Remove System Management REST (#2761)
* the only non repository module using @PreAuthorize * the only service for "sys admins" - it's a little bit out of scopes * caches management is not supposed to be via REST * delete tenant shall not be provided when we don't have create * metrics shall be reported via metrics colectins services, or db Signed-off-by: Avgustin Marinov <Avgustin.Marinov@bosch.com>
This commit is contained in:
Avgustin Marinov
@@ -1,40 +0,0 @@
|
||||
/**
|
||||
* Copyright (c) 2015 Bosch Software Innovations GmbH and others
|
||||
*
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
*
|
||||
* SPDX-License-Identifier: EPL-2.0
|
||||
*/
|
||||
package org.eclipse.hawkbit.mgmt.json.model.systemmanagement;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
|
||||
import com.fasterxml.jackson.annotation.JsonInclude;
|
||||
import com.fasterxml.jackson.annotation.JsonInclude.Include;
|
||||
import lombok.Data;
|
||||
import lombok.ToString;
|
||||
|
||||
/**
|
||||
* Model representation of an Cache entry as json.
|
||||
*/
|
||||
@Data
|
||||
@ToString
|
||||
@JsonInclude(Include.NON_NULL)
|
||||
@JsonIgnoreProperties(ignoreUnknown = true)
|
||||
public class MgmtSystemCache {
|
||||
|
||||
private final String name;
|
||||
private final Collection<String> keys;
|
||||
|
||||
/**
|
||||
* @param name the name of the cache
|
||||
* @param cacheKeys the keys which contains in the cache
|
||||
*/
|
||||
public MgmtSystemCache(final String name, final Collection<String> cacheKeys) {
|
||||
this.name = name;
|
||||
this.keys = cacheKeys;
|
||||
}
|
||||
}
|
||||
@@ -1,40 +0,0 @@
|
||||
/**
|
||||
* Copyright (c) 2015 Bosch Software Innovations GmbH and others
|
||||
*
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
*
|
||||
* SPDX-License-Identifier: EPL-2.0
|
||||
*/
|
||||
package org.eclipse.hawkbit.mgmt.json.model.systemmanagement;
|
||||
|
||||
import java.util.List;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
|
||||
import com.fasterxml.jackson.annotation.JsonInclude;
|
||||
import com.fasterxml.jackson.annotation.JsonInclude.Include;
|
||||
import lombok.Data;
|
||||
import lombok.experimental.Accessors;
|
||||
|
||||
/**
|
||||
* Body for system statistics.
|
||||
*/
|
||||
@Data
|
||||
@Accessors(chain = true)
|
||||
@JsonInclude(Include.NON_NULL)
|
||||
@JsonIgnoreProperties(ignoreUnknown = true)
|
||||
public class MgmtSystemStatisticsRest {
|
||||
|
||||
private long overallTargets;
|
||||
|
||||
private long overallArtifacts;
|
||||
|
||||
private long overallArtifactVolumeInBytes;
|
||||
|
||||
private long overallActions;
|
||||
|
||||
private long overallTenants;
|
||||
|
||||
private List<MgmtSystemTenantServiceUsage> tenantStats;
|
||||
}
|
||||
@@ -1,42 +0,0 @@
|
||||
/**
|
||||
* Copyright (c) 2015 Bosch Software Innovations GmbH and others
|
||||
*
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
*
|
||||
* SPDX-License-Identifier: EPL-2.0
|
||||
*/
|
||||
package org.eclipse.hawkbit.mgmt.json.model.systemmanagement;
|
||||
|
||||
import java.util.Map;
|
||||
|
||||
import com.fasterxml.jackson.annotation.JsonIgnoreProperties;
|
||||
import com.fasterxml.jackson.annotation.JsonInclude;
|
||||
import com.fasterxml.jackson.annotation.JsonInclude.Include;
|
||||
import lombok.Data;
|
||||
import lombok.ToString;
|
||||
import lombok.experimental.Accessors;
|
||||
|
||||
/**
|
||||
* Response body for system usage report.
|
||||
*/
|
||||
@Data
|
||||
@Accessors(chain = true)
|
||||
@ToString
|
||||
@JsonInclude(Include.NON_NULL)
|
||||
@JsonIgnoreProperties(ignoreUnknown = true)
|
||||
public class MgmtSystemTenantServiceUsage {
|
||||
|
||||
private String tenantName;
|
||||
|
||||
private long targets;
|
||||
|
||||
private long artifacts;
|
||||
|
||||
private long actions;
|
||||
|
||||
private long overallArtifactVolumeInBytes;
|
||||
|
||||
private Map<String, String> usageData;
|
||||
}
|
||||
@@ -1,64 +0,0 @@
|
||||
/**
|
||||
* Copyright (c) 2015 Bosch Software Innovations GmbH and others
|
||||
*
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
*
|
||||
* SPDX-License-Identifier: EPL-2.0
|
||||
*/
|
||||
package org.eclipse.hawkbit.mgmt.rest.api;
|
||||
|
||||
import java.util.Collection;
|
||||
|
||||
import org.eclipse.hawkbit.mgmt.json.model.systemmanagement.MgmtSystemCache;
|
||||
import org.eclipse.hawkbit.mgmt.json.model.systemmanagement.MgmtSystemStatisticsRest;
|
||||
import org.springframework.hateoas.MediaTypes;
|
||||
import org.springframework.http.MediaType;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.web.bind.annotation.DeleteMapping;
|
||||
import org.springframework.web.bind.annotation.GetMapping;
|
||||
import org.springframework.web.bind.annotation.PathVariable;
|
||||
|
||||
/**
|
||||
* System management capabilities by REST.
|
||||
*/
|
||||
// no request mapping specified here to avoid CVE-2021-22044 in Feign client
|
||||
public interface MgmtSystemManagementRestApi {
|
||||
|
||||
/**
|
||||
* Deletes the tenant data of a given tenant. USE WITH CARE!
|
||||
*
|
||||
* @param tenant to delete
|
||||
* @return HttpStatus.OK
|
||||
*/
|
||||
@DeleteMapping(value = MgmtRestConstants.SYSTEM_ADMIN_MAPPING + "/tenants/{tenant}")
|
||||
ResponseEntity<Void> deleteTenant(@PathVariable("tenant") String tenant);
|
||||
|
||||
/**
|
||||
* Collects and returns system usage statistics. It provides a system wide
|
||||
* overview and tenant based stats.
|
||||
*
|
||||
* @return system usage statistics
|
||||
*/
|
||||
@GetMapping(value = MgmtRestConstants.SYSTEM_ADMIN_MAPPING + "/usage",
|
||||
produces = { MediaTypes.HAL_JSON_VALUE, MediaType.APPLICATION_JSON_VALUE })
|
||||
ResponseEntity<MgmtSystemStatisticsRest> getSystemUsageStats();
|
||||
|
||||
/**
|
||||
* Returns a list of all caches.
|
||||
*
|
||||
* @return a list of caches for all tenants
|
||||
*/
|
||||
@GetMapping(value = MgmtRestConstants.SYSTEM_ADMIN_MAPPING + "/caches",
|
||||
produces = { MediaTypes.HAL_JSON_VALUE, MediaType.APPLICATION_JSON_VALUE })
|
||||
ResponseEntity<Collection<MgmtSystemCache>> getCaches();
|
||||
|
||||
/**
|
||||
* Invalidates all caches for all tenants.
|
||||
*
|
||||
* @return a list of cache names which has been invalidated
|
||||
*/
|
||||
@DeleteMapping(value = MgmtRestConstants.SYSTEM_ADMIN_MAPPING + "/caches")
|
||||
ResponseEntity<Collection<String>> invalidateCaches();
|
||||
}
|
||||
@@ -1,119 +0,0 @@
|
||||
/**
|
||||
* Copyright (c) 2015 Bosch Software Innovations GmbH and others
|
||||
*
|
||||
* This program and the accompanying materials are made
|
||||
* available under the terms of the Eclipse Public License 2.0
|
||||
* which is available at https://www.eclipse.org/legal/epl-2.0/
|
||||
*
|
||||
* SPDX-License-Identifier: EPL-2.0
|
||||
*/
|
||||
package org.eclipse.hawkbit.mgmt.rest.resource;
|
||||
|
||||
import java.util.Collection;
|
||||
import java.util.Collections;
|
||||
import java.util.Objects;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.eclipse.hawkbit.im.authentication.SpringEvalExpressions;
|
||||
import org.eclipse.hawkbit.mgmt.json.model.systemmanagement.MgmtSystemCache;
|
||||
import org.eclipse.hawkbit.mgmt.json.model.systemmanagement.MgmtSystemStatisticsRest;
|
||||
import org.eclipse.hawkbit.mgmt.json.model.systemmanagement.MgmtSystemTenantServiceUsage;
|
||||
import org.eclipse.hawkbit.mgmt.rest.api.MgmtSystemManagementRestApi;
|
||||
import org.eclipse.hawkbit.repository.SystemManagement;
|
||||
import org.eclipse.hawkbit.repository.model.report.SystemUsageReportWithTenants;
|
||||
import org.eclipse.hawkbit.repository.model.report.TenantUsage;
|
||||
import org.springframework.cache.CacheManager;
|
||||
import org.springframework.http.ResponseEntity;
|
||||
import org.springframework.security.access.prepost.PreAuthorize;
|
||||
import org.springframework.web.bind.annotation.RestController;
|
||||
|
||||
/**
|
||||
* {@link SystemManagement} capabilities by REST.
|
||||
*/
|
||||
@Slf4j
|
||||
@RestController
|
||||
public class MgmtSystemManagementResource implements MgmtSystemManagementRestApi {
|
||||
|
||||
private final SystemManagement systemManagement;
|
||||
private final CacheManager cacheManager;
|
||||
|
||||
MgmtSystemManagementResource(final SystemManagement systemManagement, final CacheManager cacheManager) {
|
||||
this.systemManagement = systemManagement;
|
||||
this.cacheManager = cacheManager;
|
||||
}
|
||||
|
||||
/**
|
||||
* Deletes the tenant data of a given tenant. USE WITH CARE!
|
||||
*
|
||||
* @param tenant to delete
|
||||
* @return HttpStatus.OK
|
||||
*/
|
||||
@Override
|
||||
public ResponseEntity<Void> deleteTenant(final String tenant) {
|
||||
systemManagement.deleteTenant(tenant);
|
||||
return ResponseEntity.ok().build();
|
||||
}
|
||||
|
||||
/**
|
||||
* Collects and returns system usage statistics. It provides a system wide
|
||||
* overview and tenant based stats.
|
||||
*
|
||||
* @return system usage statistics
|
||||
*/
|
||||
@Override
|
||||
public ResponseEntity<MgmtSystemStatisticsRest> getSystemUsageStats() {
|
||||
final SystemUsageReportWithTenants report = systemManagement.getSystemUsageStatisticsWithTenants();
|
||||
|
||||
final MgmtSystemStatisticsRest result = new MgmtSystemStatisticsRest()
|
||||
.setOverallActions(report.getOverallActions()).setOverallArtifacts(report.getOverallArtifacts())
|
||||
.setOverallArtifactVolumeInBytes(report.getOverallArtifactVolumeInBytes())
|
||||
.setOverallTargets(report.getOverallTargets()).setOverallTenants(report.getTenants().size());
|
||||
|
||||
result.setTenantStats(report.getTenants().stream().map(MgmtSystemManagementResource::convertTenant).toList());
|
||||
|
||||
return ResponseEntity.ok(result);
|
||||
}
|
||||
|
||||
/**
|
||||
* Returns a list of all caches.
|
||||
*
|
||||
* @return a list of caches for all tenants
|
||||
*/
|
||||
@Override
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_SYSTEM_ADMIN)
|
||||
public ResponseEntity<Collection<MgmtSystemCache>> getCaches() {
|
||||
final Collection<String> cacheNames = cacheManager.getCacheNames();
|
||||
return ResponseEntity
|
||||
.ok(cacheNames.stream().map(cacheManager::getCache)
|
||||
.filter(Objects::nonNull)
|
||||
.map(cache -> new MgmtSystemCache(cache.getName(), Collections.emptyList()))
|
||||
.toList());
|
||||
}
|
||||
|
||||
/**
|
||||
* Invalidates all caches for all tenants.
|
||||
*
|
||||
* @return a list of cache names which has been invalidated
|
||||
*/
|
||||
@PreAuthorize(SpringEvalExpressions.HAS_AUTH_SYSTEM_ADMIN)
|
||||
@Override
|
||||
public ResponseEntity<Collection<String>> invalidateCaches() {
|
||||
final Collection<String> cacheNames = cacheManager.getCacheNames();
|
||||
log.info("Invalidating caches {}", cacheNames);
|
||||
cacheNames.forEach(cacheName -> cacheManager.getCache(cacheName).clear());
|
||||
return ResponseEntity.ok(cacheNames);
|
||||
}
|
||||
|
||||
private static MgmtSystemTenantServiceUsage convertTenant(final TenantUsage tenant) {
|
||||
final MgmtSystemTenantServiceUsage result = new MgmtSystemTenantServiceUsage();
|
||||
result.setTenantName(tenant.getTenantName());
|
||||
result.setActions(tenant.getActions());
|
||||
result.setArtifacts(tenant.getArtifacts());
|
||||
result.setOverallArtifactVolumeInBytes(tenant.getOverallArtifactVolumeInBytes());
|
||||
result.setTargets(tenant.getTargets());
|
||||
if (!tenant.getUsageData().isEmpty()) {
|
||||
result.setUsageData(tenant.getUsageData());
|
||||
}
|
||||
return result;
|
||||
}
|
||||
}
|
||||
@@ -10,10 +10,8 @@
|
||||
package org.eclipse.hawkbit.repository;
|
||||
|
||||
import java.util.Optional;
|
||||
import java.util.function.Supplier;
|
||||
|
||||
import lombok.extern.slf4j.Slf4j;
|
||||
import org.aopalliance.intercept.MethodInvocation;
|
||||
import org.eclipse.hawkbit.im.authentication.Hierarchy;
|
||||
import org.eclipse.hawkbit.tenancy.configuration.ControllerPollProperties;
|
||||
import org.eclipse.hawkbit.tenancy.configuration.TenantConfigurationProperties;
|
||||
@@ -23,9 +21,7 @@ import org.springframework.boot.context.properties.EnableConfigurationProperties
|
||||
import org.springframework.context.ApplicationContext;
|
||||
import org.springframework.context.annotation.Bean;
|
||||
import org.springframework.context.annotation.Configuration;
|
||||
import org.springframework.context.annotation.Primary;
|
||||
import org.springframework.context.annotation.PropertySource;
|
||||
import org.springframework.expression.EvaluationContext;
|
||||
import org.springframework.security.access.PermissionEvaluator;
|
||||
import org.springframework.security.access.expression.DenyAllPermissionEvaluator;
|
||||
import org.springframework.security.access.expression.method.DefaultMethodSecurityExpressionHandler;
|
||||
@@ -37,7 +33,6 @@ import org.springframework.security.config.annotation.method.configuration.Enabl
|
||||
import org.springframework.security.core.Authentication;
|
||||
import org.springframework.security.core.GrantedAuthority;
|
||||
import org.springframework.util.ObjectUtils;
|
||||
import org.springframework.util.function.SingletonSupplier;
|
||||
|
||||
/**
|
||||
* Default configuration that is common to all repository implementations.
|
||||
|
||||
Reference in New Issue
Block a user