Skip to content
This repository has been archived by the owner on Mar 17, 2021. It is now read-only.

Commit

Permalink
fixup! rh-che #541: Login to user project using oc CLI in workspace c…
Browse files Browse the repository at this point in the history
…ontainers
  • Loading branch information
Oleksandr Garagatyi committed Feb 28, 2018
1 parent 8bea2d4 commit 8303079
Show file tree
Hide file tree
Showing 5 changed files with 66 additions and 25 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -28,5 +28,6 @@ protected void configure() {

bind(OpenShiftClientFactory.class).to(Fabric8OpenShiftClientFactory.class);
bind(OpenShiftProjectFactory.class).to(Fabric8OpenShiftProjectFactory.class);
bind(OsoUserTokenInjector.class).asEagerSingleton();
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -14,71 +14,106 @@
import static org.slf4j.LoggerFactory.getLogger;

import javax.inject.Inject;
import javax.inject.Singleton;
import org.eclipse.che.api.core.NotFoundException;
import org.eclipse.che.api.core.model.workspace.runtime.MachineStatus;
import org.eclipse.che.api.core.notification.EventService;
import org.eclipse.che.api.core.notification.EventSubscriber;
import org.eclipse.che.api.workspace.server.spi.InfrastructureException;
import org.eclipse.che.api.workspace.shared.dto.event.MachineStatusEvent;
import org.eclipse.che.commons.subject.Subject;
import org.slf4j.Logger;

/**
* Executes oc login against user project where he has edit permissions in workspace containers.
* Executes oc login against user project where he has edit permissions in workspace containers on
* event that indicates running machine.
*
* @author Oleksandr Garagatyi
*/
public class OsoUserTokenInjector {
@Singleton
public class OsoUserTokenInjector implements EventSubscriber<MachineStatusEvent> {

private static final Logger LOG = getLogger(OsoUserTokenInjector.class);

private final OpenshiftUserTokenProvider openshiftUserTokenProvider;
private final TenantDataProvider tenantDataProvider;
private final WorkspaceSubjectsRegistry subjectsRegistry;

@Inject
public OsoUserTokenInjector(OpenshiftUserTokenProvider openshiftUserTokenProvider,
TenantDataProvider tenantDataProvider) {
TenantDataProvider tenantDataProvider,
WorkspaceSubjectsRegistry subjectsRegistry) {
this.openshiftUserTokenProvider = openshiftUserTokenProvider;
this.tenantDataProvider = tenantDataProvider;
this.subjectsRegistry = subjectsRegistry;
}

/**
* Login to an OS project where user has edit rights in workspace containers using oc CLI.
*
* @param subject subject of a user to login
*/
public void injectToken(Subject subject) {
String osoToken;
@Inject
private void subscribe(EventService eventService) {
eventService.subscribe(this);
}

@Override
public void onEvent(MachineStatusEvent event) {
// execute oc login in running machines only
if (event.getEventType() != MachineStatus.RUNNING) {
return;
}

Subject subject;
try {
subject = subjectsRegistry.getSubject(event.getIdentity().getOwnerId());
} catch (NotFoundException e) {
// we can't perform operations without subject, do nothing
return;
}
String token = getOsoToken(subject);
// we can't perform operations without OSO token, so do nothing
if (token == null) {
return;
}

UserCheTenantData tenantDataData = getTenantData(subject);
if (tenantDataData == null) {
// we can't perform operations without tenant data, so do nothing
return;
}



// 3. Execute oc login against all the containers (or just the dev one)
// 4. Execute oc project <namespace>
}

private String getOsoToken(Subject subject) {
String osoToken = null;
try {
osoToken = openshiftUserTokenProvider.getToken(subject);
if (osoToken == null) {
LOG.error("OSO token not found for user " + getUserDescription(subject));
return;
}
} catch (InfrastructureException e) {
LOG.error(format("OSO token retrieval for user '%s' failed with error: %s",
getUserDescription(subject),
e.getMessage()));
return;
}
return osoToken;
}

UserCheTenantData userCheTenantData;
private UserCheTenantData getTenantData(Subject subject) {
UserCheTenantData userCheTenantData = null;
try {
userCheTenantData = getUserCheTenantData(subject);
userCheTenantData = tenantDataProvider.getUserCheTenantData(subject, "user");
} catch (InfrastructureException e) {
LOG.error(
format("OSO tenant data retrieval for user '%s' failed with error: %s",
getUserDescription(subject),
e.getMessage()));
return;
}

// 1. Get OSO token for the user from keycloak
// 2. Get OSO cluster and namespace (if namespace with type=user is available)
// 3. Execute oc login against all the containers (or just the dev one)
// 4. Execute oc project <namespace>
return userCheTenantData;
}

private String getUserDescription(Subject subject) {
return subject.getUserName() + "(" + subject.getUserId() + ")";
}

private UserCheTenantData getUserCheTenantData(Subject subject) throws InfrastructureException {
return tenantDataProvider.getUserCheTenantData(subject, "user");
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -8,7 +8,7 @@
* Contributors:
* Red Hat, Inc. - initial API and implementation
*/
package com.redhat.bayesian.agent;
package com.redhat.che.multitenant;

import com.google.common.annotations.VisibleForTesting;
import com.google.common.collect.ArrayListMultimap;
Expand Down
4 changes: 4 additions & 0 deletions plugins/ls-bayesian-agent/pom.xml
Original file line number Diff line number Diff line change
Expand Up @@ -30,6 +30,10 @@
<groupId>com.google.inject</groupId>
<artifactId>guice</artifactId>
</dependency>
<dependency>
<groupId>com.redhat.che</groupId>
<artifactId>fabric8-multi-tenant-manager</artifactId>
</dependency>
<dependency>
<groupId>javax.inject</groupId>
<artifactId>javax.inject</artifactId>
Expand Down
Original file line number Diff line number Diff line change
Expand Up @@ -12,6 +12,7 @@

import static org.slf4j.LoggerFactory.getLogger;

import com.redhat.che.multitenant.WorkspaceSubjectsRegistry;
import javax.inject.Inject;
import javax.inject.Singleton;
import javax.ws.rs.GET;
Expand Down

0 comments on commit 8303079

Please sign in to comment.