public virtual Response RolloverKey(string name, IDictionary jsonMaterial) { KMSWebApp.GetAdminCallsMeter().Mark(); UserGroupInformation user = HttpUserGroupInformation.Get(); AssertAccess(KMSACLs.Type.Rollover, user, KMS.KMSOp.RollNewVersion, name); KMSClientProvider.CheckNotEmpty(name, "name"); string material = (string)jsonMaterial[KMSRESTConstants.MaterialField]; if (material != null) { AssertAccess(KMSACLs.Type.SetKeyMaterial, user, KMS.KMSOp.RollNewVersion, name); } KeyProvider.KeyVersion keyVersion = user.DoAs(new _PrivilegedExceptionAction_200( this, material, name)); kmsAudit.Ok(user, KMS.KMSOp.RollNewVersion, name, "UserProvidedMaterial:" + (material != null) + " NewVersion:" + keyVersion.GetVersionName()); if (!KMSWebApp.GetACLs().HasAccess(KMSACLs.Type.Get, user)) { keyVersion = RemoveKeyMaterial(keyVersion); } IDictionary json = KMSServerJSONUtils.ToJSON(keyVersion); return(Response.Ok().Type(MediaType.ApplicationJson).Entity(json).Build()); }
public virtual Response GetKeyNames() { KMSWebApp.GetAdminCallsMeter().Mark(); UserGroupInformation user = HttpUserGroupInformation.Get(); AssertAccess(KMSACLs.Type.GetKeys, user, KMS.KMSOp.GetKeys); IList <string> json = user.DoAs(new _PrivilegedExceptionAction_256(this)); kmsAudit.Ok(user, KMS.KMSOp.GetKeys, string.Empty); return(Response.Ok().Type(MediaType.ApplicationJson).Entity(json).Build()); }
public virtual Response DeleteKey(string name) { KMSWebApp.GetAdminCallsMeter().Mark(); UserGroupInformation user = HttpUserGroupInformation.Get(); AssertAccess(KMSACLs.Type.Delete, user, KMS.KMSOp.DeleteKey, name); KMSClientProvider.CheckNotEmpty(name, "name"); user.DoAs(new _PrivilegedExceptionAction_168(this, name)); kmsAudit.Ok(user, KMS.KMSOp.DeleteKey, name, string.Empty); return(Response.Ok().Build()); }
public virtual Response CreateKey(IDictionary jsonKey) { KMSWebApp.GetAdminCallsMeter().Mark(); UserGroupInformation user = HttpUserGroupInformation.Get(); string name = (string)jsonKey[KMSRESTConstants.NameField]; KMSClientProvider.CheckNotEmpty(name, KMSRESTConstants.NameField); AssertAccess(KMSACLs.Type.Create, user, KMS.KMSOp.CreateKey, name); string cipher = (string)jsonKey[KMSRESTConstants.CipherField]; string material = (string)jsonKey[KMSRESTConstants.MaterialField]; int length = (jsonKey.Contains(KMSRESTConstants.LengthField)) ? (int)jsonKey[KMSRESTConstants .LengthField] : 0; string description = (string)jsonKey[KMSRESTConstants.DescriptionField]; IDictionary <string, string> attributes = (IDictionary <string, string>)jsonKey[KMSRESTConstants .AttributesField]; if (material != null) { AssertAccess(KMSACLs.Type.SetKeyMaterial, user, KMS.KMSOp.CreateKey, name); } KeyProvider.Options options = new KeyProvider.Options(KMSWebApp.GetConfiguration( )); if (cipher != null) { options.SetCipher(cipher); } if (length != 0) { options.SetBitLength(length); } options.SetDescription(description); options.SetAttributes(attributes); KeyProvider.KeyVersion keyVersion = user.DoAs(new _PrivilegedExceptionAction_132( this, material, name, options)); kmsAudit.Ok(user, KMS.KMSOp.CreateKey, name, "UserProvidedMaterial:" + (material != null) + " Description:" + description); if (!KMSWebApp.GetACLs().HasAccess(KMSACLs.Type.Get, user)) { keyVersion = RemoveKeyMaterial(keyVersion); } IDictionary json = KMSServerJSONUtils.ToJSON(keyVersion); string requestURL = KMSMDCFilter.GetURL(); int idx = requestURL.LastIndexOf(KMSRESTConstants.KeysResource); requestURL = Runtime.Substring(requestURL, 0, idx); string keyURL = requestURL + KMSRESTConstants.KeyResource + "/" + name; return(Response.Created(GetKeyURI(name)).Type(MediaType.ApplicationJson).Header("Location" , keyURL).Entity(json).Build()); }
public virtual Response GetMetadata(string name) { UserGroupInformation user = HttpUserGroupInformation.Get(); KMSClientProvider.CheckNotEmpty(name, "name"); KMSWebApp.GetAdminCallsMeter().Mark(); AssertAccess(KMSACLs.Type.GetMetadata, user, KMS.KMSOp.GetMetadata, name); KeyProvider.Metadata metadata = user.DoAs(new _PrivilegedExceptionAction_287(this , name)); object json = KMSServerJSONUtils.ToJSON(name, metadata); kmsAudit.Ok(user, KMS.KMSOp.GetMetadata, name, string.Empty); return(Response.Ok().Type(MediaType.ApplicationJson).Entity(json).Build()); }
public virtual Response GetKeysMetadata(IList <string> keyNamesList) { KMSWebApp.GetAdminCallsMeter().Mark(); UserGroupInformation user = HttpUserGroupInformation.Get(); string[] keyNames = Collections.ToArray(keyNamesList, new string[keyNamesList .Count]); AssertAccess(KMSACLs.Type.GetMetadata, user, KMS.KMSOp.GetKeysMetadata); KeyProvider.Metadata[] keysMeta = user.DoAs(new _PrivilegedExceptionAction_234(this , keyNames)); object json = KMSServerJSONUtils.ToJSON(keyNames, keysMeta); kmsAudit.Ok(user, KMS.KMSOp.GetKeysMetadata, string.Empty); return(Response.Ok().Type(MediaType.ApplicationJson).Entity(json).Build()); }