Example 1 with RoleAssignmentType
use of models.RoleAssignmentType in project coprhd-controller by CoprHD.
the class VDCRoleAssignments method edit.
@FlashException("list")
public static void edit(@Required String id) {
String name = VDCRoleAssignmentForm.extractNameFromId(id);
RoleAssignmentType type = VDCRoleAssignmentForm.extractTypeFromId(id);
RoleAssignmentEntry roleAssignmentEntry = getVDCRoleAssignment(name, type);
if (roleAssignmentEntry != null) {
addRolesToRenderArgs();
Boolean isRootUser = RoleAssignmentUtils.isRootUser(roleAssignmentEntry);
VDCRoleAssignmentForm roleAssignment = new VDCRoleAssignmentForm();
roleAssignment.id = id;
roleAssignment.readFrom(roleAssignmentEntry);
render(roleAssignment, isRootUser);
} else {
flash.error(MessagesUtils.get("roleAssignments.unknown", name));
list();
}
}
Also used :
RoleAssignmentType(models.RoleAssignmentType)
RoleAssignmentEntry(com.emc.storageos.model.auth.RoleAssignmentEntry)
RoleAssignmentUtils.createRoleAssignmentEntry(util.RoleAssignmentUtils.createRoleAssignmentEntry)
FlashException(controllers.util.FlashException)
Example 2 with RoleAssignmentType
use of models.RoleAssignmentType in project coprhd-controller by CoprHD.
the class ACLUtils method validateAclEntries.
public static void validateAclEntries(String fieldName, List<AclEntryForm> aclEntries) {
for (int i = 0; i < aclEntries.size(); i++) {
AclEntryForm aclEntryForm = aclEntries.get(i);
if (aclEntryForm != null) {
String aclEntryPath = fieldName + "[" + i + "]";
String aclNamePath = aclEntryPath + ".aclName";
if (StringUtils.isBlank(aclEntryForm.aclName)) {
Validation.addError(aclNamePath, "security.accessControlList.aclName.required");
}
if (StringUtils.isBlank(aclEntryForm.access)) {
String fieldPath = aclEntryPath + ".access";
Validation.addError(fieldPath, "security.accessControlList.access.required");
}
if (StringUtils.isBlank(aclEntryForm.type)) {
String fieldPath = aclEntryPath + ".type";
Validation.addError(fieldPath, "security.accessControlList.type.required");
} else if (StringUtils.isNotBlank(aclEntryForm.aclName)) {
RoleAssignmentType type = RoleAssignmentType.valueOf(aclEntryForm.type);
if (RoleAssignmentType.GROUP.name().equals(aclEntryForm.type)) {
// All the required validations done in isValidPrincipal().
if (ACLUtils.isValidPrincipal(type, aclEntryForm.aclName) == false) {
Validation.addError(aclNamePath, "security.accessControlList.group.notvalid");
}
} else if (RoleAssignmentType.USER.name().equals(aclEntryForm.type)) {
if (LocalUser.isLocalUser(aclEntryForm.aclName)) {
Validation.addError(aclNamePath, "security.accessControlList.localuser.notpermitted");
} else if (validateDomain(aclEntryForm.aclName) == false) {
Validation.addError(aclNamePath, "security.accessControlList.domain.required");
} else if (validateAuthProviderDomain(aclEntryForm.aclName) == false) {
Validation.addError(aclNamePath, "security.accessControlList.domain.notfound");
} else if (ACLUtils.isValidPrincipal(type, aclEntryForm.aclName) == false) {
Validation.addError(aclNamePath, "security.accessControlList.user.notvalid");
}
}
}
}
}
}
Also used :
RoleAssignmentType(models.RoleAssignmentType)
AclEntryForm(controllers.tenant.AclEntryForm)
Example 3 with RoleAssignmentType
use of models.RoleAssignmentType in project coprhd-controller by CoprHD.
the class Tenants method editRole.
@Restrictions({ @Restrict("SECURITY_ADMIN"), @Restrict("TENANT_ADMIN") })
public static void editRole(@Required String id) {
// Extract info from id
String name = TenantRoleAssignmentForm.extractNameFromId(id);
RoleAssignmentType type = TenantRoleAssignmentForm.extractTypeFromId(id);
String tId = TenantRoleAssignmentForm.extractTenantFromId(id);
String tenantId = params.get("tenantId");
RoleAssignmentEntry roleAssignmentEntry = getTenantRoleAssignment(name, type, ResourceUtils.uri(tId));
if (roleAssignmentEntry != null) {
addTenantAndRolesToRenderArgs(tenantId);
Boolean isRootUser = RoleAssignmentUtils.isRootUser(roleAssignmentEntry);
TenantRoleAssignmentForm roleAssignment = new TenantRoleAssignmentForm();
roleAssignment.id = id;
roleAssignment.tenantId = tenantId;
roleAssignment.readFrom(roleAssignmentEntry);
render(roleAssignment, isRootUser);
} else {
flash.error(MessagesUtils.get("roleAssignments.unknown", name));
listRoles(tenantId);
}
}
Also used :
RoleAssignmentType(models.RoleAssignmentType)
RoleAssignmentUtils.createRoleAssignmentEntry(util.RoleAssignmentUtils.createRoleAssignmentEntry)
RoleAssignmentEntry(com.emc.storageos.model.auth.RoleAssignmentEntry)
Restrictions(controllers.deadbolt.Restrictions)
Example 4 with RoleAssignmentType
use of models.RoleAssignmentType in project coprhd-controller by CoprHD.
the class Tenants method deleteRoleAssignments.
@Util
private static void deleteRoleAssignments(String[] ids) {
if (ids != null && ids.length > 0) {
boolean deletedRoleAssignment = false;
for (String id : ids) {
String name = TenantRoleAssignmentForm.extractNameFromId(id);
RoleAssignmentType type = TenantRoleAssignmentForm.extractTypeFromId(id);
String tenantId = TenantRoleAssignmentForm.extractTenantFromId(id);
if (RoleAssignmentUtils.isRootUser(type, name)) {
flash.put("warningMessage", MessagesUtils.get("roleAssignments.rootNotDeleted"));
} else {
deleteTenantRoleAssignment(tenantId, type, name);
deletedRoleAssignment = true;
}
}
if (deletedRoleAssignment) {
flash.success(MessagesUtils.get("roleAssignments.deleted"));
}
}
}
Also used :
RoleAssignmentType(models.RoleAssignmentType)
Util(play.mvc.Util)
Example 5 with RoleAssignmentType
use of models.RoleAssignmentType in project coprhd-controller by CoprHD.
the class VDCRoleAssignments method delete.
@FlashException("list")
public static void delete(@As(",") String[] ids) {
boolean wasCurrentUserRoleAssignmentsDeleted = false;
if (ids != null && ids.length > 0) {
boolean deletedRoleAssignment = false;
for (String id : ids) {
String name = VDCRoleAssignmentForm.extractNameFromId(id);
RoleAssignmentType type = VDCRoleAssignmentForm.extractTypeFromId(id);
if (RoleAssignmentUtils.isRootUser(type, name)) {
flash.put("warningMessage", MessagesUtils.get("roleAssignments.rootNotDeleted"));
} else {
if (name.equalsIgnoreCase(Security.getUserInfo().getIdentifier())) {
wasCurrentUserRoleAssignmentsDeleted = true;
}
deleteVDCRoleAssignment(type, name);
deletedRoleAssignment = true;
}
}
if (deletedRoleAssignment) {
flash.success(MessagesUtils.get("roleAssignments.deleted"));
}
}
if (wasCurrentUserRoleAssignmentsDeleted) {
Security.clearUserInfo();
redirect("/");
} else {
list();
}
}
Also used :
RoleAssignmentType(models.RoleAssignmentType)
FlashException(controllers.util.FlashException)
Aggregations
RoleAssignmentType (models.RoleAssignmentType)5
RoleAssignmentEntry (com.emc.storageos.model.auth.RoleAssignmentEntry)2
FlashException (controllers.util.FlashException)2
RoleAssignmentUtils.createRoleAssignmentEntry (util.RoleAssignmentUtils.createRoleAssignmentEntry)2
Restrictions (controllers.deadbolt.Restrictions)1
AclEntryForm (controllers.tenant.AclEntryForm)1
Util (play.mvc.Util)1
