@Override public boolean canRunAs(Set<String> mappedRoles, String runAsRole) { if (runAsRole == null) { return false; } boolean hasRole = authorizerConfiguration.hasRole(runAsRole); boolean isSuperUser = mappedRoles.contains(StandardRole.SUPERUSER.toString()); /* * We only allow users to specify roles to run as if they are SuperUser, if the user is not SuperUser we need to be * careful to not provide a way for the user to test which roles actually exist. */ if (isSuperUser && hasRole == false) { throw ControllerLogger.ROOT_LOGGER.unknownRole(runAsRole); } return hasRole && isSuperUser; }
@Override public boolean canRunAs(Set<String> mappedRoles, String runAsRole) { if (runAsRole == null) { return false; } boolean hasRole = authorizerConfiguration.hasRole(runAsRole); boolean isSuperUser = mappedRoles.contains(StandardRole.SUPERUSER.toString()); /* * We only allow users to specify roles to run as if they are SuperUser, if the user is not SuperUser we need to be * careful to not provide a way for the user to test which roles actually exist. */ if (isSuperUser && hasRole == false) { throw ControllerLogger.ROOT_LOGGER.unknownRole(runAsRole); } return hasRole && isSuperUser; }
@Override public boolean canRunAs(Set<String> mappedRoles, String runAsRole) { if (runAsRole == null) { return false; } boolean hasRole = authorizerConfiguration.hasRole(runAsRole); boolean isSuperUser = mappedRoles.contains(StandardRole.SUPERUSER.toString()); /* * We only allow users to specify roles to run as if they are SuperUser, if the user is not SuperUser we need to be * careful to not provide a way for the user to test which roles actually exist. */ if (isSuperUser && hasRole == false) { throw ControllerMessages.MESSAGES.unknownRole(runAsRole); } return hasRole && isSuperUser; }
@Override public boolean canRunAs(Set<String> mappedRoles, String runAsRole) { if (runAsRole == null) { return false; } boolean hasRole = authorizerConfiguration.hasRole(runAsRole); boolean isSuperUser = mappedRoles.contains(StandardRole.SUPERUSER.toString()); /* * We only allow users to specify roles to run as if they are SuperUser, if the user is not SuperUser we need to be * careful to not provide a way for the user to test which roles actually exist. */ if (isSuperUser && hasRole == false) { throw ControllerLogger.ROOT_LOGGER.unknownRole(runAsRole); } return hasRole && isSuperUser; }
@Override public boolean canRunAs(Set<String> mappedRoles, String runAsRole) { if (runAsRole == null) { return false; } boolean hasRole = authorizerConfiguration.hasRole(runAsRole); boolean isSuperUser = mappedRoles.contains(StandardRole.SUPERUSER.toString()); /* * We only allow users to specify roles to run as if they are SuperUser, if the user is not SuperUser we need to be * careful to not provide a way for the user to test which roles actually exist. */ if (isSuperUser && hasRole == false) { throw ControllerMessages.MESSAGES.unknownRole(runAsRole); } return hasRole && isSuperUser; }
@Override public boolean canRunAs(Set<String> mappedRoles, String runAsRole) { if (runAsRole == null) { return false; } boolean hasRole = authorizerConfiguration.hasRole(runAsRole); boolean isSuperUser = mappedRoles.contains(StandardRole.SUPERUSER.toString()); /* * We only allow users to specify roles to run as if they are SuperUser, if the user is not SuperUser we need to be * careful to not provide a way for the user to test which roles actually exist. */ if (isSuperUser && hasRole == false) { throw ControllerLogger.ROOT_LOGGER.unknownRole(runAsRole); } return hasRole && isSuperUser; }