[PLAT-14756] Releases API RBAC cleanup

Summary: Cleanup rbac actions on releases api. Also make the upload api exposed (was internal/hidden) Test Plan: unit tests Reviewers: anijhawan, muthu, sneelakantan, #yba-api-review Reviewed By: muthu, #yba-api-review Subscribers: yugaware Differential Revision: https://phorge.dev.yugabyte.com/D36853
yugabyte · Jul 31, 2024 · 0614c52 · 0614c52
1 parent 5891faa
commit 0614c52
Show file tree

Hide file tree

Showing 6 changed files with 1,275 additions and 36 deletions.
diff --git a/managed/src/main/java/com/yugabyte/yw/controllers/ReleasesController.java b/managed/src/main/java/com/yugabyte/yw/controllers/ReleasesController.java
@@ -48,8 +48,7 @@
 
 @Api(
     value = "New Release management",
-    authorizations = @Authorization(AbstractPlatformController.API_KEY_AUTH),
-    hidden = true)
+    authorizations = @Authorization(AbstractPlatformController.API_KEY_AUTH))
 @Slf4j
 public class ReleasesController extends AuthenticatedController {
   @Inject ReleasesUtils releasesUtils;
@@ -58,8 +57,7 @@ public class ReleasesController extends AuthenticatedController {
       value = "Create a release",
       response = YBPCreateSuccess.class,
       nickname = "createNewRelease",
-      notes = "YbaApi Internal new releases list",
-      hidden = true) // TODO: remove hidden once complete.
+      notes = "WARNING: This is a preview API that could change: create a ybdb release")
   @ApiImplicitParams({
     @ApiImplicitParam(
         name = "Release",
@@ -74,7 +72,7 @@ public class ReleasesController extends AuthenticatedController {
             @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.CREATE),
         resourceLocation = @Resource(path = Util.CUSTOMERS, sourceType = SourceType.ENDPOINT))
   })
-  @YbaApi(visibility = YbaApiVisibility.INTERNAL, sinceYBAVersion = "2.21.1.0")
+  @YbaApi(visibility = YbaApiVisibility.PREVIEW, sinceYBAVersion = "2024.2.0.0")
   public Result create(UUID customerUUID, Http.Request request) {
     Customer.getOrBadRequest(customerUUID);
     CreateRelease reqRelease =
@@ -132,15 +130,14 @@ public Result create(UUID customerUUID, Http.Request request) {
       response = ResponseRelease.class,
       responseContainer = "List",
       nickname = "listNewReleases",
-      notes = "YbaApi Internal new releases list",
-      hidden = true) // TODO: Remove hidden once complete
+      notes = "WARNING: This is a preview API that could change: list ybdb releases")
   @AuthzPath({
     @RequiredPermissionOnResource(
         requiredPermission =
-            @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.CREATE),
+            @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.READ),
         resourceLocation = @Resource(path = Util.CUSTOMERS, sourceType = SourceType.ENDPOINT))
   })
-  @YbaApi(visibility = YbaApiVisibility.INTERNAL, sinceYBAVersion = "2.21.1.0")
+  @YbaApi(visibility = YbaApiVisibility.PREVIEW, sinceYBAVersion = "2024.2.0.0")
   public Result list(UUID customerUUID, @Nullable String deploymentType, Http.Request request) {
     Customer.getOrBadRequest(customerUUID);
 
@@ -181,14 +178,14 @@ public Result list(UUID customerUUID, @Nullable String deploymentType, Http.Requ
       value = "Get a release",
       response = ResponseRelease.class,
       nickname = "getNewRelease",
-      notes = "YbaApi Internal new release get",
-      hidden = true)
+      notes = "WARNING: This is a preview API that could change: get a specific ybdb release")
   @AuthzPath({
     @RequiredPermissionOnResource(
         requiredPermission =
-            @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.CREATE),
+            @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.READ),
         resourceLocation = @Resource(path = Util.CUSTOMERS, sourceType = SourceType.ENDPOINT))
   })
+  @YbaApi(visibility = YbaApiVisibility.PREVIEW, sinceYBAVersion = "2024.2.0.0")
   public Result get(UUID customerUUID, UUID releaseUUID, Http.Request request) {
     Customer.getOrBadRequest(customerUUID);
     Release release = Release.getOrBadRequest(releaseUUID);
@@ -201,14 +198,14 @@ public Result get(UUID customerUUID, UUID releaseUUID, Http.Request request) {
       value = "delete a release",
       response = YBPSuccess.class,
       nickname = "deleteNewRelease",
-      notes = "YbaApi Internal new release delete",
-      hidden = true)
+      notes = "WARNING: This is a preview API that could change: delete a ybdb release")
   @AuthzPath({
     @RequiredPermissionOnResource(
         requiredPermission =
-            @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.CREATE),
+            @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.DELETE),
         resourceLocation = @Resource(path = Util.CUSTOMERS, sourceType = SourceType.ENDPOINT))
   })
+  @YbaApi(visibility = YbaApiVisibility.PREVIEW, sinceYBAVersion = "2024.2.0.0")
   public Result delete(UUID customerUUID, UUID releaseUUID, Http.Request request) {
     Customer.getOrBadRequest(customerUUID);
     Release release = Release.get(releaseUUID);
@@ -235,8 +232,7 @@ public Result delete(UUID customerUUID, UUID releaseUUID, Http.Request request)
       value = "Update a release",
       response = YBPSuccess.class,
       nickname = "updateNewRelease",
-      notes = "YbaApi Internal new releases update",
-      hidden = true) // TODO: remove hidden once complete.
+      notes = "WARNING: This is a preview API that could change: update or edit a ybdb release")
   @ApiImplicitParams({
     @ApiImplicitParam(
         name = "Release",
@@ -248,10 +244,10 @@ public Result delete(UUID customerUUID, UUID releaseUUID, Http.Request request)
   @AuthzPath({
     @RequiredPermissionOnResource(
         requiredPermission =
-            @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.CREATE),
+            @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.UPDATE),
         resourceLocation = @Resource(path = Util.CUSTOMERS, sourceType = SourceType.ENDPOINT))
   })
-  @YbaApi(visibility = YbaApiVisibility.INTERNAL, sinceYBAVersion = "2.21.1.0")
+  @YbaApi(visibility = YbaApiVisibility.PREVIEW, sinceYBAVersion = "2024.2.0.0")
   public Result update(UUID customerUUID, UUID releaseUUID, Http.Request request) {
     Customer.getOrBadRequest(customerUUID);
     Release release = Release.getOrBadRequest(releaseUUID);

diff --git a/managed/src/main/java/com/yugabyte/yw/controllers/ReleasesExtractMetadataController.java b/managed/src/main/java/com/yugabyte/yw/controllers/ReleasesExtractMetadataController.java
@@ -12,6 +12,8 @@
 import com.yugabyte.yw.forms.PlatformResults.YBPCreateSuccess;
 import com.yugabyte.yw.forms.PlatformResults.YBPSuccess;
 import com.yugabyte.yw.models.Customer;
+import com.yugabyte.yw.models.common.YbaApi;
+import com.yugabyte.yw.models.common.YbaApi.YbaApiVisibility;
 import com.yugabyte.yw.rbac.annotations.AuthzPath;
 import com.yugabyte.yw.rbac.annotations.PermissionAttribute;
 import com.yugabyte.yw.rbac.annotations.RequiredPermissionOnResource;
@@ -37,8 +39,7 @@
 
 @Api(
     value = "Extract metadata from remote tarball",
-    authorizations = @Authorization(AbstractPlatformController.API_KEY_AUTH),
-    hidden = true)
+    authorizations = @Authorization(AbstractPlatformController.API_KEY_AUTH))
 @Slf4j
 public class ReleasesExtractMetadataController extends AuthenticatedController {
 
@@ -56,8 +57,9 @@ public class ReleasesExtractMetadataController extends AuthenticatedController {
       value = "helper to extract release metadata from a remote tarball",
       response = YBPSuccess.class,
       nickname = "extractMetadata",
-      notes = "YbaApi Internal extract metadata",
-      hidden = true)
+      notes =
+          "WARNING: This is a preview API that could change: start extracting metadata from a"
+              + " remote tgz url")
   @ApiImplicitParams({
     @ApiImplicitParam(
         name = "Release URL",
@@ -72,6 +74,7 @@ public class ReleasesExtractMetadataController extends AuthenticatedController {
             @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.CREATE),
         resourceLocation = @Resource(path = Util.CUSTOMERS, sourceType = SourceType.ENDPOINT))
   })
+  @YbaApi(visibility = YbaApiVisibility.PREVIEW, sinceYBAVersion = "2024.2.0.0")
   public Result extract_metadata(UUID customerUUID, Http.Request request) {
     Customer.getOrBadRequest(customerUUID);
     ExtractMetadata em =
@@ -115,14 +118,16 @@ public void run() {
       value = "get the extract release metadata from a remote tarball",
       response = ResponseExtractMetadata.class,
       nickname = "extractMetadata",
-      notes = "YbaApi Internal extract metadata",
-      hidden = true)
+      notes =
+          "WARNING: This is a preview API that could change: Get extract metadata and its"
+              + " progress.")
   @AuthzPath({
     @RequiredPermissionOnResource(
         requiredPermission =
-            @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.CREATE),
+            @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.READ),
         resourceLocation = @Resource(path = Util.CUSTOMERS, sourceType = SourceType.ENDPOINT))
   })
+  @YbaApi(visibility = YbaApiVisibility.PREVIEW, sinceYBAVersion = "2024.2.0.0")
   public Result getMetadata(UUID customerUUID, UUID metadataUUID, Http.Request request) {
     ResponseExtractMetadata metadata = metadataMap.get(metadataUUID);
     Customer.getOrBadRequest(customerUUID);

diff --git a/managed/src/main/java/com/yugabyte/yw/controllers/ReleasesUploadController.java b/managed/src/main/java/com/yugabyte/yw/controllers/ReleasesUploadController.java
@@ -35,8 +35,7 @@
 
 @Api(
     value = "Upload Release packages",
-    authorizations = @Authorization(AbstractPlatformController.API_KEY_AUTH),
-    hidden = true)
+    authorizations = @Authorization(AbstractPlatformController.API_KEY_AUTH))
 @Slf4j
 public class ReleasesUploadController extends AuthenticatedController {
 
@@ -52,15 +51,14 @@ public ReleasesUploadController(Config appConfig, ReleasesUtils releasesUtils) {
   @ApiOperation(
       value = "upload a release tgz",
       nickname = "uploadRelease",
-      notes = "YbaApi Internal upload release",
-      hidden = true) // TODO: remove hidden once complete.
+      notes = "WARNING: This is a preview API that could change: upload release tgz file")
   @AuthzPath({
     @RequiredPermissionOnResource(
         requiredPermission =
             @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.CREATE),
         resourceLocation = @Resource(path = Util.CUSTOMERS, sourceType = SourceType.ENDPOINT))
   })
-  @YbaApi(visibility = YbaApiVisibility.INTERNAL, sinceYBAVersion = "2.21.1.0")
+  @YbaApi(visibility = YbaApiVisibility.PREVIEW, sinceYBAVersion = "2024.2.0.0")
   public Result upload(UUID customerUUID, Http.Request request) {
     Customer.getOrBadRequest(customerUUID);
 
@@ -98,16 +96,15 @@ public Result upload(UUID customerUUID, Http.Request request) {
   @ApiOperation(
       value = "get an uploaded release metadata",
       nickname = "getUploadRelease",
-      notes = "YbaApi Internal get uploaded release metadata",
-      response = ResponseExtractMetadata.class,
-      hidden = true) // TODO: remove hidden once complete.
+      notes = "WARNING: This is a preview API that could change: get uploaded release metadata",
+      response = ResponseExtractMetadata.class)
   @AuthzPath({
     @RequiredPermissionOnResource(
         requiredPermission =
-            @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.CREATE),
+            @PermissionAttribute(resourceType = ResourceType.OTHER, action = Action.READ),
         resourceLocation = @Resource(path = Util.CUSTOMERS, sourceType = SourceType.ENDPOINT))
   })
-  @YbaApi(visibility = YbaApiVisibility.INTERNAL, sinceYBAVersion = "2.21.1.0")
+  @YbaApi(visibility = YbaApiVisibility.PREVIEW, sinceYBAVersion = "2024.2.0.0")
   public Result get(UUID customerUUID, UUID fileUUID, Http.Request request) {
     Customer.getOrBadRequest(customerUUID);
     ReleaseLocalFile rlf = ReleaseLocalFile.getOrBadRequest(fileUUID);

diff --git a/managed/src/main/java/com/yugabyte/yw/controllers/apiModels/ResponseRelease.java b/managed/src/main/java/com/yugabyte/yw/controllers/apiModels/ResponseRelease.java
@@ -1,8 +1,10 @@
 package com.yugabyte.yw.controllers.apiModels;
 
+import com.fasterxml.jackson.annotation.JsonFormat;
 import com.fasterxml.jackson.annotation.JsonInclude;
 import com.yugabyte.yw.cloud.PublicCloudConstants;
 import com.yugabyte.yw.models.ReleaseArtifact;
+import io.swagger.annotations.ApiModelProperty;
 import java.util.Date;
 import java.util.List;
 import java.util.UUID;
@@ -33,6 +35,9 @@ public static class Artifact {
   public static class Universe {
     public UUID uuid;
     public String name;
+
+    @ApiModelProperty(value = "Universe creation date", example = "2024-07-28T01:02:03Z")
+    @JsonFormat(shape = JsonFormat.Shape.STRING, pattern = "yyyy-MM-dd'T'HH:mm:ss'Z'")
     public Date creation_date;
 
     public Universe(UUID uuid, String name, Date creation_date) {