use of com.thinkbiganalytics.security.action.AllowedActions in project kylo by Teradata.
the class JcrAllowedActionsTest method testAdminGetAllowed.
@Test(dependsOnMethods = "testAdminGetAvailable")
public void testAdminGetAllowed() throws Exception {
this.metadata.read(() -> {
Optional<AllowedActions> option = this.provider.getAllowedActions(AllowedActions.SERVICES);
assertThat(option.isPresent()).isTrue();
// Throws exception on failure
AllowedActions actions = option.get();
actions.checkPermission(TestSecurityConfig.EXPORT_FEEDS);
}, TestSecurityConfig.ADMIN);
}
use of com.thinkbiganalytics.security.action.AllowedActions in project kylo by Teradata.
the class JcrAllowedActionsTest method testAdminGetAvailable.
// @BeforeClass
// public void print() {
// this.metadata.read(new AdminCredentials(), () -> {
// StringWriter sw = new StringWriter();
// PrintWriter pw = new PrintWriter(sw);
//
// JcrTool tool = new JcrTool(true, pw);
// tool.printSubgraph(JcrMetadataAccess.getActiveSession(), "/metadata/security/prototypes");
// pw.flush();
// String result = sw.toString();
// System.out.println(result);
// });
// }
@Test
public void testAdminGetAvailable() throws Exception {
this.metadata.read(() -> {
Optional<AllowedActions> option = this.provider.getAvailableActions(AllowedActions.SERVICES);
assertThat(option.isPresent()).isTrue();
// Throws exception on failure
AllowedActions actions = option.get();
actions.checkPermission(TestSecurityConfig.EXPORT_FEEDS);
}, TestSecurityConfig.ADMIN);
}
use of com.thinkbiganalytics.security.action.AllowedActions in project kylo by Teradata.
the class CheckEntityAccessControlAction method ensureTemplateAccessControl.
private void ensureTemplateAccessControl() {
List<FeedManagerTemplate> templates = feedManagerTemplateProvider.findAll();
if (templates != null) {
List<SecurityRole> roles = this.roleProvider.getEntityRoles(SecurityRole.TEMPLATE);
Optional<AllowedActions> allowedActions = this.actionsProvider.getAvailableActions(AllowedActions.TEMPLATE);
templates.stream().forEach(template -> {
Principal owner = template.getOwner() != null ? template.getOwner() : JcrMetadataAccess.getActiveUser();
allowedActions.ifPresent(actions -> ((JcrFeedTemplate) template).enableAccessControl((JcrAllowedActions) actions, owner, roles));
});
}
}
use of com.thinkbiganalytics.security.action.AllowedActions in project kylo by Teradata.
the class EnsureServicesAccessControlAction method run.
@Override
public void run() {
log.info("Ensuring the Services prototype access control permissions are members of the actual Services access control node");
metadata.commit(() -> {
// find services entity node
Optional<AllowedActions> option = this.allowedEntityActionsProvider.getAllowedActions(AllowedActions.SERVICES);
Node servicesNode = ((JcrAllowedActions) option.get()).getNode();
JcrAllowedActions allowedAction = ((JcrAllowedActions) allowedEntityActionsProvider.getAvailableActions(AllowedActions.SERVICES).get());
allowedAction.copy(servicesNode, MetadataAccess.ADMIN, Privilege.JCR_ALL);
}, MetadataAccess.SERVICE);
}
use of com.thinkbiganalytics.security.action.AllowedActions in project kylo by Teradata.
the class CheckEntityAccessControlAction method ensureFeedAccessControl.
private void ensureFeedAccessControl() {
List<Feed> feeds = feedProvider.findAll();
if (feeds != null) {
List<SecurityRole> roles = this.roleProvider.getEntityRoles(SecurityRole.FEED);
Optional<AllowedActions> allowedActions = this.actionsProvider.getAvailableActions(AllowedActions.FEED);
feeds.stream().forEach(feed -> {
Principal owner = feed.getOwner() != null ? feed.getOwner() : JcrMetadataAccess.getActiveUser();
allowedActions.ifPresent(actions -> ((JcrFeed) feed).enableAccessControl((JcrAllowedActions) actions, owner, roles));
});
}
}
Aggregations