private void removePermission(UserRealm user, String role, String target, String rule) throws UserStoreException { if ((role == null) || (target == null) || (rule == null)) { return; } user.getAuthorizationManager().denyRole(role, target, rule); if (log.isDebugEnabled()) { log.debug("Permission: " + rule + " REMOVED from role: " + role + " for " + target); } }
public void denyRole(String roleName, String resourceId, String action) throws UserStoreException { getAuthorizationManager().denyRole(roleName, resourceId, action); }
accessControlAdmin.denyRole(permRole, resourcePath, ActionConstants.GET); notificationResponse += " READ: Denied."; accessControlAdmin.denyRole(permRole, resourcePath, ActionConstants.PUT); notificationResponse += " WRITE: Denied."; accessControlAdmin.denyRole(permRole, resourcePath, ActionConstants.DELETE); notificationResponse += " DELETE: Denied."; accessControlAdmin.denyRole(permRole, resourcePath, AccessControlConstants.AUTHORIZE); notificationResponse += " AUTHORIZE: Denied.";
notificationResponse += " READ: Allowed."; } else { userRealm.getAuthorizationManager().denyRole(roleToAuthorize, pathToAuthorize, ActionConstants.GET); notificationResponse += " READ: Denied."; notificationResponse += " WRITE: Allowed."; } else { userRealm.getAuthorizationManager().denyRole(roleToAuthorize, pathToAuthorize, ActionConstants.PUT); notificationResponse += " WRITE: Denied."; notificationResponse += " DELETE: Allowed."; } else { userRealm.getAuthorizationManager().denyRole(roleToAuthorize, pathToAuthorize, ActionConstants.DELETE); notificationResponse += " DELETE: Denied."; notificationResponse += " AUTHORIZE: Allowed."; } else { userRealm.getAuthorizationManager().denyRole(roleToAuthorize, pathToAuthorize, AccessControlConstants.AUTHORIZE); notificationResponse += " AUTHORIZE: Denied.";
realm.getAuthorizationManager().denyRole(everyoneRole, RegistryConstants.CONFIG_REGISTRY_BASE_PATH + path, ActionConstants.GET); realm.getAuthorizationManager().authorizeUser(username,