Search in sources :

Example 1 with PravegaInterceptor

use of io.pravega.controller.server.rpc.auth.PravegaInterceptor in project pravega by pravega.

the class ControllerServiceImpl method checkAuthorization.

public boolean checkAuthorization(String resource, AuthHandler.Permissions expectedLevel) {
    if (isAuthEnabled) {
        PravegaInterceptor currentInterceptor = PravegaInterceptor.INTERCEPTOR_OBJECT.get();
        AuthHandler.Permissions allowedLevel;
        if (currentInterceptor == null) {
            // No interceptor, means no authorization enabled
            allowedLevel = AuthHandler.Permissions.READ_UPDATE;
        } else {
            allowedLevel = currentInterceptor.authorize(resource);
        }
        if (allowedLevel.ordinal() < expectedLevel.ordinal()) {
            return false;
        }
        return true;
    } else {
        return true;
    }
}
Also used : AuthHandler(io.pravega.auth.AuthHandler) PravegaInterceptor(io.pravega.controller.server.rpc.auth.PravegaInterceptor)

Example 2 with PravegaInterceptor

use of io.pravega.controller.server.rpc.auth.PravegaInterceptor in project pravega by pravega.

the class ControllerServiceImpl method checkAuthorizationWithToken.

public boolean checkAuthorizationWithToken(String resource, AuthHandler.Permissions expectedLevel) {
    if (isAuthEnabled) {
        boolean retVal = checkAuthorization(resource, expectedLevel);
        if (retVal) {
            PravegaInterceptor interceptor = PravegaInterceptor.INTERCEPTOR_OBJECT.get();
            interceptor.setDelegationToken(resource, expectedLevel, tokenSigningKey);
        }
        return retVal;
    } else {
        return true;
    }
}
Also used : PravegaInterceptor(io.pravega.controller.server.rpc.auth.PravegaInterceptor)

Aggregations

PravegaInterceptor (io.pravega.controller.server.rpc.auth.PravegaInterceptor)2 AuthHandler (io.pravega.auth.AuthHandler)1