Added method to create a client with admin rights

This method creates a client with the 'admin' flag set, in an open source Chef Server. This does not work in Hosted Chef, since Opscode Platform security design uses a different approach. By default a client is only allowed to manage the node it's associated with, and setting this flag in the POST or PUT request has no effect on the client permissions.
2011-09-09 17:36:58 +02:00 · 2011-09-09 17:36:58 +02:00 · a9d425489f
parent 43669e8a8b
commit a9d425489f
4 changed files with 76 additions and 0 deletions
--- a/apis/chef/src/main/java/org/jclouds/chef/ChefAsyncClient.java
+++ b/apis/chef/src/main/java/org/jclouds/chef/ChefAsyncClient.java
@ -32,6 +32,7 @@ import javax.ws.rs.Path;
 import javax.ws.rs.PathParam;
 import javax.ws.rs.core.MediaType;

+import org.jclouds.chef.binders.BindAdminClientToJsonPayload;
 import org.jclouds.chef.binders.BindChecksumsToJsonPayload;
 import org.jclouds.chef.binders.BindClientnameToJsonPayload;
 import org.jclouds.chef.binders.BindGenerateKeyForClientToJsonPayload;
@ -154,6 +155,13 @@ public interface ChefAsyncClient {
   @Path("/clients")
   ListenableFuture<Client> createClient(@BinderParam(BindNameToJsonPayload.class) String clientname);

+   /**
+    * @see ChefClient#createAdminClient(String)
+    */
+   @POST
+   @Path("/clients")
+   ListenableFuture<Client> createAdminClient(@BinderParam(BindAdminClientToJsonPayload.class) String clientname);
+
   /**
    * @see ChefClient#generateKeyForClient
    */
--- a/apis/chef/src/main/java/org/jclouds/chef/ChefClient.java
+++ b/apis/chef/src/main/java/org/jclouds/chef/ChefClient.java
@ -140,6 +140,23 @@ public interface ChefClient {
   @Timeout(duration = 120, timeUnit = TimeUnit.SECONDS)
   Client createClient(String name);

+   /**
+    * creates a new administrator client
+    *
+    * @return the private key of the client. You can then use this client name
+    *         and private key to access the Opscode API.
+    * @throws AuthorizationException
+    *            <p/>
+    *            "401 Unauthorized" if the caller is not a recognized user.
+    *            <p/>
+    *            "403 Forbidden" if the caller is not authorized to create a
+    *            client.
+    * @throws HttpResponseException
+    *            "409 Conflict" if the client already exists
+    */
+   @Timeout(duration = 120, timeUnit = TimeUnit.SECONDS)
+   Client createAdminClient(String name);
+
   /**
    * generate a new key-pair for this client, and return the new private key in
    * the response body.
--- a/apis/chef/src/main/java/org/jclouds/chef/binders/BindAdminClientToJsonPayload.java
+++ b/apis/chef/src/main/java/org/jclouds/chef/binders/BindAdminClientToJsonPayload.java
@ -0,0 +1,45 @@
+/**
+ *
+ * Copyright (C) 2010 Cloud Conscious, LLC. <info@cloudconscious.com>
+ *
+ * ====================================================================
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ * http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ * ====================================================================
+ */
+
+package org.jclouds.chef.binders;
+
+import javax.inject.Singleton;
+import javax.ws.rs.core.MediaType;
+
+import org.jclouds.http.HttpRequest;
+import org.jclouds.rest.binders.BindToStringPayload;
+
+/**
+ * Bind the parameters to create an administrator client.
+ * 
+ * @author Ignasi Barrera
+ * 
+ */
+@Singleton
+public class BindAdminClientToJsonPayload extends BindToStringPayload {
+
+   @Override
+   public HttpRequest bindToRequest( HttpRequest request, Object payload ) {
+      super.bindToRequest(request, String.format("{\"name\":\"%s\", \"admin\": true}",
+          payload));
+      request.getPayload().getContentMetadata().setContentType(MediaType.APPLICATION_JSON);
+      return request;
+   }
+
+}
--- a/apis/chef/src/main/java/org/jclouds/chef/test/TransientChefAsyncClient.java
+++ b/apis/chef/src/main/java/org/jclouds/chef/test/TransientChefAsyncClient.java
@ -122,6 +122,12 @@ public class TransientChefAsyncClient implements ChefAsyncClient {
      return null;
   }

+   @Override
+   public ListenableFuture<Client> createAdminClient(String clientname) {
+      // TODO Auto-generated method stub
+      return null;
+   }
+
   @Override
   public ListenableFuture<Void> createDatabag(String databagName) {
      return databags.createContainerInLocationIfAbsent(null, databagName);