Search in sources :

Example 1 with JcrDataSetSparkParameters

use of com.thinkbiganalytics.metadata.modeshape.catalog.JcrDataSetSparkParameters in project kylo by Teradata.

the class JcrDataSourceAllowedActions method updateEntityAccess.

/**
 * Enables the specified actions for the specified principal.
 *
 * @param principal the subject
 * @param actions   the allowed actions
 */
protected void updateEntityAccess(@Nonnull final Principal principal, @Nonnull final Collection<? extends Action> actions) {
    Set<String> detailPrivs = new HashSet<>();
    Set<String> summaryPrivs = new HashSet<>();
    actions.forEach(action -> {
        if (action.implies(DatasourceAccessControl.CHANGE_PERMS)) {
            Collections.addAll(detailPrivs, Privilege.JCR_READ_ACCESS_CONTROL, Privilege.JCR_MODIFY_ACCESS_CONTROL);
            Collections.addAll(summaryPrivs, Privilege.JCR_READ_ACCESS_CONTROL, Privilege.JCR_MODIFY_ACCESS_CONTROL);
        } else if (action.implies(DatasourceAccessControl.EDIT_DETAILS) || action.implies(DatasourceAccessControl.EDIT_SUMMARY)) {
            detailPrivs.add(Privilege.JCR_ALL);
            summaryPrivs.add(Privilege.JCR_ALL);
        } else if (action.implies(DatasourceAccessControl.ACCESS_DETAILS) || action.implies(DatasourceAccessControl.ACCESS_DATASOURCE)) {
            detailPrivs.add(Privilege.JCR_READ);
            summaryPrivs.add(Privilege.JCR_READ);
        }
    // TODO: Re-enable equivalent below after proper, catalog data source-specific roles and permissions are created.
    // } else if (action.implies(DatasourceAccessControl.EDIT_DETAILS)) {
    // detailPrivs.add(Privilege.JCR_ALL);
    // } else if (action.implies(DatasourceAccessControl.EDIT_SUMMARY)) {
    // summaryPrivs.add(Privilege.JCR_ALL);
    // } else if (action.implies(DatasourceAccessControl.ACCESS_DETAILS)) {
    // detailPrivs.add(Privilege.JCR_READ);
    // } else if (action.implies(DatasourceAccessControl.ACCESS_DATASOURCE)) {
    // summaryPrivs.add(Privilege.JCR_READ);
    // }
    });
    JcrAccessControlUtil.setPermissions(this.dataSource.getNode(), principal, summaryPrivs);
    JcrDataSetSparkParameters params = (JcrDataSetSparkParameters) this.dataSource.getSparkParameters();
    JcrAccessControlUtil.setPermissions(params.getNode(), principal, detailPrivs);
    // allow user to create datasource nodes under this connector
    if (summaryPrivs.contains(Privilege.JCR_READ) || summaryPrivs.contains(Privilege.JCR_ALL)) {
        JcrAccessControlUtil.setPermissions(this.dataSource.getDataSetsNode(), principal, Privilege.JCR_ALL);
    } else {
        JcrAccessControlUtil.removePermissions(this.dataSource.getDataSetsNode(), principal, Privilege.JCR_ALL);
    }
    // grant read to the datasource connector if the user has access to the datasource
    if (summaryPrivs.contains(Privilege.JCR_READ)) {
        dataSource.getConnector().getAllowedActions().enable(principal, ConnectorAccessControl.ACCESS_CONNECTOR);
    }
}
Also used : JcrDataSetSparkParameters(com.thinkbiganalytics.metadata.modeshape.catalog.JcrDataSetSparkParameters) HashSet(java.util.HashSet)

Aggregations

JcrDataSetSparkParameters (com.thinkbiganalytics.metadata.modeshape.catalog.JcrDataSetSparkParameters)1 HashSet (java.util.HashSet)1