From c39409e3eee7c513c2d9a76aa6e769b2e49d3617 Mon Sep 17 00:00:00 2001 From: Jonathan Cobb Date: Sat, 11 Jan 2020 02:42:45 -0500 Subject: [PATCH] use bool to simplify. start introducing auth for start/stop network --- .../main/java/bubble/model/account/Account.java | 6 +++--- .../bubble/model/account/AccountContact.java | 16 +++++++--------- .../java/bubble/model/account/AccountPolicy.java | 2 +- .../java/bubble/model/account/AccountSshKey.java | 5 ++--- .../model/account/AuthenticatorRequest.java | 3 ++- .../src/main/java/bubble/model/app/AppData.java | 5 +++-- .../main/java/bubble/model/app/AppMatcher.java | 3 ++- .../main/java/bubble/model/app/BubbleApp.java | 2 +- .../main/java/bubble/model/app/RuleDriver.java | 2 +- .../bubble/model/bill/AccountPaymentMethod.java | 3 ++- .../main/java/bubble/model/bill/AccountPlan.java | 5 +++-- .../bubble/model/boot/ActivationRequest.java | 5 +++-- .../java/bubble/model/cloud/AnsibleRole.java | 2 +- .../java/bubble/model/cloud/BubbleDomain.java | 2 +- .../java/bubble/model/cloud/BubbleFootprint.java | 2 +- .../main/java/bubble/model/cloud/BubbleNode.java | 5 ++--- .../java/bubble/model/cloud/CloudService.java | 4 ++-- .../model/cloud/notify/NotificationBase.java | 3 ++- .../resources/cloud/NetworkActionsResource.java | 3 +++ 19 files changed, 42 insertions(+), 36 deletions(-) diff --git a/bubble-server/src/main/java/bubble/model/account/Account.java b/bubble-server/src/main/java/bubble/model/account/Account.java index 35d527be..e43dc170 100644 --- a/bubble-server/src/main/java/bubble/model/account/Account.java +++ b/bubble-server/src/main/java/bubble/model/account/Account.java @@ -122,15 +122,15 @@ public class Account extends IdentifiableBase implements TokenPrincipal, SqlView @ECSearchable @ECField(index=60) @Getter @Setter private Boolean admin = false; - public boolean admin () { return admin != null && admin; } + public boolean admin () { return bool(admin); } @ECSearchable @ECField(index=70) @Getter @Setter private Boolean suspended = false; - public boolean suspended () { return suspended != null && suspended; } + public boolean suspended () { return bool(suspended); } @ECSearchable @ECField(index=80) @Getter @Setter private Boolean locked = false; - public boolean locked () { return locked != null && locked; } + public boolean locked () { return bool(locked); } @JsonIgnore @Embedded @Getter @Setter private HashedPassword hashedPassword; diff --git a/bubble-server/src/main/java/bubble/model/account/AccountContact.java b/bubble-server/src/main/java/bubble/model/account/AccountContact.java index e6fb0291..57882f63 100644 --- a/bubble-server/src/main/java/bubble/model/account/AccountContact.java +++ b/bubble-server/src/main/java/bubble/model/account/AccountContact.java @@ -68,8 +68,7 @@ public class AccountContact implements Serializable { @Getter @Setter private Boolean verified = null; public boolean verified () { return bool(verified); } - @Getter @Setter private Boolean requiredForNetworkUnlock = true; - @Getter @Setter private Boolean requiredForNodeOperations = true; + @Getter @Setter private Boolean requiredForNetworkOperations = true; @Getter @Setter private Boolean requiredForAccountOperations = true; @Getter @Setter private Boolean receiveVerifyNotifications = true; @Getter @Setter private Boolean receiveLoginNotifications = true; @@ -82,9 +81,8 @@ public class AccountContact implements Serializable { public boolean authFactor () { return authFactor != null && authFactor != AuthFactorType.not_required; } public boolean requiredAuthFactor () { return authFactor == AuthFactorType.required; } public boolean sufficientAuthFactor () { return authFactor == AuthFactorType.sufficient; } - public boolean requiredForAccountOperations () { return requiredForAccountOperations != null && requiredForAccountOperations; } - public boolean requiredForNetworkUnlock () { return requiredForNetworkUnlock != null && requiredForNetworkUnlock; } - public boolean requiredForNodeOperations () { return requiredForNodeOperations != null && requiredForNodeOperations; } + public boolean requiredForAccountOperations () { return bool(requiredForAccountOperations); } + public boolean requiredForNetworkOperations() { return bool(requiredForNetworkOperations); } public static AccountContact[] set(AccountContact c, AccountContact[] contacts, Account account, BubbleConfiguration configuration) { if (!c.getType().isAuthenticationType()) return die("add: not an authentication type: "+c); @@ -228,13 +226,13 @@ public class AccountContact implements Serializable { && verified() ) || ( target == ActionTarget.network - && bool(requiredForNodeOperations) + && bool(requiredForNetworkOperations) && getType() != CloudServiceType.authenticator && verified() ); case confirmation: return target == ActionTarget.network - && bool(requiredForNodeOperations) + && bool(requiredForNetworkOperations) && getType() != CloudServiceType.authenticator && verified(); default: @@ -256,7 +254,7 @@ public class AccountContact implements Serializable { if (target == ActionTarget.account && getType().isVerifiableAuthenticationType()) { if (message.hasContact() && message.getContact().equals(getUuid())) return true; return bool(receiveVerifyNotifications); - } else if (target == ActionTarget.network && bool(requiredForNetworkUnlock)) { + } else if (target == ActionTarget.network && requiredForNetworkOperations()) { return true; } else { log.warn("isAllowed(verify): verify action not allowed for type/target: "+getType()+"/"+target); @@ -269,7 +267,7 @@ public class AccountContact implements Serializable { case start: case stop: case delete: switch (target) { case account: return bool(requiredForAccountOperations); - case node: case network: return bool(requiredForNodeOperations); + case node: case network: return bool(requiredForNetworkOperations); default: log.warn("isAllowed(start/stop/delete): unknown target: "+target+", returning false"); return false; diff --git a/bubble-server/src/main/java/bubble/model/account/AccountPolicy.java b/bubble-server/src/main/java/bubble/model/account/AccountPolicy.java index 7c290c2a..9d785437 100644 --- a/bubble-server/src/main/java/bubble/model/account/AccountPolicy.java +++ b/bubble-server/src/main/java/bubble/model/account/AccountPolicy.java @@ -115,7 +115,7 @@ public class AccountPolicy extends IdentifiableBase implements HasAccount { } case network: case node: return Arrays.stream(getAccountContacts()) - .filter(c -> c.requiredForNodeOperations() || c.requiredAuthFactor()) + .filter(c -> c.requiredForNetworkOperations() || c.requiredAuthFactor()) .collect(Collectors.toList()); default: return requiredAuthFactors(); diff --git a/bubble-server/src/main/java/bubble/model/account/AccountSshKey.java b/bubble-server/src/main/java/bubble/model/account/AccountSshKey.java index b80b764c..e844368c 100644 --- a/bubble-server/src/main/java/bubble/model/account/AccountSshKey.java +++ b/bubble-server/src/main/java/bubble/model/account/AccountSshKey.java @@ -15,8 +15,7 @@ import javax.persistence.Column; import javax.persistence.Entity; import javax.persistence.Transient; -import static org.cobbzilla.util.daemon.ZillaRuntime.empty; -import static org.cobbzilla.util.daemon.ZillaRuntime.now; +import static org.cobbzilla.util.daemon.ZillaRuntime.*; import static org.cobbzilla.util.reflect.ReflectionUtil.copy; import static org.cobbzilla.util.security.ShaUtil.sha256_hex; import static org.cobbzilla.util.time.TimeUtil.formatISO8601; @@ -68,7 +67,7 @@ public class AccountSshKey extends IdentifiableBase implements HasAccount { @ECField(index=50) @ECSearchable @Column(nullable=false) @Getter @Setter private Boolean installSshKey = false; - public boolean installSshKey() { return installSshKey != null && installSshKey; } + public boolean installSshKey() { return bool(installSshKey); } @ECField(index=60) @Getter @Setter private Long expiration; diff --git a/bubble-server/src/main/java/bubble/model/account/AuthenticatorRequest.java b/bubble-server/src/main/java/bubble/model/account/AuthenticatorRequest.java index 859369a7..95962068 100644 --- a/bubble-server/src/main/java/bubble/model/account/AuthenticatorRequest.java +++ b/bubble-server/src/main/java/bubble/model/account/AuthenticatorRequest.java @@ -5,6 +5,7 @@ import lombok.NoArgsConstructor; import lombok.Setter; import lombok.experimental.Accessors; +import static org.cobbzilla.util.daemon.ZillaRuntime.bool; import static org.cobbzilla.util.string.StringUtil.safeParseInt; @NoArgsConstructor @Accessors(chain=true) @@ -16,6 +17,6 @@ public class AuthenticatorRequest { public Integer intToken() { return safeParseInt(getToken()); } @Getter @Setter private Boolean verify; - public boolean verify() { return verify != null && verify; } + public boolean verify() { return bool(verify); } } diff --git a/bubble-server/src/main/java/bubble/model/app/AppData.java b/bubble-server/src/main/java/bubble/model/app/AppData.java index ed51c1a5..d5788d1f 100644 --- a/bubble-server/src/main/java/bubble/model/app/AppData.java +++ b/bubble-server/src/main/java/bubble/model/app/AppData.java @@ -20,6 +20,7 @@ import javax.persistence.Transient; import javax.validation.constraints.Size; import static bubble.ApiConstants.EP_DATA; +import static org.cobbzilla.util.daemon.ZillaRuntime.bool; import static org.cobbzilla.util.daemon.ZillaRuntime.now; import static org.cobbzilla.util.reflect.ReflectionUtil.copy; import static org.cobbzilla.wizard.model.crypto.EncryptedTypes.ENCRYPTED_STRING; @@ -96,12 +97,12 @@ public class AppData extends IdentifiableBase implements AppTemplateEntity { @ECSearchable @ECIndex @Column(nullable=false) @Getter @Setter private Boolean template = false; - public boolean template() { return template != null && template; } + public boolean template() { return bool(template); } @ECSearchable @ECIndex @Column(nullable=false) @Getter @Setter private Boolean enabled = true; - public boolean enabled() { return enabled != null && enabled; } + public boolean enabled() { return bool(enabled); } public AppData(RuleConfig config) { setMatcher(config.getMatcher()); diff --git a/bubble-server/src/main/java/bubble/model/app/AppMatcher.java b/bubble-server/src/main/java/bubble/model/app/AppMatcher.java index 3ef1b93d..f9244a22 100644 --- a/bubble-server/src/main/java/bubble/model/app/AppMatcher.java +++ b/bubble-server/src/main/java/bubble/model/app/AppMatcher.java @@ -20,6 +20,7 @@ import javax.validation.constraints.Size; import java.util.regex.Pattern; import static bubble.ApiConstants.EP_MATCHERS; +import static org.cobbzilla.util.daemon.ZillaRuntime.bool; import static org.cobbzilla.util.reflect.ReflectionUtil.copy; import static org.cobbzilla.wizard.model.crypto.EncryptedTypes.ENCRYPTED_STRING; import static org.cobbzilla.wizard.model.crypto.EncryptedTypes.ENC_PAD; @@ -82,7 +83,7 @@ public class AppMatcher extends IdentifiableBase implements AppTemplateEntity { @ECSearchable @ECField(index=80) @Column(nullable=false) @Getter @Setter private Boolean blocked = false; - public boolean blocked() { return blocked != null && blocked; } + public boolean blocked() { return bool(blocked); } @ECSearchable @ECField(index=90) @ECIndex @Column(nullable=false) diff --git a/bubble-server/src/main/java/bubble/model/app/BubbleApp.java b/bubble-server/src/main/java/bubble/model/app/BubbleApp.java index 7361fca1..5ed6ca53 100644 --- a/bubble-server/src/main/java/bubble/model/app/BubbleApp.java +++ b/bubble-server/src/main/java/bubble/model/app/BubbleApp.java @@ -64,7 +64,7 @@ public class BubbleApp extends IdentifiableBaseParentEntity implements AccountTe @ECSearchable @ECField(index=50) @ECIndex @Column(nullable=false) @Getter @Setter private Boolean template = false; - public boolean template() { return template != null && template; } + public boolean template() { return bool(template); } @ECSearchable @ECField(index=60) @ECIndex @Column(nullable=false) diff --git a/bubble-server/src/main/java/bubble/model/app/RuleDriver.java b/bubble-server/src/main/java/bubble/model/app/RuleDriver.java index 4449bc91..2290c794 100644 --- a/bubble-server/src/main/java/bubble/model/app/RuleDriver.java +++ b/bubble-server/src/main/java/bubble/model/app/RuleDriver.java @@ -68,7 +68,7 @@ public class RuleDriver extends IdentifiableBase implements AccountTemplate { @ECSearchable @ECField(index=30) @ECIndex @Column(nullable=false) @Getter @Setter private Boolean template = false; - public boolean template() { return template != null && template; } + public boolean template() { return bool(template); } @ECSearchable @ECField(index=40) @ECIndex @Column(nullable=false) diff --git a/bubble-server/src/main/java/bubble/model/bill/AccountPaymentMethod.java b/bubble-server/src/main/java/bubble/model/bill/AccountPaymentMethod.java index 0dca394f..acb36fe9 100644 --- a/bubble-server/src/main/java/bubble/model/bill/AccountPaymentMethod.java +++ b/bubble-server/src/main/java/bubble/model/bill/AccountPaymentMethod.java @@ -25,6 +25,7 @@ import javax.persistence.Entity; import javax.persistence.EnumType; import javax.persistence.Enumerated; +import static org.cobbzilla.util.daemon.ZillaRuntime.bool; import static org.cobbzilla.util.daemon.ZillaRuntime.empty; import static org.cobbzilla.util.reflect.ReflectionUtil.copy; import static org.cobbzilla.wizard.model.crypto.EncryptedTypes.ENCRYPTED_STRING; @@ -78,7 +79,7 @@ public class AccountPaymentMethod extends IdentifiableBase implements HasAccount @ECSearchable @ECField(index=50) @Column(nullable=false) @Getter @Setter private Boolean deleted = false; - public boolean deleted() { return deleted != null && deleted; } + public boolean deleted() { return bool(deleted); } public boolean notDeleted() { return !deleted(); } public ValidationResult validate(ValidationResult result, BubbleConfiguration configuration) { diff --git a/bubble-server/src/main/java/bubble/model/bill/AccountPlan.java b/bubble-server/src/main/java/bubble/model/bill/AccountPlan.java index 5d28eac7..7efc1ad5 100644 --- a/bubble-server/src/main/java/bubble/model/bill/AccountPlan.java +++ b/bubble-server/src/main/java/bubble/model/bill/AccountPlan.java @@ -22,6 +22,7 @@ import javax.persistence.Transient; import javax.validation.constraints.Size; import static bubble.model.bill.BillPeriod.BILL_START_END_FORMAT; +import static org.cobbzilla.util.daemon.ZillaRuntime.bool; import static org.cobbzilla.util.daemon.ZillaRuntime.empty; import static org.cobbzilla.util.reflect.ReflectionUtil.copy; @@ -87,7 +88,7 @@ public class AccountPlan extends IdentifiableBase implements HasAccount { @ECSearchable @ECField(index=80) @Column(nullable=false) @Getter @Setter private Boolean enabled = false; - public boolean enabled() { return enabled != null && enabled; } + public boolean enabled() { return bool(enabled); } public boolean disabled() { return !enabled(); } @ECSearchable(type=EntityFieldType.epoch_time) @ECField(index=90) @@ -107,7 +108,7 @@ public class AccountPlan extends IdentifiableBase implements HasAccount { @ECSearchable @ECField(index=120) @Column(nullable=false) @ECIndex @Getter @Setter private Boolean closed = false; - public boolean closed() { return closed != null && closed; } + public boolean closed() { return bool(closed); } public boolean notClosed() { return !closed(); } @ECSearchable @ECField(index=130) diff --git a/bubble-server/src/main/java/bubble/model/boot/ActivationRequest.java b/bubble-server/src/main/java/bubble/model/boot/ActivationRequest.java index ad6f16b3..066d5a1d 100644 --- a/bubble-server/src/main/java/bubble/model/boot/ActivationRequest.java +++ b/bubble-server/src/main/java/bubble/model/boot/ActivationRequest.java @@ -13,6 +13,7 @@ import org.cobbzilla.wizard.validation.HasValue; import java.util.LinkedHashMap; import java.util.Map; +import static org.cobbzilla.util.daemon.ZillaRuntime.bool; import static org.cobbzilla.util.daemon.ZillaRuntime.empty; @NoArgsConstructor @Accessors(chain=true) @@ -46,10 +47,10 @@ public class ActivationRequest { @Getter @Setter private BubbleDomain domain; @Getter @Setter private Boolean createDefaultObjects = true; - public boolean createDefaultObjects () { return createDefaultObjects != null && createDefaultObjects; }; + public boolean createDefaultObjects () { return bool(createDefaultObjects); }; @Getter @Setter private Boolean skipTests = false; - public boolean skipTests () { return skipTests != null && skipTests; }; + public boolean skipTests () { return bool(skipTests); }; @Getter @Setter private AccountSshKey sshKey; public boolean hasSshKey () { return sshKey != null; } diff --git a/bubble-server/src/main/java/bubble/model/cloud/AnsibleRole.java b/bubble-server/src/main/java/bubble/model/cloud/AnsibleRole.java index 00e55d22..eed1d08b 100644 --- a/bubble-server/src/main/java/bubble/model/cloud/AnsibleRole.java +++ b/bubble-server/src/main/java/bubble/model/cloud/AnsibleRole.java @@ -94,7 +94,7 @@ public class AnsibleRole extends IdentifiableBase implements AccountTemplate, Ha @ECSearchable @ECField(index=60) @ECIndex @Column(nullable=false) @Getter @Setter private Boolean template = false; - public boolean template() { return template != null && template; } + public boolean template() { return bool(template); } @ECSearchable @ECField(index=70) @ECIndex @Column(nullable=false) diff --git a/bubble-server/src/main/java/bubble/model/cloud/BubbleDomain.java b/bubble-server/src/main/java/bubble/model/cloud/BubbleDomain.java index cbd3407f..81f2ba7e 100644 --- a/bubble-server/src/main/java/bubble/model/cloud/BubbleDomain.java +++ b/bubble-server/src/main/java/bubble/model/cloud/BubbleDomain.java @@ -83,7 +83,7 @@ public class BubbleDomain extends IdentifiableBase implements AccountTemplate { @ECSearchable @ECField(index=40) @ECIndex @Column(nullable=false) @Getter @Setter private Boolean template = false; - public boolean template() { return template != null && template; } + public boolean template() { return bool(template); } @ECSearchable @ECField(index=50) @ECIndex @Column(nullable=false) diff --git a/bubble-server/src/main/java/bubble/model/cloud/BubbleFootprint.java b/bubble-server/src/main/java/bubble/model/cloud/BubbleFootprint.java index c325bd64..28d459a2 100644 --- a/bubble-server/src/main/java/bubble/model/cloud/BubbleFootprint.java +++ b/bubble-server/src/main/java/bubble/model/cloud/BubbleFootprint.java @@ -74,7 +74,7 @@ public class BubbleFootprint extends IdentifiableBase implements AccountTemplate @ECSearchable @ECField(index=40) @ECIndex @Column(nullable=false) @Getter @Setter private Boolean template = false; - public boolean template() { return template != null && template; } + public boolean template() { return bool(template); } @ECSearchable @ECField(index=50) @ECIndex @Column(nullable=false) diff --git a/bubble-server/src/main/java/bubble/model/cloud/BubbleNode.java b/bubble-server/src/main/java/bubble/model/cloud/BubbleNode.java index 766f0044..d86dc408 100644 --- a/bubble-server/src/main/java/bubble/model/cloud/BubbleNode.java +++ b/bubble-server/src/main/java/bubble/model/cloud/BubbleNode.java @@ -30,8 +30,7 @@ import java.util.*; import static bubble.ApiConstants.EP_NODES; import static bubble.model.cloud.BubbleNodeState.*; -import static org.cobbzilla.util.daemon.ZillaRuntime.die; -import static org.cobbzilla.util.daemon.ZillaRuntime.empty; +import static org.cobbzilla.util.daemon.ZillaRuntime.*; import static org.cobbzilla.util.io.FileUtil.abs; import static org.cobbzilla.util.json.JsonUtil.fromJson; import static org.cobbzilla.util.network.NetworkUtil.isLocalIpv4; @@ -217,7 +216,7 @@ public class BubbleNode extends IdentifiableBase implements HasNetwork, HasBubbl // After a restore operation, we will want to notify the server @Transient @Getter @Setter private transient Boolean wasRestored; - public boolean wasRestored() { return wasRestored != null && wasRestored; } + public boolean wasRestored() { return bool(wasRestored); } public ApiClientBase getApiClient(BubbleConfiguration configuration) { return new BubbleNodeClient(this, configuration); diff --git a/bubble-server/src/main/java/bubble/model/cloud/CloudService.java b/bubble-server/src/main/java/bubble/model/cloud/CloudService.java index 05a3fda3..f38a8f77 100644 --- a/bubble-server/src/main/java/bubble/model/cloud/CloudService.java +++ b/bubble-server/src/main/java/bubble/model/cloud/CloudService.java @@ -108,7 +108,7 @@ public class CloudService extends IdentifiableBaseParentEntity implements Accoun @ECSearchable @ECField(index=60) @ECIndex @Column(nullable=false) @Getter @Setter private Boolean template = false; - public boolean template() { return template != null && template; } + public boolean template() { return bool(template); } @ECSearchable @ECField(index=70) @ECIndex @Column(nullable=false) @@ -301,7 +301,7 @@ public class CloudService extends IdentifiableBaseParentEntity implements Accoun @Transient @JsonIgnore @Getter @Setter private Object testArg = null; @Transient @JsonIgnore @Getter @Setter private Boolean skipTest = false; - public boolean skipTest () { return skipTest != null && skipTest; }; + public boolean skipTest () { return bool(skipTest); }; public static ValidationResult testDriver(CloudService cloud, BubbleConfiguration configuration) { return testDriver(cloud, configuration, new ValidationResult()); diff --git a/bubble-server/src/main/java/bubble/model/cloud/notify/NotificationBase.java b/bubble-server/src/main/java/bubble/model/cloud/notify/NotificationBase.java index 0fa0379f..39403dcd 100644 --- a/bubble-server/src/main/java/bubble/model/cloud/notify/NotificationBase.java +++ b/bubble-server/src/main/java/bubble/model/cloud/notify/NotificationBase.java @@ -19,6 +19,7 @@ import org.hibernate.annotations.Type; import javax.persistence.*; import static bubble.ApiConstants.ERROR_MAXLEN; +import static org.cobbzilla.util.daemon.ZillaRuntime.bool; import static org.cobbzilla.util.daemon.ZillaRuntime.errorString; import static org.cobbzilla.util.json.JsonUtil.json; import static org.cobbzilla.util.string.StringUtil.ellipsis; @@ -72,7 +73,7 @@ public class NotificationBase extends IdentifiableBase implements HasAccountNoNa @ECField(index=80) @Getter @Setter private Boolean truncated = false; - public boolean truncated () { return truncated != null && truncated; } + public boolean truncated () { return bool(truncated); } @ECField(index=90) @Type(type=ENCRYPTED_STRING) @Column(updatable=false, columnDefinition="varchar("+(1000+ENC_PAD)+")") diff --git a/bubble-server/src/main/java/bubble/resources/cloud/NetworkActionsResource.java b/bubble-server/src/main/java/bubble/resources/cloud/NetworkActionsResource.java index 4da19a04..14471c26 100644 --- a/bubble-server/src/main/java/bubble/resources/cloud/NetworkActionsResource.java +++ b/bubble-server/src/main/java/bubble/resources/cloud/NetworkActionsResource.java @@ -78,6 +78,9 @@ public class NetworkActionsResource { if (!network.getState().canStartNetwork()) return invalid("err.network.cannotStartInCurrentState"); + final AccountPolicy policy = policyDAO.findSingleByAccount(account.getUuid()); + // todo: enforce policy + return _startNetwork(network, cloud, region, req); }