Example 21 with Action
use of co.cask.cdap.proto.security.Action in project cdap by caskdata.
the class AbstractAuthorizationEnforcer method enforce.
@Override
public void enforce(EntityId entity, Principal principal, Set<Action> actions) throws Exception {
if (!isSecurityAuthorizationEnabled()) {
return;
}
Set<Action> disallowed = EnumSet.noneOf(Action.class);
UnauthorizedException unauthorizedException = new UnauthorizedException(principal, entity);
for (Action action : actions) {
try {
enforce(entity, principal, action);
} catch (UnauthorizedException e) {
disallowed.add(action);
unauthorizedException.addSuppressed(e);
}
}
if (!disallowed.isEmpty()) {
throw new UnauthorizedException(principal, disallowed, entity, unauthorizedException);
}
}
Also used :
Action(co.cask.cdap.proto.security.Action)
UnauthorizedException(co.cask.cdap.security.spi.authorization.UnauthorizedException)
Aggregations
Action (co.cask.cdap.proto.security.Action)21
Privilege (co.cask.cdap.proto.security.Privilege)9
Principal (co.cask.cdap.proto.security.Principal)6
HashSet (java.util.HashSet)6
EntityId (co.cask.cdap.proto.id.EntityId)5
UnauthorizedException (co.cask.cdap.security.spi.authorization.UnauthorizedException)5
ImmutableSet (com.google.common.collect.ImmutableSet)5
POST (javax.ws.rs.POST)4
Path (javax.ws.rs.Path)4
InMemoryAuthorizer (co.cask.cdap.security.authorization.InMemoryAuthorizer)3
Authorizer (co.cask.cdap.security.spi.authorization.Authorizer)3
MethodArgument (co.cask.cdap.common.internal.remote.MethodArgument)2
AuditPolicy (co.cask.cdap.common.security.AuditPolicy)2
NamespaceId (co.cask.cdap.proto.id.NamespaceId)2
StreamId (co.cask.cdap.proto.id.StreamId)2
Test (org.junit.Test)2
DatasetSpecification (co.cask.cdap.api.dataset.DatasetSpecification)1
DatasetAlreadyExistsException (co.cask.cdap.common.DatasetAlreadyExistsException)1
DatasetNotFoundException (co.cask.cdap.common.DatasetNotFoundException)1
DatasetTypeNotFoundException (co.cask.cdap.common.DatasetTypeNotFoundException)1
