Example 1 with AccessCheck
use of org.glassfish.api.admin.AccessRequired.AccessCheck in project Payara by payara.
the class CommandSecurityChecker method addAccessChecksFromReSTEndpoint.
private void addAccessChecksFromReSTEndpoint(final RestEndpoint restEndpoint, final List<AccessCheckWork> accessChecks, final boolean isTaggable) {
if (!restEndpoint.useForAuthorization()) {
return;
}
final String action = optypeToAction.get(restEndpoint.opType());
/*
* For the moment, if there is no RestParam then the config bean class given
* in the anno is an unnamed singleton target of the action. If there is a RestParam
* then the target is (probably) the unnamed singleton parent of the config bean class given
* and the new child's type is the config bean class.
*/
String resource;
// if (restEndpoint.params().length == 0) {
resource = resourceNameFromRestEndpoint(restEndpoint.configBean(), restEndpoint.path(), locator);
// } else {
// // TODO need to do something with the endpoint params
// resource = resourceNameFromRestEndpoint(restEndpoint.configBean(),
// restEndpoint.path(),
// locator);
// }
final AccessCheck a = new AccessCheck(resource, action);
String tag = null;
if (isTaggable) {
tag = " @RestEndpoint " + restEndpoint.configBean().getName() + ", op=" + restEndpoint.opType();
}
accessChecks.add(new AccessCheckWork(a, tag));
}
Also used :
AccessCheck(org.glassfish.api.admin.AccessRequired.AccessCheck)
Example 2 with AccessCheck
use of org.glassfish.api.admin.AccessRequired.AccessCheck in project Payara by payara.
the class CommandSecurityChecker method addAccessChecksFromAnno.
private void addAccessChecksFromAnno(final AccessRequired ar, final AdminCommand command, final List<AccessCheckWork> accessChecks, final Class<?> currentClass, final boolean isTaggable) throws NoSuchFieldException, IllegalArgumentException, IllegalAccessException {
for (final String resource : ar.resource()) {
final String translatedResource = processTokens(resource, command);
for (final String action : ar.action()) {
final AccessCheck a = new AccessCheck(translatedResource, action);
String tag = null;
if (isTaggable) {
tag = " @AccessRequired on " + currentClass.getName() + LINE_SEP;
}
accessChecks.add(new AccessCheckWork(a, tag));
}
}
}
Also used :
AccessCheck(org.glassfish.api.admin.AccessRequired.AccessCheck)
Example 3 with AccessCheck
use of org.glassfish.api.admin.AccessRequired.AccessCheck in project Payara by payara.
the class GenericDeleteCommand method getAccessChecks.
@Override
public Collection<? extends AccessCheck> getAccessChecks() {
final Collection<AccessCheck> checks = new ArrayList<AccessCheck>();
parentBean = habitat.getService((Class<? extends ConfigBeanProxy>) parentType);
name = "";
if (resolver instanceof TypeAndNameResolver) {
name = ((TypeAndNameResolver) resolver).name();
}
checks.add(new AccessCheck(parentBean, targetType, name, "delete"));
return checks;
}
Also used :
AccessCheck(org.glassfish.api.admin.AccessRequired.AccessCheck)
ArrayList(java.util.ArrayList)
Example 4 with AccessCheck
use of org.glassfish.api.admin.AccessRequired.AccessCheck in project Payara by payara.
the class GenericListCommand method getAccessChecks.
@Override
public Collection<? extends AccessCheck> getAccessChecks() {
final Collection<AccessCheck> checks = new ArrayList<AccessCheck>();
checks.add(new AccessCheck(AccessRequired.Util.resourceNameFromConfigBeanProxy(parentBean), "read"));
if (longOpt) {
try {
List<ConfigBeanProxy> children = (List<ConfigBeanProxy>) targetMethod.invoke(parentBean);
for (ConfigBeanProxy child : children) {
if (name == null || name.equals(Dom.unwrap(child).getKey())) {
checks.add(new AccessCheck(AccessRequired.Util.resourceNameFromConfigBeanProxy(child), "read"));
}
}
} catch (Exception ex) {
String msg = localStrings.getLocalString(GenericCrudCommand.class, "GenericListCommand.accesschecks", "Exception while creating access checks for generic command {0}: {1}", commandName, ex.getMessage());
LogHelper.log(logger, Level.SEVERE, ConfigApiLoggerInfo.ACCESS_CHK_CREATE_FAILED, ex, commandName);
throw new RuntimeException(msg, ex);
}
}
return checks;
}
Also used :
AccessCheck(org.glassfish.api.admin.AccessRequired.AccessCheck)
InvocationTargetException(java.lang.reflect.InvocationTargetException)
Example 5 with AccessCheck
use of org.glassfish.api.admin.AccessRequired.AccessCheck in project Payara by payara.
the class CreateLifecycleModuleCommand method getAccessChecks.
@Override
public Collection<? extends AccessCheck> getAccessChecks() {
final List<AccessCheck> accessChecks = new ArrayList<AccessCheck>();
/*
* One check for the life cycle module itself.
*/
accessChecks.add(new AccessCheck(DeploymentCommandUtils.APPLICATION_RESOURCE_NAME, "create"));
/*
* One check for the target.
*/
accessChecks.add(new AccessCheck(DeploymentCommandUtils.getTargetResourceNameForNewAppRef(domain, target), "create"));
return accessChecks;
}
Also used :
AccessCheck(org.glassfish.api.admin.AccessRequired.AccessCheck)
ArrayList(java.util.ArrayList)
Aggregations
AccessCheck (org.glassfish.api.admin.AccessRequired.AccessCheck)24
ArrayList (java.util.ArrayList)15
ApplicationRef (com.sun.enterprise.config.serverbeans.ApplicationRef)2
AppTenant (com.sun.enterprise.config.serverbeans.AppTenant)1
Cluster (com.sun.enterprise.config.serverbeans.Cluster)1
Server (com.sun.enterprise.config.serverbeans.Server)1
VirtualServer (com.sun.enterprise.config.serverbeans.VirtualServer)1
InvocationTargetException (java.lang.reflect.InvocationTargetException)1
