use of me.retrodaredevil.couchdbjava.security.DatabaseSecurity in project solarthing by wildmountainfarms.
the class CouchDbSetupMain method doCouchDbSetupMain.
public int doCouchDbSetupMain() throws CouchDbException {
out.println("You will now setup your CouchDB instance! Some databases will be automatically created (enter)");
prompt.promptContinue();
for (SolarThingDatabaseType databaseType : SolarThingDatabaseType.values()) {
createDatabase(databaseType.getName());
}
out.println("All necessary databases have been created.");
out.println();
out.println("Now views and security will be configured for each database. Please enter the name of the user to be added as an admin to each database.");
out.println("This user is commonly named 'uploader'. (Leave blank to not configure)");
out.print("Name of user: ");
String uploaderUser = prompt.promptUserName(SolarThingDatabaseType.UserType.UPLOADER);
if (uploaderUser == null) {
out.println("No user will be added as an admin, but members will still be cleared. (Enter to confirm)");
} else {
out.println("User: " + uploaderUser + " will be used. (Enter to confirm)");
}
prompt.promptContinue();
if (uploaderUser != null) {
createUserIfNotExists(uploaderUser, SolarThingDatabaseType.UserType.UPLOADER);
}
out.println("You can also enter the name of the user to manage the solarthing_cache and solarthing_alter databases.");
out.println("This user is commonly named 'manager'. (Leave blank to not configure)" + (uploaderUser == null ? "" : " (Use '" + uploaderUser + "' to use same user to manage the cache database)"));
String managerUser = prompt.promptUserName(SolarThingDatabaseType.UserType.MANAGER);
if (managerUser == null) {
out.println("No user will be configured to manage the solarthing_cache and solarthing_alter database. (Enter to confirm)");
} else {
out.println("User: " + managerUser + " will be used to manage solarthing_cache and solarthing_alter. (Enter to confirm)");
}
prompt.promptContinue();
if (managerUser != null && !managerUser.equals(uploaderUser)) {
createUserIfNotExists(managerUser, SolarThingDatabaseType.UserType.MANAGER);
}
out.println();
for (SolarThingDatabaseType databaseType : SolarThingDatabaseType.values()) {
CouchDbDatabase database = instance.getDatabase(databaseType.getName());
if (databaseType.needsAnyViews()) {
out.println("Adding packets design to database " + databaseType.getName());
MutablePacketsDesign design = new MutablePacketsDesign();
if (databaseType.needsMillisView()) {
out.println("This database will have the millisNull view");
design.addMillisNullView();
}
if (databaseType.needsSimpleAllDocsView()) {
out.println("This database will have the simpleAllDocs view");
design.addSimpleAllDocsView();
}
if (databaseType.needsReadonlyValidateFunction()) {
out.println("This database will be readonly");
design.setReadonlyAuth();
}
final JsonData jsonData;
try {
jsonData = new StringJsonData(MAPPER.writeValueAsString(design));
} catch (JsonProcessingException e) {
throw new RuntimeException("Couldn't serialize json! Report this!", e);
}
try {
database.putDocument("_design/packets", jsonData);
} catch (CouchDbUpdateConflictException e) {
String revision = database.getCurrentRevision("_design/packets");
database.updateDocument("_design/packets", revision, jsonData);
out.println("updated _design/packets document on database: " + databaseType.getName());
}
}
out.println("Configuring security for database " + databaseType.getName());
DatabaseSecurity oldSecurity = database.getSecurity();
// First initialize newAdmins to the old admins
SecurityGroup newAdmins = oldSecurity.getAdminsOrBlank();
Set<SolarThingDatabaseType.UserType> usersWithWritePermission = databaseType.getUsersWithWritePermission();
if (usersWithWritePermission.contains(SolarThingDatabaseType.UserType.MANAGER)) {
newAdmins = newAdmins.withName(managerUser);
}
if (usersWithWritePermission.contains(SolarThingDatabaseType.UserType.UPLOADER)) {
newAdmins = newAdmins.withName(uploaderUser);
}
database.setSecurity(new DatabaseSecurity(// update the list of admins
newAdmins, // if database is public, this has no members, if private, keep old members which should include an _admin role
databaseType.isPublic() ? SecurityGroup.BLANK : oldSecurity.getMembers()));
out.println();
}
out.println("Completed successfully!");
return 0;
}
Aggregations