use of io.pravega.controller.server.rpc.auth.PravegaInterceptor in project pravega by pravega.
the class ControllerServiceImpl method checkAuthorization.
public boolean checkAuthorization(String resource, AuthHandler.Permissions expectedLevel) {
if (isAuthEnabled) {
PravegaInterceptor currentInterceptor = PravegaInterceptor.INTERCEPTOR_OBJECT.get();
AuthHandler.Permissions allowedLevel;
if (currentInterceptor == null) {
// No interceptor, means no authorization enabled
allowedLevel = AuthHandler.Permissions.READ_UPDATE;
} else {
allowedLevel = currentInterceptor.authorize(resource);
}
if (allowedLevel.ordinal() < expectedLevel.ordinal()) {
return false;
}
return true;
} else {
return true;
}
}
use of io.pravega.controller.server.rpc.auth.PravegaInterceptor in project pravega by pravega.
the class ControllerServiceImpl method checkAuthorizationWithToken.
public boolean checkAuthorizationWithToken(String resource, AuthHandler.Permissions expectedLevel) {
if (isAuthEnabled) {
boolean retVal = checkAuthorization(resource, expectedLevel);
if (retVal) {
PravegaInterceptor interceptor = PravegaInterceptor.INTERCEPTOR_OBJECT.get();
interceptor.setDelegationToken(resource, expectedLevel, tokenSigningKey);
}
return retVal;
} else {
return true;
}
}
Aggregations