public static Supplier<RoleProvider> getRoleProvider(String deploymentName, String roleProviderName, boolean validate) { return () -> { Object rawRoleProvider = ResponseUnwrapper.get(getService().getRoleProvider(deploymentName, roleProviderName, validate)); return getObjectMapper().convertValue(rawRoleProvider, GroupMembership.translateRoleProviderType(roleProviderName)); }; }
@Override public void validate(ConfigProblemSetBuilder p, Authz z) { if (!z.isEnabled()) { return; } switch (z.getGroupMembership().getService()) { case GITHUB: githubValidator.validate(p, z.getGroupMembership().getGithub()); break; case GOOGLE: googleValidator.validate(p, z.getGroupMembership().getGoogle()); break; case FILE: fileValidator.validate(p, z.getGroupMembership().getFile()); break; case LDAP: ldapValidator.validate(p, z.getGroupMembership().getLdap()); break; case EXTERNAL: // fallthrough default: break; } } }
public void setRoleProvider(String deploymentName, RoleProvider roleProvider) { Authz authz = getAuthz(deploymentName); if (authz.getGroupMembership() == null) { authz.setGroupMembership(new GroupMembership()); } GroupMembership groupMembership = authz.getGroupMembership(); switch (roleProvider.getRoleProviderType()) { case GOOGLE: groupMembership.setGoogle((GoogleRoleProvider) roleProvider); break; case GITHUB: groupMembership.setGithub((GithubRoleProvider) roleProvider); break; case FILE: groupMembership.setFile((FileRoleProvider) roleProvider); break; case LDAP: groupMembership.setLdap((LdapRoleProvider) roleProvider); break; default: throw new RuntimeException("Unknown Role Provider " + roleProvider.getRoleProviderType()); } }
@Override protected void executeThis() { String currentDeployment = getCurrentDeployment(); GroupMembership membership = new OperationHandler<GroupMembership>() .setOperation(Daemon.getGroupMembership(currentDeployment, false)) .setFailureMesssage("Failed to get configured roles.") .get(); membership.setService(type != null ? type : membership.getService()); new OperationHandler<Void>() .setOperation(Daemon.setGroupMembership(currentDeployment, !noValidate, membership)) .setFailureMesssage("Failed to set configured roles.") .setSuccessMessage("Successfully updated roles.") .get(); } }
public GroupMembership getGroupMembership(String deploymentName) { Authz authz = getAuthz(deploymentName); if (authz.getGroupMembership() == null) { authz.setGroupMembership(new GroupMembership()); } return authz.getGroupMembership(); }
@Override protected void executeThis() { String currentDeployment = getCurrentDeployment(); GroupMembership membership = new OperationHandler<GroupMembership>() .setOperation(Daemon.getGroupMembership(currentDeployment, false)) .setFailureMesssage("Failed to get configured roles.") .get(); membership.setService(type != null ? type : membership.getService()); new OperationHandler<Void>() .setOperation(Daemon.setGroupMembership(currentDeployment, !noValidate, membership)) .setFailureMesssage("Failed to set configured roles.") .setSuccessMessage("Successfully updated roles.") .get(); } }
public GroupMembership getGroupMembership(String deploymentName) { Authz authz = getAuthz(deploymentName); if (authz.getGroupMembership() == null) { authz.setGroupMembership(new GroupMembership()); } return authz.getGroupMembership(); }
@Override public void validate(ConfigProblemSetBuilder p, Authz z) { if (!z.isEnabled()) { return; } switch (z.getGroupMembership().getService()) { case GITHUB: githubValidator.validate(p, z.getGroupMembership().getGithub()); break; case GOOGLE: googleValidator.validate(p, z.getGroupMembership().getGoogle()); break; case FILE: fileValidator.validate(p, z.getGroupMembership().getFile()); break; case LDAP: ldapValidator.validate(p, z.getGroupMembership().getLdap()); break; case EXTERNAL: // fallthrough default: break; } } }
public void setRoleProvider(String deploymentName, RoleProvider roleProvider) { Authz authz = getAuthz(deploymentName); if (authz.getGroupMembership() == null) { authz.setGroupMembership(new GroupMembership()); } GroupMembership groupMembership = authz.getGroupMembership(); switch (roleProvider.getRoleProviderType()) { case GOOGLE: groupMembership.setGoogle((GoogleRoleProvider) roleProvider); break; case GITHUB: groupMembership.setGithub((GithubRoleProvider) roleProvider); break; case FILE: groupMembership.setFile((FileRoleProvider) roleProvider); break; case LDAP: groupMembership.setLdap((LdapRoleProvider) roleProvider); break; default: throw new RuntimeException("Unknown Role Provider " + roleProvider.getRoleProviderType()); } }
public static Supplier<RoleProvider> getRoleProvider(String deploymentName, String roleProviderName, boolean validate) { return () -> { Object rawRoleProvider = ResponseUnwrapper.get(getService().getRoleProvider(deploymentName, roleProviderName, validate)); return getObjectMapper().convertValue(rawRoleProvider, GroupMembership.translateRoleProviderType(roleProviderName)); }; }
public RoleProvider getRoleProvider(String deploymentName, String roleProviderName) { NodeFilter filter = new NodeFilter().setDeployment(deploymentName).setSecurity().setRoleProvider(roleProviderName); return lookupService.getSingularNodeOrDefault(filter, RoleProvider.class, () -> { try { return GroupMembership.translateRoleProviderType(roleProviderName).newInstance(); } catch (InstantiationException | IllegalAccessException e) { throw new RuntimeException(e); } }, n -> setRoleProvider(deploymentName, n)); }
public RoleProvider getRoleProvider(String deploymentName, String roleProviderName) { NodeFilter filter = new NodeFilter().setDeployment(deploymentName).setSecurity().setRoleProvider(roleProviderName); return lookupService.getSingularNodeOrDefault(filter, RoleProvider.class, () -> { try { return GroupMembership.translateRoleProviderType(roleProviderName).newInstance(); } catch (InstantiationException | IllegalAccessException e) { throw new RuntimeException(e); } }, n -> setRoleProvider(deploymentName, n)); }
@RequestMapping(value = "/authz/groupMembership/{roleProviderName:.+}", method = RequestMethod.PUT) DaemonTask<Halconfig, Void> setRoleProvider(@PathVariable String deploymentName, @PathVariable String roleProviderName, @ModelAttribute ValidationSettings validationSettings, @RequestBody Object rawProvider) { RoleProvider roleProvider = objectMapper.convertValue( rawProvider, GroupMembership.translateRoleProviderType(roleProviderName) ); return GenericUpdateRequest.<RoleProvider>builder(halconfigParser) .stagePath(halconfigDirectoryStructure.getStagingPath(deploymentName)) .updater(r -> securityService.setRoleProvider(deploymentName, r)) .validator(() -> securityService.validateRoleProvider(deploymentName, roleProviderName)) .description("Edit " + roleProviderName + " group membership settings") .build() .execute(validationSettings, roleProvider); }