Example 1 with PravegaInterceptor
use of io.pravega.controller.server.rpc.auth.PravegaInterceptor in project pravega by pravega.
the class ControllerServiceImpl method checkAuthorization.
public boolean checkAuthorization(String resource, AuthHandler.Permissions expectedLevel) {
if (isAuthEnabled) {
PravegaInterceptor currentInterceptor = PravegaInterceptor.INTERCEPTOR_OBJECT.get();
AuthHandler.Permissions allowedLevel;
if (currentInterceptor == null) {
// No interceptor, means no authorization enabled
allowedLevel = AuthHandler.Permissions.READ_UPDATE;
} else {
allowedLevel = currentInterceptor.authorize(resource);
}
if (allowedLevel.ordinal() < expectedLevel.ordinal()) {
return false;
}
return true;
} else {
return true;
}
}
Also used :
AuthHandler(io.pravega.auth.AuthHandler)
PravegaInterceptor(io.pravega.controller.server.rpc.auth.PravegaInterceptor)
Example 2 with PravegaInterceptor
use of io.pravega.controller.server.rpc.auth.PravegaInterceptor in project pravega by pravega.
the class ControllerServiceImpl method checkAuthorizationWithToken.
public boolean checkAuthorizationWithToken(String resource, AuthHandler.Permissions expectedLevel) {
if (isAuthEnabled) {
boolean retVal = checkAuthorization(resource, expectedLevel);
if (retVal) {
PravegaInterceptor interceptor = PravegaInterceptor.INTERCEPTOR_OBJECT.get();
interceptor.setDelegationToken(resource, expectedLevel, tokenSigningKey);
}
return retVal;
} else {
return true;
}
}
Also used :
PravegaInterceptor(io.pravega.controller.server.rpc.auth.PravegaInterceptor)
Aggregations
PravegaInterceptor (io.pravega.controller.server.rpc.auth.PravegaInterceptor)2
AuthHandler (io.pravega.auth.AuthHandler)1
