public ServerGroupEffectConstraint(List<String> allowed) { this.user = true; this.global = false; this.nonServerHost = false; this.unassigned = false; this.groupsHolder = new GroupsHolder(allowed); this.readOnly = false; this.groupAdd = false; this.groupRemove = false; this.readOnlyConstraint = new ServerGroupEffectConstraint(groupsHolder); }
private void applyChangeToConstraint(final ModelNode operation, final ModelNode resolvedValue) { final String roleName = PathAddress.pathAddress(operation.require(ModelDescriptionConstants.OP_ADDR)).getLastElement().getValue(); ServerGroupEffectConstraint constraint = constraintMap.get(roleName); // null could happen if the role was removed in a later step in a composite. unlikely but possible if (constraint != null) { List<String> serverGroups = new ArrayList<String>(); for (ModelNode group : resolvedValue.asList()) { serverGroups.add(group.asString()); } constraint.setAllowedGroups(serverGroups); } }
boolean anyMatch = anyMatch(ourSpecific, sgecSpecific); if (!anyMatch) ControllerLogger.ACCESS_LOGGER.tracef("read-only server-group constraint violated " + "for action %s due to no match between groups %s and allowed groups %s", } else { boolean anyMatch = anyMatch(ourSpecific, sgecSpecific); if (!anyMatch) {
boolean anyMatch = anyMatch(ourSpecific, sgecSpecific); if (!anyMatch) ControllerLogger.ACCESS_LOGGER.tracef("read-only server-group constraint violated " + "for action %s due to no match between groups %s and allowed groups %s", } else { boolean anyMatch = anyMatch(ourSpecific, sgecSpecific); if (!anyMatch) {
public ServerGroupEffectConstraint(List<String> allowed) { this.user = true; this.global = false; this.unassigned = false; this.groupsHolder = new GroupsHolder(allowed); this.readOnly = false; this.groupAdd = false; this.groupRemove = false; this.readOnlyConstraint = new ServerGroupEffectConstraint(groupsHolder, true); }
boolean anyMatch = anyMatch(ourSpecific, sgecSpecific); if (!anyMatch) ControllerLogger.ACCESS_LOGGER.tracef("read-only server-group constraint violated " + "for action %s due to no match between groups %s and allowed groups %s", } else { boolean anyMatch = anyMatch(ourSpecific, sgecSpecific); if (!anyMatch) {
private void applyChangeToConstraint(final ModelNode operation, final ModelNode resolvedValue) { final String roleName = PathAddress.pathAddress(operation.require(ModelDescriptionConstants.OP_ADDR)).getLastElement().getValue(); ServerGroupEffectConstraint constraint = constraintMap.get(roleName); // null could happen if the role was removed in a later step in a composite. unlikely but possible if (constraint != null) { List<String> serverGroups = new ArrayList<String>(); for (ModelNode group : resolvedValue.asList()) { serverGroups.add(group.asString()); } constraint.setAllowedGroups(serverGroups); } }
public ServerGroupEffectConstraint(List<String> allowed) { this.user = true; this.global = false; this.nonServerHost = false; this.unassigned = false; this.groupsHolder = new GroupsHolder(allowed); this.readOnly = false; this.groupAdd = false; this.groupRemove = false; this.readOnlyConstraint = new ServerGroupEffectConstraint(groupsHolder); }
static void addScopedRole(final String roleName, final String baseRole, final List<ModelNode> serverGroupNodes, final WritableAuthorizerConfiguration authorizerConfiguration, final Map<String, ServerGroupEffectConstraint> constraintMap) { List<String> serverGroups = new ArrayList<String>(); for (ModelNode group : serverGroupNodes) { serverGroups.add(group.asString()); } ServerGroupEffectConstraint constraint = new ServerGroupEffectConstraint(serverGroups); authorizerConfiguration.addScopedRole(new AuthorizerConfiguration.ScopedRole(roleName, baseRole, constraint)); constraintMap.put(roleName, constraint); } }
static void addScopedRole(final String roleName, final String baseRole, final List<ModelNode> serverGroupNodes, final WritableAuthorizerConfiguration authorizerConfiguration, final Map<String, ServerGroupEffectConstraint> constraintMap) { List<String> serverGroups = new ArrayList<String>(); for (ModelNode group : serverGroupNodes) { serverGroups.add(group.asString()); } ServerGroupEffectConstraint constraint = new ServerGroupEffectConstraint(serverGroups); authorizerConfiguration.addScopedRole(new AuthorizerConfiguration.ScopedRole(roleName, baseRole, constraint)); constraintMap.put(roleName, constraint); } }
private Constraint getRequiredConstraint(ServerGroupEffect serverGroupEffect) { if (serverGroupEffect == null || serverGroupEffect.isServerGroupEffectGlobal()) { return GLOBAL_REQUIRED; } else if (serverGroupEffect.isServerGroupEffectUnassigned()) { return UNASSIGNED; } return new ServerGroupEffectConstraint(serverGroupEffect.getAffectedServerGroups(), serverGroupEffect.isServerGroupAdd(), serverGroupEffect.isServerGroupRemove()); }
private Constraint getRequiredConstraint(ServerGroupEffect serverGroupEffect, HostEffect hostEffect) { boolean nonServerHost = hostEffect != null && !hostEffect.isHostEffectGlobal() && !hostEffect.isServerEffect(); if (serverGroupEffect == null || serverGroupEffect.isServerGroupEffectGlobal()) { if (nonServerHost) { return HOST_GLOBAL_REQUIRED; } return DOMAIN_GLOBAL_REQUIRED; } else if (serverGroupEffect.isServerGroupEffectUnassigned()) { return UNASSIGNED; } return new ServerGroupEffectConstraint(serverGroupEffect.getAffectedServerGroups(), nonServerHost, serverGroupEffect.isServerGroupAdd(), serverGroupEffect.isServerGroupRemove()); }
private Constraint getRequiredConstraint(ServerGroupEffect serverGroupEffect, HostEffect hostEffect) { boolean nonServerHost = hostEffect != null && !hostEffect.isHostEffectGlobal() && !hostEffect.isServerEffect(); if (serverGroupEffect == null || serverGroupEffect.isServerGroupEffectGlobal()) { if (nonServerHost) { return HOST_GLOBAL_REQUIRED; } return DOMAIN_GLOBAL_REQUIRED; } else if (serverGroupEffect.isServerGroupEffectUnassigned()) { return UNASSIGNED; } return new ServerGroupEffectConstraint(serverGroupEffect.getAffectedServerGroups(), nonServerHost, serverGroupEffect.isServerGroupAdd(), serverGroupEffect.isServerGroupRemove()); }