From 2b7d776b44dec1d30eda755dcc163cef60afd0be Mon Sep 17 00:00:00 2001 From: Pranav-b-7 Date: Wed, 16 Feb 2022 17:44:42 +0530 Subject: [PATCH] added serviceId and pipelineId interceptors --- .../services/OesAuthorizationService.groovy | 6 + .../gate/config/GateWebConfig.groovy | 10 + .../ApplicationIdRbacInterceptor.java | 3 +- .../FeatureVisibilityRbacInterceptor.java | 2 +- .../PipelineIdRbacInterceptor.java | 43 ++ .../ServiceIdRbacInterceptor.java | 43 ++ .../gate/rbac/ApplicationFeatureRbac.java | 397 +++++++++++++----- 7 files changed, 407 insertions(+), 97 deletions(-) create mode 100644 gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/PipelineIdRbacInterceptor.java create mode 100644 gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ServiceIdRbacInterceptor.java diff --git a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/services/OesAuthorizationService.groovy b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/services/OesAuthorizationService.groovy index ed798a3c95..119603d622 100644 --- a/gate-core/src/main/groovy/com/netflix/spinnaker/gate/services/OesAuthorizationService.groovy +++ b/gate-core/src/main/groovy/com/netflix/spinnaker/gate/services/OesAuthorizationService.groovy @@ -10,6 +10,8 @@ import org.springframework.web.bind.annotation.PathVariable import org.springframework.web.bind.annotation.PutMapping import org.springframework.web.bind.annotation.RequestBody import org.springframework.web.bind.annotation.RequestHeader +import org.springframework.web.bind.annotation.RequestParam + import java.util.Collection @@ -25,4 +27,8 @@ interface OesAuthorizationService { @GetMapping(value = "/platformservice/v6/users/{username}/features/{featureType}/{resourceId}/permission", produces = MediaType.APPLICATION_JSON_VALUE) ResponseEntity fetchPermissions(@PathVariable("username") String username, @PathVariable("featureType") String featureType, @PathVariable("resourceId") Integer resourceId, @RequestHeader(value = "x-spinnaker-user") String userName) + @GetMapping(value = "/platformservice/v6/users/{username}/feature",produces = MediaType.APPLICATION_JSON_VALUE) + ResponseEntity> isAuthorizedUser(@PathVariable("username") String username, @RequestParam("permission") String permission, @RequestParam("serviceId") Integer serviceId, + @RequestParam("pipelineId") Integer pipelineId, @RequestParam("gateId") Integer gateId, @RequestHeader(value = "x-spinnaker-user") String userName) + } diff --git a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateWebConfig.groovy b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateWebConfig.groovy index 4b316c32a0..ad5a162bbd 100644 --- a/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateWebConfig.groovy +++ b/gate-web/src/main/groovy/com/netflix/spinnaker/gate/config/GateWebConfig.groovy @@ -27,6 +27,8 @@ import com.netflix.spinnaker.kork.web.interceptors.MetricsInterceptor import com.opsmx.spinnaker.gate.interceptors.ApplicationIdRbacInterceptor import com.opsmx.spinnaker.gate.interceptors.OesServiceInterceptor import com.opsmx.spinnaker.gate.interceptors.FeatureVisibilityRbacInterceptor +import com.opsmx.spinnaker.gate.interceptors.PipelineIdRbacInterceptor +import com.opsmx.spinnaker.gate.interceptors.ServiceIdRbacInterceptor import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac import org.springframework.beans.factory.annotation.Autowired import org.springframework.beans.factory.annotation.Value @@ -69,6 +71,12 @@ public class GateWebConfig implements WebMvcConfigurer { @Autowired ApplicationIdRbacInterceptor applicationIdRbacInterceptor + @Autowired + ServiceIdRbacInterceptor serviceIdRbacInterceptor + + @Autowired + PipelineIdRbacInterceptor pipelineIdRbacInterceptor + @Override @@ -89,6 +97,8 @@ public class GateWebConfig implements WebMvcConfigurer { registry.addInterceptor(featureVisibilityRbacInterceptor).addPathPatterns(ApplicationFeatureRbac.applicationFeatureRbacEndpoints).order(1) registry.addInterceptor(applicationIdRbacInterceptor).addPathPatterns(ApplicationFeatureRbac.endpointsWithApplicationId).order(2) + registry.addInterceptor(serviceIdRbacInterceptor).addPathPatterns(ApplicationFeatureRbac.endpointsWithServiceId).order(3) + registry.addInterceptor(pipelineIdRbacInterceptor).addPathPatterns(ApplicationFeatureRbac.endpointsWithPipelineId).order(4) } diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApplicationIdRbacInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApplicationIdRbacInterceptor.java index 451bc9d2ec..6896dd3d91 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApplicationIdRbacInterceptor.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ApplicationIdRbacInterceptor.java @@ -35,8 +35,9 @@ public boolean preHandle(HttpServletRequest request, HttpServletResponse respons throws Exception { log.info( "Request intercepted for authorizing if the user is having enough access to perform the action"); - applicationFeatureRbac.authorizeUser( + applicationFeatureRbac.authorizeUserForApplicationId( request.getUserPrincipal().getName(), request.getRequestURI(), request.getMethod()); + return true; } } diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/FeatureVisibilityRbacInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/FeatureVisibilityRbacInterceptor.java index 11d10d93f0..9e888c4e16 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/FeatureVisibilityRbacInterceptor.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/FeatureVisibilityRbacInterceptor.java @@ -34,7 +34,7 @@ public class FeatureVisibilityRbacInterceptor implements HandlerInterceptor { public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) throws Exception { log.info("request intercepted to authorize if the user is having feature visibility"); - applicationFeatureRbac.authorizeUser(request.getUserPrincipal().getName()); + applicationFeatureRbac.authorizeUserForFeatureVisibility(request.getUserPrincipal().getName()); return true; } } diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/PipelineIdRbacInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/PipelineIdRbacInterceptor.java new file mode 100644 index 0000000000..f1851a2dcb --- /dev/null +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/PipelineIdRbacInterceptor.java @@ -0,0 +1,43 @@ +/* + * Copyright 2022 OpsMx, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.opsmx.spinnaker.gate.interceptors; + +import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; +import org.springframework.web.servlet.HandlerInterceptor; + +@Slf4j +@Component +public class PipelineIdRbacInterceptor implements HandlerInterceptor { + + @Autowired private ApplicationFeatureRbac applicationFeatureRbac; + + @Override + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) + throws Exception { + log.info( + "Request intercepted for authorizing if the user is having enough access to perform the action"); + applicationFeatureRbac.authorizeUserForPipelineId( + request.getUserPrincipal().getName(), request.getRequestURI(), request.getMethod()); + + return true; + } +} diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ServiceIdRbacInterceptor.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ServiceIdRbacInterceptor.java new file mode 100644 index 0000000000..8c040f3ae1 --- /dev/null +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/interceptors/ServiceIdRbacInterceptor.java @@ -0,0 +1,43 @@ +/* + * Copyright 2022 OpsMx, Inc. + * + * Licensed under the Apache License, Version 2.0 (the "License"); + * you may not use this file except in compliance with the License. + * You may obtain a copy of the License at + * + * http://www.apache.org/licenses/LICENSE-2.0 + * + * Unless required by applicable law or agreed to in writing, software + * distributed under the License is distributed on an "AS IS" BASIS, + * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. + * See the License for the specific language governing permissions and + * limitations under the License. + */ + +package com.opsmx.spinnaker.gate.interceptors; + +import com.opsmx.spinnaker.gate.rbac.ApplicationFeatureRbac; +import javax.servlet.http.HttpServletRequest; +import javax.servlet.http.HttpServletResponse; +import lombok.extern.slf4j.Slf4j; +import org.springframework.beans.factory.annotation.Autowired; +import org.springframework.stereotype.Component; +import org.springframework.web.servlet.HandlerInterceptor; + +@Slf4j +@Component +public class ServiceIdRbacInterceptor implements HandlerInterceptor { + + @Autowired private ApplicationFeatureRbac applicationFeatureRbac; + + @Override + public boolean preHandle(HttpServletRequest request, HttpServletResponse response, Object handler) + throws Exception { + log.info( + "Request intercepted for authorizing if the user is having enough access to perform the action"); + applicationFeatureRbac.authorizeUserForServiceId( + request.getUserPrincipal().getName(), request.getRequestURI(), request.getMethod()); + + return true; + } +} diff --git a/gate-web/src/main/java/com/opsmx/spinnaker/gate/rbac/ApplicationFeatureRbac.java b/gate-web/src/main/java/com/opsmx/spinnaker/gate/rbac/ApplicationFeatureRbac.java index 3c814b76e4..276722f95c 100644 --- a/gate-web/src/main/java/com/opsmx/spinnaker/gate/rbac/ApplicationFeatureRbac.java +++ b/gate-web/src/main/java/com/opsmx/spinnaker/gate/rbac/ApplicationFeatureRbac.java @@ -39,6 +39,9 @@ public class ApplicationFeatureRbac { private static final List runtime_access = new ArrayList<>(); public static final List applicationFeatureRbacEndpoints = new ArrayList<>(); public static final List endpointsWithApplicationId = new ArrayList<>(); + public static final List endpointsWithServiceId = new ArrayList<>(); + public static final List endpointsWithPipelineId = new ArrayList<>(); + public static final List endpointsWithGateId = new ArrayList<>(); private static final String YOU_DO_NOT_HAVE = "You do not have : "; private static final String PERMISSION_FOR_THE_FEATURE_TYPE = @@ -46,6 +49,293 @@ public class ApplicationFeatureRbac { private static final String TO_PERFORM_THIS_OPERATION = " to perform this operation"; static { + populateDashboardServiceApis(); + } + + public void authorizeUserForFeatureVisibility(String userName) { + + Boolean isFeatureVisibility; + + isFeatureVisibility = + Boolean.parseBoolean( + oesAuthorizationService + .isFeatureVisibility(userName, RbacFeatureType.APP.name(), userName) + .getBody() + .get("isEnabled")); + log.info("is feature visibility enabled : {}", isFeatureVisibility); + if (!isFeatureVisibility) { + throw new AccessForbiddenException( + "You do not have permission for the feature type : " + RbacFeatureType.APP.name()); + } + } + + public void authorizeUserForApplicationId( + String username, String endpointUrl, String httpMethod) { + + HttpMethod method = HttpMethod.valueOf(httpMethod); + Integer applicationId = getApplicationId(endpointUrl); + PermissionModel permission; + + log.info("authorizing the endpoint : {}", endpointUrl); + + switch (method) { + case GET: + permission = + oesAuthorizationService + .fetchPermissions(username, RbacFeatureType.APP.name(), applicationId, username) + .getBody(); + log.info("permissions for the GET API : {}", permission); + if (permission == null + || !permission.getPermissions().contains(PermissionEnum.view.name())) { + throw new AccessForbiddenException( + YOU_DO_NOT_HAVE + + PermissionEnum.view.name() + + PERMISSION_FOR_THE_FEATURE_TYPE + + RbacFeatureType.APP.description + + TO_PERFORM_THIS_OPERATION); + } + break; + + case POST: + case PUT: + permission = + oesAuthorizationService + .fetchPermissions(username, RbacFeatureType.APP.name(), applicationId, username) + .getBody(); + log.info("permissions for the POST or PUT API : {}", permission); + if (permission == null + || !permission.getPermissions().contains(PermissionEnum.create_or_edit.name())) { + throw new AccessForbiddenException( + YOU_DO_NOT_HAVE + + PermissionEnum.create_or_edit.name() + + PERMISSION_FOR_THE_FEATURE_TYPE + + RbacFeatureType.APP.description + + TO_PERFORM_THIS_OPERATION); + } + break; + + case DELETE: + permission = + oesAuthorizationService + .fetchPermissions(username, RbacFeatureType.APP.name(), applicationId, username) + .getBody(); + log.info("permissions for the DELETE API : {}", permission); + if (permission == null + || !permission.getPermissions().contains(PermissionEnum.delete.name())) { + throw new AccessForbiddenException( + YOU_DO_NOT_HAVE + + PermissionEnum.delete.name() + + PERMISSION_FOR_THE_FEATURE_TYPE + + RbacFeatureType.APP.description + + TO_PERFORM_THIS_OPERATION); + } + break; + } + } + + private Integer getApplicationId(String endpoint) { + Integer applicationId = 0; + List pathComps = Arrays.asList(endpoint.split("/")); + if (pathComps.contains("applications")) { + int index = pathComps.indexOf("applications"); + applicationId = Integer.parseInt(pathComps.get(index + 1)); + } else if (pathComps.contains("application")) { + int index = pathComps.indexOf("application"); + applicationId = Integer.parseInt(pathComps.get(index + 1)); + } + + if (applicationId == null || applicationId.equals(0)) { + throw new InvalidResourceIdException("Invalid resource Id"); + } + return applicationId; + } + + public void authorizeUserForServiceId(String username, String endpointUrl, String httpMethod) { + + HttpMethod method = HttpMethod.valueOf(httpMethod); + Integer serviceId = getServiceId(endpointUrl); + Boolean isAuthorized; + + log.info("authorizing the endpoint for service Id : {}", endpointUrl); + + switch (method) { + case GET: + isAuthorized = + Boolean.parseBoolean( + oesAuthorizationService + .isAuthorizedUser( + username, PermissionEnum.view.name(), serviceId, null, null, username) + .getBody() + .get("isEnabled")); + log.info("is authorized for the service Id GET API: {}, {}", serviceId, isAuthorized); + if (isAuthorized == null || !isAuthorized) { + throw new AccessForbiddenException( + YOU_DO_NOT_HAVE + + PermissionEnum.view.name() + + PERMISSION_FOR_THE_FEATURE_TYPE + + RbacFeatureType.APP.description + + TO_PERFORM_THIS_OPERATION); + } + break; + + case POST: + case PUT: + isAuthorized = + Boolean.parseBoolean( + oesAuthorizationService + .isAuthorizedUser( + username, + PermissionEnum.create_or_edit.name(), + serviceId, + null, + null, + username) + .getBody() + .get("isEnabled")); + log.info( + "is authorized for the service Id POST or PUT API: {}, {}", serviceId, isAuthorized); + if (isAuthorized == null || !isAuthorized) { + throw new AccessForbiddenException( + YOU_DO_NOT_HAVE + + PermissionEnum.create_or_edit.name() + + PERMISSION_FOR_THE_FEATURE_TYPE + + RbacFeatureType.APP.description + + TO_PERFORM_THIS_OPERATION); + } + break; + + case DELETE: + isAuthorized = + Boolean.parseBoolean( + oesAuthorizationService + .isAuthorizedUser( + username, PermissionEnum.delete.name(), serviceId, null, null, username) + .getBody() + .get("isEnabled")); + log.info("is authorized for the service Id DELETE API: {}, {}", serviceId, isAuthorized); + if (isAuthorized == null || !isAuthorized) { + throw new AccessForbiddenException( + YOU_DO_NOT_HAVE + + PermissionEnum.delete.name() + + PERMISSION_FOR_THE_FEATURE_TYPE + + RbacFeatureType.APP.description + + TO_PERFORM_THIS_OPERATION); + } + break; + } + } + + private Integer getServiceId(String endpoint) { + Integer serviceId = 0; + List pathComps = Arrays.asList(endpoint.split("/")); + if (pathComps.contains("services")) { + int index = pathComps.indexOf("services"); + serviceId = Integer.parseInt(pathComps.get(index + 1)); + } else if (pathComps.contains("service")) { + int index = pathComps.indexOf("service"); + serviceId = Integer.parseInt(pathComps.get(index + 1)); + } + + if (serviceId == null || serviceId.equals(0)) { + throw new InvalidResourceIdException("Invalid resource Id"); + } + return serviceId; + } + + public void authorizeUserForPipelineId(String username, String endpointUrl, String httpMethod) { + + HttpMethod method = HttpMethod.valueOf(httpMethod); + Integer pipelineId = getPipelineId(endpointUrl); + Boolean isAuthorized; + + log.info("authorizing the endpoint : {}", endpointUrl); + + switch (method) { + case GET: + isAuthorized = + Boolean.parseBoolean( + oesAuthorizationService + .isAuthorizedUser( + username, PermissionEnum.view.name(), null, pipelineId, null, username) + .getBody() + .get("isEnabled")); + log.info("is authorized for the pipeline Id GET API: {}, {}", pipelineId, isAuthorized); + if (isAuthorized == null || !isAuthorized) { + throw new AccessForbiddenException( + YOU_DO_NOT_HAVE + + PermissionEnum.view.name() + + PERMISSION_FOR_THE_FEATURE_TYPE + + RbacFeatureType.APP.description + + TO_PERFORM_THIS_OPERATION); + } + break; + + case POST: + case PUT: + isAuthorized = + Boolean.parseBoolean( + oesAuthorizationService + .isAuthorizedUser( + username, + PermissionEnum.create_or_edit.name(), + null, + pipelineId, + null, + username) + .getBody() + .get("isEnabled")); + log.info( + "is authorized for the pipeline Id POST or PUT API: {}, {}", pipelineId, isAuthorized); + if (isAuthorized == null || !isAuthorized) { + throw new AccessForbiddenException( + YOU_DO_NOT_HAVE + + PermissionEnum.create_or_edit.name() + + PERMISSION_FOR_THE_FEATURE_TYPE + + RbacFeatureType.APP.description + + TO_PERFORM_THIS_OPERATION); + } + break; + + case DELETE: + isAuthorized = + Boolean.parseBoolean( + oesAuthorizationService + .isAuthorizedUser( + username, PermissionEnum.delete.name(), null, pipelineId, null, username) + .getBody() + .get("isEnabled")); + log.info("is authorized for the pipeline Id DELETE API: {}, {}", pipelineId, isAuthorized); + if (isAuthorized == null || !isAuthorized) { + throw new AccessForbiddenException( + YOU_DO_NOT_HAVE + + PermissionEnum.delete.name() + + PERMISSION_FOR_THE_FEATURE_TYPE + + RbacFeatureType.APP.description + + TO_PERFORM_THIS_OPERATION); + } + break; + } + } + + private Integer getPipelineId(String endpoint) { + Integer pipelineId = 0; + List pathComps = Arrays.asList(endpoint.split("/")); + if (pathComps.contains("pipelines")) { + int index = pathComps.indexOf("pipelines"); + pipelineId = Integer.parseInt(pathComps.get(index + 1)); + } else if (pathComps.contains("pipeline")) { + int index = pathComps.indexOf("pipeline"); + pipelineId = Integer.parseInt(pathComps.get(index + 1)); + } + + if (pipelineId == null || pipelineId.equals(0)) { + throw new InvalidResourceIdException("Invalid resource Id"); + } + return pipelineId; + } + + private static void populateDashboardServiceApis() { + applicationFeatureRbacEndpoints.add( "/dashboardservice/v2/applications/{applicationId}/service/{serviceId}"); applicationFeatureRbacEndpoints.add( @@ -171,102 +461,19 @@ public class ApplicationFeatureRbac { "/dashboardservice/v2/applications/{applicationId}/pending_approvals"); endpointsWithApplicationId.add("/dashboardservice/v2/applications/{applicationId}/services"); endpointsWithApplicationId.add("/dashboardservice/v2/applications/{applicationId}"); - } - - public void authorizeUser(String userName) { - - Boolean isFeatureVisibility; - - isFeatureVisibility = - Boolean.parseBoolean( - oesAuthorizationService - .isFeatureVisibility(userName, RbacFeatureType.APP.name(), userName) - .getBody() - .get("isEnabled")); - log.info("is feature visibility enabled : {}", isFeatureVisibility); - if (!isFeatureVisibility) { - throw new AccessForbiddenException( - "You do not have permission for the feature type : " + RbacFeatureType.APP.name()); - } - } - - public void authorizeUser(String username, String endpointUrl, String httpMethod) { - - HttpMethod method = HttpMethod.valueOf(httpMethod); - Integer applicationId = getApplicationId(endpointUrl); - PermissionModel permission; - - log.info("authorizing the endpoint : {}", endpointUrl); - - switch (method) { - case GET: - permission = - oesAuthorizationService - .fetchPermissions(username, RbacFeatureType.APP.name(), applicationId, username) - .getBody(); - log.info("permissions for the GET API : {}", permission); - if (permission == null - || !permission.getPermissions().contains(PermissionEnum.view.name())) { - throw new AccessForbiddenException( - YOU_DO_NOT_HAVE - + PermissionEnum.view.name() - + PERMISSION_FOR_THE_FEATURE_TYPE - + RbacFeatureType.APP.name() - + TO_PERFORM_THIS_OPERATION); - } - break; - - case POST: - case PUT: - permission = - oesAuthorizationService - .fetchPermissions(username, RbacFeatureType.APP.name(), applicationId, username) - .getBody(); - log.info("permissions for the POST or PUT API : {}", permission); - if (permission == null - || !permission.getPermissions().contains(PermissionEnum.create_or_edit.name())) { - throw new AccessForbiddenException( - YOU_DO_NOT_HAVE - + PermissionEnum.create_or_edit.name() - + PERMISSION_FOR_THE_FEATURE_TYPE - + RbacFeatureType.APP.name() - + TO_PERFORM_THIS_OPERATION); - } - break; - - case DELETE: - permission = - oesAuthorizationService - .fetchPermissions(username, RbacFeatureType.APP.name(), applicationId, username) - .getBody(); - log.info("permissions for the DELETE API : {}", permission); - if (permission == null - || !permission.getPermissions().contains(PermissionEnum.delete.name())) { - throw new AccessForbiddenException( - YOU_DO_NOT_HAVE - + PermissionEnum.delete.name() - + PERMISSION_FOR_THE_FEATURE_TYPE - + RbacFeatureType.APP.name() - + TO_PERFORM_THIS_OPERATION); - } - break; - } - } - private Integer getApplicationId(String endpoint) { - Integer applicationId = 0; - List pathComps = Arrays.asList(endpoint.split("/")); - if (pathComps.contains("applications")) { - int index = pathComps.indexOf("applications"); - applicationId = Integer.parseInt(pathComps.get(index + 1)); - } else if (pathComps.contains("application")) { - int index = pathComps.indexOf("application"); - applicationId = Integer.parseInt(pathComps.get(index + 1)); - } + endpointsWithServiceId.add( + "/dashboardservice/v2/visibilityservice/service/{serviceId}/feature/configuration/{approvalGateId}"); + endpointsWithServiceId.add("/dashboardservice/v2/services/{serviceId}/gates"); + endpointsWithServiceId.add("/dashboardservice/v2/services/{serviceId}/gates/{id}"); - if (applicationId == null || applicationId.equals(0)) { - throw new InvalidResourceIdException("Invalid resource Id"); - } - return applicationId; + endpointsWithPipelineId.add("/dashboardservice/v3/pipelines/{pipelineId}/gates"); + endpointsWithPipelineId.add("/dashboardservice/v3/pipelines/{pipelineId}/gates/{gateId}"); + endpointsWithPipelineId.add( + "/dashboardservice/v3/pipelines/{pipelineId}/gates/{gateId}/references/{refId}"); + endpointsWithPipelineId.add("/dashboardservice/v4/pipelines/{pipelineId}/gates"); + endpointsWithPipelineId.add("/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}"); + endpointsWithPipelineId.add( + "/dashboardservice/v4/pipelines/{pipelineId}/gates/{gateId}/references/{refId}"); } }