Example 1 with RoleMember
use of com.yahoo.athenz.zms.RoleMember in project athenz by yahoo.
the class FileConnection method deletePrincipal.
@Override
public boolean deletePrincipal(String principalName, boolean subDomains) {
// we're going to go through all domains and delete any
// principal that satisfies our criteria
String[] fnames = rootDir.list();
String domainNamePrefix = subDomains ? principalName + "." : null;
for (String fname : fnames) {
File f = new File(rootDir, fname);
DomainStruct domainStruct = null;
try {
Path path = Paths.get(f.toURI());
domainStruct = JSON.fromBytes(Files.readAllBytes(path), DomainStruct.class);
} catch (IOException e) {
}
if (domainStruct == null) {
continue;
}
boolean domainChanged = false;
for (Role role : domainStruct.getRoles().values()) {
List<RoleMember> roleMembers = role.getRoleMembers();
if (roleMembers == null) {
continue;
}
for (int idx = 0; idx < roleMembers.size(); idx++) {
final String memberName = roleMembers.get(idx).getMemberName();
if (memberName.equals(principalName) || (domainNamePrefix != null && memberName.startsWith(domainNamePrefix))) {
roleMembers.remove(idx);
domainChanged = true;
}
}
}
if (domainChanged) {
putDomainStruct(domainStruct.getName(), domainStruct);
}
}
return true;
}
Also used :
Path(java.nio.file.Path)
Role(com.yahoo.athenz.zms.Role)
PrincipalRole(com.yahoo.athenz.zms.PrincipalRole)
IOException(java.io.IOException)
File(java.io.File)
RoleMember(com.yahoo.athenz.zms.RoleMember)
Example 2 with RoleMember
use of com.yahoo.athenz.zms.RoleMember in project athenz by yahoo.
the class FileConnection method listPrincipals.
@Override
public List<String> listPrincipals(String domainName) {
// we're going to go through all domains and extract any
// principal that satisfies our filter domainName
Set<String> principals = new HashSet<>();
String[] fnames = rootDir.list();
String domainNamePrefix = domainName == null ? null : domainName + ".";
for (String fname : fnames) {
File f = new File(rootDir, fname);
DomainStruct domainStruct = null;
try {
Path path = Paths.get(f.toURI());
domainStruct = JSON.fromBytes(Files.readAllBytes(path), DomainStruct.class);
} catch (IOException e) {
}
if (domainStruct == null) {
continue;
}
for (Role role : domainStruct.getRoles().values()) {
List<RoleMember> roleMembers = role.getRoleMembers();
if (roleMembers == null) {
continue;
}
for (RoleMember roleMember : roleMembers) {
final String memberName = roleMember.getMemberName();
if (domainNamePrefix == null) {
principals.add(memberName);
} else if (memberName.startsWith(domainNamePrefix)) {
principals.add(memberName);
}
}
}
}
return new ArrayList<String>(principals);
}
Also used :
Path(java.nio.file.Path)
Role(com.yahoo.athenz.zms.Role)
PrincipalRole(com.yahoo.athenz.zms.PrincipalRole)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
File(java.io.File)
RoleMember(com.yahoo.athenz.zms.RoleMember)
HashSet(java.util.HashSet)
Example 3 with RoleMember
use of com.yahoo.athenz.zms.RoleMember in project athenz by yahoo.
the class FileConnection method listPrincipalRoles.
@Override
public List<PrincipalRole> listPrincipalRoles(String principalName) {
// we're going to go through all domains
String[] fnames = rootDir.list();
List<PrincipalRole> roles = new ArrayList<>();
for (String fname : fnames) {
File f = new File(rootDir, fname);
DomainStruct domainStruct = null;
try {
Path path = Paths.get(f.toURI());
domainStruct = JSON.fromBytes(Files.readAllBytes(path), DomainStruct.class);
} catch (IOException e) {
}
if (domainStruct == null) {
continue;
}
for (Role role : domainStruct.getRoles().values()) {
List<RoleMember> roleMembers = role.getRoleMembers();
if (roleMembers == null) {
continue;
}
for (int idx = 0; idx < roleMembers.size(); idx++) {
final String memberName = roleMembers.get(idx).getMemberName();
if (memberName.equals(principalName)) {
PrincipalRole pRole = new PrincipalRole();
pRole.setDomainName(fname);
pRole.setRoleName(extractRoleName(fname, role.getName()));
roles.add(pRole);
}
}
}
}
return roles;
}
Also used :
Path(java.nio.file.Path)
ArrayList(java.util.ArrayList)
IOException(java.io.IOException)
PrincipalRole(com.yahoo.athenz.zms.PrincipalRole)
Role(com.yahoo.athenz.zms.Role)
PrincipalRole(com.yahoo.athenz.zms.PrincipalRole)
File(java.io.File)
RoleMember(com.yahoo.athenz.zms.RoleMember)
Example 4 with RoleMember
use of com.yahoo.athenz.zms.RoleMember in project athenz by yahoo.
the class ZMSUtilsTest method testRemoveMembers.
@Test(dataProvider = "members")
public void testRemoveMembers(List<String> orginalRoleMembersList, List<String> removeRoleMembersList, int expectedSize) throws Exception {
List<RoleMember> orginalRoleMembers = ZMSUtils.convertMembersToRoleMembers(orginalRoleMembersList);
List<RoleMember> removeRoleMembers = ZMSUtils.convertMembersToRoleMembers(removeRoleMembersList);
ZMSUtils.removeMembers(orginalRoleMembers, removeRoleMembers);
// remove case
for (RoleMember orgMember : orginalRoleMembers) {
for (RoleMember removeMember : removeRoleMembers) {
if (orgMember.getMemberName().equalsIgnoreCase(removeMember.getMemberName())) {
fail("Should have removed " + removeMember);
}
}
}
assertEquals(orginalRoleMembers.size(), expectedSize);
}
Also used :
RoleMember(com.yahoo.athenz.zms.RoleMember)
Test(org.testng.annotations.Test)
Example 5 with RoleMember
use of com.yahoo.athenz.zms.RoleMember in project athenz by yahoo.
the class JDBCConnectionTest method testListRoleMembers.
@Test
public void testListRoleMembers() throws Exception {
JDBCConnection jdbcConn = new JDBCConnection(mockConn, true);
// return domain/role id
Mockito.when(mockResultSet.getInt(1)).thenReturn(5).thenReturn(7);
Mockito.when(mockResultSet.next()).thenReturn(// this one is for domain id
true).thenReturn(// this one is for role id
true).thenReturn(true).thenReturn(true).thenReturn(true).thenReturn(false);
Mockito.when(mockResultSet.getString(1)).thenReturn("zdomain.user1").thenReturn("adomain.storage").thenReturn("bdomain.user2");
Mockito.when(mockResultSet.getTimestamp(2)).thenReturn(new java.sql.Timestamp(System.currentTimeMillis() + 100)).thenReturn(new java.sql.Timestamp(System.currentTimeMillis() + 200)).thenReturn(null);
List<RoleMember> roleMembers = jdbcConn.listRoleMembers("my-domain", "role1");
// data back is sorted
assertEquals(3, roleMembers.size());
assertNotNull(roleMembers.get(0).getExpiration());
assertNull(roleMembers.get(1).getExpiration());
assertNotNull(roleMembers.get(2).getExpiration());
assertEquals("adomain.storage", roleMembers.get(0).getMemberName());
assertEquals("bdomain.user2", roleMembers.get(1).getMemberName());
assertEquals("zdomain.user1", roleMembers.get(2).getMemberName());
jdbcConn.close();
}
Also used :
Timestamp(com.yahoo.rdl.Timestamp)
JDBCConnection(com.yahoo.athenz.zms.store.jdbc.JDBCConnection)
RoleMember(com.yahoo.athenz.zms.RoleMember)
Test(org.testng.annotations.Test)
Aggregations
RoleMember (com.yahoo.athenz.zms.RoleMember)65
ArrayList (java.util.ArrayList)48
Role (com.yahoo.athenz.zms.Role)47
Test (org.testng.annotations.Test)35
SignedDomain (com.yahoo.athenz.zms.SignedDomain)26
DomainData (com.yahoo.athenz.zms.DomainData)25
DataCache (com.yahoo.athenz.zts.cache.DataCache)23
MemberRole (com.yahoo.athenz.zts.cache.MemberRole)18
Policy (com.yahoo.athenz.zms.Policy)13
MockZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.MockZMSFileChangeLogStore)13
Assertion (com.yahoo.athenz.zms.Assertion)12
ZMSFileChangeLogStore (com.yahoo.athenz.zts.store.impl.ZMSFileChangeLogStore)12
PrincipalRole (com.yahoo.athenz.zms.PrincipalRole)9
ServiceIdentity (com.yahoo.athenz.zms.ServiceIdentity)8
HashSet (java.util.HashSet)7
JDBCConnection (com.yahoo.athenz.zms.store.jdbc.JDBCConnection)6
File (java.io.File)6
HashMap (java.util.HashMap)6
Domain (com.yahoo.athenz.zms.Domain)5
Set (java.util.Set)5
