All Downloads are FREE. Search and download functionalities are using the official Maven repository.

com.vmware.xenon.services.common.ResourceGroupService Maven / Gradle / Ivy

There is a newer version: 1.6.18
Show newest version
/*
 * Copyright (c) 2014-2015 VMware, Inc. All Rights Reserved.
 *
 * Licensed under the Apache License, Version 2.0 (the "License"); you may not
 * use this file except in compliance with the License.  You may obtain a copy of
 * the License at http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software distributed
 * under the License is distributed on an "AS IS" BASIS, without warranties or
 * conditions of any kind, EITHER EXPRESS OR IMPLIED.  See the License for the
 * specific language governing permissions and limitations under the License.
 */

package com.vmware.xenon.services.common;

import java.util.Objects;

import com.vmware.xenon.common.FactoryService;
import com.vmware.xenon.common.Operation;
import com.vmware.xenon.common.Service;
import com.vmware.xenon.common.ServiceDocument;
import com.vmware.xenon.common.ServiceDocumentDescription;
import com.vmware.xenon.common.StatefulService;
import com.vmware.xenon.common.Utils;
import com.vmware.xenon.services.common.QueryTask.Query;

public class ResourceGroupService extends StatefulService {
    public static final String FACTORY_LINK = ServiceUriPaths.CORE_AUTHZ_RESOURCE_GROUPS;

    public static Service createFactory() {
        return FactoryService.createIdempotent(ResourceGroupService.class);
    }

    /**
     * The {@link ResourceGroupState} holds a query that is used to represent a group of
     * resources (services). {@link ResourceGroupState} and {@link UserGroupService.UserGroupState)
     * are used together in a {@link AuthorizationContextServiceHelper.Role} to specify what resources
     * a set of users has access to.
     */
    public static class ResourceGroupState extends ServiceDocument {
        /**
         * A standard query to the index service.
         *
         * The result of this query will be the set of resources (services) that a user has
         * access to. Typical queries might be "all services with a documentAuthPrincipalLink
         * field that matches the user's" or "all services with documentKind with a particular
         * kind". These may be typical queries, but you can use any query that matches the set
         * of documents you want a user to have access to.
         */
        public Query query;

        public static class Builder {
            private ResourceGroupService.ResourceGroupState resourceGroupState;

            private Builder() {
                this.resourceGroupState = new ResourceGroupState();
            }

            public static Builder create() {
                return  new Builder();
            }

            public Builder withQuery(QueryTask.Query query) {
                this.resourceGroupState.query = query;
                return this;
            }

            public Builder withSelfLink(String userGroupSelfLink) {
                this.resourceGroupState.documentSelfLink = userGroupSelfLink;
                return this;
            }

            public ResourceGroupService.ResourceGroupState build() {
                return this.resourceGroupState;
            }
        }
    }

    public ResourceGroupService() {
        super(ResourceGroupState.class);
        super.toggleOption(ServiceOption.PERSISTENCE, true);
        super.toggleOption(ServiceOption.REPLICATION, true);
        super.toggleOption(ServiceOption.OWNER_SELECTION, true);
    }

    public static class PatchQueryRequest {
        public static final String KIND = Utils.buildKind(PatchQueryRequest.class);
        public Query clause;
        public boolean removeClause = false;
        public String kind;

        private PatchQueryRequest(Query clause, boolean removeClause) {
            this.clause = clause;
            this.removeClause = removeClause;
            this.kind = KIND;
        }

        public static PatchQueryRequest create(Query clause, boolean removeClause) {
            return new PatchQueryRequest(clause, removeClause);
        }
    }

    @Override
    public void processCompletionStageUpdateAuthzArtifacts(Operation op) {
        if (AuthorizationCacheUtils.isAuthzCacheClearApplicableOperation(op)) {
            AuthorizationCacheUtils.clearAuthzCacheForResourceGroup(this, op);
        }
        op.complete();
    }

    @Override
    public void setProcessingStage(Service.ProcessingStage stage) {
        super.setProcessingStage(stage);
    }

    @Override
    public void handleStart(Operation op) {
        if (!op.hasBody()) {
            op.fail(new IllegalArgumentException("body is required"));
            return;
        }

        ResourceGroupState state = op.getBody(ResourceGroupState.class);
        if (!validate(op, state)) {
            return;
        }
        op.complete();
    }

    @Override
    public void handlePut(Operation op) {
        if (!op.hasBody()) {
            op.fail(new IllegalArgumentException("body is required"));
            return;
        }

        ResourceGroupState newState = op.getBody(ResourceGroupState.class);
        if (!validate(op, newState)) {
            return;
        }

        ResourceGroupState currentState = getState(op);
        ServiceDocumentDescription documentDescription = getStateDescription();
        if (ServiceDocument.equals(documentDescription, currentState, newState)) {
            // do not update state
            op.addPragmaDirective(Operation.PRAGMA_DIRECTIVE_STATE_NOT_MODIFIED);
        }

        setState(op, newState);
        op.complete();
    }

    @Override
    public void handlePatch(Operation op) {
        if (!op.hasBody()) {
            op.fail(new IllegalArgumentException("body is required"));
            return;
        }
        ResourceGroupState currentState = getState(op);
        PatchQueryRequest patchQuery = op.getBody(PatchQueryRequest.class);
        if (!Objects.equals(patchQuery.kind, PatchQueryRequest.KIND)) {
            op.fail(new IllegalArgumentException("kind should be : " + PatchQueryRequest.KIND));
            return;
        }
        if (patchQuery.clause == null) {
            op.fail(new IllegalArgumentException("clause is required"));
            return;
        }
        if (patchQuery.removeClause) {
            AuthorizationCacheUtils.removeBooleanClause(currentState.query, patchQuery.clause);
        } else {
            currentState.query.addBooleanClause(patchQuery.clause);
        }
        op.setBody(currentState);
        op.complete();
    }

    private boolean validate(Operation op, ResourceGroupState state) {
        if (state.query == null) {
            op.fail(new IllegalArgumentException("query is required"));
            return false;
        }
        return true;
    }
}




© 2015 - 2024 Weber Informatics LLC | Privacy Policy