use of org.graylog.grn.GRN in project graylog2-server by Graylog2.
the class ViewOwnerShipToGrantsMigration method ensureGrant.
private void ensureGrant(User user, GRN target) {
final GRN grantee = grnRegistry.ofUser(user);
LOG.info("Registering user <{}/{}> ownership for <{}>", user.getName(), user.getId(), target);
dbGrantService.ensure(grantee, CAPABILITY, target, rootUsername);
}
use of org.graylog.grn.GRN in project graylog2-server by Graylog2.
the class UserPermissionsToGrantsMigration method migrateUserPermissions.
private void migrateUserPermissions(User user, Map<String, Set<String>> migratableEntities) {
migratableEntities.forEach((entityID, permissions) -> {
final GRNTypeCapability grnTypeCapability = GrantsMetaMigration.MIGRATION_MAP.get(permissions);
// Permissions are mappable to a grant
if (grnTypeCapability != null) {
final Capability capability = grnTypeCapability.capability;
GRN targetGRN;
if (permissions.stream().anyMatch(p -> p.contains(VIEW_READ))) {
// For views we need to load the database object to be able to determine if it's a
// search or a dashboard.
targetGRN = getViewGRNType(entityID).map(grnType -> grnType.toGRN(entityID)).orElse(null);
} else {
targetGRN = requireNonNull(grnTypeCapability.grnType, "grnType cannot be null - this is a bug").toGRN(entityID);
}
if (targetGRN != null) {
dbGrantService.ensure(grnRegistry.ofUser(user), capability, targetGRN, rootUsername);
}
final List<String> updatedPermissions = user.getPermissions();
updatedPermissions.removeAll(permissions.stream().map(p -> p + ":" + entityID).collect(Collectors.toSet()));
user.setPermissions(updatedPermissions);
try {
userService.save(user);
} catch (ValidationException e) {
LOG.error("Failed to update permssions on user <{}>", user.getName(), e);
}
LOG.info("Migrating entity <{}> permissions <{}> to <{}> grant for user <{}>", targetGRN, permissions, capability, user.getName());
} else {
LOG.info("Skipping non-migratable entity <{}>. Permissions <{}> cannot be converted to a grant capability", entityID, permissions);
}
});
}
use of org.graylog.grn.GRN in project graylog2-server by Graylog2.
the class ViewSharingToGrantsMigration method ensureGrant.
private void ensureGrant(User user, GRN target) {
final GRN grantee = grnRegistry.ofUser(user);
grantService.ensure(grantee, CAPABILITY, target, rootUsername);
}
use of org.graylog.grn.GRN in project graylog2-server by Graylog2.
the class ViewSharingToGrantsMigration method migrateUsers.
private void migrateUsers(String viewId, Collection<String> userNames) {
final Set<User> users = userNames.stream().map(userService::load).filter(Objects::nonNull).collect(Collectors.toSet());
final GRN target = getTarget(viewId);
LOG.info("Migrate users for view <{}> to grants: {}", target, users.stream().map(u -> u.getId() + "/" + u.getName()).collect(Collectors.toSet()));
for (final User user : users) {
ensureGrant(user, target);
}
}
use of org.graylog.grn.GRN in project graylog2-server by Graylog2.
the class ViewSharingToGrantsMigration method migrateAllOfInstance.
private void migrateAllOfInstance(String viewId) {
final GRN target = getTarget(viewId);
LOG.info("Migrate all-of-instance for view <{}> to grants", target);
ensureEveryoneGrant(target);
}
Aggregations