Examples with AclEntry com.hortonworks.streamline.streams.security.catalog.AclEntry used on opensource projects

Search in sources :

Example 6 with AclEntry

use of com.hortonworks.streamline.streams.security.catalog.AclEntry in project streamline by hortonworks.

the class SecurityCatalogService method getAcl.

public AclEntry getAcl(Long aclEntryId) {
    AclEntry aclEntry = new AclEntry();
    aclEntry.setId(aclEntryId);
    return this.dao.get(new StorableKey(AclEntry.NAMESPACE, aclEntry.getPrimaryKey()));
}
Also used : StorableKey(com.hortonworks.registries.storage.StorableKey) AclEntry(com.hortonworks.streamline.streams.security.catalog.AclEntry)

Example 7 with AclEntry

use of com.hortonworks.streamline.streams.security.catalog.AclEntry in project streamline by hortonworks.

the class SecurityCatalogServiceTest method checkUserPermissions.

@Test
public void checkUserPermissions() throws Exception {
    SecurityCatalogService catalogService = new SecurityCatalogService(null);
    AclEntry userAclEntry = new AclEntry();
    userAclEntry.setSidType(AclEntry.SidType.USER);
    userAclEntry.setSidId(1L);
    userAclEntry.setObjectId(1L);
    userAclEntry.setObjectNamespace("topology");
    userAclEntry.setPermissions(EnumSet.of(Permission.WRITE));
    AclEntry roleAclEntry = new AclEntry();
    roleAclEntry.setSidType(AclEntry.SidType.ROLE);
    roleAclEntry.setSidId(1L);
    roleAclEntry.setObjectId(1L);
    roleAclEntry.setObjectNamespace("topology");
    roleAclEntry.setPermissions(EnumSet.of(Permission.READ));
    Role role = new Role();
    role.setId(1L);
    role.setName("ROLE_FOO");
    List<QueryParam> qps1 = QueryParam.params(AclEntry.OBJECT_NAMESPACE, "topology", AclEntry.OBJECT_ID, "1", AclEntry.SID_TYPE, USER.toString(), AclEntry.SID_ID, "1");
    List<QueryParam> qps2 = QueryParam.params(AclEntry.OBJECT_NAMESPACE, "topology", AclEntry.OBJECT_ID, "1", AclEntry.SID_TYPE, AclEntry.SidType.ROLE.toString());
    User user = new User();
    user.setRoles(Sets.newHashSet("ROLE_FOO"));
    new Expectations(catalogService) {

        {
            catalogService.getUser(anyLong);
            result = user;
            catalogService.listAcls(qps1);
            result = Arrays.asList(userAclEntry);
            catalogService.getAllUserRoles(user);
            result = Sets.newHashSet(role);
            catalogService.listAcls(qps2);
            result = Arrays.asList(roleAclEntry);
            catalogService.getRole(1L);
            result = role;
        }
    };
    assertTrue(catalogService.checkUserPermissions("topology", 1L, 1L, EnumSet.of(Permission.READ)));
    assertTrue(catalogService.checkUserPermissions("topology", 1L, 1L, EnumSet.of(Permission.WRITE)));
    assertTrue(catalogService.checkUserPermissions("topology", 1L, 1L, EnumSet.of(Permission.WRITE, Permission.READ)));
    assertFalse(catalogService.checkUserPermissions("topology", 1L, 1L, EnumSet.of(Permission.WRITE, Permission.DELETE)));
}
Also used : Role(com.hortonworks.streamline.streams.security.catalog.Role) Expectations(mockit.Expectations) User(com.hortonworks.streamline.streams.security.catalog.User) QueryParam(com.hortonworks.registries.common.QueryParam) AclEntry(com.hortonworks.streamline.streams.security.catalog.AclEntry) Test(org.junit.Test)

Example 8 with AclEntry

use of com.hortonworks.streamline.streams.security.catalog.AclEntry in project streamline by hortonworks.

the class DefaultStreamlineAuthorizer method addAcl.

@Override
public void addAcl(AuthenticationContext ctx, String targetEntityNamespace, Long targetEntityId, boolean owner, boolean grant, EnumSet<Permission> permissions) {
    validateAuthenticationContext(ctx);
    String userName = SecurityUtil.getUserName(ctx);
    User user = catalogService.getUser(userName);
    if (user == null || user.getId() == null) {
        String msg = String.format("No such user '%s'", userName);
        LOG.warn(msg);
        throw new AuthorizationException(msg);
    }
    AclEntry aclEntry = new AclEntry();
    aclEntry.setObjectId(targetEntityId);
    aclEntry.setObjectNamespace(targetEntityNamespace);
    aclEntry.setSidId(user.getId());
    aclEntry.setSidType(AclEntry.SidType.USER);
    aclEntry.setOwner(owner);
    aclEntry.setGrant(grant);
    aclEntry.setPermissions(permissions);
    catalogService.addAcl(aclEntry);
}
Also used : User(com.hortonworks.streamline.streams.security.catalog.User) AuthorizationException(com.hortonworks.streamline.streams.security.AuthorizationException) AclEntry(com.hortonworks.streamline.streams.security.catalog.AclEntry)

Example 9 with AclEntry

use of com.hortonworks.streamline.streams.security.catalog.AclEntry in project streamline by hortonworks.

the class SecurityCatalogResource method addOrUpdateAcl.

@PUT
@Path("/acls/{id}")
@Timed
public Response addOrUpdateAcl(@PathParam("id") Long aclId, AclEntry aclEntry, @Context SecurityContext securityContext) {
    mayBeFillSidId(aclEntry);
    checkAclOp(aclEntry, securityContext, this::shouldAllowAclAddOrUpdate);
    AclEntry newAclEntry = catalogService.addOrUpdateAcl(aclId, aclEntry);
    return WSUtils.respondEntity(newAclEntry, OK);
}
Also used : AclEntry(com.hortonworks.streamline.streams.security.catalog.AclEntry) Path(javax.ws.rs.Path) Timed(com.codahale.metrics.annotation.Timed) PUT(javax.ws.rs.PUT)

Example 10 with AclEntry

use of com.hortonworks.streamline.streams.security.catalog.AclEntry in project streamline by hortonworks.

the class SecurityCatalogResource method addAcl.

@POST
@Path("/acls")
@Timed
public Response addAcl(AclEntry aclEntry, @Context SecurityContext securityContext) {
    mayBeFillSidId(aclEntry);
    checkAclOp(aclEntry, securityContext, this::shouldAllowAclAddOrUpdate);
    AclEntry createdAcl = catalogService.addAcl(aclEntry);
    return WSUtils.respondEntity(createdAcl, CREATED);
}
Also used : AclEntry(com.hortonworks.streamline.streams.security.catalog.AclEntry) Path(javax.ws.rs.Path) POST(javax.ws.rs.POST) Timed(com.codahale.metrics.annotation.Timed)

Aggregations

AclEntry (com.hortonworks.streamline.streams.security.catalog.AclEntry)11 Timed (com.codahale.metrics.annotation.Timed)5 User (com.hortonworks.streamline.streams.security.catalog.User)5 Path (javax.ws.rs.Path)5 Role (com.hortonworks.streamline.streams.security.catalog.Role)4 QueryParam (com.hortonworks.registries.common.QueryParam)3 Permission (com.hortonworks.streamline.streams.security.Permission)3 UserRole (com.hortonworks.streamline.streams.security.catalog.UserRole)3 StorableKey (com.hortonworks.registries.storage.StorableKey)2 DELETE (javax.ws.rs.DELETE)2 GET (javax.ws.rs.GET)2 POST (javax.ws.rs.POST)2 PUT (javax.ws.rs.PUT)2 Sets (com.google.common.collect.Sets)1 EntityNotFoundException (com.hortonworks.streamline.common.exception.service.exception.request.EntityNotFoundException)1 WebserviceAuthorizationException (com.hortonworks.streamline.common.exception.service.exception.request.WebserviceAuthorizationException)1 WSUtils (com.hortonworks.streamline.common.util.WSUtils)1 AuthenticationContext (com.hortonworks.streamline.streams.security.AuthenticationContext)1 AuthorizationException (com.hortonworks.streamline.streams.security.AuthorizationException)1 Roles (com.hortonworks.streamline.streams.security.Roles)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial