private <T extends EntityId> void ensureAccess(T entityId, Action action) throws Exception { Principal principal = authenticationContext.getPrincipal(); authorizationEnforcer.enforce(entityId, principal, action); } }
private boolean hasAccess(ProgramId programId) throws Exception { Principal principal = authenticationContext.getPrincipal(); return !authorizationEnforcer.isVisible(Collections.singleton(programId), principal).isEmpty(); }
/** * Ensures that the principal has at least one {@link Action privilege} in the expected action set * on the specified entity id. * <p> * TODO: remove this once we have api support for OR privilege enforce * * @param entityId the entity to be checked * @param actionSet the set of privileges * @param authorizationEnforcer enforcer to make the authorization check * @param principal the principal to be checked * @throws UnauthorizedException if the principal does not have any privilege in the action set on the entity */ public static void ensureOnePrivilege(co.cask.cdap.proto.id.EntityId entityId, Set<Action> actionSet, AuthorizationEnforcer authorizationEnforcer, Principal principal) throws Exception { boolean isAuthorized = false; for (Action action : actionSet) { try { authorizationEnforcer.enforce(entityId, principal, action); isAuthorized = true; break; } catch (UnauthorizedException e) { // continue to next action } } if (!isAuthorized) { throw new UnauthorizedException(principal, actionSet, entityId, false); } }
private boolean hasAccess(ProgramId programId) throws Exception { Principal principal = authenticationContext.getPrincipal(); return !authorizationEnforcer.isVisible(Collections.singleton(programId), principal).isEmpty(); }
@Override public BodyConsumer addModule(DatasetModuleId datasetModuleId, String className, boolean forceUpdate) throws Exception { final Principal principal = authenticationContext.getPrincipal(); // enforce that the principal has ADMIN access on the dataset module authorizationEnforcer.enforce(datasetModuleId, principal, Action.ADMIN); return delegate.addModule(datasetModuleId, className, forceUpdate); }
/** * Checks if one entity is visible to the principal * * @param entityId entity id to be checked * @param authorizationEnforcer enforcer to make the authorization check * @param principal the principal to be checked * @throws UnauthorizedException if the principal does not have any privilege in the action set on the entity */ public static void ensureAccess(EntityId entityId, AuthorizationEnforcer authorizationEnforcer, Principal principal) throws Exception { if (authorizationEnforcer.isVisible(Collections.singleton(entityId), principal).isEmpty()) { throw new UnauthorizedException(principal, entityId); } }
@Override public void addSystemArtifacts() throws Exception { // to add system artifacts, users should have admin privileges on the system namespace Principal principal = authenticationContext.getPrincipal(); authorizationEnforcer.enforce(NamespaceId.SYSTEM, principal, Action.ADMIN); delegate.addSystemArtifacts(); }
@POST @Path("/isVisible") public void isVisible(FullHttpRequest request, HttpResponder responder) throws Exception { VisibilityRequest visibilityRequest = GSON.fromJson(request.content().toString(StandardCharsets.UTF_8), VisibilityRequest.class); Principal principal = visibilityRequest.getPrincipal(); Set<EntityId> entityIds = visibilityRequest.getEntityIds(); LOG.trace("Checking visibility for principal {} on entities {}", principal, entityIds); Set<? extends EntityId> visiableEntities = authorizationEnforcer.isVisible(entityIds, principal); LOG.debug("Returning entities visible for principal {} as {}", principal, visiableEntities); responder.sendJson(HttpResponseStatus.OK, GSON.toJson(visiableEntities)); }
@Override public void testAuthorizationEnforcer() throws Exception { super.testAuthorizationEnforcer(); // The super class revokes all privileges after test is done. Since cache is enabled, enforce should still work. authorizationEnforcer.enforce(APP, ALICE, Action.ADMIN); authorizationEnforcer.enforce(PROGRAM, ALICE, Action.EXECUTE); }
@POST @Path("/isVisible") public void isVisible(FullHttpRequest request, HttpResponder responder) throws Exception { VisibilityRequest visibilityRequest = GSON.fromJson(request.content().toString(StandardCharsets.UTF_8), VisibilityRequest.class); Principal principal = visibilityRequest.getPrincipal(); Set<EntityId> entityIds = visibilityRequest.getEntityIds(); LOG.trace("Checking visibility for principal {} on entities {}", principal, entityIds); Set<? extends EntityId> visiableEntities = authorizationEnforcer.isVisible(entityIds, principal); LOG.debug("Returning entities visible for principal {} as {}", principal, visiableEntities); responder.sendJson(HttpResponseStatus.OK, GSON.toJson(visiableEntities)); }
@Override public void addSystemArtifacts() throws Exception { // to add system artifacts, users should have admin privileges on the system namespace Principal principal = authenticationContext.getPrincipal(); authorizationEnforcer.enforce(NamespaceId.SYSTEM, principal, Action.ADMIN); delegate.addSystemArtifacts(); }
/** * Checks the visibility of the entity info in batch size and returns the visible entities * * @param entityInfo the entity info to check visibility * @param authorizationEnforcer enforcer to make the authorization check * @param principal the principal to be checked * @param transformer the function to transform the entity info to an entity id * @param byPassFilter an optional bypass filter which allows to skip the auth check for some entities * @return an unmodified list of visible entities */ public static <EntityInfo> List<EntityInfo> isVisible( Collection<EntityInfo> entityInfo, AuthorizationEnforcer authorizationEnforcer, Principal principal, Function<EntityInfo, EntityId> transformer, @Nullable Predicate<EntityInfo> byPassFilter) throws Exception { List<EntityInfo> visibleEntities = new ArrayList<>(entityInfo.size()); for (List<EntityInfo> split : Iterables.partition(entityInfo, Constants.Security.Authorization.VISIBLE_BATCH_SIZE)) { Map<EntityId, EntityInfo> datasetTypesMapping = new LinkedHashMap<>(split.size()); for (EntityInfo info : split) { if (byPassFilter != null && byPassFilter.apply(info)) { visibleEntities.add(info); } else { datasetTypesMapping.put(transformer.apply(info), info); } } datasetTypesMapping.keySet().retainAll(authorizationEnforcer.isVisible(datasetTypesMapping.keySet(), principal)); visibleEntities.addAll(datasetTypesMapping.values()); } return Collections.unmodifiableList(visibleEntities); }
@Override public void delete(DatasetModuleId datasetModuleId) throws Exception { Principal principal = authenticationContext.getPrincipal(); authorizationEnforcer.enforce(datasetModuleId, principal, Action.ADMIN); delegate.delete(datasetModuleId); }
private void addProgramHistory(List<ProgramHistory> histories, List<ProgramId> programs, ProgramRunStatus programRunStatus, long start, long end, int limit) throws Exception { Set<? extends EntityId> visibleEntities = authorizationEnforcer.isVisible(new HashSet<>(programs), authenticationContext.getPrincipal()); for (ProgramHistory programHistory : store.getRuns(programs, programRunStatus, start, end, limit, x -> true)) { ProgramId programId = programHistory.getProgramId(); if (visibleEntities.contains(programId)) { histories.add(programHistory); } else { histories.add(new ProgramHistory(programId, Collections.emptyList(), new UnauthorizedException(authenticationContext.getPrincipal(), programId))); } } }
@Override public BodyConsumer addModule(DatasetModuleId datasetModuleId, String className, boolean forceUpdate) throws Exception { final Principal principal = authenticationContext.getPrincipal(); // enforce that the principal has ADMIN access on the dataset module authorizationEnforcer.enforce(datasetModuleId, principal, Action.ADMIN); return delegate.addModule(datasetModuleId, className, forceUpdate); }
private void addProgramHistory(List<ProgramHistory> histories, List<ProgramId> programs, ProgramRunStatus programRunStatus, long start, long end, int limit) throws Exception { Set<? extends EntityId> visibleEntities = authorizationEnforcer.isVisible(new HashSet<>(programs), authenticationContext.getPrincipal()); for (ProgramHistory programHistory : store.getRuns(programs, programRunStatus, start, end, limit, x -> true)) { ProgramId programId = programHistory.getProgramId(); if (visibleEntities.contains(programId)) { histories.add(programHistory); } else { histories.add(new ProgramHistory(programId, Collections.emptyList(), new UnauthorizedException(authenticationContext.getPrincipal(), programId))); } } }
public <T> QueueReader<T> createStreamReader(StreamId streamId, Supplier<StreamConsumer> consumerSupplier, int batchSize, Function<StreamEvent, T> transformer) throws Exception { authorizationEnforcer.enforce(streamId, authenticationContext.getPrincipal(), Action.READ); return new StreamQueueReader<>(streamId, consumerSupplier, batchSize, transformer, authenticationContext, authorizationEnforcer); } }
@Override public void testVisibility() throws Exception { super.testVisibility(); // The super class revokes all privileges after test is done. Since cache is enabled, visibility should still work. Assert.assertEquals(ImmutableSet.of(NS, APP, PROGRAM), authorizationEnforcer.isVisible(ImmutableSet.of(NS, APP, PROGRAM), ALICE)); } }
@Override public void delete(DatasetModuleId datasetModuleId) throws Exception { Principal principal = authenticationContext.getPrincipal(); authorizationEnforcer.enforce(datasetModuleId, principal, Action.ADMIN); delegate.delete(datasetModuleId); }
@Override public void testVisibility() throws Exception { super.testVisibility(); // The super class revokes all privileges after test is done. Since cache is disabled, nothing should be visible. Assert.assertEquals(ImmutableSet.of(), authorizationEnforcer.isVisible(ImmutableSet.of(NS, APP, PROGRAM), ALICE)); } }