Examples with ExternalUser com.netflix.spinnaker.fiat.permissions.ExternalUser used on opensource projects

Search in sources :

Example 1 with ExternalUser

use of com.netflix.spinnaker.fiat.permissions.ExternalUser in project fiat by spinnaker.

the class RolesController method putUserPermission.

@RequestMapping(value = "/{userId:.+}", method = RequestMethod.PUT)
public void putUserPermission(@PathVariable String userId, @RequestBody @NonNull List<String> externalRoles) {
    List<Role> convertedRoles = externalRoles.stream().map(extRole -> new Role().setSource(Role.Source.EXTERNAL).setName(extRole)).collect(Collectors.toList());
    ExternalUser extUser = new ExternalUser().setId(ControllerSupport.convert(userId)).setExternalRoles(convertedRoles);
    try {
        UserPermission userPermission = permissionsResolver.resolveAndMerge(extUser);
        log.debug("Updated user permissions (userId: {}, roles: {}, suppliedExternalRoles: {})", userId, userPermission.getRoles().stream().map(Role::getName).collect(Collectors.toList()), externalRoles);
        permissionsRepository.put(userPermission);
    } catch (PermissionResolutionException pre) {
        throw new UserPermissionModificationException(pre);
    }
}
Also used : Role(com.netflix.spinnaker.fiat.model.resources.Role) ExternalUser(com.netflix.spinnaker.fiat.permissions.ExternalUser) PathVariable(org.springframework.web.bind.annotation.PathVariable) PermissionResolutionException(com.netflix.spinnaker.fiat.permissions.PermissionResolutionException) Setter(lombok.Setter) NonNull(lombok.NonNull) PermissionsRepository(com.netflix.spinnaker.fiat.permissions.PermissionsRepository) HttpServletResponse(javax.servlet.http.HttpServletResponse) Autowired(org.springframework.beans.factory.annotation.Autowired) RequestMapping(org.springframework.web.bind.annotation.RequestMapping) RequestMethod(org.springframework.web.bind.annotation.RequestMethod) IOException(java.io.IOException) PermissionsResolver(com.netflix.spinnaker.fiat.permissions.PermissionsResolver) Collectors(java.util.stream.Collectors) RestController(org.springframework.web.bind.annotation.RestController) RequestBody(org.springframework.web.bind.annotation.RequestBody) List(java.util.List) Slf4j(lombok.extern.slf4j.Slf4j) ConditionalOnExpression(org.springframework.boot.autoconfigure.condition.ConditionalOnExpression) UserRolesSyncer(com.netflix.spinnaker.fiat.roles.UserRolesSyncer) Role(com.netflix.spinnaker.fiat.model.resources.Role) UserPermission(com.netflix.spinnaker.fiat.model.UserPermission) PermissionResolutionException(com.netflix.spinnaker.fiat.permissions.PermissionResolutionException) ExternalUser(com.netflix.spinnaker.fiat.permissions.ExternalUser) UserPermission(com.netflix.spinnaker.fiat.model.UserPermission) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 2 with ExternalUser

use of com.netflix.spinnaker.fiat.permissions.ExternalUser in project fiat by spinnaker.

the class LdapUserRolesProvider method loadRoles.

@Override
public List<Role> loadRoles(ExternalUser user) {
    String userId = user.getId();
    log.debug("loadRoles for user " + userId);
    if (StringUtils.isEmpty(configProps.getGroupSearchBase())) {
        return new ArrayList<>();
    }
    String fullUserDn = getUserFullDn(userId);
    if (fullUserDn == null) {
        // Likely a service account
        log.debug("fullUserDn is null for {}", userId);
        return new ArrayList<>();
    }
    String[] params = new String[] { fullUserDn, userId };
    if (log.isDebugEnabled()) {
        log.debug(new StringBuilder("Searching for groups using ").append("\ngroupSearchBase: ").append(configProps.getGroupSearchBase()).append("\ngroupSearchFilter: ").append(configProps.getGroupSearchFilter()).append("\nparams: ").append(StringUtils.join(params, " :: ")).append("\ngroupRoleAttributes: ").append(configProps.getGroupRoleAttributes()).toString());
    }
    // Copied from org.springframework.security.ldap.userdetails.DefaultLdapAuthoritiesPopulator.
    Set<String> userRoles = ldapTemplate.searchForSingleAttributeValues(configProps.getGroupSearchBase(), configProps.getGroupSearchFilter(), params, configProps.getGroupRoleAttributes());
    log.debug("Got roles for user " + userId + ": " + userRoles);
    return userRoles.stream().map(role -> new Role(role).setSource(Role.Source.LDAP)).collect(Collectors.toList());
}
Also used : DirContextOperations(org.springframework.ldap.core.DirContextOperations) java.util(java.util) Setter(lombok.Setter) IncorrectResultSizeDataAccessException(org.springframework.dao.IncorrectResultSizeDataAccessException) Autowired(org.springframework.beans.factory.annotation.Autowired) NamingException(javax.naming.NamingException) StringUtils(org.apache.commons.lang3.StringUtils) MessageFormat(java.text.MessageFormat) LdapConfig(com.netflix.spinnaker.fiat.config.LdapConfig) Pair(org.apache.commons.lang3.tuple.Pair) SpringSecurityLdapTemplate(org.springframework.security.ldap.SpringSecurityLdapTemplate) ParseException(java.text.ParseException) ConditionalOnProperty(org.springframework.boot.autoconfigure.condition.ConditionalOnProperty) LdapUtils(org.springframework.security.ldap.LdapUtils) ExternalUser(com.netflix.spinnaker.fiat.permissions.ExternalUser) LdapEncoder(org.springframework.ldap.support.LdapEncoder) UserRolesProvider(com.netflix.spinnaker.fiat.roles.UserRolesProvider) Name(javax.naming.Name) Collectors(java.util.stream.Collectors) Slf4j(lombok.extern.slf4j.Slf4j) Component(org.springframework.stereotype.Component) AttributesMapper(org.springframework.ldap.core.AttributesMapper) InvalidNameException(javax.naming.InvalidNameException) Attributes(javax.naming.directory.Attributes) Role(com.netflix.spinnaker.fiat.model.resources.Role) NamingEnumeration(javax.naming.NamingEnumeration) DistinguishedName(org.springframework.ldap.core.DistinguishedName) Role(com.netflix.spinnaker.fiat.model.resources.Role)

Aggregations

Role (com.netflix.spinnaker.fiat.model.resources.Role)2 ExternalUser (com.netflix.spinnaker.fiat.permissions.ExternalUser)2 Collectors (java.util.stream.Collectors)2 Setter (lombok.Setter)2 Slf4j (lombok.extern.slf4j.Slf4j)2 Autowired (org.springframework.beans.factory.annotation.Autowired)2 LdapConfig (com.netflix.spinnaker.fiat.config.LdapConfig)1 UserPermission (com.netflix.spinnaker.fiat.model.UserPermission)1 PermissionResolutionException (com.netflix.spinnaker.fiat.permissions.PermissionResolutionException)1 PermissionsRepository (com.netflix.spinnaker.fiat.permissions.PermissionsRepository)1 PermissionsResolver (com.netflix.spinnaker.fiat.permissions.PermissionsResolver)1 UserRolesProvider (com.netflix.spinnaker.fiat.roles.UserRolesProvider)1 UserRolesSyncer (com.netflix.spinnaker.fiat.roles.UserRolesSyncer)1 IOException (java.io.IOException)1 MessageFormat (java.text.MessageFormat)1 ParseException (java.text.ParseException)1 java.util (java.util)1 List (java.util.List)1 InvalidNameException (javax.naming.InvalidNameException)1 Name (javax.naming.Name)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial