDLES)) { generator.setAuthorizationBundleFragment(CriteriaQueryGenerator.AuthorizationTokenType.BUNDLE, subject.getId(), null); } CriteriaQueryRunner<Bundle> queryRunner = new CriteriaQueryRunner<Bundle>(criteria, generator, entityManager); PageList<Bundle> result = queryRunner.execute(); // If asking for optional data that the subject may not be able to see then ensure that the optional // data is filtered appropriately. In this case only destinations viewable by the subject can be returned. // The result currently holds bundles viewable by the caller, but the bundle may have been deployed to // destinations for which the user does not have access to the destination's resource group. (BZ 694741) if (!result.isEmpty() && criteria.isInventoryManagerRequired() && !authorizationManager.isInventoryManager(subject)) { // this works because findBundleDestinationsByCriteria() authorizes against resource group associations for (Bundle bundle : result) { if (bundle.getDestinations().isEmpty()) { continue; } BundleDestinationCriteria destinationCriteria = new BundleDestinationCriteria(); destinationCriteria.clearPaging(); //disable paging as the code assumes all the results will be returned. destinationCriteria.addFilterBundleId(bundle.getId()); List<BundleDestination> destinations = findBundleDestinationsByCriteria(subject, destinationCriteria); entityManager.detach(bundle); // make sure the narrowed set of destinations does not get persisted bundle.setDestinations(destinations); } } return result; }