use of org.zalando.nakadi.domain.Permission in project nakadi by zalando.
the class AdminService method isAdmin.
public boolean isAdmin(final AuthorizationService.Operation operation) {
final List<Permission> permissions = getAdmins();
final Resource resource = new AdminResource(ADMIN_RESOURCE, ResourceAuthorization.fromPermissionsList(permissions));
return authorizationService.isAuthorized(operation, resource);
}
use of org.zalando.nakadi.domain.Permission in project nakadi by zalando.
the class AdminServiceTest method whenAddNewAdminCallCreatePermission.
@Test
public void whenAddNewAdminCallCreatePermission() {
when(nakadiSettings.getDefaultAdmin()).thenReturn(defaultAdmin);
when(authorizationDbRepository.listAdmins()).thenReturn(adminList);
doNothing().when(authorizationDbRepository).update(any(), any());
final ArgumentCaptor<List> addCaptor = ArgumentCaptor.forClass(List.class);
final ArgumentCaptor<List> deleteCaptor = ArgumentCaptor.forClass(List.class);
final List<Permission> newList = new ArrayList<>(adminList);
newList.add(new Permission("nakadi", AuthorizationService.Operation.READ, new ResourceAuthorizationAttribute("user", "user42")));
adminService.updateAdmins(newList);
verify(authorizationDbRepository).update(addCaptor.capture(), deleteCaptor.capture());
assertEquals(1, addCaptor.getValue().size());
assertEquals(0, deleteCaptor.getValue().size());
}
use of org.zalando.nakadi.domain.Permission in project nakadi by zalando.
the class AdminService method hasAllDataAccess.
public boolean hasAllDataAccess(final AuthorizationService.Operation operation) {
try {
final List<Permission> permissions = resourceCache.get(ALL_DATA_ACCESS_RESOURCE, () -> authorizationDbRepository.listAllDataAccess());
final Resource resource = new AllDataAccessResource(ALL_DATA_ACCESS_RESOURCE, ResourceAuthorization.fromPermissionsList(permissions));
return authorizationService.isAuthorized(operation, resource);
} catch (ExecutionException e) {
LOG.error("Could not determine whether this application has all data access", e);
return false;
}
}
Aggregations