Example 1 with Permission
use of org.zalando.nakadi.domain.Permission in project nakadi by zalando.
the class AdminService method isAdmin.
public boolean isAdmin(final AuthorizationService.Operation operation) {
final List<Permission> permissions = getAdmins();
final Resource resource = new AdminResource(ADMIN_RESOURCE, ResourceAuthorization.fromPermissionsList(permissions));
return authorizationService.isAuthorized(operation, resource);
}
Also used :
Permission(org.zalando.nakadi.domain.Permission)
AllDataAccessResource(org.zalando.nakadi.domain.AllDataAccessResource)
Resource(org.zalando.nakadi.plugin.api.authz.Resource)
AdminResource(org.zalando.nakadi.domain.AdminResource)
AdminResource(org.zalando.nakadi.domain.AdminResource)
Example 2 with Permission
use of org.zalando.nakadi.domain.Permission in project nakadi by zalando.
the class AdminServiceTest method whenAddNewAdminCallCreatePermission.
@Test
public void whenAddNewAdminCallCreatePermission() {
when(nakadiSettings.getDefaultAdmin()).thenReturn(defaultAdmin);
when(authorizationDbRepository.listAdmins()).thenReturn(adminList);
doNothing().when(authorizationDbRepository).update(any(), any());
final ArgumentCaptor<List> addCaptor = ArgumentCaptor.forClass(List.class);
final ArgumentCaptor<List> deleteCaptor = ArgumentCaptor.forClass(List.class);
final List<Permission> newList = new ArrayList<>(adminList);
newList.add(new Permission("nakadi", AuthorizationService.Operation.READ, new ResourceAuthorizationAttribute("user", "user42")));
adminService.updateAdmins(newList);
verify(authorizationDbRepository).update(addCaptor.capture(), deleteCaptor.capture());
assertEquals(1, addCaptor.getValue().size());
assertEquals(0, deleteCaptor.getValue().size());
}
Also used :
Permission(org.zalando.nakadi.domain.Permission)
ArrayList(java.util.ArrayList)
ArrayList(java.util.ArrayList)
List(java.util.List)
ResourceAuthorizationAttribute(org.zalando.nakadi.domain.ResourceAuthorizationAttribute)
Test(org.junit.Test)
Example 3 with Permission
use of org.zalando.nakadi.domain.Permission in project nakadi by zalando.
the class AdminService method hasAllDataAccess.
public boolean hasAllDataAccess(final AuthorizationService.Operation operation) {
try {
final List<Permission> permissions = resourceCache.get(ALL_DATA_ACCESS_RESOURCE, () -> authorizationDbRepository.listAllDataAccess());
final Resource resource = new AllDataAccessResource(ALL_DATA_ACCESS_RESOURCE, ResourceAuthorization.fromPermissionsList(permissions));
return authorizationService.isAuthorized(operation, resource);
} catch (ExecutionException e) {
LOG.error("Could not determine whether this application has all data access", e);
return false;
}
}
Also used :
Permission(org.zalando.nakadi.domain.Permission)
AllDataAccessResource(org.zalando.nakadi.domain.AllDataAccessResource)
Resource(org.zalando.nakadi.plugin.api.authz.Resource)
AdminResource(org.zalando.nakadi.domain.AdminResource)
ExecutionException(java.util.concurrent.ExecutionException)
AllDataAccessResource(org.zalando.nakadi.domain.AllDataAccessResource)
Aggregations
Permission (org.zalando.nakadi.domain.Permission)3
AdminResource (org.zalando.nakadi.domain.AdminResource)2
AllDataAccessResource (org.zalando.nakadi.domain.AllDataAccessResource)2
Resource (org.zalando.nakadi.plugin.api.authz.Resource)2
ArrayList (java.util.ArrayList)1
List (java.util.List)1
ExecutionException (java.util.concurrent.ExecutionException)1
Test (org.junit.Test)1
ResourceAuthorizationAttribute (org.zalando.nakadi.domain.ResourceAuthorizationAttribute)1
