protected void handleRole(Role role, List<Role> parentList, AuthorizationManager authzManager, AssignedPrivilegeListResourceResponse response) { List<Role> newParentList = new ArrayList<Role>(); if (parentList != null) { newParentList.addAll(parentList); } newParentList.add(0, role); for (String roleId : role.getRoles()) { try { handleRole(authzManager.getRole(roleId), newParentList, authzManager, response); } catch (NoSuchRoleException e) { getLogger().debug("handleRole() failed, roleId: " + roleId + " not found"); } } for (String privilegeId : role.getPrivileges()) { try { handlePrivilege(authzManager.getPrivilege(privilegeId), newParentList, response); } catch (NoSuchPrivilegeException e) { getLogger().debug("handleRole() failed, privilegeId: " + privilegeId + " not found"); } } }
AuthorizationManager authzManager = getSecuritySystem().getAuthorizationManager(PRIVILEGE_SOURCE); priv = authzManager.getPrivilege(getPrivilegeId(request)); authzManager.deletePrivilege(getPrivilegeId(request));
public Set<Privilege> listPrivileges() { Set<Privilege> privileges = new HashSet<Privilege>(); for ( AuthorizationManager authzManager : this.authorizationManagers.values() ) { Set<Privilege> tmpPrivileges = authzManager.listPrivileges(); if ( tmpPrivileges != null ) { privileges.addAll( tmpPrivileges ); } } return privileges; }
/** * Returns the request security role. * * @param roleId Id of the role. */ @Override @GET @ResourceMethodSignature(output = RoleResourceResponse.class, pathParams = {@PathParam("roleId")}) public Object get(Context context, Request request, Response response, Variant variant) throws ResourceException { RoleResourceResponse result = new RoleResourceResponse(); try { AuthorizationManager authzManager = getSecuritySystem().getAuthorizationManager(ROLE_SOURCE); result.setData(securityToRestModel(authzManager.getRole(getRoleId(request)), request, false)); } catch (NoSuchRoleException e) { throw new ResourceException(Status.CLIENT_ERROR_NOT_FOUND, e.getMessage()); } catch (NoSuchAuthorizationManagerException e) { this.getLogger().warn("Could not found AuthorizationManager: " + ROLE_SOURCE, e); // we should not ever get here throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Authorization Manager for: " + ROLE_SOURCE + " could not be found."); } return result; }
Role role = restToSecurityModel(authzManager.getRole(resource.getId()), resource); authzManager.updateRole(role);
for (Role role : getSecuritySystem().getAuthorizationManager(DEFAULT_SOURCE).listRoles()) { RoleAndPrivilegeListResource res = toDTO(role); for (Privilege privilege : getSecuritySystem().getAuthorizationManager(DEFAULT_SOURCE).listPrivileges()) { RoleAndPrivilegeListResource res = toDTO(privilege);
public Set<Role> listRoles() { Set<Role> roles = new HashSet<Role>(); for ( AuthorizationManager authzManager : this.authorizationManagers.values() ) { Set<Role> tmpRoles = authzManager.listRoles(); if ( tmpRoles != null ) { roles.addAll( tmpRoles ); } } return roles; }
protected void cleanupPrivileges( String propertyId, String propertyValue ) throws NoSuchPrivilegeException, NoSuchAuthorizationManagerException { Set<Privilege> privileges = security.listPrivileges(); Set<String> removedIds = new HashSet<String>(); for ( Privilege privilege : privileges ) { if ( !privilege.isReadOnly() && privilege.getType().equals( TargetPrivilegeDescriptor.TYPE ) && ( propertyValue.equals( privilege.getPrivilegeProperty( propertyId ) ) ) ) { getLogger().debug( "Removing Privilege " + privilege.getName() + " because repository was removed" ); security.getAuthorizationManager( SecurityXmlAuthorizationManager.SOURCE ).deletePrivilege( privilege.getId() ); removedIds.add( privilege.getId() ); } } for ( String privilegeId : removedIds ) { configManager.cleanRemovedPrivilege( privilegeId ); } configManager.save(); } }
/** * Removes a security role. * * @param roleId Id of the role to be removed. */ @Override @DELETE @ResourceMethodSignature(pathParams = {@PathParam("roleId")}) public void delete(Context context, Request request, Response response) throws ResourceException { try { AuthorizationManager authzManager = getSecuritySystem().getAuthorizationManager(ROLE_SOURCE); authzManager.deleteRole(getRoleId(request)); } catch (NoSuchRoleException e) { throw new ResourceException(Status.CLIENT_ERROR_NOT_FOUND, e.getMessage()); } catch (NoSuchAuthorizationManagerException e) { this.getLogger().warn("Could not found AuthorizationManager: " + ROLE_SOURCE, e); // we should not ever get here throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Authorization Manager for: " + ROLE_SOURCE + " could not be found."); } }
/** * Retrieves the details of a security privilege. * * @param privilegeId The Id of the privilege. */ @Override @GET @ResourceMethodSignature(output = PrivilegeStatusResourceResponse.class, pathParams = {@PathParam("privilegeId")}) public Object get(Context context, Request request, Response response, Variant variant) throws ResourceException { PrivilegeStatusResourceResponse result = new PrivilegeStatusResourceResponse(); Privilege priv = null; try { AuthorizationManager authzManager = getSecuritySystem().getAuthorizationManager(PRIVILEGE_SOURCE); priv = authzManager.getPrivilege(getPrivilegeId(request)); } catch (NoSuchPrivilegeException e) { throw new ResourceException(Status.CLIENT_ERROR_NOT_FOUND, "Privilege could not be found."); } catch (NoSuchAuthorizationManagerException e) { this.getLogger().warn("Could not found AuthorizationManager: " + PRIVILEGE_SOURCE, e); // we should not ever get here throw new ResourceException(Status.CLIENT_ERROR_BAD_REQUEST, "Authorization Manager for: " + PRIVILEGE_SOURCE + " could not be found."); } result.setData(securityToRestModel(priv, request, false)); return result; }
role = authzManager.addRole( role );
priv = getSecuritySystem().getAuthorizationManager(DEFAULT_SOURCE).addPrivilege(priv);
/** * Returns the request security role. * * @param roleId Id of the role. */ @Override @GET @ResourceMethodSignature( output = RoleResourceResponse.class, pathParams = { @PathParam( "roleId" ) } ) public Object get( Context context, Request request, Response response, Variant variant ) throws ResourceException { RoleResourceResponse result = new RoleResourceResponse(); try { AuthorizationManager authzManager = getSecuritySystem().getAuthorizationManager( ROLE_SOURCE ); result.setData( securityToRestModel( authzManager.getRole( getRoleId( request ) ), request, false ) ); } catch ( NoSuchRoleException e ) { throw new ResourceException( Status.CLIENT_ERROR_NOT_FOUND, e.getMessage() ); } catch ( NoSuchAuthorizationManagerException e ) { this.getLogger().warn( "Could not found AuthorizationManager: " + ROLE_SOURCE, e ); // we should not ever get here throw new ResourceException( Status.CLIENT_ERROR_BAD_REQUEST, "Authorization Manager for: " + ROLE_SOURCE + " could not be found." ); } return result; }
Role role = restToSecurityModel( authzManager.getRole( resource.getId() ), resource ); authzManager.updateRole( role );
for ( Role role : getSecuritySystem().getAuthorizationManager( DEFAULT_SOURCE ).listRoles() ) for ( Privilege privilege : getSecuritySystem().getAuthorizationManager( DEFAULT_SOURCE ).listPrivileges() )
public Set<Role> listRoles( String sourceId ) throws NoSuchAuthorizationManagerException { if ( ALL_ROLES_KEY.equalsIgnoreCase( sourceId ) ) { return this.listRoles(); } else { AuthorizationManager authzManager = this.getAuthorizationManager( sourceId ); return authzManager.listRoles(); } }
/** * Removes a security role. * * @param roleId Id of the role to be removed. */ @Override @DELETE @ResourceMethodSignature( pathParams = { @PathParam( "roleId" ) } ) public void delete( Context context, Request request, Response response ) throws ResourceException { try { AuthorizationManager authzManager = getSecuritySystem().getAuthorizationManager( ROLE_SOURCE ); authzManager.deleteRole( getRoleId( request ) ); } catch ( NoSuchRoleException e ) { throw new ResourceException( Status.CLIENT_ERROR_NOT_FOUND, e.getMessage() ); } catch ( NoSuchAuthorizationManagerException e ) { this.getLogger().warn( "Could not found AuthorizationManager: " + ROLE_SOURCE, e ); // we should not ever get here throw new ResourceException( Status.CLIENT_ERROR_BAD_REQUEST, "Authorization Manager for: " + ROLE_SOURCE + " could not be found." ); } }
priv = authzManager.getPrivilege( getPrivilegeId( request ) );
role = authzManager.addRole(role);
priv = getSecuritySystem().getAuthorizationManager( DEFAULT_SOURCE ).addPrivilege( priv );