-
Notifications
You must be signed in to change notification settings - Fork 740
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat(web): Expose experimental account storage API
This adds some of the REST APIs introduced in the experimental account storage API in Clouddriver to Gate. Initially, these APIs are only available for admins.
- Loading branch information
Showing
2 changed files
with
116 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
97 changes: 97 additions & 0 deletions
97
gate-web/src/main/groovy/com/netflix/spinnaker/gate/controllers/AccountController.groovy
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,97 @@ | ||
| /* | ||
| * Copyright 2021 Apple Inc. | ||
| * | ||
| * Licensed under the Apache License, Version 2.0 (the "License"); | ||
| * you may not use this file except in compliance with the License. | ||
| * You may obtain a copy of the License at | ||
| * | ||
| * http://www.apache.org/licenses/LICENSE-2.0 | ||
| * | ||
| * Unless required by applicable law or agreed to in writing, software | ||
| * distributed under the License is distributed on an "AS IS" BASIS, | ||
| * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. | ||
| * See the License for the specific language governing permissions and | ||
| * limitations under the License. | ||
| */ | ||
|
|
||
| package com.netflix.spinnaker.gate.controllers | ||
|
|
||
| import com.netflix.spinnaker.gate.services.internal.ClouddriverService | ||
| import io.swagger.annotations.Api | ||
| import io.swagger.annotations.ApiOperation | ||
| import io.swagger.annotations.ApiParam | ||
| import org.springframework.beans.factory.annotation.Autowired | ||
| import org.springframework.security.access.prepost.PostFilter | ||
| import org.springframework.security.access.prepost.PreAuthorize | ||
| import org.springframework.web.bind.annotation.DeleteMapping | ||
| import org.springframework.web.bind.annotation.GetMapping | ||
| import org.springframework.web.bind.annotation.PathVariable | ||
| import org.springframework.web.bind.annotation.PostMapping | ||
| import org.springframework.web.bind.annotation.PutMapping | ||
| import org.springframework.web.bind.annotation.RequestBody | ||
| import org.springframework.web.bind.annotation.RequestParam | ||
| import org.springframework.web.bind.annotation.RestController | ||
|
|
||
| @RestController | ||
| @Api | ||
| class AccountController { | ||
|
|
||
| @Autowired | ||
| ClouddriverService clouddriverService | ||
|
|
||
| @GetMapping('/account/{accountName}') | ||
| @ApiOperation('Looks up an account definition by name.') | ||
| @PreAuthorize('''hasPermission(#accountName, 'ACCOUNT', 'READ')''') | ||
| Map getAccountByName( | ||
| @ApiParam('Name of account to get details.') | ||
| @PathVariable String accountName | ||
| ) { | ||
| clouddriverService.getAccountDefinition(accountName) | ||
| } | ||
|
|
||
| @GetMapping('/accounts/{accountType}') | ||
| @ApiOperation('Looks up account definitions by type.') | ||
| @PostFilter('''hasPermission(filterObject.name, 'ACCOUNT', 'READ')''') | ||
| List<Map> getAccountsByType( | ||
| @ApiParam(value = 'Value of the "@type" key for accounts to search for.', example = 'kubernetes') | ||
| @PathVariable String accountType, | ||
| @ApiParam('Maximum number of entries to return in results. Used for pagination.') | ||
| @RequestParam OptionalInt limit, | ||
| @ApiParam('Account name to start account definition listing from. Used for pagination.') | ||
| @RequestParam Optional<String> startingAccountName | ||
| ) { | ||
| clouddriverService.getAccountDefinitionsByType(accountType, limit.isPresent() ? limit.getAsInt() : null, startingAccountName.orElse(null)) | ||
| } | ||
|
|
||
| @PostMapping('/account') | ||
| @ApiOperation('Creates a new account definition.') | ||
| @PreAuthorize('@authController.isAdmin()') | ||
| Map createAccount( | ||
| @ApiParam('Account definition body including a discriminator field named "@type" with the account type.') | ||
| @RequestBody Map accountDefinition | ||
| ) { | ||
| clouddriverService.createAccountDefinition(accountDefinition) | ||
| } | ||
|
|
||
| @PutMapping('/account') | ||
| @ApiOperation('Updates an existing account definition.') | ||
| @PreAuthorize('@authController.isAdmin()') | ||
| Map updateAccount( | ||
| @ApiParam('Account definition body including a discriminator field named "@type" with the account type.') | ||
| @RequestBody Map accountDefinition | ||
| ) { | ||
| clouddriverService.updateAccountDefinition(accountDefinition) | ||
| } | ||
|
|
||
| @DeleteMapping('/account/{accountName}') | ||
| @ApiOperation(value = 'Deletes an account definition by name.', | ||
| notes = 'Deleted accounts can be restored via the update API. Previously deleted accounts cannot be "created" again to avoid conflicts with existing pipelines.') | ||
| @PreAuthorize('@authController.isAdmin()') | ||
| void deleteAccount( | ||
| @ApiParam('Name of account definition to delete.') | ||
| @PathVariable String accountName | ||
| ) { | ||
| clouddriverService.deleteAccountDefinition(accountName) | ||
| } | ||
|
|
||
| } |