Examples with Principal co.cask.cdap.proto.security.Principal used on opensource projects

Example 36 with Principal

use of co.cask.cdap.proto.security.Principal in project cdap by caskdata.

the class ListRolesCommand method perform.

@Override
public void perform(Arguments arguments, PrintStream output) throws Exception {
    String principalType = arguments.getOptional(ArgumentName.PRINCIPAL_TYPE.toString());
    String principalName = arguments.getOptional(ArgumentName.PRINCIPAL_NAME.toString());
    Set<Role> roles;
    if (!(Strings.isNullOrEmpty(principalType) && Strings.isNullOrEmpty(principalName))) {
        roles = client.listRoles(new Principal(principalName, Principal.PrincipalType.valueOf(principalType.toUpperCase())));
    } else {
        roles = client.listAllRoles();
    }
    Table table = Table.builder().setHeader("Role").setRows(Lists.newArrayList(roles), new RowMaker<Role>() {

        @Override
        public List<?> makeRow(Role role) {
            return Lists.newArrayList(role.getName());
        }
    }).build();
    cliConfig.getTableRenderer().render(cliConfig, output, table);
}

Example 37 with Principal

use of co.cask.cdap.proto.security.Principal in project cdap by caskdata.

the class RevokeActionCommand method perform.

@Override
public void perform(Arguments arguments, PrintStream output) throws Exception {
    Authorizable authorizable = Authorizable.fromString(arguments.get(ArgumentName.ENTITY.toString()));
    String principalName = arguments.getOptional("principal-name", null);
    String type = arguments.getOptional("principal-type", null);
    Principal.PrincipalType principalType = type != null ? Principal.PrincipalType.valueOf(type.toUpperCase()) : null;
    Principal principal = type != null ? new Principal(principalName, principalType) : null;
    String actionsString = arguments.getOptional("actions", null);
    Set<Action> actions = actionsString == null ? null : ACTIONS_STRING_TO_SET.apply(actionsString);
    client.revoke(authorizable, principal, actions);
    if (principal == null && actions == null) {
        // Revoked all actions for all principals on the entity
        output.printf("Successfully revoked all actions on entity '%s' for all principals", authorizable.toString());
    } else {
        // currently, the CLI only supports 2 scenarios:
        // 1. both actions and principal are null - supported in the if block.
        // 2. both actions and principal are non-null - supported here. So it should be ok to have preconditions here to
        // enforce that both are non-null. In fact, if only one of them is null, the CLI will fail to parse the command.
        Preconditions.checkNotNull(actions, "Actions cannot be null when principal is not null in the revoke command");
        Preconditions.checkNotNull(principal, "Principal cannot be null when actions is not null in the revoke command");
        output.printf("Successfully revoked action(s) '%s' on entity '%s' for %s '%s'\n", Joiner.on(",").join(actions), authorizable.toString(), principal.getType(), principal.getName());
    }
}

Example 38 with Principal

use of co.cask.cdap.proto.security.Principal in project cdap by caskdata.

the class ListPrivilegesCommand method perform.

@Override
public void perform(Arguments arguments, PrintStream output) throws Exception {
    String principalType = arguments.get(ArgumentName.PRINCIPAL_TYPE.toString());
    String principalName = arguments.get(ArgumentName.PRINCIPAL_NAME.toString());
    Table table = Table.builder().setHeader("Authorizable", "Action").setRows(Lists.newArrayList(client.listPrivileges(new Principal(principalName, Principal.PrincipalType.valueOf(principalType.toUpperCase())))), new RowMaker<Privilege>() {

        @Override
        public List<?> makeRow(Privilege privilege) {
            return Lists.newArrayList(privilege.getAuthorizable().toString(), privilege.getAction().name());
        }
    }).build();
    cliConfig.getTableRenderer().render(cliConfig, output, table);
}

Example 39 with Principal

use of co.cask.cdap.proto.security.Principal in project cdap by caskdata.

the class AddRoleToPrincipalCommand method perform.

@Override
public void perform(Arguments arguments, PrintStream output) throws Exception {
    String roleName = arguments.get("role-name");
    String principalType = arguments.get("principal-type");
    String principalName = arguments.get("principal-name");
    client.addRoleToPrincipal(new Role(roleName), new Principal(principalName, Principal.PrincipalType.valueOf(principalType.toUpperCase())));
    output.printf("Successfully added role '%s' to '%s' '%s'\n", roleName, principalType, principalName);
}

Example 40 with Principal

use of co.cask.cdap.proto.security.Principal in project cdap by caskdata.

the class AuthorizationHandler method listPrivileges.

@Path("{principal-type}/{principal-name}/privileges")
@GET
public void listPrivileges(HttpRequest httpRequest, HttpResponder httpResponder, @PathParam("principal-type") String principalType, @PathParam("principal-name") String principalName) throws Exception {
    ensureSecurityEnabled();
    Principal principal = new Principal(principalName, Principal.PrincipalType.valueOf(principalType.toUpperCase()));
    httpResponder.sendJson(HttpResponseStatus.OK, GSON.toJson(authorizer.listPrivileges(principal), PRIVILEGE_SET_TYPE));
    createLogEntry(httpRequest, HttpResponseStatus.OK);
}