private RoleMappingResourceDefinition(final DelegatingConfigurableAuthorizer authorizer, final boolean domainMode) { super(PathElement.pathElement(PATH_KEY), DomainManagementResolver.getResolver("core.access-control.role-mapping"), RoleMappingAdd.create(authorizer.getWritableAuthorizerConfiguration(), domainMode), RoleMappingRemove.create(authorizer.getWritableAuthorizerConfiguration())); this.authorizer = authorizer; }
/** * Construct a new instance. * * @param processType the type of process being controlled * @param runningModeControl the controller of the process' running mode * @param configurationPersister the configuration persister * @param processState the controlled process state * @param rootResourceDefinition the root resource definition * @param prepareStep the prepare step to prepend to operation execution * @param expressionResolver the expression resolver * * @deprecated Here for backwards compatibility for ModelTestModelControllerService */ protected AbstractControllerService(final ProcessType processType, final RunningModeControl runningModeControl, final ConfigurationPersister configurationPersister, final ControlledProcessState processState, final ResourceDefinition rootResourceDefinition, final OperationStepHandler prepareStep, final ExpressionResolver expressionResolver) { this(processType, runningModeControl, configurationPersister, processState, rootResourceDefinition, null, prepareStep, expressionResolver, AuditLogger.NO_OP_LOGGER, new DelegatingConfigurableAuthorizer()); }
@Override public void run() { try { stopAsynchronous(context); } finally { try { authorizer.shutdown(); } finally { context.complete(); } } } };
static void updateAuthorizer(final ModelNode value, final DelegatingConfigurableAuthorizer configurableAuthorizer) { ModelNode resolvedValue = value.isDefined() ? value : AccessAuthorizationResourceDefinition.PROVIDER.getDefaultValue(); String providerName = resolvedValue.asString().toUpperCase(Locale.ENGLISH); Provider provider = Provider.valueOf(providerName); AuthorizerConfiguration authorizerConfiguration = configurableAuthorizer.getWritableAuthorizerConfiguration(); RoleMapper roleMapper; if (provider == Provider.SIMPLE) { roleMapper = new SuperUserRoleMapper(authorizerConfiguration); } else { roleMapper = new StandardRoleMapper(configurableAuthorizer.getWritableAuthorizerConfiguration()); } Authorizer delegate = StandardRBACAuthorizer.create(configurableAuthorizer.getWritableAuthorizerConfiguration(), roleMapper); configurableAuthorizer.setDelegate(delegate); }
static void updateAuthorizer(final ModelNode value, final DelegatingConfigurableAuthorizer configurableAuthorizer) { ModelNode resolvedValue = value.isDefined() ? value : AccessAuthorizationResourceDefinition.PROVIDER.getDefaultValue(); String providerName = resolvedValue.asString().toUpperCase(Locale.ENGLISH); Provider provider = Provider.valueOf(providerName); AuthorizerConfiguration authorizerConfiguration = configurableAuthorizer.getWritableAuthorizerConfiguration(); RoleMapper roleMapper; if (provider == Provider.SIMPLE) { roleMapper = new SuperUserRoleMapper(authorizerConfiguration); } else { roleMapper = new StandardRoleMapper(configurableAuthorizer.getWritableAuthorizerConfiguration()); } Authorizer delegate = StandardRBACAuthorizer.create(configurableAuthorizer.getWritableAuthorizerConfiguration(), roleMapper); configurableAuthorizer.setDelegate(delegate); }
@Override public void registerAttributes(ManagementResourceRegistration resourceRegistration) { WritableAuthorizerConfiguration authorizerConfiguration = authorizer.getWritableAuthorizerConfiguration(); resourceRegistration.registerReadWriteAttribute(INCLUDE_ALL, null, new RoleIncludeAllWriteAttributeHander(authorizerConfiguration)); }
/** * Construct a new instance. * Simplified constructor for test case subclasses. * * @param processType the type of process being controlled * @param runningModeControl the controller of the process' running mode * @param configurationPersister the configuration persister * @param processState the controlled process state * @param rootDescriptionProvider the root description provider * @param prepareStep the prepare step to prepend to operation execution * @param expressionResolver the expression resolver * * @deprecated Here for backwards compatibility for ModelTestModelControllerService */ @Deprecated protected AbstractControllerService(final ProcessType processType, final RunningModeControl runningModeControl, final ConfigurationPersister configurationPersister, final ControlledProcessState processState, final DescriptionProvider rootDescriptionProvider, final OperationStepHandler prepareStep, final ExpressionResolver expressionResolver) { this(processType, runningModeControl, configurationPersister, processState, null, rootDescriptionProvider, prepareStep, expressionResolver, AuditLogger.NO_OP_LOGGER, new DelegatingConfigurableAuthorizer()); }
@Override public void run() { try { stopAsynchronous(context); } finally { try { authorizer.shutdown(); } finally { context.complete(); } } } };
private RoleMappingResourceDefinition(final DelegatingConfigurableAuthorizer authorizer, final boolean domainMode) { super(PathElement.pathElement(PATH_KEY), DomainManagementResolver.getResolver("core.access-control.role-mapping"), RoleMappingAdd.create(authorizer.getWritableAuthorizerConfiguration(), domainMode), RoleMappingRemove.create(authorizer.getWritableAuthorizerConfiguration())); this.authorizer = authorizer; }
/** * This is the constructor to use for 9.0.x core model tests */ protected ModelTestModelControllerService(final ProcessType processType, final RunningModeControl runningModeControl, final TransformerRegistry transformerRegistry, final StringConfigurationPersister persister, final ModelTestOperationValidatorFilter validateOpsFilter, final DelegatingResourceDefinition rootResourceDefinition, ControlledProcessState processState, ExpressionResolver expressionResolver, Controller90x version) { super(processType, runningModeControl, persister, processState == null ? new ControlledProcessState(true) : processState, rootResourceDefinition, null, expressionResolver, AuditLogger.NO_OP_LOGGER, new DelegatingConfigurableAuthorizer()); this.persister = persister; this.transformerRegistry = transformerRegistry; this.validateOpsFilter = validateOpsFilter; this.runningModeControl = runningModeControl; }
@Override public void run() { try { stopAsynchronous(context); } finally { try { authorizer.shutdown(); } finally { context.complete(); } } } };
@Override public void registerAttributes(ManagementResourceRegistration resourceRegistration) { WritableAuthorizerConfiguration authorizerConfiguration = authorizer.getWritableAuthorizerConfiguration(); resourceRegistration.registerReadWriteAttribute(INCLUDE_ALL, null, new RoleIncludeAllWriteAttributeHander(authorizerConfiguration)); }
/** * This is the constructor to use for 10.0.x core model tests */ protected ModelTestModelControllerService(final ProcessType processType, final RunningModeControl runningModeControl, final TransformerRegistry transformerRegistry, final StringConfigurationPersister persister, final ModelTestOperationValidatorFilter validateOpsFilter, final DelegatingResourceDefinition rootResourceDefinition, ControlledProcessState processState, ExpressionResolver expressionResolver, Controller10x version) { super(processType, runningModeControl, persister, processState == null ? new ControlledProcessState(true) : processState, rootResourceDefinition, null, expressionResolver, AuditLogger.NO_OP_LOGGER, new DelegatingConfigurableAuthorizer()); this.persister = persister; this.transformerRegistry = transformerRegistry; this.validateOpsFilter = validateOpsFilter; this.runningModeControl = runningModeControl; }
@Override public void registerChildren(ManagementResourceRegistration resourceRegistration) { WritableAuthorizerConfiguration authorizerConfiguration = authorizer.getWritableAuthorizerConfiguration(); resourceRegistration.registerSubModel(PrincipalResourceDefinition.includeResourceDefinition(authorizerConfiguration)); resourceRegistration.registerSubModel(PrincipalResourceDefinition.excludeResourceDefinition(authorizerConfiguration)); }
/** * This is the constructor to use for 14.0.x core model tests */ protected ModelTestModelControllerService(final ProcessType processType, final RunningModeControl runningModeControl, final TransformerRegistry transformerRegistry, final StringConfigurationPersister persister, final ModelTestOperationValidatorFilter validateOpsFilter, final DelegatingResourceDefinition rootResourceDefinition, ControlledProcessState processState, ExpressionResolver expressionResolver, Controller14x version) { super(processType, runningModeControl, persister, processState == null ? new ControlledProcessState(true) : processState, rootResourceDefinition, null, expressionResolver, AuditLogger.NO_OP_LOGGER, new DelegatingConfigurableAuthorizer()); this.persister = persister; this.transformerRegistry = transformerRegistry; this.validateOpsFilter = validateOpsFilter; this.runningModeControl = runningModeControl; }
@Override public void registerChildren(ManagementResourceRegistration resourceRegistration) { WritableAuthorizerConfiguration authorizerConfiguration = authorizer.getWritableAuthorizerConfiguration(); resourceRegistration.registerSubModel(PrincipalResourceDefinition.includeResourceDefinition(authorizerConfiguration)); resourceRegistration.registerSubModel(PrincipalResourceDefinition.excludeResourceDefinition(authorizerConfiguration)); }
/** * This is the constructor to use for 11.0.x core model tests */ protected ModelTestModelControllerService(final ProcessType processType, final RunningModeControl runningModeControl, final TransformerRegistry transformerRegistry, final StringConfigurationPersister persister, final ModelTestOperationValidatorFilter validateOpsFilter, final DelegatingResourceDefinition rootResourceDefinition, ControlledProcessState processState, ExpressionResolver expressionResolver, Controller11x version) { super(processType, runningModeControl, persister, processState == null ? new ControlledProcessState(true) : processState, rootResourceDefinition, null, expressionResolver, AuditLogger.NO_OP_LOGGER, new DelegatingConfigurableAuthorizer()); this.persister = persister; this.transformerRegistry = transformerRegistry; this.validateOpsFilter = validateOpsFilter; this.runningModeControl = runningModeControl; }
@Override public void execute(OperationContext context, ModelNode operation) throws OperationFailedException { WritableAuthorizerConfiguration authorizerConfiguration = configurableAuthorizer.getWritableAuthorizerConfiguration(); ModelNode provider = AccessAuthorizationResourceDefinition.PROVIDER.resolveModelAttribute(context, model); AccessAuthorizationProviderWriteAttributeHander.updateAuthorizer(provider, configurableAuthorizer); ModelNode combinationPolicy = AccessAuthorizationResourceDefinition.PERMISSION_COMBINATION_POLICY.resolveModelAttribute(context, model); AccessAuthorizationCombinationPolicyWriteAttributeHandler.updateAuthorizer(combinationPolicy, authorizerConfiguration); context.completeStep(OperationContext.RollbackHandler.NOOP_ROLLBACK_HANDLER); } }, OperationContext.Stage.RUNTIME);
/** * This is the constructor to use for current core model tests */ protected ModelTestModelControllerService(final ProcessType processType, final RunningModeControl runningModeControl, final TransformerRegistry transformerRegistry, final StringConfigurationPersister persister, final ModelTestOperationValidatorFilter validateOpsFilter, final DelegatingResourceDefinition rootResourceDefinition, ControlledProcessState processState, ExpressionResolver expressionResolver, CapabilityRegistry capabilityRegistry) { super(processType, runningModeControl, persister, processState == null ? new ControlledProcessState(true) : processState, rootResourceDefinition, null, expressionResolver, AuditLogger.NO_OP_LOGGER, new DelegatingConfigurableAuthorizer(), new ManagementSecurityIdentitySupplier(), capabilityRegistry); this.persister = persister; this.transformerRegistry = transformerRegistry; this.validateOpsFilter = validateOpsFilter; this.runningModeControl = runningModeControl; }
@Override public void execute(OperationContext context, ModelNode operation) throws OperationFailedException { WritableAuthorizerConfiguration authorizerConfiguration = configurableAuthorizer.getWritableAuthorizerConfiguration(); ModelNode provider = AccessAuthorizationResourceDefinition.PROVIDER.resolveModelAttribute(context, model); AccessAuthorizationProviderWriteAttributeHander.updateAuthorizer(provider, configurableAuthorizer); ModelNode combinationPolicy = AccessAuthorizationResourceDefinition.PERMISSION_COMBINATION_POLICY.resolveModelAttribute(context, model); AccessAuthorizationCombinationPolicyWriteAttributeHandler.updateAuthorizer(combinationPolicy, authorizerConfiguration); context.completeStep(OperationContext.RollbackHandler.NOOP_ROLLBACK_HANDLER); } }, OperationContext.Stage.RUNTIME);