use of org.jboss.hal.config.User in project console by hal.
the class HeaderView method updateRoles.
@Override
public void updateRoles(Environment environment, Settings settings, User user) {
for (Iterator<HTMLElement> iterator = Elements.iterator(userDropdown); iterator.hasNext(); ) {
HTMLElement element = iterator.next();
if (element == logoutItem) {
continue;
}
iterator.remove();
}
if (!user.getRoles().isEmpty()) {
String csr = user.getRoles().stream().sorted(Roles.STANDARD_FIRST.thenComparing(Roles.BY_NAME)).map(Role::getName).collect(joining(", "));
HTMLElement activeRoles = li().css(static_, CSS.activeRoles).textContent(resources.messages().activeRoles(csr)).title(resources.messages().activeRoles(csr)).element();
userDropdown.insertBefore(activeRoles, logoutItem);
userDropdown.insertBefore(divider(), logoutItem);
if (user.isSuperuser() && environment.getAccessControlProvider() == RBAC) {
Set<String> runAsRoleSetting = settings.get(RUN_AS).asSet();
HTMLElement runAs = li().css(static_).textContent(resources.constants().runAs()).element();
userDropdown.insertBefore(runAs, logoutItem);
stream(environment.getRoles().spliterator(), false).sorted(Roles.STANDARD_FIRST.thenComparing(Roles.BY_NAME)).forEach(role -> {
HTMLElement check, name;
HTMLElement runAsRole = li().add(a().css(clickable).on(click, event -> presenter.runAs(role.getName())).add(check = span().css(fontAwesome("check"), marginRight5).element()).add(name = span().textContent(role.getName()).element())).element();
if (!runAsRoleSetting.contains(role.getName())) {
// NON-NLS
check.style.visibility = "hidden";
}
if (role.isScoped()) {
name.title = role.getBaseRole().getName() + " / " + String.join(", ", role.getScope());
}
userDropdown.insertBefore(runAsRole, logoutItem);
});
if (runAsRoleSetting != null) {
HTMLElement clearRunAs = li().add(a().css(clickable).on(click, event -> presenter.clearRunAs()).textContent(resources.constants().clearRunAs())).element();
userDropdown.insertBefore(clearRunAs, logoutItem);
}
userDropdown.insertBefore(divider(), logoutItem);
}
}
}
use of org.jboss.hal.config.User in project console by hal.
the class AccessControl method reload.
void reload(Callback callback) {
reset();
List<Operation> operations = new ArrayList<>();
operations.add(new Operation.Builder(AddressTemplates.root(), READ_RESOURCE_OPERATION).param(INCLUDE_RUNTIME, true).param(ATTRIBUTES_ONLY, true).build());
if (!environment.isStandalone()) {
operations.add(new Operation.Builder(AddressTemplates.root(), READ_CHILDREN_RESOURCES_OPERATION).param(CHILD_TYPE, HOST_SCOPED_ROLE).param(RECURSIVE, true).build());
operations.add(new Operation.Builder(AddressTemplates.root(), READ_CHILDREN_RESOURCES_OPERATION).param(CHILD_TYPE, SERVER_GROUP_SCOPED_ROLE).param(RECURSIVE, true).build());
}
operations.add(new Operation.Builder(AddressTemplates.root(), READ_CHILDREN_RESOURCES_OPERATION).param(CHILD_TYPE, ROLE_MAPPING).param(RECURSIVE, true).build());
dispatcher.execute(new Composite(operations), (CompositeResult result) -> {
int step = 0;
ModelNode attributes = result.step(step++).get(RESULT);
AccessControlProvider accessControlProvider = ModelNodeHelper.asEnumValue(attributes, PROVIDER, AccessControlProvider::valueOf, SIMPLE);
environment.setAccessControlProvider(accessControlProvider);
attributes.get(STANDARD_ROLE_NAMES).asList().stream().map(node -> new Role(node.asString())).forEach(roles::add);
if (!environment.isStandalone()) {
result.step(step++).get(RESULT).asPropertyList().stream().map(property -> scopedRole(property, Role.Type.HOST, HOSTS)).forEach(roles::add);
result.step(step++).get(RESULT).asPropertyList().stream().map(property -> scopedRole(property, Role.Type.SERVER_GROUP, SERVER_GROUPS)).forEach(roles::add);
}
// noinspection UnusedAssignment
result.step(step++).get(RESULT).asPropertyList().forEach(p1 -> {
Role role = roles.get(Ids.role(p1.getName()));
if (role != null) {
ModelNode assignmentNode = p1.getValue();
if (assignmentNode.hasDefined(INCLUDE_ALL)) {
role.setIncludeAll(assignmentNode.get(INCLUDE_ALL).asBoolean());
}
if (assignmentNode.hasDefined(INCLUDE)) {
assignmentNode.get(INCLUDE).asPropertyList().forEach(p2 -> addAssignment(p2, role, true));
}
if (assignmentNode.hasDefined(EXCLUDE)) {
assignmentNode.get(EXCLUDE).asPropertyList().forEach(p2 -> addAssignment(p2, role, false));
}
} else {
logger.error("Cannot add assignment for role {}: No matching role found!", p1.getName());
}
});
// sync with current user
String currentUserId = Ids.principal(Principal.Type.USER.name().toLowerCase(), currentUser.getName());
Principal currentPrincipal = principals.get(currentUserId);
if (currentPrincipal != null) {
Set<Role> currentRoles = assignments.byPrincipal(currentPrincipal).map(Assignment::getRole).collect(toSet());
currentUser.refreshRoles(currentRoles);
}
callback.execute();
});
}
use of org.jboss.hal.config.User in project console by hal.
the class ReadEnvironment method call.
@Override
public Completable call(FlowContext context) {
logger.debug("Read environment");
Keycloak keycloak = keycloakHolder.getKeycloak();
environment.setSingleSignOn(keycloak != null);
if (keycloak != null) {
logger.debug("Keycloak token: {}", keycloak.token);
}
List<Operation> ops = new ArrayList<>();
ops.add(new Operation.Builder(ResourceAddress.root(), READ_RESOURCE_OPERATION).param(ATTRIBUTES_ONLY, true).param(INCLUDE_RUNTIME, true).build());
ops.add(new Operation.Builder(ResourceAddress.root(), WHOAMI).param(VERBOSE, true).build());
ops.add(new Operation.Builder(ResourceAddress.root(), READ_CHILDREN_RESOURCES_OPERATION).param(CHILD_TYPE, CORE_SERVICE).param(RECURSIVE, false).build());
return dispatcher.execute(new Composite(ops)).doOnSuccess((CompositeResult result) -> {
ModelNode node = result.step(0).get(RESULT);
// operation mode
OperationMode operationMode = asEnumValue(node, LAUNCH_TYPE, (name) -> OperationMode.valueOf(name), OperationMode.UNDEFINED);
environment.setOperationMode(operationMode);
logger.debug("Operation mode: {}", operationMode);
// name and org
if (node.get(NAME).isDefined()) {
String name = node.get(NAME).asString();
environment.setName(name);
}
String orgAttribute = environment.isStandalone() ? ORGANIZATION : DOMAIN_ORGANIZATION;
if (node.get(orgAttribute).isDefined()) {
String org = node.get(orgAttribute).asString();
environment.setOrganization(org);
}
// server info
environment.setInstanceInfo(node.get(PRODUCT_NAME).asString(), node.get(PRODUCT_VERSION).asString(), node.get(RELEASE_CODENAME).asString(), node.get(RELEASE_VERSION).asString());
// management version
Version version = ManagementModel.parseVersion(node);
environment.setManagementVersion(version);
logger.debug("Management model version: {}", version);
if (environment.isStandalone()) {
Server.STANDALONE.addServerAttributes(node);
}
// user info
if (environment.isSingleSignOn()) {
user.setName(keycloak.userProfile.username);
// are not supported on the javascript side when run in the browser.
if (keycloak.realmAccess != null && keycloak.realmAccess.roles != null) {
for (int i = 0; i < keycloak.realmAccess.roles.length; i++) {
String role = keycloak.realmAccess.roles[i];
user.addRole(new Role(role));
}
}
} else {
ModelNode whoami = result.step(1).get(RESULT);
String username = whoami.get("identity").get("username").asString();
user.setName(username);
if (whoami.hasDefined("mapped-roles")) {
List<ModelNode> roles = whoami.get("mapped-roles").asList();
for (ModelNode role : roles) {
String roleName = role.asString();
user.addRole(new Role(roleName));
}
}
}
user.setAuthenticated(true);
logger.debug("User info: {} {}", user.getName(), user.getRoles());
ModelNode step = result.step(2).get(RESULT);
environment.setPatchingEnabled(!environment.isStandalone() || step.get(PATCHING).isDefined());
}).toCompletable();
}
use of org.jboss.hal.config.User in project console by hal.
the class MembershipColumn method columnActionHandler.
private ColumnActionHandler<Assignment> columnActionHandler(Principal principal, boolean include) {
return column -> {
Role role = findRole(getFinder().getContext().getPath());
if (role != null) {
series(new FlowContext(progress.get()), new CheckRoleMapping(dispatcher, role), new AddRoleMapping(dispatcher, role, status -> status == 404), new AddAssignment(dispatcher, role, principal, include)).subscribe(new org.jboss.hal.core.SuccessfulOutcome<FlowContext>(eventBus, resources) {
@Override
public void onSuccess(FlowContext context) {
String type = principal.getType() == Principal.Type.USER ? resources.constants().user() : resources.constants().group();
SafeHtml message = include ? resources.messages().assignmentIncludeSuccess(type, principal.getName()) : resources.messages().assignmentExcludeSuccess(type, principal.getName());
MessageEvent.fire(eventBus, Message.success(message));
accessControl.reload(() -> {
refresh(RefreshMode.RESTORE_SELECTION);
if (isCurrentUser(principal)) {
eventBus.fireEvent(new UserChangedEvent());
}
});
}
});
}
};
}
Aggregations