static RRole createRoleIfMissing(DbConn cnx, String roleName, String description, String... permissions) { List<RRole> rr = RRole.select(cnx, "role_select_by_key", roleName); if (rr.size() == 0) { RRole.create(cnx, roleName, description, permissions); return RRole.select(cnx, "role_select_by_key", roleName).get(0); } return rr.get(0); }
public static List<RRole> select(DbConn cnx, String query_key, Object... args) { List<RRole> res = new ArrayList<RRole>(); try { ResultSet rs = cnx.runSelect(query_key, args); while (rs.next()) { RRole tmp = new RRole(); tmp.id = rs.getInt(1); tmp.name = rs.getString(2); tmp.description = rs.getString(3); res.add(tmp); } } catch (SQLException e) { throw new DatabaseException(e); } return res; }
public static void createUser(DbConn cnx, String login, String password, RRole... roles) { ByteSource salt = new SecureRandomNumberGenerator().nextBytes(); String[] rr = new String[roles.length]; for (int i = 0; i < roles.length; i++) { rr[i] = roles[i].getName(); } RUser.create(cnx, login, new Sha512Hash(password, salt, 100000).toHex(), salt.toHex(), rr); } }
public static void upsertRole(DbConn cnx, RRoleDto dto) { if (dto.getId() != null) { cnx.runUpdate("role_update_all_by_id", dto.getName(), dto.getDescription(), dto.getId()); // Permissions cnx.runUpdate("perm_delete_for_role", dto.getId()); for (String i : dto.getPermissions()) { cnx.runUpdate("perm_insert", i, dto.getId()); } } else { RRole.create(cnx, dto.getName(), dto.getDescription(), dto.getPermissions().toArray(new String[dto.getPermissions().size()])); } }
public List<RRole> getRoles(DbConn cnx) { return RRole.select(cnx, "role_select_all_for_user", this.id); }
public static void createUser(DbConn cnx, String login, String password, RRole... roles) { ByteSource salt = new SecureRandomNumberGenerator().nextBytes(); String[] rr = new String[roles.length]; for (int i = 0; i < roles.length; i++) { rr[i] = roles[i].getName(); } RUser.create(cnx, login, new Sha512Hash(password, salt, 100000).toHex(), salt.toHex(), rr); } }
public static void upsertRole(DbConn cnx, RRoleDto dto) { if (dto.getId() != null) { cnx.runUpdate("role_update_all_by_id", dto.getName(), dto.getDescription(), dto.getId()); // Permissions cnx.runUpdate("perm_delete_for_role", dto.getId()); for (String i : dto.getPermissions()) { cnx.runUpdate("perm_insert", i, dto.getId()); } } else { RRole.create(cnx, dto.getName(), dto.getDescription(), dto.getPermissions().toArray(new String[dto.getPermissions().size()])); } }
public List<RRole> getRoles(DbConn cnx) { return RRole.select(cnx, "role_select_all_for_user", this.id); }
static RRole createRoleIfMissing(DbConn cnx, String roleName, String description, String... permissions) { List<RRole> rr = RRole.select(cnx, "role_select_by_key", roleName); if (rr.size() == 0) { RRole.create(cnx, roleName, description, permissions); return RRole.select(cnx, "role_select_by_key", roleName).get(0); } return rr.get(0); }
@Test public void testCliChangeUser() { Helpers.updateConfiguration(cnx); Main.runCommand(new String[] { "Reset-User", "--login", "myuser", "-p", "mypassword", "--roles", "administrator", "client" }); RUser u = RUser.selectlogin(cnx, "myuser"); Assert.assertEquals(2, u.getRoles(cnx).size()); boolean admin = false, client = false; for (RRole r : u.getRoles(cnx)) { if (r.getName().equals("administrator")) { admin = true; } if (r.getName().equals("client")) { client = true; } } Assert.assertTrue(client && admin); Main.runCommand(new String[] { "Reset-User", "--login", "myuser", "--password", "mypassword", "--roles", "administrator" }); Assert.assertEquals(1, u.getRoles(cnx).size()); Main.runCommand(new String[] { "Reset-User", "--login", "myuser", "-p", "mypassword", "--roles", "administrator", "config admin" }); Assert.assertEquals(2, u.getRoles(cnx).size()); }
RRole.create(cnx, "administrator", "super admin", "*:*"); RRole.create(cnx, "client power user", "can use the full client API", "node:read", "queue:read", "job_instance:*", "jd:read", "logs:read", "queue_position:create", "files:read"); RRole.create(cnx, "client read only", "can query job instances and get their files", "queue:read", "job_instance:read", "logs:read", "files:read");
List<RRole> roles = RRole.select(cnx, "role_select_by_key", "administrator"); if (roles.size() != 1)
public static List<RRole> select(DbConn cnx, String query_key, Object... args) { List<RRole> res = new ArrayList<>(); try { ResultSet rs = cnx.runSelect(query_key, args); while (rs.next()) { RRole tmp = new RRole(); tmp.id = rs.getInt(1); tmp.name = rs.getString(2); tmp.description = rs.getString(3); res.add(tmp); } } catch (SQLException e) { throw new DatabaseException(e); } return res; }
createUserIfMissing(cnx, "root", new SecureRandomNumberGenerator().nextBytes().toHex(), "all powerful user", adminr.getName());
RRole.create(cnx, "administrator", "super admin", "*:*"); RRole.create(cnx, "client power user", "can use the full client API", "node:read", "queue:read", "job_instance:*", "jd:read", "logs:read", "queue_position:create", "files:read"); RRole.create(cnx, "client read only", "can query job instances and get their files", "queue:read", "job_instance:read", "logs:read", "files:read");
List<RRole> roles = RRole.select(cnx, "role_select_by_key", "administrator"); if (roles.size() != 1)
createUserIfMissing(cnx, "root", new SecureRandomNumberGenerator().nextBytes().toHex(), "all powerful user", adminr.getName());