Example 1 with SIMPLE
use of org.jboss.hal.config.AccessControlProvider.SIMPLE in project console by hal.
the class AccessControl method reload.
void reload(Callback callback) {
reset();
List<Operation> operations = new ArrayList<>();
operations.add(new Operation.Builder(AddressTemplates.root(), READ_RESOURCE_OPERATION).param(INCLUDE_RUNTIME, true).param(ATTRIBUTES_ONLY, true).build());
if (!environment.isStandalone()) {
operations.add(new Operation.Builder(AddressTemplates.root(), READ_CHILDREN_RESOURCES_OPERATION).param(CHILD_TYPE, HOST_SCOPED_ROLE).param(RECURSIVE, true).build());
operations.add(new Operation.Builder(AddressTemplates.root(), READ_CHILDREN_RESOURCES_OPERATION).param(CHILD_TYPE, SERVER_GROUP_SCOPED_ROLE).param(RECURSIVE, true).build());
}
operations.add(new Operation.Builder(AddressTemplates.root(), READ_CHILDREN_RESOURCES_OPERATION).param(CHILD_TYPE, ROLE_MAPPING).param(RECURSIVE, true).build());
dispatcher.execute(new Composite(operations), (CompositeResult result) -> {
int step = 0;
ModelNode attributes = result.step(step++).get(RESULT);
AccessControlProvider accessControlProvider = ModelNodeHelper.asEnumValue(attributes, PROVIDER, AccessControlProvider::valueOf, SIMPLE);
environment.setAccessControlProvider(accessControlProvider);
attributes.get(STANDARD_ROLE_NAMES).asList().stream().map(node -> new Role(node.asString())).forEach(roles::add);
if (!environment.isStandalone()) {
result.step(step++).get(RESULT).asPropertyList().stream().map(property -> scopedRole(property, Role.Type.HOST, HOSTS)).forEach(roles::add);
result.step(step++).get(RESULT).asPropertyList().stream().map(property -> scopedRole(property, Role.Type.SERVER_GROUP, SERVER_GROUPS)).forEach(roles::add);
}
// noinspection UnusedAssignment
result.step(step++).get(RESULT).asPropertyList().forEach(p1 -> {
Role role = roles.get(Ids.role(p1.getName()));
if (role != null) {
ModelNode assignmentNode = p1.getValue();
if (assignmentNode.hasDefined(INCLUDE_ALL)) {
role.setIncludeAll(assignmentNode.get(INCLUDE_ALL).asBoolean());
}
if (assignmentNode.hasDefined(INCLUDE)) {
assignmentNode.get(INCLUDE).asPropertyList().forEach(p2 -> addAssignment(p2, role, true));
}
if (assignmentNode.hasDefined(EXCLUDE)) {
assignmentNode.get(EXCLUDE).asPropertyList().forEach(p2 -> addAssignment(p2, role, false));
}
} else {
logger.error("Cannot add assignment for role {}: No matching role found!", p1.getName());
}
});
// sync with current user
String currentUserId = Ids.principal(Principal.Type.USER.name().toLowerCase(), currentUser.getName());
Principal currentPrincipal = principals.get(currentUserId);
if (currentPrincipal != null) {
Set<Role> currentRoles = assignments.byPrincipal(currentPrincipal).map(Assignment::getRole).collect(toSet());
currentUser.refreshRoles(currentRoles);
}
callback.execute();
});
}
Also used :
ModelNode(org.jboss.hal.dmr.ModelNode)
Environment(org.jboss.hal.config.Environment)
MessageEvent(org.jboss.hal.spi.MessageEvent)
AccessControlProvider(org.jboss.hal.config.AccessControlProvider)
LoggerFactory(org.slf4j.LoggerFactory)
ArrayList(java.util.ArrayList)
Inject(javax.inject.Inject)
Property(org.jboss.hal.dmr.Property)
Message(org.jboss.hal.spi.Message)
User(org.jboss.hal.config.User)
SIMPLE(org.jboss.hal.config.AccessControlProvider.SIMPLE)
Collectors.toSet(java.util.stream.Collectors.toSet)
Logger(org.slf4j.Logger)
RBAC(org.jboss.hal.config.AccessControlProvider.RBAC)
CompositeResult(org.jboss.hal.dmr.CompositeResult)
Operation(org.jboss.hal.dmr.Operation)
Ids(org.jboss.hal.resources.Ids)
Set(java.util.Set)
EventBus(com.google.web.bindery.event.shared.EventBus)
DialogFactory(org.jboss.hal.ballroom.dialog.DialogFactory)
Roles(org.jboss.hal.config.Roles)
Composite(org.jboss.hal.dmr.Composite)
List(java.util.List)
Dispatcher(org.jboss.hal.dmr.dispatch.Dispatcher)
Callback(org.jboss.hal.spi.Callback)
Resources(org.jboss.hal.resources.Resources)
ModelDescriptionConstants(org.jboss.hal.dmr.ModelDescriptionConstants)
Role(org.jboss.hal.config.Role)
ModelNodeHelper(org.jboss.hal.dmr.ModelNodeHelper)
Composite(org.jboss.hal.dmr.Composite)
CompositeResult(org.jboss.hal.dmr.CompositeResult)
ArrayList(java.util.ArrayList)
AccessControlProvider(org.jboss.hal.config.AccessControlProvider)
Operation(org.jboss.hal.dmr.Operation)
Role(org.jboss.hal.config.Role)
ModelNode(org.jboss.hal.dmr.ModelNode)
Example 2 with SIMPLE
use of org.jboss.hal.config.AccessControlProvider.SIMPLE in project console by hal.
the class ReadAuthentication method call.
@Override
public Completable call(FlowContext context) {
logger.debug("Read authentication");
ResourceAddress address = CORE_SERVICE_TEMPLATE.resolve(statementContext);
Operation opAuthorization = new Operation.Builder(address, READ_CHILDREN_RESOURCES_OPERATION).param(CHILD_TYPE, ACCESS).param(INCLUDE_RUNTIME, true).param(RECURSIVE_DEPTH, 1).build();
Operation opWhoami = new Operation.Builder(ResourceAddress.root(), WHOAMI).param(VERBOSE, true).build();
return dispatcher.execute(new Composite(opAuthorization, opWhoami)).doOnSuccess((CompositeResult compositeResult) -> {
ModelNode result = compositeResult.step(0).get(RESULT);
if (result.hasDefined(AUTHORIZATION)) {
result = result.get(AUTHORIZATION);
// provider
AccessControlProvider accessControlProvider = asEnumValue(result, PROVIDER, AccessControlProvider::valueOf, SIMPLE);
environment.setAccessControlProvider(accessControlProvider);
// standard roles
if (result.hasDefined(STANDARD_ROLE_NAMES)) {
result.get(STANDARD_ROLE_NAMES).asList().stream().map(node -> new Role(node.asString())).forEach(role -> environment.getRoles().add(role));
}
// scoped roles
if (!environment.isStandalone()) {
if (result.hasDefined(HOST_SCOPED_ROLE)) {
result.get(HOST_SCOPED_ROLE).asPropertyList().stream().map(property -> scopedRole(property, Role.Type.HOST, HOSTS)).forEach(role -> environment.getRoles().add(role));
}
if (result.hasDefined(SERVER_GROUP_SCOPED_ROLE)) {
result.get(SERVER_GROUP_SCOPED_ROLE).asPropertyList().stream().map(property -> scopedRole(property, Role.Type.SERVER_GROUP, SERVER_GROUPS)).forEach(role -> environment.getRoles().add(role));
}
}
} else {
logger.warn("Unable to read {} (insufficient rights?). Use :whoami values as fallback.", CORE_SERVICE_TEMPLATE.append("access=authorization"));
ModelNode resultWhoami = compositeResult.step(1).get(RESULT);
environment.setAccessControlProvider(RBAC);
environment.getRoles().clear();
if (resultWhoami.hasDefined(ROLES)) {
resultWhoami.get(ROLES).asList().stream().map(node -> new Role(node.asString())).forEach(role -> environment.getRoles().add(role));
} else if (resultWhoami.hasDefined(MAPPED_ROLES)) {
resultWhoami.get(MAPPED_ROLES).asList().stream().map(node -> new Role(node.asString())).forEach(role -> environment.getRoles().add(role));
}
}
}).onErrorResumeNext(throwable -> {
if (throwable instanceof DispatchFailure) {
logger.error("Unable to read {}. Use :whoami values as fallback.", CORE_SERVICE_TEMPLATE);
return Single.just(new CompositeResult(new ModelNode()));
} else {
return Single.error(throwable);
}
}).toCompletable();
}
Also used :
ModelNode(org.jboss.hal.dmr.ModelNode)
Completable(rx.Completable)
Environment(org.jboss.hal.config.Environment)
StatementContext(org.jboss.hal.meta.StatementContext)
AccessControlProvider(org.jboss.hal.config.AccessControlProvider)
LoggerFactory(org.slf4j.LoggerFactory)
DispatchFailure(org.jboss.hal.dmr.dispatch.DispatchFailure)
ResourceAddress(org.jboss.hal.dmr.ResourceAddress)
FlowContext(org.jboss.hal.flow.FlowContext)
ModelNodeHelper.asEnumValue(org.jboss.hal.dmr.ModelNodeHelper.asEnumValue)
Inject(javax.inject.Inject)
Property(org.jboss.hal.dmr.Property)
Single(rx.Single)
AddressTemplate(org.jboss.hal.meta.AddressTemplate)
SIMPLE(org.jboss.hal.config.AccessControlProvider.SIMPLE)
Collectors.toSet(java.util.stream.Collectors.toSet)
Logger(org.slf4j.Logger)
RBAC(org.jboss.hal.config.AccessControlProvider.RBAC)
CompositeResult(org.jboss.hal.dmr.CompositeResult)
Operation(org.jboss.hal.dmr.Operation)
Ids(org.jboss.hal.resources.Ids)
Set(java.util.Set)
Composite(org.jboss.hal.dmr.Composite)
Dispatcher(org.jboss.hal.dmr.dispatch.Dispatcher)
ModelDescriptionConstants(org.jboss.hal.dmr.ModelDescriptionConstants)
Role(org.jboss.hal.config.Role)
Collections(java.util.Collections)
Role(org.jboss.hal.config.Role)
Composite(org.jboss.hal.dmr.Composite)
ResourceAddress(org.jboss.hal.dmr.ResourceAddress)
CompositeResult(org.jboss.hal.dmr.CompositeResult)
AccessControlProvider(org.jboss.hal.config.AccessControlProvider)
DispatchFailure(org.jboss.hal.dmr.dispatch.DispatchFailure)
Operation(org.jboss.hal.dmr.Operation)
ModelNode(org.jboss.hal.dmr.ModelNode)
Aggregations
Set (java.util.Set)2
Collectors.toSet (java.util.stream.Collectors.toSet)2
Inject (javax.inject.Inject)2
AccessControlProvider (org.jboss.hal.config.AccessControlProvider)2
RBAC (org.jboss.hal.config.AccessControlProvider.RBAC)2
SIMPLE (org.jboss.hal.config.AccessControlProvider.SIMPLE)2
Environment (org.jboss.hal.config.Environment)2
Role (org.jboss.hal.config.Role)2
Composite (org.jboss.hal.dmr.Composite)2
CompositeResult (org.jboss.hal.dmr.CompositeResult)2
ModelDescriptionConstants (org.jboss.hal.dmr.ModelDescriptionConstants)2
ModelNode (org.jboss.hal.dmr.ModelNode)2
Operation (org.jboss.hal.dmr.Operation)2
Property (org.jboss.hal.dmr.Property)2
Dispatcher (org.jboss.hal.dmr.dispatch.Dispatcher)2
Ids (org.jboss.hal.resources.Ids)2
Logger (org.slf4j.Logger)2
LoggerFactory (org.slf4j.LoggerFactory)2
EventBus (com.google.web.bindery.event.shared.EventBus)1
ArrayList (java.util.ArrayList)1
