Search in sources :

Example 1 with AllowedActions

use of com.thinkbiganalytics.security.action.AllowedActions in project kylo by Teradata.

the class JcrAllowedActionsTest method testAdminGetAllowed.

@Test(dependsOnMethods = "testAdminGetAvailable")
public void testAdminGetAllowed() throws Exception {
    this.metadata.read(() -> {
        Optional<AllowedActions> option = this.provider.getAllowedActions(AllowedActions.SERVICES);
        assertThat(option.isPresent()).isTrue();
        // Throws exception on failure
        AllowedActions actions = option.get();
        actions.checkPermission(TestSecurityConfig.EXPORT_FEEDS);
    }, TestSecurityConfig.ADMIN);
}
Also used : AllowedActions(com.thinkbiganalytics.security.action.AllowedActions) Test(org.testng.annotations.Test)

Example 2 with AllowedActions

use of com.thinkbiganalytics.security.action.AllowedActions in project kylo by Teradata.

the class JcrAllowedActionsTest method testAdminGetAvailable.

// @BeforeClass
// public void print() {
// this.metadata.read(new AdminCredentials(), () -> {
// StringWriter sw = new StringWriter();
// PrintWriter pw = new PrintWriter(sw);
// 
// JcrTool tool = new JcrTool(true, pw);
// tool.printSubgraph(JcrMetadataAccess.getActiveSession(), "/metadata/security/prototypes");
// pw.flush();
// String result = sw.toString();
// System.out.println(result);
// });
// }
@Test
public void testAdminGetAvailable() throws Exception {
    this.metadata.read(() -> {
        Optional<AllowedActions> option = this.provider.getAvailableActions(AllowedActions.SERVICES);
        assertThat(option.isPresent()).isTrue();
        // Throws exception on failure
        AllowedActions actions = option.get();
        actions.checkPermission(TestSecurityConfig.EXPORT_FEEDS);
    }, TestSecurityConfig.ADMIN);
}
Also used : AllowedActions(com.thinkbiganalytics.security.action.AllowedActions) Test(org.testng.annotations.Test)

Example 3 with AllowedActions

use of com.thinkbiganalytics.security.action.AllowedActions in project kylo by Teradata.

the class CheckEntityAccessControlAction method ensureTemplateAccessControl.

private void ensureTemplateAccessControl() {
    List<FeedManagerTemplate> templates = feedManagerTemplateProvider.findAll();
    if (templates != null) {
        List<SecurityRole> roles = this.roleProvider.getEntityRoles(SecurityRole.TEMPLATE);
        Optional<AllowedActions> allowedActions = this.actionsProvider.getAvailableActions(AllowedActions.TEMPLATE);
        templates.stream().forEach(template -> {
            Principal owner = template.getOwner() != null ? template.getOwner() : JcrMetadataAccess.getActiveUser();
            allowedActions.ifPresent(actions -> ((JcrFeedTemplate) template).enableAccessControl((JcrAllowedActions) actions, owner, roles));
        });
    }
}
Also used : SecurityRole(com.thinkbiganalytics.security.role.SecurityRole) JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) AllowedActions(com.thinkbiganalytics.security.action.AllowedActions) JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) FeedManagerTemplate(com.thinkbiganalytics.metadata.api.template.FeedManagerTemplate) Principal(java.security.Principal)

Example 4 with AllowedActions

use of com.thinkbiganalytics.security.action.AllowedActions in project kylo by Teradata.

the class EnsureServicesAccessControlAction method run.

@Override
public void run() {
    log.info("Ensuring the Services prototype access control permissions are members of the actual Services access control node");
    metadata.commit(() -> {
        // find services entity node
        Optional<AllowedActions> option = this.allowedEntityActionsProvider.getAllowedActions(AllowedActions.SERVICES);
        Node servicesNode = ((JcrAllowedActions) option.get()).getNode();
        JcrAllowedActions allowedAction = ((JcrAllowedActions) allowedEntityActionsProvider.getAvailableActions(AllowedActions.SERVICES).get());
        allowedAction.copy(servicesNode, MetadataAccess.ADMIN, Privilege.JCR_ALL);
    }, MetadataAccess.SERVICE);
}
Also used : JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) AllowedActions(com.thinkbiganalytics.security.action.AllowedActions) Node(javax.jcr.Node)

Example 5 with AllowedActions

use of com.thinkbiganalytics.security.action.AllowedActions in project kylo by Teradata.

the class CheckEntityAccessControlAction method ensureFeedAccessControl.

private void ensureFeedAccessControl() {
    List<Feed> feeds = feedProvider.findAll();
    if (feeds != null) {
        List<SecurityRole> roles = this.roleProvider.getEntityRoles(SecurityRole.FEED);
        Optional<AllowedActions> allowedActions = this.actionsProvider.getAvailableActions(AllowedActions.FEED);
        feeds.stream().forEach(feed -> {
            Principal owner = feed.getOwner() != null ? feed.getOwner() : JcrMetadataAccess.getActiveUser();
            allowedActions.ifPresent(actions -> ((JcrFeed) feed).enableAccessControl((JcrAllowedActions) actions, owner, roles));
        });
    }
}
Also used : SecurityRole(com.thinkbiganalytics.security.role.SecurityRole) JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) AllowedActions(com.thinkbiganalytics.security.action.AllowedActions) JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) Principal(java.security.Principal) Feed(com.thinkbiganalytics.metadata.api.feed.Feed) JcrFeed(com.thinkbiganalytics.metadata.modeshape.feed.JcrFeed)

Aggregations

AllowedActions (com.thinkbiganalytics.security.action.AllowedActions)7 JcrAllowedActions (com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)5 SecurityRole (com.thinkbiganalytics.security.role.SecurityRole)4 Principal (java.security.Principal)4 Test (org.testng.annotations.Test)2 Category (com.thinkbiganalytics.metadata.api.category.Category)1 Feed (com.thinkbiganalytics.metadata.api.feed.Feed)1 FeedManagerTemplate (com.thinkbiganalytics.metadata.api.template.FeedManagerTemplate)1 JcrCategory (com.thinkbiganalytics.metadata.modeshape.category.JcrCategory)1 JcrFeed (com.thinkbiganalytics.metadata.modeshape.feed.JcrFeed)1 Node (javax.jcr.Node)1