You are viewing a plain text version of this content. The canonical link for it is here.
Posted to commits@dlab.apache.org by of...@apache.org on 2020/01/29 13:12:48 UTC
[incubator-dlab] branch DLAB-1357 updated: Secured APIs
This is an automated email from the ASF dual-hosted git repository.
ofuks pushed a commit to branch DLAB-1357
in repository https://gitbox.apache.org/repos/asf/incubator-dlab.git
The following commit(s) were added to refs/heads/DLAB-1357 by this push:
new 33de467 Secured APIs
33de467 is described below
commit 33de467f23dde32965bd844c9549043737907f64
Author: Oleh Fuks <ol...@gmail.com>
AuthorDate: Wed Jan 29 15:12:22 2020 +0200
Secured APIs
---
infrastructure-provisioning/src/ssn/files/aws/mongo_roles.json | 3 ++-
infrastructure-provisioning/src/ssn/files/azure/mongo_roles.json | 3 ++-
infrastructure-provisioning/src/ssn/files/gcp/mongo_roles.json | 3 ++-
.../main/java/com/epam/dlab/backendapi/resources/OdahuResource.java | 6 ++++++
services/self-service/src/main/resources/mongo/aws/mongo_roles.json | 3 ++-
.../self-service/src/main/resources/mongo/azure/mongo_roles.json | 3 ++-
services/self-service/src/main/resources/mongo/gcp/mongo_roles.json | 3 ++-
7 files changed, 18 insertions(+), 6 deletions(-)
diff --git a/infrastructure-provisioning/src/ssn/files/aws/mongo_roles.json b/infrastructure-provisioning/src/ssn/files/aws/mongo_roles.json
index 54d2cd6..00d4821 100644
--- a/infrastructure-provisioning/src/ssn/files/aws/mongo_roles.json
+++ b/infrastructure-provisioning/src/ssn/files/aws/mongo_roles.json
@@ -279,7 +279,8 @@
"/api/settings",
"/user/settings",
"/api/project",
- "/api/endpoint"
+ "/api/endpoint",
+ "/api/odahu"
],
"groups": [
"$anyuser"
diff --git a/infrastructure-provisioning/src/ssn/files/azure/mongo_roles.json b/infrastructure-provisioning/src/ssn/files/azure/mongo_roles.json
index 58cadb3..b0a4a0a 100644
--- a/infrastructure-provisioning/src/ssn/files/azure/mongo_roles.json
+++ b/infrastructure-provisioning/src/ssn/files/azure/mongo_roles.json
@@ -229,7 +229,8 @@
"/api/settings",
"/user/settings",
"/api/project",
- "/api/endpoint"
+ "/api/endpoint",
+ "/api/odahu"
],
"groups": [
"$anyuser"
diff --git a/infrastructure-provisioning/src/ssn/files/gcp/mongo_roles.json b/infrastructure-provisioning/src/ssn/files/gcp/mongo_roles.json
index 43d12e3..67548bf 100644
--- a/infrastructure-provisioning/src/ssn/files/gcp/mongo_roles.json
+++ b/infrastructure-provisioning/src/ssn/files/gcp/mongo_roles.json
@@ -259,7 +259,8 @@
"/api/settings",
"/user/settings",
"/api/project",
- "/api/endpoint"
+ "/api/endpoint",
+ "/api/odahu"
],
"groups": [
"$anyuser"
diff --git a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/OdahuResource.java b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/OdahuResource.java
index 0cac624..9856cf4 100644
--- a/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/OdahuResource.java
+++ b/services/self-service/src/main/java/com/epam/dlab/backendapi/resources/OdahuResource.java
@@ -26,6 +26,7 @@ import com.google.inject.Inject;
import io.dropwizard.auth.Auth;
import io.swagger.v3.oas.annotations.Parameter;
+import javax.annotation.security.RolesAllowed;
import javax.validation.Valid;
import javax.ws.rs.Consumes;
import javax.ws.rs.GET;
@@ -50,12 +51,14 @@ public class OdahuResource {
}
@GET
+ @RolesAllowed("/api/odahu")
@Produces(MediaType.APPLICATION_JSON)
public Response getOdahuClusters(@Parameter(hidden = true) @Auth UserInfo userInfo) {
return Response.ok(odahuService.findOdahu()).build();
}
@POST
+ @RolesAllowed("/api/odahu")
public Response createOdahuCluster(@Parameter(hidden = true) @Auth UserInfo userInfo,
@Parameter(hidden = true) @Context UriInfo uriInfo,
@Valid OdahuActionDTO createOdahuDTO) {
@@ -66,6 +69,7 @@ public class OdahuResource {
@Path("start")
@POST
+ @RolesAllowed("/api/odahu")
public Response startOdahuCluster(@Parameter(hidden = true) @Auth UserInfo userInfo,
@Valid OdahuActionDTO startOdahuDTO) {
odahuService.start(startOdahuDTO.getProject(), startOdahuDTO, userInfo);
@@ -74,6 +78,7 @@ public class OdahuResource {
@Path("stop")
@POST
+ @RolesAllowed("/api/odahu")
public Response stopOdahuCluster(@Parameter(hidden = true) @Auth UserInfo userInfo,
@Valid OdahuActionDTO stopOdahuDTO) {
odahuService.stop(stopOdahuDTO.getProject(), stopOdahuDTO, userInfo);
@@ -82,6 +87,7 @@ public class OdahuResource {
@Path("terminate")
@POST
+ @RolesAllowed("/api/odahu")
public Response terminateOdahuCluster(@Parameter(hidden = true) @Auth UserInfo userInfo,
@Valid OdahuActionDTO terminateOdahuDTO) {
odahuService.terminate(terminateOdahuDTO.getProject(), terminateOdahuDTO, userInfo);
diff --git a/services/self-service/src/main/resources/mongo/aws/mongo_roles.json b/services/self-service/src/main/resources/mongo/aws/mongo_roles.json
index 54d2cd6..00d4821 100644
--- a/services/self-service/src/main/resources/mongo/aws/mongo_roles.json
+++ b/services/self-service/src/main/resources/mongo/aws/mongo_roles.json
@@ -279,7 +279,8 @@
"/api/settings",
"/user/settings",
"/api/project",
- "/api/endpoint"
+ "/api/endpoint",
+ "/api/odahu"
],
"groups": [
"$anyuser"
diff --git a/services/self-service/src/main/resources/mongo/azure/mongo_roles.json b/services/self-service/src/main/resources/mongo/azure/mongo_roles.json
index 58cadb3..b0a4a0a 100644
--- a/services/self-service/src/main/resources/mongo/azure/mongo_roles.json
+++ b/services/self-service/src/main/resources/mongo/azure/mongo_roles.json
@@ -229,7 +229,8 @@
"/api/settings",
"/user/settings",
"/api/project",
- "/api/endpoint"
+ "/api/endpoint",
+ "/api/odahu"
],
"groups": [
"$anyuser"
diff --git a/services/self-service/src/main/resources/mongo/gcp/mongo_roles.json b/services/self-service/src/main/resources/mongo/gcp/mongo_roles.json
index 43d12e3..67548bf 100644
--- a/services/self-service/src/main/resources/mongo/gcp/mongo_roles.json
+++ b/services/self-service/src/main/resources/mongo/gcp/mongo_roles.json
@@ -259,7 +259,8 @@
"/api/settings",
"/user/settings",
"/api/project",
- "/api/endpoint"
+ "/api/endpoint",
+ "/api/odahu"
],
"groups": [
"$anyuser"
---------------------------------------------------------------------
To unsubscribe, e-mail: commits-unsubscribe@dlab.apache.org
For additional commands, e-mail: commits-help@dlab.apache.org