Examples with SubTenantRoles com.emc.storageos.model.user.SubTenantRoles used on opensource projects
Example 1 with SubTenantRoles
use of com.emc.storageos.model.user.SubTenantRoles in project coprhd-controller by CoprHD.
the class UserInfoPage method getMyInfo.
/**
* This call returns the list of tenants that the user maps to including the details of the mappings.
* It also returns a list of the virtual data center roles and tenant roles assigned to this user.
*
* @brief Show my Tenant and assigned roles
* @prereq none
* @return List of tenants user mappings,VDC role and tenant role of the user.
*/
@GET
@Path("/whoami")
@Produces({ MediaType.APPLICATION_XML, MediaType.APPLICATION_JSON })
public UserInfo getMyInfo() {
Principal principal = sc.getUserPrincipal();
if (!(principal instanceof StorageOSUser)) {
throw APIException.forbidden.invalidSecurityContext();
}
StorageOSUser user = (StorageOSUser) principal;
UserInfo info = new UserInfo();
info.setCommonName(user.getName());
// To Do - fix Distinguished name - for now setting it to name
info.setDistinguishedName(user.getName());
info.setTenant(user.getTenantId());
info.setTenantName(_permissionsHelper.getTenantNameByID(user.getTenantId()));
info.setVdcRoles(new ArrayList<String>());
info.setHomeTenantRoles(new ArrayList<String>());
info.setSubTenantRoles(new ArrayList<SubTenantRoles>());
// special check: root in geo scenario
boolean isLocalVdcSingleSite = VdcUtil.isLocalVdcSingleSite();
boolean isRootInGeo = user.getName().equalsIgnoreCase("root") && (!isLocalVdcSingleSite);
// add Vdc Roles
if (user.getRoles() != null) {
for (String role : user.getRoles()) {
// geo scenario, return RESTRICTED_*_ADMIN for root, instead of *_ADMIN
if (isRootInGeo) {
if (role.equalsIgnoreCase(Role.SYSTEM_ADMIN.toString())) {
role = Role.RESTRICTED_SYSTEM_ADMIN.toString();
}
if (role.equalsIgnoreCase(Role.SECURITY_ADMIN.toString())) {
role = Role.RESTRICTED_SECURITY_ADMIN.toString();
}
}
info.getVdcRoles().add(role);
}
}
// geo scenario, skip adding tenant roles for root
if (isRootInGeo) {
return info;
}
try {
Set<String> tenantRoles = _permissionsHelper.getTenantRolesForUser(user, URI.create(user.getTenantId()), false);
if (tenantRoles != null) {
for (String role : tenantRoles) {
info.getHomeTenantRoles().add(role);
}
}
Map<String, Collection<String>> subTenantRoles = _permissionsHelper.getSubtenantRolesForUser(user);
if (subTenantRoles != null) {
for (Entry<String, Collection<String>> entry : subTenantRoles.entrySet()) {
SubTenantRoles subRoles = new SubTenantRoles();
subRoles.setTenant(entry.getKey());
subRoles.setTenantName(_permissionsHelper.getTenantNameByID(entry.getKey()));
subRoles.setRoles(new ArrayList<String>(entry.getValue()));
info.getSubTenantRoles().add(subRoles);
}
}
} catch (DatabaseException ex) {
throw SecurityException.fatals.failedReadingTenantRoles(ex);
}
return info;
}
Also used :
UserInfo(com.emc.storageos.model.user.UserInfo)
SubTenantRoles(com.emc.storageos.model.user.SubTenantRoles)
StorageOSUser(com.emc.storageos.security.authentication.StorageOSUser)
DatabaseException(com.emc.storageos.db.exceptions.DatabaseException)
Principal(java.security.Principal)
Path(javax.ws.rs.Path)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Aggregations
DatabaseException (com.emc.storageos.db.exceptions.DatabaseException)1
SubTenantRoles (com.emc.storageos.model.user.SubTenantRoles)1
UserInfo (com.emc.storageos.model.user.UserInfo)1
StorageOSUser (com.emc.storageos.security.authentication.StorageOSUser)1
Principal (java.security.Principal)1
GET (javax.ws.rs.GET)1
Path (javax.ws.rs.Path)1
Produces (javax.ws.rs.Produces)1
