@Override public ResourceAction apply(String input) { return new ResourceAction( new Resource(input, ResourceType.DATASOURCE), Action.READ ); } };
@Override public boolean equals(Object o) { if (this == o) { return true; } if (o == null || getClass() != o.getClass()) { return false; } ResourceAction that = (ResourceAction) o; if (!getResource().equals(that.getResource())) { return false; } return getAction() == that.getAction(); }
@Override public boolean equals(Object o) { if (this == o) { return true; } if (o == null || getClass() != o.getClass()) { return false; } BasicAuthorizerPermission that = (BasicAuthorizerPermission) o; if (getResourceAction() != null ? !getResourceAction().equals(that.getResourceAction()) : that.getResourceAction() != null) { return false; } return getResourceNamePattern() != null ? getResourceNamePattern().pattern().equals(that.getResourceNamePattern().pattern()) : that.getResourceNamePattern() == null; }
public BasicAuthorizerPermission( ResourceAction resourceAction ) { this.resourceAction = resourceAction; try { this.resourceNamePattern = Pattern.compile(resourceAction.getResource().getName()); } catch (PatternSyntaxException pse) { throw new BasicSecurityDBResourceException( pse, "Invalid permission, resource name regex[%s] does not compile.", resourceAction.getResource().getName() ); } }
@Override public int hashCode() { int result = getResourceAction() != null ? getResourceAction().hashCode() : 0; result = 31 * result + (getResourceNamePattern().pattern() != null ? getResourceNamePattern().pattern().hashCode() : 0); return result; } }
public BasicAuthorizerPermission( ResourceAction resourceAction ) { this.resourceAction = resourceAction; try { this.resourceNamePattern = Pattern.compile(resourceAction.getResource().getName()); } catch (PatternSyntaxException pse) { throw new BasicSecurityDBResourceException( pse, "Invalid permission, resource name regex[%s] does not compile.", resourceAction.getResource().getName() ); } }
@Override public int hashCode() { int result = getResourceAction() != null ? getResourceAction().hashCode() : 0; result = 31 * result + (getResourceNamePattern().pattern() != null ? getResourceNamePattern().pattern().hashCode() : 0); return result; } }
@Override public ResourceAction apply(String input) { return new ResourceAction( new Resource(input, ResourceType.DATASOURCE), Action.WRITE ); } };
@Override public int hashCode() { int result = getResource().hashCode(); result = 31 * result + getAction().hashCode(); return result; }
@Override public boolean equals(Object o) { if (this == o) { return true; } if (o == null || getClass() != o.getClass()) { return false; } BasicAuthorizerPermission that = (BasicAuthorizerPermission) o; if (getResourceAction() != null ? !getResourceAction().equals(that.getResourceAction()) : that.getResourceAction() != null) { return false; } return getResourceNamePattern() != null ? getResourceNamePattern().pattern().equals(that.getResourceNamePattern().pattern()) : that.getResourceNamePattern() == null; }
new ResourceAction( new Resource("STATE", ResourceType.STATE), Action.WRITE
private boolean permissionCheck(Resource resource, Action action, BasicAuthorizerPermission permission) { if (action != permission.getResourceAction().getAction()) { return false; } Resource permissionResource = permission.getResourceAction().getResource(); if (permissionResource.getType() != resource.getType()) { return false; } Pattern resourceNamePattern = permission.getResourceNamePattern(); Matcher resourceNameMatcher = resourceNamePattern.matcher(resource.getName()); return resourceNameMatcher.matches(); }
ResourceAction datasourceR = new ResourceAction( new Resource(".*", ResourceType.DATASOURCE), Action.READ ); ResourceAction datasourceW = new ResourceAction( new Resource(".*", ResourceType.DATASOURCE), Action.WRITE ); ResourceAction configR = new ResourceAction( new Resource(".*", ResourceType.CONFIG), Action.READ ); ResourceAction configW = new ResourceAction( new Resource(".*", ResourceType.CONFIG), Action.WRITE ); ResourceAction stateR = new ResourceAction( new Resource(".*", ResourceType.STATE), Action.READ ); ResourceAction stateW = new ResourceAction( new Resource(".*", ResourceType.STATE), Action.WRITE
resourceAction.getResource(), resourceAction.getAction() ); if (!access.isAllowed()) {
@DELETE @Path("/pendingSegments/{dataSource}") @Produces(MediaType.APPLICATION_JSON) public Response killPendingSegments( @PathParam("dataSource") String dataSource, @QueryParam("interval") String deleteIntervalString, @Context HttpServletRequest request ) { final Interval deleteInterval = Intervals.of(deleteIntervalString); // check auth for dataSource final Access authResult = AuthorizationUtils.authorizeAllResourceActions( request, ImmutableList.of( new ResourceAction(new Resource(dataSource, ResourceType.DATASOURCE), Action.READ), new ResourceAction(new Resource(dataSource, ResourceType.DATASOURCE), Action.WRITE) ), authorizerMapper ); if (!authResult.isAllowed()) { throw new ForbiddenException(authResult.getMessage()); } if (taskMaster.isLeader()) { final int numDeleted = indexerMetadataStorageAdapter.deletePendingSegments(dataSource, deleteInterval); return Response.ok().entity(ImmutableMap.of("numDeleted", numDeleted)).build(); } else { return Response.status(Status.SERVICE_UNAVAILABLE).build(); } }
ra -> authorizer.authorize( authenticationResult, ra.getResource(), ra.getAction()
new ResourceAction(new Resource(taskDatasource, ResourceType.DATASOURCE), Action.READ) ); };
@Override public boolean equals(Object o) { if (this == o) { return true; } if (o == null || getClass() != o.getClass()) { return false; } ResourceAction that = (ResourceAction) o; if (!getResource().equals(that.getResource())) { return false; } return getAction() == that.getAction(); }
Access accessResult = AuthorizationUtils.authorizeResourceAction( req, new ResourceAction( new Resource("STATE", ResourceType.STATE), Action.WRITE
@Override public int hashCode() { int result = getResource().hashCode(); result = 31 * result + getAction().hashCode(); return result; }