use of com.thinkbiganalytics.security.rest.model.RoleMembership in project kylo by Teradata.
the class SecurityModelTransform method applyAccessControl.
public void applyAccessControl(AccessControlled domain, EntityAccessControl restModel) {
if (domain.getAllowedActions() != null && domain.getAllowedActions().getAvailableActions() != null) {
ActionGroup allowed = toActionGroup(null).apply(domain.getAllowedActions());
restModel.setAllowedActions(allowed);
}
if (domain.getRoleMemberships() != null) {
Map<String, RoleMembership> roleAssignmentMap = new HashMap<>();
domain.getRoleMemberships().stream().forEach(membership -> {
String systemRoleName = membership.getRole().getSystemName();
String name = membership.getRole().getTitle();
String desc = membership.getRole().getDescription();
membership.getMembers().stream().forEach(member -> {
roleAssignmentMap.putIfAbsent(systemRoleName, new RoleMembership(systemRoleName, name, desc));
RoleMembership accessRoleAssignment = roleAssignmentMap.get(systemRoleName);
if (member instanceof UsernamePrincipal) {
accessRoleAssignment.addUser(member.getName());
} else {
accessRoleAssignment.addGroup(member.getName());
}
});
});
restModel.setRoleMemberships(Lists.newArrayList(roleAssignmentMap.values()));
}
Principal owner = domain.getOwner();
Optional<User> userPrincipal = userService.getUser(owner.getName());
if (userPrincipal.isPresent()) {
restModel.setOwner(userPrincipal.get());
}
}
use of com.thinkbiganalytics.security.rest.model.RoleMembership in project kylo by Teradata.
the class EntityLevelAccessIT method grantCategoryEntityPermissionToAnalysts.
private void grantCategoryEntityPermissionToAnalysts(String roleName) {
LOG.debug("EntityLevelAccessIT.grantCategoryEntityPermissionToAnalysts " + roleName);
runAs(ADMIN);
RoleMembership roleMembership = category.getRoleMemberships().stream().filter(r -> r.getRole().getSystemName().equalsIgnoreCase(roleName)).findFirst().orElse(null);
if (roleMembership == null) {
roleMembership = new RoleMembership(roleName, roleName, roleName);
category.getRoleMemberships().add(roleMembership);
}
roleMembership.addGroup(new UserGroup(GROUP_ANALYSTS));
Response response = given(FeedCategoryRestController.BASE).body(category).when().post();
response.then().statusCode(HTTP_OK);
}
Aggregations