Search in sources :

Example 1 with SubjectACL

use of org.infinispan.security.impl.SubjectACL in project infinispan by infinispan.

the class SecurityResource method acl.

private CompletionStage<RestResponse> acl(RestRequest request) {
    Subject subject = request.getSubject();
    RestCacheManager<Object> rcm = invocationHelper.getRestCacheManager();
    Collection<String> cacheNames = rcm.getCacheNames();
    Json acl = Json.object();
    if (subject == null) {
        acl.set("subject", Json.array());
    } else {
        Json jsonSubjects = Json.array();
        subject.getPrincipals().forEach(principal -> {
            jsonSubjects.add(Json.object().set("name", principal.getName()).set("type", principal.getClass().getSimpleName()));
        });
        acl.set("subject", jsonSubjects);
        Authorizer authorizer = rcm.getAuthorizer();
        SubjectACL globalACL = authorizer.getACL(subject);
        acl.set("global", aclToJson(globalACL));
        Json caches = Json.object();
        acl.set("caches", caches);
        for (String cacheName : cacheNames) {
            Configuration cacheConfiguration = SecurityActions.getCacheConfigurationFromManager(rcm.getInstance(), cacheName);
            SubjectACL cacheACL = authorizer.getACL(subject, cacheConfiguration.security().authorization());
            caches.set(cacheName, aclToJson(cacheACL));
        }
    }
    return asJsonResponseFuture(acl);
}
Also used : GlobalConfiguration(org.infinispan.configuration.global.GlobalConfiguration) GlobalAuthorizationConfiguration(org.infinispan.configuration.global.GlobalAuthorizationConfiguration) Configuration(org.infinispan.configuration.cache.Configuration) Authorizer(org.infinispan.security.impl.Authorizer) Json(org.infinispan.commons.dataconversion.internal.Json) Subject(javax.security.auth.Subject) SubjectACL(org.infinispan.security.impl.SubjectACL)

Aggregations

Subject (javax.security.auth.Subject)1 Json (org.infinispan.commons.dataconversion.internal.Json)1 Configuration (org.infinispan.configuration.cache.Configuration)1 GlobalAuthorizationConfiguration (org.infinispan.configuration.global.GlobalAuthorizationConfiguration)1 GlobalConfiguration (org.infinispan.configuration.global.GlobalConfiguration)1 Authorizer (org.infinispan.security.impl.Authorizer)1 SubjectACL (org.infinispan.security.impl.SubjectACL)1