Example 1 with RoleHierarchy
use of com.hortonworks.streamline.streams.security.catalog.RoleHierarchy in project streamline by hortonworks.
the class SecurityCatalogService method removeChildRole.
public RoleHierarchy removeChildRole(Long parentRoleId, Long childRoleId) {
validateRoleIds(parentRoleId);
RoleHierarchy roleHierarchy = new RoleHierarchy();
roleHierarchy.setParentId(parentRoleId);
roleHierarchy.setChildId(childRoleId);
return this.dao.remove(new StorableKey(RoleHierarchy.NAMESPACE, roleHierarchy.getPrimaryKey()));
}
Also used :
StorableKey(com.hortonworks.registries.storage.StorableKey)
RoleHierarchy(com.hortonworks.streamline.streams.security.catalog.RoleHierarchy)
Example 2 with RoleHierarchy
use of com.hortonworks.streamline.streams.security.catalog.RoleHierarchy in project streamline by hortonworks.
the class SecurityCatalogService method addChildRole.
public RoleHierarchy addChildRole(Long parentRoleId, Long childRoleId) {
validateRoleIds(parentRoleId);
RoleHierarchy roleHierarchy = new RoleHierarchy();
roleHierarchy.setParentId(parentRoleId);
roleHierarchy.setChildId(childRoleId);
this.dao.add(roleHierarchy);
return roleHierarchy;
}
Also used :
RoleHierarchy(com.hortonworks.streamline.streams.security.catalog.RoleHierarchy)
Example 3 with RoleHierarchy
use of com.hortonworks.streamline.streams.security.catalog.RoleHierarchy in project streamline by hortonworks.
the class SecurityCatalogService method removeRole.
public Role removeRole(Long roleId) {
// check if role is part of any parent roles, if so parent role should be deleted first.
Set<Role> parentRoles = getParentRoles(roleId);
if (!parentRoles.isEmpty()) {
throw new IllegalStateException("Role is a child role of the following parent role(s): " + parentRoles + ". Parent roles must be deleted first.");
}
// check if role has any users
List<QueryParam> qps = QueryParam.params(UserRole.ROLE_ID, String.valueOf(roleId));
Collection<UserRole> userRoles = listUserRoles(qps);
if (!userRoles.isEmpty()) {
throw new IllegalStateException("Role has users");
}
// remove child role associations
qps = QueryParam.params(RoleHierarchy.PARENT_ID, String.valueOf(roleId));
Collection<RoleHierarchy> roleHierarchies = dao.find(RoleHierarchy.NAMESPACE, qps);
LOG.info("Removing child role association for role id {}", roleId);
roleHierarchies.forEach(rh -> removeChildRole(roleId, rh.getChildId()));
// remove permissions assigned to role
qps = QueryParam.params(AclEntry.SID_ID, String.valueOf(roleId), AclEntry.SID_TYPE, AclEntry.SidType.ROLE.toString());
LOG.info("Removing ACL entries for role id {}", roleId);
listAcls(qps).forEach(aclEntry -> removeAcl(aclEntry.getId()));
Role role = new Role();
role.setId(roleId);
return dao.remove(new StorableKey(Role.NAMESPACE, role.getPrimaryKey()));
}
Also used :
UserRole(com.hortonworks.streamline.streams.security.catalog.UserRole)
Role(com.hortonworks.streamline.streams.security.catalog.Role)
QueryParam(com.hortonworks.registries.common.QueryParam)
UserRole(com.hortonworks.streamline.streams.security.catalog.UserRole)
StorableKey(com.hortonworks.registries.storage.StorableKey)
RoleHierarchy(com.hortonworks.streamline.streams.security.catalog.RoleHierarchy)
Example 4 with RoleHierarchy
use of com.hortonworks.streamline.streams.security.catalog.RoleHierarchy in project streamline by hortonworks.
the class SecurityCatalogResource method deleteChildRole.
@DELETE
@Path("/roles/{parentId}/children/{childId}")
@Timed
public Response deleteChildRole(@PathParam("parentId") Long parentId, @PathParam("childId") Long childId, @Context SecurityContext securityContext) throws Exception {
SecurityUtil.checkRole(authorizer, securityContext, ROLE_SECURITY_ADMIN);
RoleHierarchy roleHierarchy = catalogService.removeChildRole(parentId, childId);
if (roleHierarchy != null) {
return WSUtils.respondEntity(roleHierarchy, OK);
}
throw EntityNotFoundException.byId(childId.toString());
}
Also used :
RoleHierarchy(com.hortonworks.streamline.streams.security.catalog.RoleHierarchy)
Path(javax.ws.rs.Path)
DELETE(javax.ws.rs.DELETE)
Timed(com.codahale.metrics.annotation.Timed)
Example 5 with RoleHierarchy
use of com.hortonworks.streamline.streams.security.catalog.RoleHierarchy in project streamline by hortonworks.
the class SecurityCatalogResource method addChildRole.
@POST
@Path("/roles/{parentRoleName}/children/{childRoleName}")
@Timed
public Response addChildRole(@PathParam("parentRoleName") String parentRoleName, @PathParam("childRoleName") String childRoleName, @Context SecurityContext securityContext) throws Exception {
SecurityUtil.checkRole(authorizer, securityContext, ROLE_SECURITY_ADMIN);
if (childRoleName.equals(parentRoleName)) {
throw new IllegalArgumentException("Child role is same as parent role");
}
Long parentId = getIdFromRoleName(parentRoleName);
Long childId = getIdFromRoleName(childRoleName);
Role childRole = catalogService.getRole(childId);
if (childRole != null) {
RoleHierarchy roleHierarchy = catalogService.addChildRole(parentId, childId);
return WSUtils.respondEntity(roleHierarchy, OK);
}
throw EntityNotFoundException.byId(childId.toString());
}
Also used :
UserRole(com.hortonworks.streamline.streams.security.catalog.UserRole)
Role(com.hortonworks.streamline.streams.security.catalog.Role)
RoleHierarchy(com.hortonworks.streamline.streams.security.catalog.RoleHierarchy)
Path(javax.ws.rs.Path)
POST(javax.ws.rs.POST)
Timed(com.codahale.metrics.annotation.Timed)
Aggregations
RoleHierarchy (com.hortonworks.streamline.streams.security.catalog.RoleHierarchy)5
Timed (com.codahale.metrics.annotation.Timed)2
StorableKey (com.hortonworks.registries.storage.StorableKey)2
Role (com.hortonworks.streamline.streams.security.catalog.Role)2
UserRole (com.hortonworks.streamline.streams.security.catalog.UserRole)2
Path (javax.ws.rs.Path)2
QueryParam (com.hortonworks.registries.common.QueryParam)1
DELETE (javax.ws.rs.DELETE)1
POST (javax.ws.rs.POST)1
