Search in sources :

Example 1 with Authz

use of com.netflix.spinnaker.halyard.config.model.v1.security.Authz in project halyard by spinnaker.

the class SecurityController method setRoleProvider.

@RequestMapping(value = "/authz/groupMembership/{roleProviderName:.+}", method = RequestMethod.PUT)
DaemonTask<Halconfig, Void> setRoleProvider(@PathVariable String deploymentName, @PathVariable String roleProviderName, @RequestParam(required = false, defaultValue = DefaultControllerValues.validate) boolean validate, @RequestParam(required = false, defaultValue = DefaultControllerValues.severity) Severity severity, @RequestBody Object rawProvider) {
    RoleProvider roleProvider = objectMapper.convertValue(rawProvider, GroupMembership.translateRoleProviderType(roleProviderName));
    UpdateRequestBuilder builder = new UpdateRequestBuilder();
    Path configPath = halconfigDirectoryStructure.getConfigPath(deploymentName);
    builder.setStage(() -> roleProvider.stageLocalFiles(configPath));
    builder.setSeverity(severity);
    builder.setUpdate(() -> securityService.setRoleProvider(deploymentName, roleProvider));
    builder.setValidate(ProblemSet::new);
    if (validate) {
        builder.setValidate(() -> securityService.validateRoleProvider(deploymentName, roleProviderName));
    }
    builder.setRevert(() -> halconfigParser.undoChanges());
    builder.setSave(() -> halconfigParser.saveConfig());
    builder.setClean(() -> halconfigParser.cleanLocalFiles(configPath));
    return DaemonTaskHandler.submitTask(builder::build, "Edit " + roleProviderName + " group membership settings");
}
Also used : Path(java.nio.file.Path) UpdateRequestBuilder(com.netflix.spinnaker.halyard.core.DaemonResponse.UpdateRequestBuilder) ProblemSet(com.netflix.spinnaker.halyard.core.problem.v1.ProblemSet) RoleProvider(com.netflix.spinnaker.halyard.config.model.v1.security.RoleProvider) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 2 with Authz

use of com.netflix.spinnaker.halyard.config.model.v1.security.Authz in project halyard by spinnaker.

the class SecurityController method setGroupMembership.

@RequestMapping(value = "/authz/groupMembership", method = RequestMethod.PUT)
DaemonTask<Halconfig, Void> setGroupMembership(@PathVariable String deploymentName, @RequestParam(required = false, defaultValue = DefaultControllerValues.validate) boolean validate, @RequestParam(required = false, defaultValue = DefaultControllerValues.severity) Severity severity, @RequestBody Object rawMembership) {
    GroupMembership membership = objectMapper.convertValue(rawMembership, GroupMembership.class);
    UpdateRequestBuilder builder = new UpdateRequestBuilder();
    Path configPath = halconfigDirectoryStructure.getConfigPath(deploymentName);
    builder.setStage(() -> membership.stageLocalFiles(configPath));
    builder.setSeverity(severity);
    builder.setUpdate(() -> securityService.setGroupMembership(deploymentName, membership));
    builder.setValidate(ProblemSet::new);
    if (validate) {
        builder.setValidate(() -> securityService.validateAuthz(deploymentName));
    }
    builder.setRevert(() -> halconfigParser.undoChanges());
    builder.setSave(() -> halconfigParser.saveConfig());
    builder.setClean(() -> halconfigParser.cleanLocalFiles(configPath));
    return DaemonTaskHandler.submitTask(builder::build, "Edit group membership settings");
}
Also used : Path(java.nio.file.Path) UpdateRequestBuilder(com.netflix.spinnaker.halyard.core.DaemonResponse.UpdateRequestBuilder) GroupMembership(com.netflix.spinnaker.halyard.config.model.v1.security.GroupMembership) ProblemSet(com.netflix.spinnaker.halyard.core.problem.v1.ProblemSet) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 3 with Authz

use of com.netflix.spinnaker.halyard.config.model.v1.security.Authz in project halyard by spinnaker.

the class FiatProfileFactory method setProfile.

@Override
protected void setProfile(Profile profile, DeploymentConfiguration deploymentConfiguration, SpinnakerRuntimeSettings endpoints) {
    super.setProfile(profile, deploymentConfiguration, endpoints);
    Authz authz = deploymentConfiguration.getSecurity().getAuthz();
    List<String> files = backupRequiredFiles(authz, deploymentConfiguration.getName());
    AuthConfig authConfig = new AuthConfig().setAuth(authz);
    profile.appendContents(yamlToString(authConfig)).appendContents(profile.getBaseContents()).setRequiredFiles(files);
}
Also used : Authz(com.netflix.spinnaker.halyard.config.model.v1.security.Authz)

Aggregations

UpdateRequestBuilder (com.netflix.spinnaker.halyard.core.DaemonResponse.UpdateRequestBuilder)2 ProblemSet (com.netflix.spinnaker.halyard.core.problem.v1.ProblemSet)2 Path (java.nio.file.Path)2 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)2 Authz (com.netflix.spinnaker.halyard.config.model.v1.security.Authz)1 GroupMembership (com.netflix.spinnaker.halyard.config.model.v1.security.GroupMembership)1 RoleProvider (com.netflix.spinnaker.halyard.config.model.v1.security.RoleProvider)1