Search in sources :

Example 1 with GRNType

use of org.graylog.grn.GRNType in project graylog2-server by Graylog2.

the class ViewSharingToGrantsMigration method getTarget.

private GRN getTarget(String viewId) {
    final ViewDTO view = viewService.get(viewId).orElseThrow(() -> new IllegalArgumentException("View <" + viewId + "> doesn't exist"));
    final GRNType grnType = ViewDTO.Type.DASHBOARD.equals(view.type()) ? GRNTypes.DASHBOARD : GRNTypes.SEARCH;
    return grnType.toGRN(viewId);
}
Also used : ViewDTO(org.graylog.plugins.views.search.views.ViewDTO) GRNType(org.graylog.grn.GRNType)

Example 2 with GRNType

use of org.graylog.grn.GRNType in project graylog2-server by Graylog2.

the class RolesToGrantsMigration method migrateRoleToGrant.

private Set<String> migrateRoleToGrant(MigratableRole migratableRole) {
    final Set<String> migratedRolePermissions = new HashSet<>();
    final Collection<User> allRoleUsers = userService.loadAllForRole(migratableRole.role);
    migratableRole.migratableEntities.forEach((entityID, permissions) -> {
        final GrantsMetaMigration.GRNTypeCapability grnTypeCapability = MIGRATION_MAP.get(permissions);
        // Permissions are mappable to a grant
        if (grnTypeCapability != null) {
            final Capability capability = grnTypeCapability.capability;
            final GRNType grnType = grnTypeCapability.grnType;
            allRoleUsers.forEach(user -> {
                dbGrantService.ensure(grnRegistry.ofUser(user), capability, grnType.toGRN(entityID), rootUsername);
                LOG.info("Migrating entity <{}> permissions <{}> to <{}> grant for user <{}>", grnType.toGRN(entityID), permissions, capability, user.getName());
            });
            migratedRolePermissions.addAll(permissions.stream().map(p -> p + ":" + entityID).collect(Collectors.toSet()));
        } else {
            LOG.info("Skipping non-migratable entity <{}>. Permissions <{}> cannot be converted to a grant capability", entityID, permissions);
        }
    });
    return migratedRolePermissions;
}
Also used : User(org.graylog2.plugin.database.users.User) Capability(org.graylog.security.Capability) GRNType(org.graylog.grn.GRNType) HashSet(java.util.HashSet)

Example 3 with GRNType

use of org.graylog.grn.GRNType in project graylog2-server by Graylog2.

the class ViewOwnerShipToGrantsMigration method upgrade.

public void upgrade() {
    viewService.streamAll().forEach(view -> {
        final Optional<User> user = view.owner().map(userService::load);
        if (user.isPresent() && !user.get().isLocalAdmin()) {
            final GRNType grnType = ViewDTO.Type.DASHBOARD.equals(view.type()) ? GRNTypes.DASHBOARD : GRNTypes.SEARCH;
            final GRN target = grnType.toGRN(view.id());
            ensureGrant(user.get(), target);
        }
    });
}
Also used : GRN(org.graylog.grn.GRN) User(org.graylog2.plugin.database.users.User) GRNType(org.graylog.grn.GRNType)

Aggregations

GRNType (org.graylog.grn.GRNType)3 User (org.graylog2.plugin.database.users.User)2 HashSet (java.util.HashSet)1 GRN (org.graylog.grn.GRN)1 ViewDTO (org.graylog.plugins.views.search.views.ViewDTO)1 Capability (org.graylog.security.Capability)1