public void visit(PipelineConfigs pipelineConfigs) { if (pipelineConfigs.getAuthorization().isUserAnAdmin(username, roles)) { isGroupAdmin = true; } } }
public PipelineConfigs updateGroupAuthorization(Username currentUser, PipelineConfigs newPipelineConfigs, String existingMd5, EntityHashingService entityHashingService, SecurityService securityService, LocalizedOperationResult result) { UpdatePipelineConfigsAuthCommand updatePipelineConfigsCommand = new UpdatePipelineConfigsAuthCommand(newPipelineConfigs.getGroup(), newPipelineConfigs.getAuthorization(), result, currentUser, existingMd5, entityHashingService, securityService); update(currentUser, newPipelineConfigs, result, updatePipelineConfigsCommand); return updatePipelineConfigsCommand.getPreprocessedEntityConfig(); }
@Test public void shouldLoadOperationAndViewPermissionForPipelinesNoMatterTheConfigOrder() { CruiseConfig cruiseConfig = ConfigMigrator.load(configureAuthorization(OPERATION_PERMISSION + VIEW_PERMISSION)); PipelineConfigs group = cruiseConfig.getGroups().first(); assertThat(group.getAuthorization(), instanceOf(Authorization.class)); AdminsConfig actualView = group.getAuthorization().getViewConfig(); AdminsConfig actualOperation = group.getAuthorization().getOperationConfig(); assertion(actualView); assertion(actualOperation); }
@Test public void shouldLoadViewAndOperationPermissionForPipelinesNoMatterTheConfigOrder() { CruiseConfig cruiseConfig = ConfigMigrator.load(configureAuthorization(VIEW_PERMISSION + OPERATION_PERMISSION)); PipelineConfigs group = cruiseConfig.getGroups().first(); assertThat(group.getAuthorization(), instanceOf(Authorization.class)); AdminsConfig actualView = group.getAuthorization().getViewConfig(); AdminsConfig actualOperation = group.getAuthorization().getOperationConfig(); assertion(actualView); assertion(actualOperation); }
@Test public void shouldLoadOperationPermissionForPipelines() { CruiseConfig cruiseConfig = ConfigMigrator.load(configureAuthorization(OPERATION_PERMISSION)); PipelineConfigs group = cruiseConfig.getGroups().first(); assertThat(group.getAuthorization(), instanceOf(Authorization.class)); AdminsConfig actual = group.getAuthorization().getOperationConfig(); assertion(actual); }
@Test public void shouldSetOriginInAuthorization() { PipelineConfig pipe = PipelineConfigMother.pipelineConfig("pipeline1"); PipelineConfigs group = new BasicPipelineConfigs(pipe); group.setOrigins(new FileConfigOrigin()); assertThat(group.getAuthorization().getOrigin(), is(new FileConfigOrigin())); }
private PipelineConfigs addRoleAsAdminToDefaultGroup(CruiseConfig cruiseConfig, String role) { PipelineConfigs group = cruiseConfig.findGroup(DEFAULT_GROUP); group.getAuthorization().getAdminsConfig().add(new AdminRole(new CaseInsensitiveString(role))); return group; }
private PipelineConfigs addUserAsOperatorToDefaultGroup(CruiseConfig cruiseConfig, String user) { PipelineConfigs group = cruiseConfig.findGroup(DEFAULT_GROUP); group.getAuthorization().getOperationConfig().add(new AdminUser(new CaseInsensitiveString(user))); return group; }
public static void toJSON(OutputWriter jsonWriter, PipelineConfigs group) { jsonWriter.addLinks(linksWriter -> linksWriter .addLink("self", Routes.PipelineGroupsAdmin.name(group.getGroup())) .addAbsoluteLink("doc", Routes.PipelineGroupsAdmin.DOC) .addLink("find", Routes.PipelineGroupsAdmin.find()) ); jsonWriter.add("name", group.getGroup()); jsonWriter.addChild("authorization", childWriter -> AuthorizationRepresenter.toJSON(childWriter, group.getAuthorization())); jsonWriter.addChildList("pipelines", pipelinesWriter -> PipelineConfigSummaryRepresenter.toJSON(pipelinesWriter, group.getPipelines())); }
@Test public void hasViewPermissionDefinedShouldReturnTrueIfAuthorizationIsDefined() { PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1")); group.getAuthorization().getViewConfig().add(new AdminUser(new CaseInsensitiveString("jez"))); assertThat("hasViewPermissionDefinedShouldReturnTrueIfAuthorizationIsDefined", group.hasViewPermissionDefined(), is(true)); }
public GoConfigMother addAdminRoleForPipelineGroup(CruiseConfig config, String roleName, String groupName) { PipelineConfigs group = config.getGroups().findGroup(groupName); group.getAuthorization().getAdminsConfig().add(new AdminRole(new CaseInsensitiveString(roleName))); return this; }
public void addRoleAsOperatorOfPipelineGroup(CruiseConfig cruiseConfig, String roleName, String groupName) { PipelineConfigs group = cruiseConfig.getGroups().findGroup(groupName); group.getAuthorization().getOperationConfig().add(new AdminRole(new CaseInsensitiveString(roleName))); }
@Test public void shouldReturnFalseIfOperatePermissionIsNotDefined() { PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1")); group.getAuthorization().getViewConfig().add(new AdminUser(new CaseInsensitiveString("jez"))); assertThat(group.hasOperatePermission(new CaseInsensitiveString("jez"), null), is(false)); }
@Test public void shouldReturnFalseIfUserDoesNotHaveViewPermission() { PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1")); group.getAuthorization().getViewConfig().add(new AdminUser(new CaseInsensitiveString("jez"))); assertThat(group.hasViewPermission(new CaseInsensitiveString("anyone"), null), is(false)); }
@Test public void shouldReturnTrueIfUserHasViewPermission() { PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1")); group.getAuthorization().getViewConfig().add(new AdminUser(new CaseInsensitiveString("jez"))); assertThat(group.hasViewPermission(new CaseInsensitiveString("jez"), null), is(true)); }
@Test public void shouldReturnFalseIfUserDoesNotHaveOperatePermission() { PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1")); group.getAuthorization().getOperationConfig().add(new AdminUser(new CaseInsensitiveString("jez"))); assertThat(group.hasOperatePermission(new CaseInsensitiveString("anyone"), null), is(false)); }
@Test public void shouldReturnFalseIfViewPermissionIsNotDefined() { PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1")); group.getAuthorization().getOperationConfig().add(new AdminUser(new CaseInsensitiveString("jez"))); assertThat(group.hasViewPermission(new CaseInsensitiveString("jez"), null), is(false)); }
@Test public void shouldReturnTrueIfUserHasOperatePermission() { PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1")); group.getAuthorization().getOperationConfig().add(new AdminUser(new CaseInsensitiveString("jez"))); assertThat(group.hasOperatePermission(new CaseInsensitiveString("jez"), null), is(true)); }
@Test public void shouldSetViewPermissionByDefaultIfNameIsPresentAndPermissionsAreOff_whileSettingAttributes() { PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1")); group.setConfigAttributes(m(BasicPipelineConfigs.AUTHORIZATION, a( m(Authorization.NAME, "user1", Authorization.TYPE, USER.toString(), Authorization.PRIVILEGES, privileges(OFF, OFF, OFF)), m(Authorization.NAME, "role1", Authorization.TYPE, ROLE.toString(), Authorization.PRIVILEGES, privileges(OFF, OFF, OFF))))); Authorization authorization = group.getAuthorization(); assertThat(authorization.getViewConfig().size(), is(2)); assertThat(authorization.getViewConfig(), hasItems(new AdminRole(new CaseInsensitiveString("role1")), new AdminUser(new CaseInsensitiveString("user1")))); assertThat(authorization.getOperationConfig().size(), is(0)); assertThat(authorization.getAdminsConfig().size(), is(0)); }
@Test public void shouldReturnFalseIfViewPermissionIsNotDefined_When2ConfigParts() { BasicPipelineConfigs filePart = new BasicPipelineConfigs(PipelineConfigMother.pipelineConfig("pipeline3")); filePart.setOrigin(new FileConfigOrigin()); PipelineConfigs group = new MergePipelineConfigs( new BasicPipelineConfigs(PipelineConfigMother.pipelineConfig("pipeline1")), new BasicPipelineConfigs(PipelineConfigMother.pipelineConfig("pipeline2")),filePart); group.getAuthorization().getOperationConfig().add(new AdminUser(new CaseInsensitiveString("jez"))); assertThat(group.hasViewPermission(new CaseInsensitiveString("jez"), null), is(false)); }