Examples with JcrAllowedActions com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions used on opensource projects

Search in sources :

Example 6 with JcrAllowedActions

use of com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions in project kylo by Teradata.

the class AccessControlledMixin method disableAccessControl.

default void disableAccessControl(JcrAllowedActions prototype, Principal owner, List<SecurityRole> roles) {
    JcrAllowedActions allowed = getJcrAllowedActions();
    prototype.copy(allowed.getNode(), owner);
    allowed.removeAccessControl(owner);
    if (roles.isEmpty()) {
        JcrEntityRoleMembership.removeAll(getNode());
    } else {
        roles.forEach(role -> JcrEntityRoleMembership.remove(getNode(), ((JcrSecurityRole) role).getNode(), JcrEntityRoleMembership.class));
    }
}
Also used : JcrEntityRoleMembership(com.thinkbiganalytics.metadata.modeshape.security.role.JcrEntityRoleMembership) JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) JcrSecurityRole(com.thinkbiganalytics.metadata.modeshape.security.role.JcrSecurityRole)

Example 7 with JcrAllowedActions

use of com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions in project kylo by Teradata.

the class JcrDatasourceProvider method ensureDatasourceDetails.

@Override
public <D extends DatasourceDetails> Optional<D> ensureDatasourceDetails(@Nonnull final Datasource.ID id, @Nonnull final Class<D> type) {
    try {
        // Ensure the data source exists
        final Optional<JcrUserDatasource> parent = Optional.ofNullable(getDatasource(id)).filter(JcrUserDatasource.class::isInstance).map(JcrUserDatasource.class::cast);
        if (!parent.isPresent()) {
            return Optional.empty();
        }
        // Create the details
        final Class<? extends JcrDatasourceDetails> implType = JcrUserDatasource.resolveDetailsClass(type);
        final boolean isNew = !hasEntityNode(parent.get().getPath(), JcrUserDatasource.DETAILS);
        final Node node = findOrCreateEntityNode(parent.get().getPath(), JcrUserDatasource.DETAILS, implType);
        @SuppressWarnings("unchecked") final D details = (D) JcrUtil.createJcrObject(node, implType);
        // Re-assign permissions to data source
        if (isNew) {
            final UsernamePrincipal owner = parent.map(JcrUserDatasource::getOwner).map(Principal::getName).map(UsernamePrincipal::new).orElse(JcrMetadataAccess.getActiveUser());
            if (accessController.isEntityAccessControlled()) {
                final List<SecurityRole> roles = roleProvider.getEntityRoles(SecurityRole.DATASOURCE);
                actionsProvider.getAvailableActions(AllowedActions.DATASOURCE).ifPresent(actions -> parent.get().enableAccessControl((JcrAllowedActions) actions, owner, roles));
            } else {
                actionsProvider.getAvailableActions(AllowedActions.DATASOURCE).ifPresent(actions -> parent.get().disableAccessControl((JcrAllowedActions) actions, owner));
            }
        }
        return Optional.of(details);
    } catch (final IllegalArgumentException e) {
        throw new MetadataException("Unable to create datasource details: " + type, e);
    }
}
Also used : SecurityRole(com.thinkbiganalytics.security.role.SecurityRole) Node(javax.jcr.Node) MetadataException(com.thinkbiganalytics.metadata.api.MetadataException) UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) Principal(java.security.Principal)

Example 8 with JcrAllowedActions

use of com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions in project kylo by Teradata.

the class JcrDatasourceProvider method createImpl.

private <J extends JcrDatasource> J createImpl(String name, String descr, Class<? extends Datasource> type) {
    try {
        JcrTool tool = new JcrTool();
        Class<J> implType = deriveImplType(type);
        Field folderField = FieldUtils.getField(implType, "PATH_NAME", true);
        String subfolderName = (String) folderField.get(null);
        String dsPath = EntityUtil.pathForDataSource();
        Node dsNode = getSession().getNode(dsPath);
        Node subfolderNode = tool.findOrCreateChild(dsNode, subfolderName, "nt:folder");
        Map<String, Object> props = new HashMap<>();
        props.put(JcrDatasource.SYSTEM_NAME, name);
        String encodedName = org.modeshape.jcr.value.Path.DEFAULT_ENCODER.encode(name);
        final boolean isNew = !hasEntityNode(subfolderNode.getPath(), encodedName);
        @SuppressWarnings("unchecked") J datasource = (J) findOrCreateEntity(subfolderNode.getPath(), encodedName, implType, props);
        if (isNew && JcrUserDatasource.class.isAssignableFrom(type)) {
            if (this.accessController.isEntityAccessControlled()) {
                final List<SecurityRole> roles = roleProvider.getEntityRoles(SecurityRole.DATASOURCE);
                actionsProvider.getAvailableActions(AllowedActions.DATASOURCE).ifPresent(actions -> ((JcrUserDatasource) datasource).enableAccessControl((JcrAllowedActions) actions, JcrMetadataAccess.getActiveUser(), roles));
            } else {
                actionsProvider.getAvailableActions(AllowedActions.DATASOURCE).ifPresent(actions -> ((JcrUserDatasource) datasource).disableAccessControl((JcrAllowedActions) actions, JcrMetadataAccess.getActiveUser()));
            }
        }
        datasource.setTitle(name);
        datasource.setDescription(descr);
        return datasource;
    } catch (IllegalArgumentException | IllegalAccessException | RepositoryException e) {
        throw new MetadataException("Unable to create datasource: " + type, e);
    }
}
Also used : SecurityRole(com.thinkbiganalytics.security.role.SecurityRole) HashMap(java.util.HashMap) Node(javax.jcr.Node) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) RepositoryException(javax.jcr.RepositoryException) MetadataException(com.thinkbiganalytics.metadata.api.MetadataException) Field(java.lang.reflect.Field) JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) JcrTool(com.thinkbiganalytics.metadata.modeshape.support.JcrTool)

Example 9 with JcrAllowedActions

use of com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions in project kylo by Teradata.

the class JcrFeedProvider method ensureFeed.

/**
 * Ensure the Feed, but the Category must exist!
 */
@Override
public Feed ensureFeed(String categorySystemName, String feedSystemName) {
    JcrCategory category = null;
    try {
        String categoryPath = EntityUtil.pathForCategory(categorySystemName);
        Node categoryNode = getSession().getNode(categoryPath);
        if (categoryNode != null) {
            category = JcrUtil.createJcrObject(categoryNode, JcrCategory.class);
        } else {
            category = (JcrCategory) categoryProvider.findBySystemName(categorySystemName);
        }
    } catch (RepositoryException e) {
        throw new CategoryNotFoundException("Unable to find Category for " + categorySystemName, null);
    }
    String feedParentPath = category.getFeedParentPath();
    boolean newFeed = !hasEntityNode(feedParentPath, feedSystemName);
    Node feedNode = findOrCreateEntityNode(feedParentPath, feedSystemName, getJcrEntityClass());
    JcrFeed feed = new JcrFeed(feedNode, category, this.opsAccessProvider);
    feed.setSystemName(feedSystemName);
    if (newFeed) {
        if (this.accessController.isEntityAccessControlled()) {
            List<SecurityRole> roles = this.roleProvider.getEntityRoles(SecurityRole.FEED);
            this.actionsProvider.getAvailableActions(AllowedActions.FEED).ifPresent(actions -> feed.enableAccessControl((JcrAllowedActions) actions, JcrMetadataAccess.getActiveUser(), roles));
        } else {
            this.actionsProvider.getAvailableActions(AllowedActions.FEED).ifPresent(actions -> feed.disableAccessControl((JcrAllowedActions) actions, JcrMetadataAccess.getActiveUser()));
        }
        addPostFeedChangeAction(feed, ChangeType.CREATE);
    }
    return feed;
}
Also used : SecurityRole(com.thinkbiganalytics.security.role.SecurityRole) JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) Node(javax.jcr.Node) CategoryNotFoundException(com.thinkbiganalytics.metadata.api.category.CategoryNotFoundException) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) RepositoryException(javax.jcr.RepositoryException) JcrCategory(com.thinkbiganalytics.metadata.modeshape.category.JcrCategory)

Example 10 with JcrAllowedActions

use of com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions in project kylo by Teradata.

the class CheckEntityAccessControlAction method ensureFeedAccessControl.

private void ensureFeedAccessControl() {
    List<Feed> feeds = feedProvider.findAll();
    if (feeds != null) {
        List<SecurityRole> roles = this.roleProvider.getEntityRoles(SecurityRole.FEED);
        Optional<AllowedActions> allowedActions = this.actionsProvider.getAvailableActions(AllowedActions.FEED);
        feeds.stream().forEach(feed -> {
            Principal owner = feed.getOwner() != null ? feed.getOwner() : JcrMetadataAccess.getActiveUser();
            allowedActions.ifPresent(actions -> ((JcrFeed) feed).enableAccessControl((JcrAllowedActions) actions, owner, roles));
        });
    }
}
Also used : SecurityRole(com.thinkbiganalytics.security.role.SecurityRole) JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) AllowedActions(com.thinkbiganalytics.security.action.AllowedActions) JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) Principal(java.security.Principal) Feed(com.thinkbiganalytics.metadata.api.feed.Feed) JcrFeed(com.thinkbiganalytics.metadata.modeshape.feed.JcrFeed)

Aggregations

JcrAllowedActions (com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)13 SecurityRole (com.thinkbiganalytics.security.role.SecurityRole)8 AllowedActions (com.thinkbiganalytics.security.action.AllowedActions)5 Principal (java.security.Principal)5 Node (javax.jcr.Node)5 MetadataRepositoryException (com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException)3 JcrFeed (com.thinkbiganalytics.metadata.modeshape.feed.JcrFeed)3 RepositoryException (javax.jcr.RepositoryException)3 MetadataException (com.thinkbiganalytics.metadata.api.MetadataException)2 JcrCategory (com.thinkbiganalytics.metadata.modeshape.category.JcrCategory)2 JcrEntityRoleMembership (com.thinkbiganalytics.metadata.modeshape.security.role.JcrEntityRoleMembership)2 JcrSecurityRole (com.thinkbiganalytics.metadata.modeshape.security.role.JcrSecurityRole)2 Test (org.junit.Test)2 Category (com.thinkbiganalytics.metadata.api.category.Category)1 CategoryNotFoundException (com.thinkbiganalytics.metadata.api.category.CategoryNotFoundException)1 Feed (com.thinkbiganalytics.metadata.api.feed.Feed)1 FeedManagerTemplate (com.thinkbiganalytics.metadata.api.template.FeedManagerTemplate)1 JcrProject (com.thinkbiganalytics.metadata.modeshape.project.JcrProject)1 JcrTool (com.thinkbiganalytics.metadata.modeshape.support.JcrTool)1 UsernamePrincipal (com.thinkbiganalytics.security.UsernamePrincipal)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial