Search in sources :

Example 1 with USER

use of com.hortonworks.streamline.streams.security.catalog.AclEntry.SidType.USER in project streamline by hortonworks.

the class SecurityCatalogResource method filter.

private Collection<AclEntry> filter(Collection<AclEntry> aclEntries, SecurityContext securityContext) {
    User currentUser = getCurrentUser(securityContext);
    Set<Role> currentUserRoles = catalogService.getAllUserRoles(currentUser);
    boolean isSecurityAdmin = SecurityUtil.hasRole(authorizer, securityContext, ROLE_SECURITY_ADMIN);
    return aclEntries.stream().filter(aclEntry -> isSecurityAdmin || matches(aclEntry, currentUser, currentUserRoles)).collect(Collectors.toSet());
}
Also used : UserRole(com.hortonworks.streamline.streams.security.catalog.UserRole) Role(com.hortonworks.streamline.streams.security.catalog.Role) Roles(com.hortonworks.streamline.streams.security.Roles) Produces(javax.ws.rs.Produces) Date(java.util.Date) BiFunction(java.util.function.BiFunction) QueryParam(com.hortonworks.registries.common.QueryParam) LoggerFactory(org.slf4j.LoggerFactory) Path(javax.ws.rs.Path) SecurityContext(javax.ws.rs.core.SecurityContext) NewCookie(javax.ws.rs.core.NewCookie) StringUtils(org.apache.commons.lang3.StringUtils) MediaType(javax.ws.rs.core.MediaType) WSUtils(com.hortonworks.streamline.common.util.WSUtils) StreamlineAuthorizer(com.hortonworks.streamline.streams.security.StreamlineAuthorizer) EnumSet(java.util.EnumSet) DELETE(javax.ws.rs.DELETE) SecurityUtil(com.hortonworks.streamline.streams.security.SecurityUtil) WebserviceAuthorizationException(com.hortonworks.streamline.common.exception.service.exception.request.WebserviceAuthorizationException) User(com.hortonworks.streamline.streams.security.catalog.User) Context(javax.ws.rs.core.Context) Permission(com.hortonworks.streamline.streams.security.Permission) OK(javax.ws.rs.core.Response.Status.OK) Collection(java.util.Collection) Set(java.util.Set) Collectors(java.util.stream.Collectors) Sets(com.google.common.collect.Sets) Cookie(javax.ws.rs.core.Cookie) Timed(com.codahale.metrics.annotation.Timed) AuthenticatedURL(org.apache.hadoop.security.authentication.client.AuthenticatedURL) List(java.util.List) Principal(java.security.Principal) Response(javax.ws.rs.core.Response) AuthenticationContext(com.hortonworks.streamline.streams.security.AuthenticationContext) UriInfo(javax.ws.rs.core.UriInfo) CREATED(javax.ws.rs.core.Response.Status.CREATED) ROLE_SECURITY_ADMIN(com.hortonworks.streamline.streams.security.Roles.ROLE_SECURITY_ADMIN) PathParam(javax.ws.rs.PathParam) EntityNotFoundException(com.hortonworks.streamline.common.exception.service.exception.request.EntityNotFoundException) GET(javax.ws.rs.GET) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) USER(com.hortonworks.streamline.streams.security.catalog.AclEntry.SidType.USER) UserRole(com.hortonworks.streamline.streams.security.catalog.UserRole) AclEntry(com.hortonworks.streamline.streams.security.catalog.AclEntry) Logger(org.slf4j.Logger) POST(javax.ws.rs.POST) ROLE(com.hortonworks.streamline.streams.security.catalog.AclEntry.SidType.ROLE) MultivaluedMap(javax.ws.rs.core.MultivaluedMap) PUT(javax.ws.rs.PUT) RoleHierarchy(com.hortonworks.streamline.streams.security.catalog.RoleHierarchy) Role(com.hortonworks.streamline.streams.security.catalog.Role) User(com.hortonworks.streamline.streams.security.catalog.User)

Example 2 with USER

use of com.hortonworks.streamline.streams.security.catalog.AclEntry.SidType.USER in project streamline by hortonworks.

the class SecurityCatalogResource method getRoleUsers.

private Response getRoleUsers(Long roleId) {
    Role role = catalogService.getRole(roleId);
    Set<Role> rolesToQuery = new HashSet<>();
    if (role != null) {
        rolesToQuery.add(role);
        rolesToQuery.addAll(catalogService.getChildRoles(roleId));
        Set<User> res = rolesToQuery.stream().flatMap(r -> catalogService.listUsers(r).stream()).collect(Collectors.toSet());
        return WSUtils.respondEntities(res, OK);
    }
    throw EntityNotFoundException.byId(roleId.toString());
}
Also used : UserRole(com.hortonworks.streamline.streams.security.catalog.UserRole) Role(com.hortonworks.streamline.streams.security.catalog.Role) Roles(com.hortonworks.streamline.streams.security.Roles) Produces(javax.ws.rs.Produces) Date(java.util.Date) BiFunction(java.util.function.BiFunction) QueryParam(com.hortonworks.registries.common.QueryParam) LoggerFactory(org.slf4j.LoggerFactory) Path(javax.ws.rs.Path) SecurityContext(javax.ws.rs.core.SecurityContext) NewCookie(javax.ws.rs.core.NewCookie) StringUtils(org.apache.commons.lang3.StringUtils) MediaType(javax.ws.rs.core.MediaType) WSUtils(com.hortonworks.streamline.common.util.WSUtils) StreamlineAuthorizer(com.hortonworks.streamline.streams.security.StreamlineAuthorizer) EnumSet(java.util.EnumSet) DELETE(javax.ws.rs.DELETE) SecurityUtil(com.hortonworks.streamline.streams.security.SecurityUtil) WebserviceAuthorizationException(com.hortonworks.streamline.common.exception.service.exception.request.WebserviceAuthorizationException) User(com.hortonworks.streamline.streams.security.catalog.User) Context(javax.ws.rs.core.Context) Permission(com.hortonworks.streamline.streams.security.Permission) OK(javax.ws.rs.core.Response.Status.OK) Collection(java.util.Collection) Set(java.util.Set) Collectors(java.util.stream.Collectors) Sets(com.google.common.collect.Sets) Cookie(javax.ws.rs.core.Cookie) Timed(com.codahale.metrics.annotation.Timed) AuthenticatedURL(org.apache.hadoop.security.authentication.client.AuthenticatedURL) List(java.util.List) Principal(java.security.Principal) Response(javax.ws.rs.core.Response) AuthenticationContext(com.hortonworks.streamline.streams.security.AuthenticationContext) UriInfo(javax.ws.rs.core.UriInfo) CREATED(javax.ws.rs.core.Response.Status.CREATED) ROLE_SECURITY_ADMIN(com.hortonworks.streamline.streams.security.Roles.ROLE_SECURITY_ADMIN) PathParam(javax.ws.rs.PathParam) EntityNotFoundException(com.hortonworks.streamline.common.exception.service.exception.request.EntityNotFoundException) GET(javax.ws.rs.GET) ArrayList(java.util.ArrayList) HashSet(java.util.HashSet) USER(com.hortonworks.streamline.streams.security.catalog.AclEntry.SidType.USER) UserRole(com.hortonworks.streamline.streams.security.catalog.UserRole) AclEntry(com.hortonworks.streamline.streams.security.catalog.AclEntry) Logger(org.slf4j.Logger) POST(javax.ws.rs.POST) ROLE(com.hortonworks.streamline.streams.security.catalog.AclEntry.SidType.ROLE) MultivaluedMap(javax.ws.rs.core.MultivaluedMap) PUT(javax.ws.rs.PUT) RoleHierarchy(com.hortonworks.streamline.streams.security.catalog.RoleHierarchy) Role(com.hortonworks.streamline.streams.security.catalog.Role) User(com.hortonworks.streamline.streams.security.catalog.User) HashSet(java.util.HashSet)

Aggregations

Timed (com.codahale.metrics.annotation.Timed)2 Sets (com.google.common.collect.Sets)2 QueryParam (com.hortonworks.registries.common.QueryParam)2 EntityNotFoundException (com.hortonworks.streamline.common.exception.service.exception.request.EntityNotFoundException)2 WebserviceAuthorizationException (com.hortonworks.streamline.common.exception.service.exception.request.WebserviceAuthorizationException)2 WSUtils (com.hortonworks.streamline.common.util.WSUtils)2 AuthenticationContext (com.hortonworks.streamline.streams.security.AuthenticationContext)2 Permission (com.hortonworks.streamline.streams.security.Permission)2 Roles (com.hortonworks.streamline.streams.security.Roles)2 ROLE_SECURITY_ADMIN (com.hortonworks.streamline.streams.security.Roles.ROLE_SECURITY_ADMIN)2 SecurityUtil (com.hortonworks.streamline.streams.security.SecurityUtil)2 StreamlineAuthorizer (com.hortonworks.streamline.streams.security.StreamlineAuthorizer)2 AclEntry (com.hortonworks.streamline.streams.security.catalog.AclEntry)2 ROLE (com.hortonworks.streamline.streams.security.catalog.AclEntry.SidType.ROLE)2 USER (com.hortonworks.streamline.streams.security.catalog.AclEntry.SidType.USER)2 Role (com.hortonworks.streamline.streams.security.catalog.Role)2 RoleHierarchy (com.hortonworks.streamline.streams.security.catalog.RoleHierarchy)2 User (com.hortonworks.streamline.streams.security.catalog.User)2 UserRole (com.hortonworks.streamline.streams.security.catalog.UserRole)2 Principal (java.security.Principal)2