Example 1 with GrantRequest
use of co.cask.cdap.proto.security.GrantRequest in project cdap by caskdata.
the class AuthorizationHandler method grant.
@Path("/privileges/grant")
@POST
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void grant(HttpRequest httpRequest, HttpResponder httpResponder) throws Exception {
ensureSecurityEnabled();
GrantRequest request = parseBody(httpRequest, GrantRequest.class);
verifyAuthRequest(request);
Set<Action> actions = request.getActions() == null ? EnumSet.allOf(Action.class) : request.getActions();
// enforce that the user granting access has admin privileges on the entity
authorizationEnforcer.enforce(request.getEntity(), authenticationContext.getPrincipal(), Action.ADMIN);
privilegesManager.grant(request.getEntity(), request.getPrincipal(), actions);
httpResponder.sendStatus(HttpResponseStatus.OK);
createLogEntry(httpRequest, request, HttpResponseStatus.OK);
}
Also used :
Action(co.cask.cdap.proto.security.Action)
GrantRequest(co.cask.cdap.proto.security.GrantRequest)
Path(javax.ws.rs.Path)
AuditPolicy(co.cask.cdap.common.security.AuditPolicy)
POST(javax.ws.rs.POST)
Example 2 with GrantRequest
use of co.cask.cdap.proto.security.GrantRequest in project cdap by caskdata.
the class AuthorizationClient method grant.
@Override
public void grant(EntityId entity, Principal principal, Set<Action> actions) throws IOException, UnauthenticatedException, FeatureDisabledException, UnauthorizedException, NotFoundException {
GrantRequest grantRequest = new GrantRequest(entity, principal, actions);
URL url = config.resolveURLV3(AUTHORIZATION_BASE + "/privileges/grant");
HttpRequest request = HttpRequest.post(url).withBody(GSON.toJson(grantRequest)).build();
executePrivilegeRequest(request);
}
Also used :
HttpRequest(co.cask.common.http.HttpRequest)
GrantRequest(co.cask.cdap.proto.security.GrantRequest)
URL(java.net.URL)
Example 3 with GrantRequest
use of co.cask.cdap.proto.security.GrantRequest in project cdap by caskdata.
the class AuthorizationClient method grant.
@Override
public void grant(Authorizable authorizable, Principal principal, Set<Action> actions) throws IOException, UnauthorizedException, UnauthenticatedException, NotFoundException, FeatureDisabledException {
GrantRequest grantRequest = new GrantRequest(authorizable, principal, actions);
URL url = config.resolveURLV3(AUTHORIZATION_BASE + "/privileges/grant");
HttpRequest request = HttpRequest.post(url).withBody(GSON.toJson(grantRequest)).build();
executePrivilegeRequest(request);
}
Also used :
HttpRequest(co.cask.common.http.HttpRequest)
GrantRequest(co.cask.cdap.proto.security.GrantRequest)
URL(java.net.URL)
Example 4 with GrantRequest
use of co.cask.cdap.proto.security.GrantRequest in project cdap by caskdata.
the class AuthorizationHandler method grant.
@Path("/privileges/grant")
@POST
@AuditPolicy(AuditDetail.REQUEST_BODY)
public void grant(FullHttpRequest httpRequest, HttpResponder httpResponder) throws Exception {
ensureSecurityEnabled();
GrantRequest request = parseBody(httpRequest, GrantRequest.class);
if (request == null) {
throw new BadRequestException("Missing request body");
}
Set<Action> actions = request.getActions() == null ? EnumSet.allOf(Action.class) : request.getActions();
privilegesManager.grant(request.getAuthorizable(), request.getPrincipal(), actions);
httpResponder.sendStatus(HttpResponseStatus.OK);
createLogEntry(httpRequest, HttpResponseStatus.OK);
}
Also used :
Action(co.cask.cdap.proto.security.Action)
GrantRequest(co.cask.cdap.proto.security.GrantRequest)
BadRequestException(co.cask.cdap.common.BadRequestException)
Path(javax.ws.rs.Path)
AuditPolicy(co.cask.cdap.common.security.AuditPolicy)
POST(javax.ws.rs.POST)
Aggregations
GrantRequest (co.cask.cdap.proto.security.GrantRequest)4
AuditPolicy (co.cask.cdap.common.security.AuditPolicy)2
Action (co.cask.cdap.proto.security.Action)2
HttpRequest (co.cask.common.http.HttpRequest)2
URL (java.net.URL)2
POST (javax.ws.rs.POST)2
Path (javax.ws.rs.Path)2
BadRequestException (co.cask.cdap.common.BadRequestException)1
