Examples with ResourcePermission org.apache.geode.security.ResourcePermission used on opensource projects

Example 1 with ResourcePermission

use of org.apache.geode.security.ResourcePermission in project geode by apache.

the class CustomAuthRealm method isPermitted.

@Override
public boolean isPermitted(PrincipalCollection principals, Permission permission) {
    ResourcePermission context = (ResourcePermission) permission;
    Serializable principal = (Serializable) principals.getPrimaryPrincipal();
    return securityManager.authorize(principal, context);
}

Example 2 with ResourcePermission

use of org.apache.geode.security.ResourcePermission in project geode by apache.

the class ExampleSecurityManager method readRoles.

private Map<String, Role> readRoles(final JsonNode jsonNode) {
    if (jsonNode.get("roles") == null) {
        return Collections.EMPTY_MAP;
    }
    Map<String, Role> roleMap = new HashMap<>();
    for (JsonNode rolesNode : jsonNode.get("roles")) {
        Role role = new Role();
        role.name = rolesNode.get("name").asText();
        String regionNames = null;
        String keys = null;
        JsonNode regionsNode = rolesNode.get("regions");
        if (regionsNode != null) {
            if (regionsNode.isArray()) {
                regionNames = StreamSupport.stream(regionsNode.spliterator(), false).map(JsonNode::asText).collect(Collectors.joining(","));
            } else {
                regionNames = regionsNode.asText();
            }
        }
        for (JsonNode operationsAllowedNode : rolesNode.get("operationsAllowed")) {
            String[] parts = operationsAllowedNode.asText().split(":");
            String resourcePart = (parts.length > 0) ? parts[0] : null;
            String operationPart = (parts.length > 1) ? parts[1] : null;
            if (parts.length > 2) {
                regionNames = parts[2];
            }
            if (parts.length > 3) {
                keys = parts[3];
            }
            String regionPart = (regionNames != null) ? regionNames : "*";
            String keyPart = (keys != null) ? keys : "*";
            role.permissions.add(new ResourcePermission(resourcePart, operationPart, regionPart, keyPart));
        }
        roleMap.put(role.name, role);
        if (rolesNode.has("serverGroup")) {
            role.serverGroup = rolesNode.get("serverGroup").asText();
        }
    }
    return roleMap;
}

Example 3 with ResourcePermission

use of org.apache.geode.security.ResourcePermission in project geode by apache.

the class MBeanServerWrapper method setAttribute.

@Override
public void setAttribute(ObjectName name, Attribute attribute) throws InstanceNotFoundException, AttributeNotFoundException, InvalidAttributeValueException, MBeanException, ReflectionException {
    ResourcePermission ctx = getOperationContext(name, attribute.getName(), false);
    this.securityService.authorize(ctx);
    mbs.setAttribute(name, attribute);
}

Example 4 with ResourcePermission

use of org.apache.geode.security.ResourcePermission in project geode by apache.

the class ResourcePermissionTest method testIsPermission.

@Test
public void testIsPermission() {
    context = new ResourcePermission();
    assertTrue(context instanceof WildcardPermission);
}

Example 5 with ResourcePermission

use of org.apache.geode.security.ResourcePermission in project geode by apache.

the class ResourcePermissionTest method testImples.

@Test
public void testImples() {
    WildcardPermission role = new WildcardPermission("*:read");
    role.implies(new ResourcePermission("data", "read"));
    role.implies(new ResourcePermission("cluster", "read"));
    role = new WildcardPermission("*:read:*");
    role.implies(new ResourcePermission("data", "read", "testRegion"));
    role.implies(new ResourcePermission("cluster", "read", "anotherRegion", "key1"));
    role = new WildcardPermission("data:*:testRegion");
    role.implies(new ResourcePermission("data", "read", "testRegion"));
    role.implies(new ResourcePermission("data", "write", "testRegion"));
}