private StandardRBACAuthorizer(final AuthorizerConfiguration configuration, final DefaultPermissionFactory permissionFactory, final RoleMapper roleMapper) { super(permissionFactory, permissionFactory); this.configuration = configuration; this.permissionFactory = permissionFactory; configuration.registerScopedRoleListener(permissionFactory); this.roleMapper = roleMapper; for (StandardRole std : StandardRole.values()) { mappedToOfficialForm.put(std.toString(), std.getFormalName()); } }
private static String getOfficialForm(StandardRole role) { return role.getOfficialForm(); }
private synchronized Map<String, ManagementPermissionCollection> configureDefaultPermissions() { Map<String, ManagementPermissionCollection> result = new HashMap<String, ManagementPermissionCollection>(); for (StandardRole standardRole : StandardRole.values()) { String officialForm = getOfficialForm(standardRole); ManagementPermissionCollection rolePerms = new ManagementPermissionCollection(officialForm, SimpleManagementPermission.class); for (Action.ActionEffect actionEffect : Action.ActionEffect.values()) { if (standardRole.isActionEffectAllowed(actionEffect)) { Constraint[] constraints = new Constraint[constraintFactories.size()]; int i = 0; for (ConstraintFactory factory : this.constraintFactories) { constraints[i] = factory.getStandardUserConstraint(standardRole, actionEffect); i++; } rolePerms.add(new SimpleManagementPermission(actionEffect, constraints)); } } result.put(officialForm, rolePerms); } return result; }
private String getOfficialRoleForm(String role) { String official = mappedToOfficialForm.get(role); if (official == null) { for (String scoped : configuration.getScopedRoles().keySet()) { if (role.equalsIgnoreCase(scoped)) { official = scoped; break; } } if (official == null) { try { StandardRole std = StandardRole.valueOf(role.toUpperCase(Locale.ENGLISH)); official = std.getFormalName(); } catch (Exception e) { // ignored } } if (official != null) { mappedToOfficialForm.put(role, official); } else { official = role; } } return official; }
public String getOfficialForm() { return toString().toUpperCase(Locale.ENGLISH); }
private boolean isTopRole(PathAddress address) { if (address.size() >= 3) { PathElement roleMapping; if (MGMT_ELEMENT.equals(address.getElement(0)) && AUTHZ_ELEMENT.equals(address.getElement(1)) && ROLE_MAPPING.equals((roleMapping = address.getElement(2)).getKey())) { String roleName = roleMapping.getValue(); return StandardRole.AUDITOR.name().equalsIgnoreCase(roleName) || StandardRole.SUPERUSER.name().equalsIgnoreCase(roleName); } } return false; }
@Override public synchronized void scopedRoleAdded(AuthorizerConfiguration.ScopedRole added) { String roleName = added.getName(); String officialForm = getOfficialForm(roleName); if (permissionsByRole.containsKey(officialForm)) { throw ControllerLogger.ROOT_LOGGER.roleIsAlreadyRegistered(roleName); } String baseName = added.getBaseRoleName(); String officialBase = getOfficialForm(baseName); if (rolePermissionsConfigured && !permissionsByRole.containsKey(officialBase)) { throw ControllerLogger.ROOT_LOGGER.unknownBaseRole(baseName); } ScopingConstraint constraint = added.getScopingConstraint(); addConstraintFactory(constraint.getFactory()); scopedBaseMap.put(officialForm, new ScopedBase(StandardRole.valueOf(officialBase), constraint)); rolePermissionsConfigured = false; }
private synchronized Map<String, ManagementPermissionCollection> configureDefaultPermissions() { Map<String, ManagementPermissionCollection> result = new HashMap<String, ManagementPermissionCollection>(); for (StandardRole standardRole : StandardRole.values()) { String officialForm = getOfficialForm(standardRole); ManagementPermissionCollection rolePerms = new ManagementPermissionCollection(officialForm, SimpleManagementPermission.class); for (Action.ActionEffect actionEffect : Action.ActionEffect.values()) { if (standardRole.isActionEffectAllowed(actionEffect)) { Constraint[] constraints = new Constraint[constraintFactories.size()]; int i = 0; for (ConstraintFactory factory : this.constraintFactories) { constraints[i] = factory.getStandardUserConstraint(standardRole, actionEffect); i++; } rolePerms.add(new SimpleManagementPermission(actionEffect, constraints)); } } result.put(officialForm, rolePerms); } return result; }
private String getOfficialRoleForm(String role) { String official = mappedToOfficialForm.get(role); if (official == null) { for (String scoped : configuration.getScopedRoles().keySet()) { if (role.equalsIgnoreCase(scoped)) { official = scoped; break; } } if (official == null) { try { StandardRole std = StandardRole.valueOf(role.toUpperCase(Locale.ENGLISH)); official = std.getFormalName(); } catch (Exception e) { // ignored } } if (official != null) { mappedToOfficialForm.put(role, official); } else { official = role; } } return official; }
public String getOfficialForm() { return toString().toUpperCase(Locale.ENGLISH); }
private boolean isTopRole(PathAddress address) { if (address.size() >= 3) { PathElement roleMapping; if (MGMT_ELEMENT.equals(address.getElement(0)) && AUTHZ_ELEMENT.equals(address.getElement(1)) && ROLE_MAPPING.equals((roleMapping = address.getElement(2)).getKey())) { String roleName = roleMapping.getValue(); return StandardRole.AUDITOR.name().equalsIgnoreCase(roleName) || StandardRole.SUPERUSER.name().equalsIgnoreCase(roleName); } } return false; }
@Override public synchronized void scopedRoleAdded(AuthorizerConfiguration.ScopedRole added) { String roleName = added.getName(); String officialForm = getOfficialForm(roleName); if (permissionsByRole.containsKey(officialForm)) { throw ControllerLogger.ROOT_LOGGER.roleIsAlreadyRegistered(roleName); } String baseName = added.getBaseRoleName(); String officialBase = getOfficialForm(baseName); if (rolePermissionsConfigured && !permissionsByRole.containsKey(officialBase)) { throw ControllerLogger.ROOT_LOGGER.unknownBaseRole(baseName); } ScopingConstraint constraint = added.getScopingConstraint(); addConstraintFactory(constraint.getFactory()); scopedBaseMap.put(officialForm, new ScopedBase(StandardRole.valueOf(officialBase), constraint)); rolePermissionsConfigured = false; }
private StandardRBACAuthorizer(final AuthorizerConfiguration configuration, final DefaultPermissionFactory permissionFactory, final RoleMapper roleMapper) { super(permissionFactory); this.configuration = configuration; this.permissionFactory = permissionFactory; configuration.registerScopedRoleListener(permissionFactory); this.roleMapper = roleMapper; for (StandardRole std : StandardRole.values()) { mappedToOfficialForm.put(std.toString(), std.getFormalName()); } }
private synchronized Map<String, ManagementPermissionCollection> configureDefaultPermissions() { Map<String, ManagementPermissionCollection> result = new HashMap<String, ManagementPermissionCollection>(); for (StandardRole standardRole : StandardRole.values()) { String officialForm = getOfficialForm(standardRole); ManagementPermissionCollection rolePerms = new ManagementPermissionCollection(officialForm, SimpleManagementPermission.class); for (Action.ActionEffect actionEffect : Action.ActionEffect.values()) { if (standardRole.isActionEffectAllowed(actionEffect)) { Constraint[] constraints = new Constraint[constraintFactories.size()]; int i = 0; for (ConstraintFactory factory : this.constraintFactories) { constraints[i] = factory.getStandardUserConstraint(standardRole, actionEffect); i++; } rolePerms.add(new SimpleManagementPermission(actionEffect, constraints)); } } result.put(officialForm, rolePerms); } return result; }
private String getOfficialRoleForm(String role) { String official = mappedToOfficialForm.get(role); if (official == null) { for (String scoped : configuration.getScopedRoles().keySet()) { if (role.equalsIgnoreCase(scoped)) { official = scoped; break; } } if (official == null) { try { StandardRole std = StandardRole.valueOf(role.toUpperCase(Locale.ENGLISH)); official = std.getFormalName(); } catch (Exception e) { // ignored } } if (official != null) { mappedToOfficialForm.put(role, official); } else { official = role; } } return official; }
public String getOfficialForm() { return toString().toUpperCase(Locale.ENGLISH); }
private static String getOfficialForm(StandardRole role) { return role.getOfficialForm(); }
private boolean isTopRole(TargetResource target) { PathAddress address = target.getResourceAddress(); if (address.size() >= 3) { PathElement roleMapping; if (MGMT_ELEMENT.equals(address.getElement(0)) && AUTHZ_ELEMENT.equals(address.getElement(1)) && ROLE_MAPPING.equals((roleMapping = address.getElement(2)).getKey())) { String roleName = roleMapping.getValue(); return StandardRole.AUDITOR.name().equalsIgnoreCase(roleName) || StandardRole.SUPERUSER.name().equalsIgnoreCase(roleName); } } return false; }