airavata-commits mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From machris...@apache.org
Subject [airavata] branch develop updated: AIRAVATA-2862 GatewayGroups first init'ed in SecurityManager
Date Sun, 22 Jul 2018 00:13:13 GMT
This is an automated email from the ASF dual-hosted git repository.

machristie pushed a commit to branch develop
in repository https://gitbox.apache.org/repos/asf/airavata.git


The following commit(s) were added to refs/heads/develop by this push:
     new 2002fe6  AIRAVATA-2862 GatewayGroups first init'ed in SecurityManager
2002fe6 is described below

commit 2002fe624e81dbf0a001f43c077fea79c4be000c
Author: Marcus Christie <machristie@apache.org>
AuthorDate: Sat Jul 21 20:02:27 2018 -0400

    AIRAVATA-2862 GatewayGroups first init'ed in SecurityManager
---
 .../airavata/api/server/handler/AiravataServerHandler.java     |  3 ++-
 .../airavata/service/security}/GatewayGroupsInitializer.java   |  8 +++++++-
 .../airavata/service/security/KeyCloakSecurityManager.java     | 10 +++++++++-
 .../service/security}/GatewayGroupsInitializerTest.java        |  2 +-
 4 files changed, 19 insertions(+), 4 deletions(-)

diff --git a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
index dc019ef..fc7e1f9 100644
--- a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
+++ b/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/handler/AiravataServerHandler.java
@@ -25,7 +25,7 @@ import org.apache.airavata.accountprovisioning.SSHAccountProvisionerFactory;
 import org.apache.airavata.accountprovisioning.SSHAccountProvisionerProvider;
 import org.apache.airavata.api.Airavata;
 import org.apache.airavata.api.airavata_apiConstants;
-import org.apache.airavata.api.server.util.GatewayGroupsInitializer;
+import org.apache.airavata.service.security.GatewayGroupsInitializer;
 import org.apache.airavata.common.exception.AiravataException;
 import org.apache.airavata.common.exception.ApplicationSettingsException;
 import org.apache.airavata.common.utils.AiravataUtils;
@@ -5782,6 +5782,7 @@ public class AiravataServerHandler implements Airavata.Iface {
     }
 
     @Override
+    @SecurityCheck
     public GatewayGroups getGatewayGroups(AuthzToken authzToken) throws InvalidRequestException,
AiravataClientException, AiravataSystemException, AuthorizationException, TException {
         String gatewayId = authzToken.getClaimsMap().get(Constants.GATEWAY_ID);
 
diff --git a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/util/GatewayGroupsInitializer.java
b/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/GatewayGroupsInitializer.java
similarity index 96%
rename from airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/util/GatewayGroupsInitializer.java
rename to airavata-services/services-security/src/main/java/org/apache/airavata/service/security/GatewayGroupsInitializer.java
index 30eb2a8..c51d67a 100644
--- a/airavata-api/airavata-api-server/src/main/java/org/apache/airavata/api/server/util/GatewayGroupsInitializer.java
+++ b/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/GatewayGroupsInitializer.java
@@ -18,7 +18,7 @@
  *
  */
 
-package org.apache.airavata.api.server.util;
+package org.apache.airavata.service.security;
 
 import org.apache.airavata.common.exception.ApplicationSettingsException;
 import org.apache.airavata.common.utils.AiravataUtils;
@@ -37,12 +37,16 @@ import org.apache.airavata.sharing.registry.client.SharingRegistryServiceClientF
 import org.apache.airavata.sharing.registry.models.*;
 import org.apache.airavata.sharing.registry.service.cpi.SharingRegistryService;
 import org.apache.thrift.TException;
+import org.slf4j.Logger;
+import org.slf4j.LoggerFactory;
 
 /**
  * Create and save an initial set of user management groups for a gateway.
  */
 public class GatewayGroupsInitializer {
 
+    private final static Logger logger = LoggerFactory.getLogger(KeyCloakSecurityManager.class);
+
     public static GatewayGroups initializeGatewayGroups(String gatewayId) {
 
         SharingRegistryService.Client sharingRegistryClient = createSharingRegistryClient();
@@ -73,6 +77,8 @@ public class GatewayGroupsInitializer {
 
     public GatewayGroups initialize(String gatewayId) throws TException {
 
+        logger.info("Creating a GatewayGroups instance for gateway " + gatewayId + " ...");
+
         GatewayGroups gatewayGroups = new GatewayGroups();
         gatewayGroups.setGatewayId(gatewayId);
 
diff --git a/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java
b/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java
index 22bfe5f..348ad02 100644
--- a/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java
+++ b/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java
@@ -253,7 +253,7 @@ public class KeyCloakSecurityManager implements AiravataSecurityManager
{
 
     private GatewayGroupMembership getGatewayGroupMembership(String username, String token,
String gatewayId) throws Exception {
         validateToken(username, token, gatewayId);
-        GatewayGroups gatewayGroups = registryServiceClient.getGatewayGroups(gatewayId);
+        GatewayGroups gatewayGroups = getGatewayGroups(gatewayId);
         List<UserGroup> userGroups = sharingRegistryServiceClient.getAllMemberGroupsForUser(gatewayId,
username + "@" + gatewayId);
         List<String> userGroupIds = userGroups.stream().map(g -> g.getGroupId()).collect(Collectors.toList());
         GatewayGroupMembership gatewayGroupMembership = new GatewayGroupMembership();
@@ -262,6 +262,14 @@ public class KeyCloakSecurityManager implements AiravataSecurityManager
{
         return gatewayGroupMembership;
     }
 
+    private GatewayGroups getGatewayGroups(String gatewayId) throws Exception {
+        if (registryServiceClient.isGatewayGroupsExists(gatewayId)) {
+            return registryServiceClient.getGatewayGroups(gatewayId);
+        } else {
+            return GatewayGroupsInitializer.initializeGatewayGroups(gatewayId);
+        }
+    }
+
     private void validateToken(String username, String token, String gatewayId) throws Exception
{
         GatewayResourceProfile gwrp = registryServiceClient.getGatewayResourceProfile(gatewayId);
         String identityServerRealm = gwrp.getIdentityServerTenant();
diff --git a/airavata-api/airavata-api-server/src/test/java/org/apache/airavata/api/server/util/GatewayGroupsInitializerTest.java
b/airavata-services/services-security/src/test/java/org/apache/airavata/service/security/GatewayGroupsInitializerTest.java
similarity index 99%
rename from airavata-api/airavata-api-server/src/test/java/org/apache/airavata/api/server/util/GatewayGroupsInitializerTest.java
rename to airavata-services/services-security/src/test/java/org/apache/airavata/service/security/GatewayGroupsInitializerTest.java
index 133ef79..e98b189 100644
--- a/airavata-api/airavata-api-server/src/test/java/org/apache/airavata/api/server/util/GatewayGroupsInitializerTest.java
+++ b/airavata-services/services-security/src/test/java/org/apache/airavata/service/security/GatewayGroupsInitializerTest.java
@@ -18,7 +18,7 @@
  *
  */
 
-package org.apache.airavata.api.server.util;
+package org.apache.airavata.service.security;
 
 import mockit.Expectations;
 import mockit.Mocked;


Mime
View raw message