use of co.cask.cdap.proto.security.AuthorizationPrivilege in project cdap by caskdata.
the class RemotePrivilegesHandler method enforce.
@POST
@Path("/enforce")
public void enforce(HttpRequest request, HttpResponder responder) throws Exception {
AuthorizationPrivilege authorizationPrivilege = GSON.fromJson(request.getContent().toString(Charsets.UTF_8), AuthorizationPrivilege.class);
LOG.debug("Enforcing for {}", authorizationPrivilege);
authorizationEnforcer.enforce(authorizationPrivilege.getEntity(), authorizationPrivilege.getPrincipal(), authorizationPrivilege.getAction());
responder.sendStatus(HttpResponseStatus.OK);
}
use of co.cask.cdap.proto.security.AuthorizationPrivilege in project cdap by caskdata.
the class RemoteAuthorizationEnforcer method enforce.
@Override
public void enforce(EntityId entity, Principal principal, Action action) throws Exception {
if (!isSecurityAuthorizationEnabled()) {
return;
}
AuthorizationPrivilege authorizationPrivilege = new AuthorizationPrivilege(principal, entity, action);
boolean allowed = cacheEnabled ? authPolicyCache.get(authorizationPrivilege) : doEnforce(authorizationPrivilege);
if (!allowed) {
throw new UnauthorizedException(principal, action, entity);
}
}
use of co.cask.cdap.proto.security.AuthorizationPrivilege in project cdap by caskdata.
the class RemotePrivilegesHandler method enforce.
@POST
@Path("/enforce")
public void enforce(FullHttpRequest request, HttpResponder responder) throws Exception {
AuthorizationPrivilege authorizationPrivilege = GSON.fromJson(request.content().toString(StandardCharsets.UTF_8), AuthorizationPrivilege.class);
LOG.debug("Enforcing for {}", authorizationPrivilege);
authorizationEnforcer.enforce(authorizationPrivilege.getEntity(), authorizationPrivilege.getPrincipal(), authorizationPrivilege.getAction());
responder.sendStatus(HttpResponseStatus.OK);
}
Aggregations