Example 1 with SecurityContext
use of org.jboss.hal.meta.security.SecurityContext in project console by hal.
the class SingleRrdParser method parseSingle.
private void parseSingle(ResourceAddress address, ModelNode modelNode) {
// resource description
// to reduce the payload we only use the flat model node w/o children
ModelNode childrenNode = modelNode.hasDefined(CHILDREN) ? modelNode.remove(CHILDREN) : new ModelNode();
if (!rrdResult.containsResourceDescription(address) && modelNode.hasDefined(DESCRIPTION)) {
rrdResult.addResourceDescription(addressProcessor.apply(address), new ResourceDescription(modelNode));
}
// security context
ModelNode accessControl = modelNode.get(ACCESS_CONTROL);
if (accessControl.isDefined()) {
if (!rrdResult.containsSecurityContext(address) && accessControl.hasDefined(DEFAULT)) {
rrdResult.addSecurityContext(address, new SecurityContext(accessControl.get(DEFAULT)));
}
// exceptions
if (accessControl.hasDefined(EXCEPTIONS)) {
List<Property> exceptions = accessControl.get(EXCEPTIONS).asPropertyList();
for (Property property : exceptions) {
ModelNode exception = property.getValue();
ResourceAddress exceptionAddress = new ResourceAddress(exception.get(ADDRESS));
if (!rrdResult.containsSecurityContext(exceptionAddress)) {
rrdResult.addSecurityContext(exceptionAddress, new SecurityContext(exception));
}
}
}
}
// children
if (childrenNode.isDefined()) {
List<Property> children = childrenNode.asPropertyList();
for (Property child : children) {
String addressKey = child.getName();
if (child.getValue().hasDefined(MODEL_DESCRIPTION)) {
List<Property> modelDescriptions = child.getValue().get(MODEL_DESCRIPTION).asPropertyList();
for (Property modelDescription : modelDescriptions) {
String addressValue = modelDescription.getName();
ModelNode childNode = modelDescription.getValue();
ResourceAddress childAddress = new ResourceAddress(address).add(addressKey, addressValue);
parseSingle(childAddress, childNode);
}
}
}
}
}
Also used :
ResourceDescription(org.jboss.hal.meta.description.ResourceDescription)
ResourceAddress(org.jboss.hal.dmr.ResourceAddress)
SecurityContext(org.jboss.hal.meta.security.SecurityContext)
ModelNode(org.jboss.hal.dmr.ModelNode)
Property(org.jboss.hal.dmr.Property)
Example 2 with SecurityContext
use of org.jboss.hal.meta.security.SecurityContext in project console by hal.
the class Metadata method forOperation.
@JsIgnore
public Metadata forOperation(String name) {
ModelNode payload = new ModelNode();
payload.get(DESCRIPTION).set(failSafeGet(description, OPERATIONS + "/" + name + "/" + DESCRIPTION));
payload.get(ATTRIBUTES).set(failSafeGet(description, OPERATIONS + "/" + name + "/" + REQUEST_PROPERTIES));
SecurityContext parentContext = this.securityContext.get();
SecurityContext operationContext = new SecurityContext(new ModelNode()) {
@Override
public boolean isReadable() {
return parentContext.isExecutable(name);
}
@Override
public boolean isWritable() {
return parentContext.isExecutable(name);
}
@Override
public boolean isReadable(String attribute) {
// if the operation is executable all of its request properties are readable as well
return isReadable();
}
@Override
public boolean isWritable(String attribute) {
// if the operation is executable all of its request properties are writable as well
return isWritable();
}
@Override
public boolean isExecutable(String operation) {
return parentContext.isExecutable(operation);
}
};
return new Metadata(template, () -> operationContext, new ResourceDescription(payload), capabilities);
}
Also used :
ResourceDescription(org.jboss.hal.meta.description.ResourceDescription)
StaticResourceDescription(org.jboss.hal.meta.description.StaticResourceDescription)
SecurityContext(org.jboss.hal.meta.security.SecurityContext)
ModelNode(org.jboss.hal.dmr.ModelNode)
JsIgnore(jsinterop.annotations.JsIgnore)
Example 3 with SecurityContext
use of org.jboss.hal.meta.security.SecurityContext in project console by hal.
the class Metadata method forComplexAttribute.
/**
* Creates a new metadata instance based on this metadata with the attributes taken from the specified complex attribute.
* The resource description will only include the attributes but no operations!
*
* @param prefixLabel if {@code true} the labels of the attributes of the complex attribute are prefixed with name of the
* complex attribute.
*/
@JsIgnore
public Metadata forComplexAttribute(String name, boolean prefixLabel) {
ModelNode payload = new ModelNode();
payload.get(DESCRIPTION).set(failSafeGet(description, ATTRIBUTES + "/" + name + "/" + DESCRIPTION));
payload.get(REQUIRED).set(failSafeGet(description, ATTRIBUTES + "/" + name + "/" + REQUIRED));
payload.get(NILLABLE).set(failSafeGet(description, ATTRIBUTES + "/" + name + "/" + NILLABLE));
Property complexAttribute = description.findAttribute(ATTRIBUTES, name);
if (complexAttribute != null && complexAttribute.getValue().hasDefined(VALUE_TYPE)) {
complexAttribute.getValue().get(VALUE_TYPE).asPropertyList().forEach(nestedProperty -> {
// The nested name is *always* just the nested property name,
// since it's used when building the DMR operations
String nestedName = nestedProperty.getName();
ModelNode nestedDescription = nestedProperty.getValue();
// up by LabelBuilder.label(Property)
if (prefixLabel) {
nestedDescription.get(HAL_LABEL).set(name + "-" + nestedProperty.getName());
}
payload.get(ATTRIBUTES).get(nestedName).set(nestedDescription);
});
}
SecurityContext parentContext = this.securityContext.get();
SecurityContext attributeContext = new SecurityContext(new ModelNode()) {
@Override
public boolean isReadable() {
return parentContext.isReadable(name);
}
@Override
public boolean isWritable() {
return parentContext.isWritable(name);
}
@Override
public boolean isReadable(String attribute) {
// if the complex attribute is readable all nested attributes are readable as well
return isReadable();
}
@Override
public boolean isWritable(String attribute) {
// if the complex attribute is writable all nested attributes are writable as well
return isWritable();
}
@Override
public boolean isExecutable(String operation) {
return parentContext.isExecutable(operation);
}
};
return new Metadata(template, () -> attributeContext, new ResourceDescription(payload), capabilities);
}
Also used :
ResourceDescription(org.jboss.hal.meta.description.ResourceDescription)
StaticResourceDescription(org.jboss.hal.meta.description.StaticResourceDescription)
SecurityContext(org.jboss.hal.meta.security.SecurityContext)
ModelNode(org.jboss.hal.dmr.ModelNode)
JsProperty(jsinterop.annotations.JsProperty)
Property(org.jboss.hal.dmr.Property)
JsIgnore(jsinterop.annotations.JsIgnore)
Example 4 with SecurityContext
use of org.jboss.hal.meta.security.SecurityContext in project console by hal.
the class ModelNodeForm method prepare.
@Override
protected void prepare(State state) {
super.prepare(state);
SecurityContext securityContext = metadata.getSecurityContext();
switch(state) {
case EMPTY:
ElementGuard.processElements(AuthorisationDecision.from(Core.INSTANCE.environment(), securityContext), element());
break;
case READONLY:
case EDITING:
// change restricted and enabled state
for (FormItem formItem : getBoundFormItems()) {
String name = formItem.getName();
int pos = name.indexOf('.');
if (pos > 0) {
name = name.substring(0, pos);
}
formItem.setRestricted(!securityContext.isReadable(name));
// don't touch disabled form items
if (formItem.isEnabled()) {
formItem.setEnabled(securityContext.isWritable(name));
}
}
break;
default:
break;
}
// adjust form links in any case
if (!securityContext.isWritable()) {
formLinks.setVisible(Operation.EDIT, false);
formLinks.setVisible(Operation.RESET, false);
formLinks.setVisible(Operation.REMOVE, false);
}
}
Also used :
FormItem(org.jboss.hal.ballroom.form.FormItem)
SecurityContext(org.jboss.hal.meta.security.SecurityContext)
Constraint(org.jboss.hal.meta.security.Constraint)
Example 5 with SecurityContext
use of org.jboss.hal.meta.security.SecurityContext in project console by hal.
the class LookupDatabaseTask method bulkLookup.
private Completable bulkLookup(LookupContext context) {
// collect all templates and do a bulk lookup (context.recursive == false)
LookupResult lookupResult = context.lookupResult;
Set<AddressTemplate> rdTemplates = new HashSet<>();
Set<AddressTemplate> scTemplates = new HashSet<>();
for (AddressTemplate template : lookupResult.templates()) {
int missingMetadata = lookupResult.missingMetadata(template);
if (missingMetadata == NOTHING_PRESENT) {
rdTemplates.add(template);
scTemplates.add(template);
} else if (missingMetadata == RESOURCE_DESCRIPTION_PRESENT) {
scTemplates.add(template);
} else if (missingMetadata == SECURITY_CONTEXT_PRESENT) {
rdTemplates.add(template);
}
}
Map<ResourceAddress, AddressTemplate> rdLookup = resourceDescriptionDatabase.resolveTemplates(rdTemplates);
Completable rdCompletable = resourceDescriptionDatabase.getAll(rdTemplates).flatMapCompletable(resourceDescriptions -> {
for (Map.Entry<ResourceAddress, ResourceDescription> entry : resourceDescriptions.entrySet()) {
ResourceAddress address = entry.getKey();
ResourceDescription resourceDescription = entry.getValue();
AddressTemplate template = rdLookup.get(address);
if (template != null) {
lookupResult.markMetadataPresent(template, RESOURCE_DESCRIPTION_PRESENT);
context.toResourceDescriptionRegistry.put(address, resourceDescription);
}
}
return Completable.complete();
});
Map<ResourceAddress, AddressTemplate> scLookup = securityContextDatabase.resolveTemplates(scTemplates);
Completable scCompletable = securityContextDatabase.getAll(scTemplates).flatMapCompletable(securityContexts -> {
for (Map.Entry<ResourceAddress, SecurityContext> entry : securityContexts.entrySet()) {
ResourceAddress address = entry.getKey();
SecurityContext securityContext = entry.getValue();
if (securityContext != null) {
AddressTemplate template = scLookup.get(address);
if (template != null) {
lookupResult.markMetadataPresent(template, SECURITY_CONTEXT_PRESENT);
context.toSecurityContextRegistry.put(address, securityContext);
}
}
}
return Completable.complete();
});
return Completable.merge(rdCompletable, scCompletable);
}
Also used :
AddressTemplate(org.jboss.hal.meta.AddressTemplate)
Completable(rx.Completable)
ResourceAddress(org.jboss.hal.dmr.ResourceAddress)
ResourceDescription(org.jboss.hal.meta.description.ResourceDescription)
SecurityContext(org.jboss.hal.meta.security.SecurityContext)
Map(java.util.Map)
HashSet(java.util.HashSet)
Aggregations
SecurityContext (org.jboss.hal.meta.security.SecurityContext)7
ResourceDescription (org.jboss.hal.meta.description.ResourceDescription)6
ResourceAddress (org.jboss.hal.dmr.ResourceAddress)4
Map (java.util.Map)3
ModelNode (org.jboss.hal.dmr.ModelNode)3
JsIgnore (jsinterop.annotations.JsIgnore)2
Property (org.jboss.hal.dmr.Property)2
StaticResourceDescription (org.jboss.hal.meta.description.StaticResourceDescription)2
Stopwatch (com.google.common.base.Stopwatch)1
HashSet (java.util.HashSet)1
JsProperty (jsinterop.annotations.JsProperty)1
FormItem (org.jboss.hal.ballroom.form.FormItem)1
AddressTemplate (org.jboss.hal.meta.AddressTemplate)1
Constraint (org.jboss.hal.meta.security.Constraint)1
Completable (rx.Completable)1
