Example 6 with AllowedActions
use of com.thinkbiganalytics.security.action.AllowedActions in project kylo by Teradata.
the class CheckEntityAccessControlAction method ensureCategoryAccessControl.
private void ensureCategoryAccessControl() {
List<Category> categories = categoryProvider.findAll();
if (categories != null) {
List<SecurityRole> catRoles = this.roleProvider.getEntityRoles(SecurityRole.CATEGORY);
List<SecurityRole> feedRoles = this.roleProvider.getEntityRoles(SecurityRole.FEED);
Optional<AllowedActions> allowedActions = this.actionsProvider.getAvailableActions(AllowedActions.CATEGORY);
categories.stream().forEach(category -> {
Principal owner = category.getOwner() != null ? category.getOwner() : JcrMetadataAccess.getActiveUser();
allowedActions.ifPresent(actions -> ((JcrCategory) category).enableAccessControl((JcrAllowedActions) actions, owner, catRoles, feedRoles));
});
}
}
Also used :
SecurityRole(com.thinkbiganalytics.security.role.SecurityRole)
JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)
Category(com.thinkbiganalytics.metadata.api.category.Category)
JcrCategory(com.thinkbiganalytics.metadata.modeshape.category.JcrCategory)
AllowedActions(com.thinkbiganalytics.security.action.AllowedActions)
JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)
Principal(java.security.Principal)
Example 7 with AllowedActions
use of com.thinkbiganalytics.security.action.AllowedActions in project kylo by Teradata.
the class StartFeedPermUpgradeAction method upgradeTo.
@Override
public void upgradeTo(final KyloVersion targetVersion) {
log.info("Add start feed permission to roles: {}", targetVersion);
if (this.accessController.isEntityAccessControlled()) {
// Define the new "start" action for feeds.
actionsBuilder.module(AllowedActions.FEED).action(FeedAccessControl.START).add();
// Grant the start action permission to the editor and admin roles
this.roleProvider.getRole(SecurityRole.FEED, "editor").ifPresent(role -> role.setPermissions(FeedAccessControl.START));
this.roleProvider.getRole(SecurityRole.FEED, "admin").ifPresent(role -> role.setPermissions(FeedAccessControl.START));
// Re-apply entity access to all existing feeds to permit the start action to users/groups in the editor and admin roles.
List<SecurityRole> roles = this.roleProvider.getEntityRoles(SecurityRole.FEED);
Optional<AllowedActions> allowedActions = this.actionsProvider.getAvailableActions(AllowedActions.FEED);
this.feedProvider.getFeeds().forEach(feed -> {
Principal owner = feed.getOwner();
allowedActions.ifPresent(actions -> ((JcrFeed) feed).enableAccessControl((JcrAllowedActions) actions, owner, roles));
});
}
}
Also used :
SecurityRole(com.thinkbiganalytics.security.role.SecurityRole)
JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)
AllowedActions(com.thinkbiganalytics.security.action.AllowedActions)
JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)
Principal(java.security.Principal)
Aggregations
AllowedActions (com.thinkbiganalytics.security.action.AllowedActions)7
JcrAllowedActions (com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)5
SecurityRole (com.thinkbiganalytics.security.role.SecurityRole)4
Principal (java.security.Principal)4
Test (org.testng.annotations.Test)2
Category (com.thinkbiganalytics.metadata.api.category.Category)1
Feed (com.thinkbiganalytics.metadata.api.feed.Feed)1
FeedManagerTemplate (com.thinkbiganalytics.metadata.api.template.FeedManagerTemplate)1
JcrCategory (com.thinkbiganalytics.metadata.modeshape.category.JcrCategory)1
JcrFeed (com.thinkbiganalytics.metadata.modeshape.feed.JcrFeed)1
Node (javax.jcr.Node)1
