use of org.jboss.hal.config.AccessControlProvider.RBAC in project console by hal.
the class HeaderView method updateRoles.
@Override
public void updateRoles(Environment environment, Settings settings, User user) {
for (Iterator<HTMLElement> iterator = Elements.iterator(userDropdown); iterator.hasNext(); ) {
HTMLElement element = iterator.next();
if (element == logoutItem) {
continue;
}
iterator.remove();
}
if (!user.getRoles().isEmpty()) {
String csr = user.getRoles().stream().sorted(Roles.STANDARD_FIRST.thenComparing(Roles.BY_NAME)).map(Role::getName).collect(joining(", "));
HTMLElement activeRoles = li().css(static_, CSS.activeRoles).textContent(resources.messages().activeRoles(csr)).title(resources.messages().activeRoles(csr)).element();
userDropdown.insertBefore(activeRoles, logoutItem);
userDropdown.insertBefore(divider(), logoutItem);
if (user.isSuperuser() && environment.getAccessControlProvider() == RBAC) {
Set<String> runAsRoleSetting = settings.get(RUN_AS).asSet();
HTMLElement runAs = li().css(static_).textContent(resources.constants().runAs()).element();
userDropdown.insertBefore(runAs, logoutItem);
stream(environment.getRoles().spliterator(), false).sorted(Roles.STANDARD_FIRST.thenComparing(Roles.BY_NAME)).forEach(role -> {
HTMLElement check, name;
HTMLElement runAsRole = li().add(a().css(clickable).on(click, event -> presenter.runAs(role.getName())).add(check = span().css(fontAwesome("check"), marginRight5).element()).add(name = span().textContent(role.getName()).element())).element();
if (!runAsRoleSetting.contains(role.getName())) {
// NON-NLS
check.style.visibility = "hidden";
}
if (role.isScoped()) {
name.title = role.getBaseRole().getName() + " / " + String.join(", ", role.getScope());
}
userDropdown.insertBefore(runAsRole, logoutItem);
});
if (runAsRoleSetting != null) {
HTMLElement clearRunAs = li().add(a().css(clickable).on(click, event -> presenter.clearRunAs()).textContent(resources.constants().clearRunAs())).element();
userDropdown.insertBefore(clearRunAs, logoutItem);
}
userDropdown.insertBefore(divider(), logoutItem);
}
}
}
use of org.jboss.hal.config.AccessControlProvider.RBAC in project console by hal.
the class ReadAuthentication method call.
@Override
public Completable call(FlowContext context) {
logger.debug("Read authentication");
ResourceAddress address = CORE_SERVICE_TEMPLATE.resolve(statementContext);
Operation opAuthorization = new Operation.Builder(address, READ_CHILDREN_RESOURCES_OPERATION).param(CHILD_TYPE, ACCESS).param(INCLUDE_RUNTIME, true).param(RECURSIVE_DEPTH, 1).build();
Operation opWhoami = new Operation.Builder(ResourceAddress.root(), WHOAMI).param(VERBOSE, true).build();
return dispatcher.execute(new Composite(opAuthorization, opWhoami)).doOnSuccess((CompositeResult compositeResult) -> {
ModelNode result = compositeResult.step(0).get(RESULT);
if (result.hasDefined(AUTHORIZATION)) {
result = result.get(AUTHORIZATION);
// provider
AccessControlProvider accessControlProvider = asEnumValue(result, PROVIDER, AccessControlProvider::valueOf, SIMPLE);
environment.setAccessControlProvider(accessControlProvider);
// standard roles
if (result.hasDefined(STANDARD_ROLE_NAMES)) {
result.get(STANDARD_ROLE_NAMES).asList().stream().map(node -> new Role(node.asString())).forEach(role -> environment.getRoles().add(role));
}
// scoped roles
if (!environment.isStandalone()) {
if (result.hasDefined(HOST_SCOPED_ROLE)) {
result.get(HOST_SCOPED_ROLE).asPropertyList().stream().map(property -> scopedRole(property, Role.Type.HOST, HOSTS)).forEach(role -> environment.getRoles().add(role));
}
if (result.hasDefined(SERVER_GROUP_SCOPED_ROLE)) {
result.get(SERVER_GROUP_SCOPED_ROLE).asPropertyList().stream().map(property -> scopedRole(property, Role.Type.SERVER_GROUP, SERVER_GROUPS)).forEach(role -> environment.getRoles().add(role));
}
}
} else {
logger.warn("Unable to read {} (insufficient rights?). Use :whoami values as fallback.", CORE_SERVICE_TEMPLATE.append("access=authorization"));
ModelNode resultWhoami = compositeResult.step(1).get(RESULT);
environment.setAccessControlProvider(RBAC);
environment.getRoles().clear();
if (resultWhoami.hasDefined(ROLES)) {
resultWhoami.get(ROLES).asList().stream().map(node -> new Role(node.asString())).forEach(role -> environment.getRoles().add(role));
} else if (resultWhoami.hasDefined(MAPPED_ROLES)) {
resultWhoami.get(MAPPED_ROLES).asList().stream().map(node -> new Role(node.asString())).forEach(role -> environment.getRoles().add(role));
}
}
}).onErrorResumeNext(throwable -> {
if (throwable instanceof DispatchFailure) {
logger.error("Unable to read {}. Use :whoami values as fallback.", CORE_SERVICE_TEMPLATE);
return Single.just(new CompositeResult(new ModelNode()));
} else {
return Single.error(throwable);
}
}).toCompletable();
}
Aggregations