Search in sources :

Example 1 with AuthorizationPrivilege

use of co.cask.cdap.proto.security.AuthorizationPrivilege in project cdap by caskdata.

the class RemotePrivilegesHandler method enforce.

@POST
@Path("/enforce")
public void enforce(HttpRequest request, HttpResponder responder) throws Exception {
    AuthorizationPrivilege authorizationPrivilege = GSON.fromJson(request.getContent().toString(Charsets.UTF_8), AuthorizationPrivilege.class);
    LOG.debug("Enforcing for {}", authorizationPrivilege);
    authorizationEnforcer.enforce(authorizationPrivilege.getEntity(), authorizationPrivilege.getPrincipal(), authorizationPrivilege.getAction());
    responder.sendStatus(HttpResponseStatus.OK);
}
Also used : AuthorizationPrivilege(co.cask.cdap.proto.security.AuthorizationPrivilege) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST)

Example 2 with AuthorizationPrivilege

use of co.cask.cdap.proto.security.AuthorizationPrivilege in project cdap by caskdata.

the class RemoteAuthorizationEnforcer method enforce.

@Override
public void enforce(EntityId entity, Principal principal, Action action) throws Exception {
    if (!isSecurityAuthorizationEnabled()) {
        return;
    }
    AuthorizationPrivilege authorizationPrivilege = new AuthorizationPrivilege(principal, entity, action);
    boolean allowed = cacheEnabled ? authPolicyCache.get(authorizationPrivilege) : doEnforce(authorizationPrivilege);
    if (!allowed) {
        throw new UnauthorizedException(principal, action, entity);
    }
}
Also used : AuthorizationPrivilege(co.cask.cdap.proto.security.AuthorizationPrivilege) UnauthorizedException(co.cask.cdap.security.spi.authorization.UnauthorizedException)

Example 3 with AuthorizationPrivilege

use of co.cask.cdap.proto.security.AuthorizationPrivilege in project cdap by caskdata.

the class RemotePrivilegesHandler method enforce.

@POST
@Path("/enforce")
public void enforce(FullHttpRequest request, HttpResponder responder) throws Exception {
    AuthorizationPrivilege authorizationPrivilege = GSON.fromJson(request.content().toString(StandardCharsets.UTF_8), AuthorizationPrivilege.class);
    LOG.debug("Enforcing for {}", authorizationPrivilege);
    authorizationEnforcer.enforce(authorizationPrivilege.getEntity(), authorizationPrivilege.getPrincipal(), authorizationPrivilege.getAction());
    responder.sendStatus(HttpResponseStatus.OK);
}
Also used : AuthorizationPrivilege(co.cask.cdap.proto.security.AuthorizationPrivilege) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST)

Aggregations

AuthorizationPrivilege (co.cask.cdap.proto.security.AuthorizationPrivilege)3 POST (javax.ws.rs.POST)2 Path (javax.ws.rs.Path)2 UnauthorizedException (co.cask.cdap.security.spi.authorization.UnauthorizedException)1