Examples with Permissions com.netflix.spinnaker.fiat.model.resources.Permissions used on opensource projects

Search in sources :

Example 1 with Permissions

use of com.netflix.spinnaker.fiat.model.resources.Permissions in project fiat by spinnaker.

the class ApplicationResourcePermissionSource method getPermissions.

@Override
@Nonnull
public Permissions getPermissions(@Nonnull Application resource) {
    Permissions storedPermissions = resource.getPermissions();
    if (storedPermissions == null || !storedPermissions.isRestricted()) {
        return Permissions.EMPTY;
    }
    Map<Authorization, Set<String>> authorizations = Arrays.stream(Authorization.values()).collect(toMap(identity(), storedPermissions::get));
    // CREATE permissions are not allowed on the resource level.
    authorizations.remove(Authorization.CREATE);
    return Permissions.Builder.factory(authorizations).build();
}
Also used : Authorization(com.netflix.spinnaker.fiat.model.Authorization) Set(java.util.Set) Permissions(com.netflix.spinnaker.fiat.model.resources.Permissions) Nonnull(javax.annotation.Nonnull)

Example 2 with Permissions

use of com.netflix.spinnaker.fiat.model.resources.Permissions in project fiat by spinnaker.

the class DefaultApplicationResourceProvider method loadAll.

@Override
protected Set<Application> loadAll() throws ProviderException {
    try {
        List<Application> front50Applications = front50Service.getAllApplications();
        List<Application> clouddriverApplications = clouddriverService.getApplications();
        // Stream front50 first so that if there's a name collision, we'll keep that one instead of
        // the clouddriver application (since front50 might have permissions stored on it, but the
        // clouddriver version definitely won't)
        List<Application> applications = Streams.concat(front50Applications.stream(), clouddriverApplications.stream()).filter(distinctByKey(a -> a.getName().toUpperCase())).collect(toImmutableList());
        applications.forEach(application -> {
            Permissions permissions = permissionProvider.getPermissions(application);
            // Check to see if we need to fallback permissions to the configured fallback
            application.setPermissions(executeFallbackPermissionsResolver.shouldResolve(permissions) ? executeFallbackPermissionsResolver.resolve(permissions) : permissions);
        });
        if (allowAccessToUnknownApplications) {
            // unknown applications by default
            return applications.stream().filter(a -> a.getPermissions().isRestricted()).collect(toImmutableSet());
        } else {
            return ImmutableSet.copyOf(applications);
        }
    } catch (RuntimeException e) {
        throw new ProviderException(this.getClass(), e);
    }
}
Also used : ImmutableSet(com.google.common.collect.ImmutableSet) Predicate(java.util.function.Predicate) ImmutableList.toImmutableList(com.google.common.collect.ImmutableList.toImmutableList) Set(java.util.Set) Streams(com.google.common.collect.Streams) Application(com.netflix.spinnaker.fiat.model.resources.Application) Function(java.util.function.Function) Permissions(com.netflix.spinnaker.fiat.model.resources.Permissions) HashSet(java.util.HashSet) List(java.util.List) ClouddriverService(com.netflix.spinnaker.fiat.providers.internal.ClouddriverService) Role(com.netflix.spinnaker.fiat.model.resources.Role) FallbackPermissionsResolver(com.netflix.spinnaker.fiat.permissions.FallbackPermissionsResolver) ImmutableSet.toImmutableSet(com.google.common.collect.ImmutableSet.toImmutableSet) Front50Service(com.netflix.spinnaker.fiat.providers.internal.Front50Service) Collections(java.util.Collections) Permissions(com.netflix.spinnaker.fiat.model.resources.Permissions) Application(com.netflix.spinnaker.fiat.model.resources.Application)

Example 3 with Permissions

use of com.netflix.spinnaker.fiat.model.resources.Permissions in project fiat by spinnaker.

the class ChaosMonkeyApplicationResourcePermissionSource method getPermissions.

@Nonnull
@Override
public Permissions getPermissions(@Nonnull Application application) {
    Permissions.Builder builder = new Permissions.Builder();
    Permissions permissions = application.getPermissions();
    if (permissions.isRestricted()) {
        if (isChaosMonkeyEnabled(application)) {
            builder.add(Authorization.READ, roles).add(Authorization.WRITE, roles).build();
        }
    }
    return builder.build();
}
Also used : Permissions(com.netflix.spinnaker.fiat.model.resources.Permissions) Nonnull(javax.annotation.Nonnull)

Example 4 with Permissions

use of com.netflix.spinnaker.fiat.model.resources.Permissions in project front50 by spinnaker.

the class ApplicationPermissionsService method syncUsers.

private void syncUsers(Permission newPermission, Permission oldPermission) {
    if (!fiatClientConfigurationProperties.isEnabled() || !fiatService.isPresent()) {
        return;
    }
    // Specifically using an empty list here instead of null, because an empty list will update
    // the anonymous user's app list.
    Set<String> roles = new HashSet<>();
    Optional.ofNullable(newPermission).ifPresent(newPerm -> {
        Permissions permissions = newPerm.getPermissions();
        if (permissions != null && permissions.isRestricted()) {
            roles.addAll(permissions.allGroups());
        }
    });
    Optional.ofNullable(oldPermission).ifPresent(oldPerm -> {
        Permissions permissions = oldPerm.getPermissions();
        if (permissions != null && permissions.isRestricted()) {
            roles.addAll(permissions.allGroups());
        }
    });
    if (fiatConfigurationProperties.getRoleSync().isEnabled()) {
        try {
            fiatService.get().sync(new ArrayList<>(roles));
        } catch (RetrofitError e) {
            log.warn("Error syncing users", e);
        }
    }
}
Also used : Permissions(com.netflix.spinnaker.fiat.model.resources.Permissions) HashSet(java.util.HashSet) RetrofitError(retrofit.RetrofitError)

Aggregations

Permissions (com.netflix.spinnaker.fiat.model.resources.Permissions)4 HashSet (java.util.HashSet)2 Set (java.util.Set)2 Nonnull (javax.annotation.Nonnull)2 ImmutableList.toImmutableList (com.google.common.collect.ImmutableList.toImmutableList)1 ImmutableSet (com.google.common.collect.ImmutableSet)1 ImmutableSet.toImmutableSet (com.google.common.collect.ImmutableSet.toImmutableSet)1 Streams (com.google.common.collect.Streams)1 Authorization (com.netflix.spinnaker.fiat.model.Authorization)1 Application (com.netflix.spinnaker.fiat.model.resources.Application)1 Role (com.netflix.spinnaker.fiat.model.resources.Role)1 FallbackPermissionsResolver (com.netflix.spinnaker.fiat.permissions.FallbackPermissionsResolver)1 ClouddriverService (com.netflix.spinnaker.fiat.providers.internal.ClouddriverService)1 Front50Service (com.netflix.spinnaker.fiat.providers.internal.Front50Service)1 Collections (java.util.Collections)1 List (java.util.List)1 Function (java.util.function.Function)1 Predicate (java.util.function.Predicate)1 RetrofitError (retrofit.RetrofitError)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial