/** * Adds new user locally. * * @param op User operation. * @throws IgniteCheckedException On error. */ private void addUserLocal(final UserManagementOperation op) throws IgniteCheckedException { User usr = op.user(); String userName = usr.name(); if (users.containsKey(userName)) throw new UserManagementException("User already exists [login=" + userName + ']'); metastorage.write(STORE_USER_PREFIX + userName, usr); synchronized (mux) { activeOps.remove(op.id()); users.put(userName, usr); } }
/** * @param op User operation to check. * @throws IgniteAccessControlException If operation check fails: user hasn't permissions for user management * or try to remove default user. */ public void checkUserOperation(UserManagementOperation op) throws IgniteAccessControlException { assert op != null; if (user == null) throw new IgniteAccessControlException("Operation not allowed: authorized context is empty."); if (!User.DFAULT_USER_NAME.equals(user.name()) && !(UserManagementOperation.OperationType.UPDATE == op.type() && user.name().equals(op.user().name()))) throw new IgniteAccessControlException("User management operations are not allowed for user. " + "[curUser=" + user.name() + ']'); if (op.type() == UserManagementOperation.OperationType.REMOVE && User.DFAULT_USER_NAME.equals(op.user().name())) throw new IgniteAccessControlException("Default user cannot be removed."); }
/** * Remove user from MetaStorage. * * @param op Operation. * @throws IgniteCheckedException On error. */ private void removeUserLocal(UserManagementOperation op) throws IgniteCheckedException { User usr = op.user(); if (!users.containsKey(usr.name())) throw new UserManagementException("User doesn't exist [userName=" + usr.name() + ']'); metastorage.remove(STORE_USER_PREFIX + usr.name()); synchronized (mux) { activeOps.remove(op.id()); users.remove(usr.name()); } }
/** * Remove user from MetaStorage. * * @param op Operation. * @throws IgniteCheckedException On error. */ private void updateUserLocal(UserManagementOperation op) throws IgniteCheckedException { User usr = op.user(); if (!users.containsKey(usr.name())) throw new UserManagementException("User doesn't exist [userName=" + usr.name() + ']'); metastorage.write(STORE_USER_PREFIX + usr.name(), usr); synchronized (mux) { activeOps.remove(op.id()); users.put(usr.name(), usr); } }
/** * @param op The operation with users. * @throws IgniteCheckedException On error. */ private void processOperationLocal(UserManagementOperation op) throws IgniteCheckedException { assert op != null && op.user() != null : "Invalid operation: " + op; switch (op.type()) { case ADD: addUserLocal(op); break; case REMOVE: removeUserLocal(op); break; case UPDATE: updateUserLocal(op); break; } }
/** * Adds new user locally. * * @param op User operation. * @throws IgniteCheckedException On error. */ private void addUserLocal(final UserManagementOperation op) throws IgniteCheckedException { User usr = op.user(); String userName = usr.name(); if (users.containsKey(userName)) throw new UserManagementException("User already exists [login=" + userName + ']'); metastorage.write(STORE_USER_PREFIX + userName, usr); synchronized (mux) { activeOps.remove(op.id()); users.put(userName, usr); } }
/** * @param op User operation to check. * @throws IgniteAccessControlException If operation check fails: user hasn't permissions for user management * or try to remove default user. */ public void checkUserOperation(UserManagementOperation op) throws IgniteAccessControlException { assert op != null; if (user == null) throw new IgniteAccessControlException("Operation not allowed: authorized context is empty."); if (!User.DFAULT_USER_NAME.equals(user.name()) && !(UserManagementOperation.OperationType.UPDATE == op.type() && user.name().equals(op.user().name()))) throw new IgniteAccessControlException("User management operations are not allowed for user. " + "[curUser=" + user.name() + ']'); if (op.type() == UserManagementOperation.OperationType.REMOVE && User.DFAULT_USER_NAME.equals(op.user().name())) throw new IgniteAccessControlException("Default user cannot be removed."); }
/** * Remove user from MetaStorage. * * @param op Operation. * @throws IgniteCheckedException On error. */ private void removeUserLocal(UserManagementOperation op) throws IgniteCheckedException { User usr = op.user(); if (!users.containsKey(usr.name())) throw new UserManagementException("User doesn't exist [userName=" + usr.name() + ']'); metastorage.remove(STORE_USER_PREFIX + usr.name()); synchronized (mux) { activeOps.remove(op.id()); users.remove(usr.name()); } }
/** * Remove user from MetaStorage. * * @param op Operation. * @throws IgniteCheckedException On error. */ private void updateUserLocal(UserManagementOperation op) throws IgniteCheckedException { User usr = op.user(); if (!users.containsKey(usr.name())) throw new UserManagementException("User doesn't exist [userName=" + usr.name() + ']'); metastorage.write(STORE_USER_PREFIX + usr.name(), usr); synchronized (mux) { activeOps.remove(op.id()); users.put(usr.name(), usr); } }
/** * @param op The operation with users. * @throws IgniteCheckedException On error. */ private void processOperationLocal(UserManagementOperation op) throws IgniteCheckedException { assert op != null && op.user() != null : "Invalid operation: " + op; switch (op.type()) { case ADD: addUserLocal(op); break; case REMOVE: removeUserLocal(op); break; case UPDATE: updateUserLocal(op); break; } }