Examples with Role io.cdap.cdap.proto.security.Role used on opensource projects

Search in sources :

Example 1 with Role

use of io.cdap.cdap.proto.security.Role in project cdap by caskdata.

the class CreateRoleCommand method perform.

@Override
public void perform(Arguments arguments, PrintStream output) throws Exception {
    String roleName = arguments.get("role-name");
    client.createRole(new Role(roleName));
    output.printf("Successfully created role '%s'\n", roleName);
}
Also used : Role(io.cdap.cdap.proto.security.Role)

Example 2 with Role

use of io.cdap.cdap.proto.security.Role in project cdap by caskdata.

the class ListRolesCommand method perform.

@Override
public void perform(Arguments arguments, PrintStream output) throws Exception {
    String principalType = arguments.getOptional(ArgumentName.PRINCIPAL_TYPE.toString());
    String principalName = arguments.getOptional(ArgumentName.PRINCIPAL_NAME.toString());
    Set<Role> roles;
    if (!(Strings.isNullOrEmpty(principalType) && Strings.isNullOrEmpty(principalName))) {
        roles = client.listRoles(new Principal(principalName, Principal.PrincipalType.valueOf(principalType.toUpperCase())));
    } else {
        roles = client.listAllRoles();
    }
    Table table = Table.builder().setHeader("Role").setRows(Lists.newArrayList(roles), new RowMaker<Role>() {

        @Override
        public List<?> makeRow(Role role) {
            return Lists.newArrayList(role.getName());
        }
    }).build();
    cliConfig.getTableRenderer().render(cliConfig, output, table);
}
Also used : Role(io.cdap.cdap.proto.security.Role) Table(io.cdap.cdap.cli.util.table.Table) RowMaker(io.cdap.cdap.cli.util.RowMaker) Principal(io.cdap.cdap.proto.security.Principal)

Example 3 with Role

use of io.cdap.cdap.proto.security.Role in project cdap by caskdata.

the class DropRoleCommand method perform.

@Override
public void perform(Arguments arguments, PrintStream output) throws Exception {
    String roleName = arguments.get("role-name");
    client.dropRole(new Role(roleName));
    output.printf("Successfully dropped role '%s'\n", roleName);
}
Also used : Role(io.cdap.cdap.proto.security.Role)

Example 4 with Role

use of io.cdap.cdap.proto.security.Role in project cdap by caskdata.

the class AuthorizationCLITest method testAuthorizationCLI.

@Test
public void testAuthorizationCLI() throws Exception {
    Role role = new Role("admins");
    Principal principal = new Principal("spiderman", Principal.PrincipalType.USER);
    NamespaceId namespaceId = new NamespaceId("ns1");
    CLITestBase.testCommandOutputContains(cli, String.format("create namespace %s", namespaceId.getNamespace()), String.format("Namespace '%s' created successfully", namespaceId.getNamespace()));
    // test creating role
    CLITestBase.testCommandOutputContains(cli, "create role " + role.getName(), String.format("Successfully created role '%s'", role.getName()));
    // test add role to principal
    CLITestBase.testCommandOutputContains(cli, String.format("add role %s to %s %s", role.getName(), principal.getType(), principal.getName()), String.format("Successfully added role '%s' to '%s' '%s'", role.getName(), principal.getType(), principal.getName()));
    // test listing all roles
    String output = CLITestBase.getCommandOutput(cli, "list roles");
    List<String> lines = Arrays.asList(output.split("\\r?\\n"));
    Assert.assertEquals(2, lines.size());
    // 0 is just the table headers
    Assert.assertEquals(role.getName(), lines.get(1));
    // test listing roles for a principal
    output = CLITestBase.getCommandOutput(cli, String.format("list roles for %s %s", principal.getType(), principal.getName()));
    lines = Arrays.asList(output.split("\\r?\\n"));
    Assert.assertEquals(2, lines.size());
    Assert.assertEquals(role.getName(), lines.get(1));
    // test grant permission. also tests case insensitivity of Permission and Principal.PrincipalType
    CLITestBase.testCommandOutputContains(cli, String.format("grant permissions %s on entity %s to %s %s", StandardPermission.GET.name().toLowerCase(), namespaceId.toString(), principal.getType().name().toLowerCase(), principal.getName()), String.format("Successfully granted permission(s) '%s' on entity '%s' to %s '%s'", StandardPermission.GET, namespaceId.toString(), principal.getType(), principal.getName()));
    // test grant permission for application permission (dotted syntax)
    CLITestBase.testCommandOutputContains(cli, String.format("grant permissions %s.%s on entity %s to %s %s", PermissionType.APPLICATION.name().toLowerCase(), ApplicationPermission.EXECUTE.name().toLowerCase(), namespaceId.toString(), principal.getType().name().toLowerCase(), principal.getName()), String.format("Successfully granted permission(s) '%s' on entity '%s' to %s '%s'", ApplicationPermission.EXECUTE, namespaceId.toString(), principal.getType(), principal.getName()));
    // test listing privilege
    output = CLITestBase.getCommandOutput(cli, String.format("list privileges for %s %s", principal.getType(), principal.getName()));
    lines = Stream.of(output.split("\\r?\\n")).sorted().collect(Collectors.toList());
    Assert.assertEquals(3, lines.size());
    Assert.assertArrayEquals(new String[] { namespaceId.toString(), ApplicationPermission.EXECUTE.name() }, lines.get(1).split(","));
    Assert.assertArrayEquals(new String[] { namespaceId.toString(), StandardPermission.GET.name() }, lines.get(2).split(","));
    // test revoke permissions
    CLITestBase.testCommandOutputContains(cli, String.format("revoke permissions %s on entity %s from %s %s", StandardPermission.GET, namespaceId.toString(), principal.getType(), principal.getName()), String.format("Successfully revoked permission(s) '%s' on entity '%s' for %s '%s'", StandardPermission.GET, namespaceId.toString(), principal.getType(), principal.getName()));
    // grant and perform revoke on the entity
    CLITestBase.testCommandOutputContains(cli, String.format("grant permissions %s on entity %s to %s %s", StandardPermission.GET, namespaceId.toString(), principal.getType(), principal.getName()), String.format("Successfully granted permission(s) '%s' on entity '%s' to %s '%s'", StandardPermission.GET, namespaceId.toString(), principal.getType(), principal.getName()));
    CLITestBase.testCommandOutputContains(cli, String.format("revoke all on entity %s ", namespaceId.toString()), String.format("Successfully revoked all permissions on entity '%s' for all principals", namespaceId.toString()));
    // test remove role from principal
    CLITestBase.testCommandOutputContains(cli, String.format("remove role %s from %s %s", role.getName(), principal.getType(), principal.getName()), String.format("Successfully removed role '%s' from %s '%s'", role.getName(), principal.getType(), principal.getName()));
    // test remove role (which doesn't exist) from principal
    Role nonexistentRole = new Role("nonexistent_role");
    CLITestBase.testCommandOutputContains(cli, String.format("remove role %s from %s %s", nonexistentRole.getName(), principal.getType(), principal.getName()), String.format("Error: %s not found", nonexistentRole));
}
Also used : Role(io.cdap.cdap.proto.security.Role) NamespaceId(io.cdap.cdap.proto.id.NamespaceId) Principal(io.cdap.cdap.proto.security.Principal) Test(org.junit.Test)

Example 5 with Role

use of io.cdap.cdap.proto.security.Role in project cdap by caskdata.

the class AuthorizationHandler method addRoleToPrincipal.

@Path("/{principal-type}/{principal-name}/roles/{role-name}")
@PUT
public void addRoleToPrincipal(HttpRequest httpRequest, HttpResponder httpResponder, @PathParam("principal-type") String principalType, @PathParam("principal-name") String principalName, @PathParam("role-name") String roleName) throws Exception {
    ensureSecurityEnabled();
    Principal principal = new Principal(principalName, Principal.PrincipalType.valueOf(principalType.toUpperCase()));
    accessController.addRoleToPrincipal(new Role(roleName), principal);
    httpResponder.sendStatus(HttpResponseStatus.OK);
    createLogEntry(httpRequest, HttpResponseStatus.OK);
}
Also used : Role(io.cdap.cdap.proto.security.Role) Principal(io.cdap.cdap.proto.security.Principal) Path(javax.ws.rs.Path) PUT(javax.ws.rs.PUT)

Aggregations

Role (io.cdap.cdap.proto.security.Role)15 Principal (io.cdap.cdap.proto.security.Principal)8 GrantedPermission (io.cdap.cdap.proto.security.GrantedPermission)4 Path (javax.ws.rs.Path)4 NamespaceId (io.cdap.cdap.proto.id.NamespaceId)3 HashSet (java.util.HashSet)3 Test (org.junit.Test)3 AlreadyExistsException (io.cdap.cdap.security.spi.authorization.AlreadyExistsException)2 DELETE (javax.ws.rs.DELETE)2 PUT (javax.ws.rs.PUT)2 AccessException (io.cdap.cdap.api.security.AccessException)1 RowMaker (io.cdap.cdap.cli.util.RowMaker)1 Table (io.cdap.cdap.cli.util.table.Table)1 AuthorizationClient (io.cdap.cdap.client.AuthorizationClient)1 FeatureDisabledException (io.cdap.cdap.common.FeatureDisabledException)1 CommonNettyHttpServiceBuilder (io.cdap.cdap.common.http.CommonNettyHttpServiceBuilder)1 Permission (io.cdap.cdap.proto.security.Permission)1 MasterAuthenticationContext (io.cdap.cdap.security.auth.context.MasterAuthenticationContext)1 AccessControllerInstantiator (io.cdap.cdap.security.authorization.AccessControllerInstantiator)1 InMemoryAccessController (io.cdap.cdap.security.authorization.InMemoryAccessController)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial