Example 6 with SecurityRole
use of com.thinkbiganalytics.security.role.SecurityRole in project kylo by Teradata.
the class JcrDatasourceProvider method createImpl.
private <J extends JcrDatasource> J createImpl(String name, String descr, Class<? extends Datasource> type) {
try {
JcrTool tool = new JcrTool();
Class<J> implType = deriveImplType(type);
Field folderField = FieldUtils.getField(implType, "PATH_NAME", true);
String subfolderName = (String) folderField.get(null);
String dsPath = EntityUtil.pathForDataSource();
Node dsNode = getSession().getNode(dsPath);
Node subfolderNode = tool.findOrCreateChild(dsNode, subfolderName, "nt:folder");
Map<String, Object> props = new HashMap<>();
props.put(JcrDatasource.SYSTEM_NAME, name);
String encodedName = org.modeshape.jcr.value.Path.DEFAULT_ENCODER.encode(name);
final boolean isNew = !hasEntityNode(subfolderNode.getPath(), encodedName);
@SuppressWarnings("unchecked") J datasource = (J) findOrCreateEntity(subfolderNode.getPath(), encodedName, implType, props);
if (isNew && JcrUserDatasource.class.isAssignableFrom(type)) {
if (this.accessController.isEntityAccessControlled()) {
final List<SecurityRole> roles = roleProvider.getEntityRoles(SecurityRole.DATASOURCE);
actionsProvider.getAvailableActions(AllowedActions.DATASOURCE).ifPresent(actions -> ((JcrUserDatasource) datasource).enableAccessControl((JcrAllowedActions) actions, JcrMetadataAccess.getActiveUser(), roles));
} else {
actionsProvider.getAvailableActions(AllowedActions.DATASOURCE).ifPresent(actions -> ((JcrUserDatasource) datasource).disableAccessControl((JcrAllowedActions) actions, JcrMetadataAccess.getActiveUser()));
}
}
datasource.setTitle(name);
datasource.setDescription(descr);
return datasource;
} catch (IllegalArgumentException | IllegalAccessException | RepositoryException e) {
throw new MetadataException("Unable to create datasource: " + type, e);
}
}
Also used :
SecurityRole(com.thinkbiganalytics.security.role.SecurityRole)
HashMap(java.util.HashMap)
Node(javax.jcr.Node)
MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException)
RepositoryException(javax.jcr.RepositoryException)
MetadataException(com.thinkbiganalytics.metadata.api.MetadataException)
Field(java.lang.reflect.Field)
JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)
JcrTool(com.thinkbiganalytics.metadata.modeshape.support.JcrTool)
Example 7 with SecurityRole
use of com.thinkbiganalytics.security.role.SecurityRole in project kylo by Teradata.
the class JcrSecurityRoleProviderTest method createRole.
private SecurityRole createRole(String sysName, String title, String descr, Action... perms) {
SecurityRole role = this.provider.createRole(SecurityRole.FEED, sysName, title, descr);
role.setPermissions(perms);
return role;
}
Also used :
SecurityRole(com.thinkbiganalytics.security.role.SecurityRole)
Example 8 with SecurityRole
use of com.thinkbiganalytics.security.role.SecurityRole in project kylo by Teradata.
the class JcrFeedProvider method ensureFeed.
/**
* Ensure the Feed, but the Category must exist!
*/
@Override
public Feed ensureFeed(String categorySystemName, String feedSystemName) {
JcrCategory category = null;
try {
String categoryPath = EntityUtil.pathForCategory(categorySystemName);
Node categoryNode = getSession().getNode(categoryPath);
if (categoryNode != null) {
category = JcrUtil.createJcrObject(categoryNode, JcrCategory.class);
} else {
category = (JcrCategory) categoryProvider.findBySystemName(categorySystemName);
}
} catch (RepositoryException e) {
throw new CategoryNotFoundException("Unable to find Category for " + categorySystemName, null);
}
String feedParentPath = category.getFeedParentPath();
boolean newFeed = !hasEntityNode(feedParentPath, feedSystemName);
Node feedNode = findOrCreateEntityNode(feedParentPath, feedSystemName, getJcrEntityClass());
JcrFeed feed = new JcrFeed(feedNode, category, this.opsAccessProvider);
feed.setSystemName(feedSystemName);
if (newFeed) {
if (this.accessController.isEntityAccessControlled()) {
List<SecurityRole> roles = this.roleProvider.getEntityRoles(SecurityRole.FEED);
this.actionsProvider.getAvailableActions(AllowedActions.FEED).ifPresent(actions -> feed.enableAccessControl((JcrAllowedActions) actions, JcrMetadataAccess.getActiveUser(), roles));
} else {
this.actionsProvider.getAvailableActions(AllowedActions.FEED).ifPresent(actions -> feed.disableAccessControl((JcrAllowedActions) actions, JcrMetadataAccess.getActiveUser()));
}
addPostFeedChangeAction(feed, ChangeType.CREATE);
}
return feed;
}
Also used :
SecurityRole(com.thinkbiganalytics.security.role.SecurityRole)
JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)
Node(javax.jcr.Node)
CategoryNotFoundException(com.thinkbiganalytics.metadata.api.category.CategoryNotFoundException)
MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException)
RepositoryException(javax.jcr.RepositoryException)
JcrCategory(com.thinkbiganalytics.metadata.modeshape.category.JcrCategory)
Example 9 with SecurityRole
use of com.thinkbiganalytics.security.role.SecurityRole in project kylo by Teradata.
the class CheckEntityAccessControlAction method ensureFeedAccessControl.
private void ensureFeedAccessControl() {
List<Feed> feeds = feedProvider.findAll();
if (feeds != null) {
List<SecurityRole> roles = this.roleProvider.getEntityRoles(SecurityRole.FEED);
Optional<AllowedActions> allowedActions = this.actionsProvider.getAvailableActions(AllowedActions.FEED);
feeds.stream().forEach(feed -> {
Principal owner = feed.getOwner() != null ? feed.getOwner() : JcrMetadataAccess.getActiveUser();
allowedActions.ifPresent(actions -> ((JcrFeed) feed).enableAccessControl((JcrAllowedActions) actions, owner, roles));
});
}
}
Also used :
SecurityRole(com.thinkbiganalytics.security.role.SecurityRole)
JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)
AllowedActions(com.thinkbiganalytics.security.action.AllowedActions)
JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)
Principal(java.security.Principal)
Feed(com.thinkbiganalytics.metadata.api.feed.Feed)
JcrFeed(com.thinkbiganalytics.metadata.modeshape.feed.JcrFeed)
Example 10 with SecurityRole
use of com.thinkbiganalytics.security.role.SecurityRole in project kylo by Teradata.
the class CheckEntityAccessControlAction method ensureCategoryAccessControl.
private void ensureCategoryAccessControl() {
List<Category> categories = categoryProvider.findAll();
if (categories != null) {
List<SecurityRole> catRoles = this.roleProvider.getEntityRoles(SecurityRole.CATEGORY);
List<SecurityRole> feedRoles = this.roleProvider.getEntityRoles(SecurityRole.FEED);
Optional<AllowedActions> allowedActions = this.actionsProvider.getAvailableActions(AllowedActions.CATEGORY);
categories.stream().forEach(category -> {
Principal owner = category.getOwner() != null ? category.getOwner() : JcrMetadataAccess.getActiveUser();
allowedActions.ifPresent(actions -> ((JcrCategory) category).enableAccessControl((JcrAllowedActions) actions, owner, catRoles, feedRoles));
});
}
}
Also used :
SecurityRole(com.thinkbiganalytics.security.role.SecurityRole)
JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)
Category(com.thinkbiganalytics.metadata.api.category.Category)
JcrCategory(com.thinkbiganalytics.metadata.modeshape.category.JcrCategory)
AllowedActions(com.thinkbiganalytics.security.action.AllowedActions)
JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)
Principal(java.security.Principal)
Aggregations
SecurityRole (com.thinkbiganalytics.security.role.SecurityRole)11
JcrAllowedActions (com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)9
AllowedActions (com.thinkbiganalytics.security.action.AllowedActions)5
Principal (java.security.Principal)5
Node (javax.jcr.Node)5
MetadataRepositoryException (com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException)3
RepositoryException (javax.jcr.RepositoryException)3
MetadataException (com.thinkbiganalytics.metadata.api.MetadataException)2
JcrCategory (com.thinkbiganalytics.metadata.modeshape.category.JcrCategory)2
JcrTool (com.thinkbiganalytics.metadata.modeshape.support.JcrTool)2
MetadataAccess (com.thinkbiganalytics.metadata.api.MetadataAccess)1
Category (com.thinkbiganalytics.metadata.api.category.Category)1
CategoryNotFoundException (com.thinkbiganalytics.metadata.api.category.CategoryNotFoundException)1
Feed (com.thinkbiganalytics.metadata.api.feed.Feed)1
FeedAccessControl (com.thinkbiganalytics.metadata.api.feed.security.FeedAccessControl)1
FeedManagerTemplate (com.thinkbiganalytics.metadata.api.template.FeedManagerTemplate)1
JcrMetadataAccess (com.thinkbiganalytics.metadata.modeshape.JcrMetadataAccess)1
JcrTestConfig (com.thinkbiganalytics.metadata.modeshape.JcrTestConfig)1
ModeShapeEngineConfig (com.thinkbiganalytics.metadata.modeshape.ModeShapeEngineConfig)1
JcrFeed (com.thinkbiganalytics.metadata.modeshape.feed.JcrFeed)1
