@Override public void apply(AdminsConfig adminsConfig, Admin userOrRole) { adminsConfig.add(userOrRole); }}, OFF,
private static void populateConfig(AdminsConfig config, JsonReader jsonReader) { jsonReader.readArrayIfPresent("users", users -> users.forEach(user -> config.add(new AdminUser(new CaseInsensitiveString(user.getAsString()))))); jsonReader.readArrayIfPresent("roles", roles -> roles.forEach(role -> config.add(new AdminRole(new CaseInsensitiveString(role.getAsString()))))); } }
public static AdminsConfig fromJSON(JsonReader jsonReader) { AdminsConfig adminsConfig = new AdminsConfig(); jsonReader.readArrayIfPresent("users", users -> { users.forEach(user -> adminsConfig.add(new AdminUser(new CaseInsensitiveString(user.getAsString())))); }); jsonReader.readArrayIfPresent("roles", roles -> { roles.forEach(role -> adminsConfig.add(new AdminRole(new CaseInsensitiveString(role.getAsString())))); }); return adminsConfig; }
public static AdminsConfig fromJSON(JsonReader jsonReader) { AdminsConfig adminsConfig = new AdminsConfig(); jsonReader.readArrayIfPresent("users", users -> { users.forEach(user -> adminsConfig.add(new AdminUser(new CaseInsensitiveString(user.getAsString())))); }); jsonReader.readArrayIfPresent("roles", roles -> { roles.forEach(role -> adminsConfig.add(new AdminRole(new CaseInsensitiveString(role.getAsString())))); }); return adminsConfig; }
@Test public void shouldPopulateErrorsOnPresentationElementWhenAnInvalidUserIsAddedToAdminList() { Authorization authorization = new Authorization(); AdminUser invalidUser = new AdminUser(new CaseInsensitiveString("boo_user")); invalidUser.addError(AdminUser.NAME, "some error"); AdminUser validUser = new AdminUser(new CaseInsensitiveString("valid_user")); authorization.getAdminsConfig().add(invalidUser); authorization.getAdminsConfig().add(validUser); List<Authorization.PresentationElement> userAuthorizations = authorization.getUserAuthorizations(); assertThat(userAuthorizations.get(0).errors().isEmpty(), is(false)); assertThat(userAuthorizations.get(0).errors().on(Admin.NAME), is("some error")); assertThat(userAuthorizations.get(1).errors().isEmpty(), is(true)); }
private PipelineConfigs addRoleAsAdminToDefaultGroup(CruiseConfig cruiseConfig, String role) { PipelineConfigs group = cruiseConfig.findGroup(DEFAULT_GROUP); group.getAuthorization().getAdminsConfig().add(new AdminRole(new CaseInsensitiveString(role))); return group; }
private PipelineConfigs addUserAsOperatorToDefaultGroup(CruiseConfig cruiseConfig, String user) { PipelineConfigs group = cruiseConfig.findGroup(DEFAULT_GROUP); group.getAuthorization().getOperationConfig().add(new AdminUser(new CaseInsensitiveString(user))); return group; }
public static PipelineConfigs groupWithOperatePermission(PipelineConfig pipelineConfig, String... users) { Authorization authorization = new Authorization(); for (String user : users) { authorization.getOperationConfig().add(new AdminUser(new CaseInsensitiveString(user))); } return new BasicPipelineConfigs("defaultGroup", authorization, pipelineConfig); }
private void addRoleAsOperatorToDefaultGroup(CruiseConfig goConfig, String role) { PipelineConfigs group = goConfig.findGroup(DEFAULT_GROUP); group.getAuthorization().getOperationConfig().add(new AdminRole(new CaseInsensitiveString(role))); }
public static CruiseConfig addUserAsSuperAdmin(CruiseConfig config, String adminName) { config.server().security().adminsConfig().add(new AdminUser(new CaseInsensitiveString(adminName))); return config; }
public GoConfigMother addAdminRoleForPipelineGroup(CruiseConfig config, String roleName, String groupName) { PipelineConfigs group = config.getGroups().findGroup(groupName); group.getAuthorization().getAdminsConfig().add(new AdminRole(new CaseInsensitiveString(roleName))); return this; }
public void addRoleAsOperatorOfPipelineGroup(CruiseConfig cruiseConfig, String roleName, String groupName) { PipelineConfigs group = cruiseConfig.getGroups().findGroup(groupName); group.getAuthorization().getOperationConfig().add(new AdminRole(new CaseInsensitiveString(roleName))); }
public void addUserAsOperatorOfPipelineGroup(CruiseConfig cruiseConfig, String userName, String groupName) { PipelineConfigs group = cruiseConfig.getGroups().findGroup(groupName); group.getAuthorization().getOperationConfig().add(new AdminUser(new CaseInsensitiveString(userName))); }
@Test public void shouldReturnFalseIfViewPermissionIsNotDefined() { PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1")); group.getAuthorization().getOperationConfig().add(new AdminUser(new CaseInsensitiveString("jez"))); assertThat(group.hasViewPermission(new CaseInsensitiveString("jez"), null), is(false)); }
@Test public void shouldReturnTrueIfUserHasOperatePermission() { PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1")); group.getAuthorization().getOperationConfig().add(new AdminUser(new CaseInsensitiveString("jez"))); assertThat(group.hasOperatePermission(new CaseInsensitiveString("jez"), null), is(true)); }
@Test public void shouldReturnFalseIfUserDoesNotHaveOperatePermission() { PipelineConfigs group = createWithPipeline(PipelineConfigMother.pipelineConfig("pipeline1")); group.getAuthorization().getOperationConfig().add(new AdminUser(new CaseInsensitiveString("jez"))); assertThat(group.hasOperatePermission(new CaseInsensitiveString("anyone"), null), is(false)); }
private CruiseConfig cruiseConfigWithSecurity(Role roleDefinition, Admin admins) { CruiseConfig cruiseConfig = GoConfigMother.configWithPipelines("pipeline"); SecurityConfig securityConfig = cruiseConfig.server().security(); securityConfig.securityAuthConfigs().add(new SecurityAuthConfig("file", "cd.go.authentication.passwordfile")); securityConfig.addRole(roleDefinition); securityConfig.adminsConfig().add(admins); return cruiseConfig; }
@Test public void shouldGetServerSecurityContext() { BasicCruiseConfig cruiseConfig = new BasicCruiseConfig(); SecurityConfig securityConfig = new SecurityConfig(); securityConfig.addRole(new RoleConfig(new CaseInsensitiveString("admin"))); securityConfig.adminsConfig().add(new AdminUser(new CaseInsensitiveString("super-admin"))); cruiseConfig.server().useSecurity(securityConfig); PipelineConfigSaveValidationContext context = PipelineConfigSaveValidationContext.forChain(true, "group", cruiseConfig); Assert.assertThat(context.getServerSecurityConfig(), is(securityConfig)); }
@Test public void shouldResolve_ConfigValue_MappedAsObject() { SecurityConfig securityConfig = new SecurityConfig(); securityConfig.adminsConfig().add(new AdminUser(new CaseInsensitiveString("lo#{foo}"))); securityConfig.addRole(new RoleConfig(new CaseInsensitiveString("boo#{bar}"), new RoleUser(new CaseInsensitiveString("choo#{foo}")))); new ParamResolver(new ParamSubstitutionHandlerFactory(params(param("foo", "ser"), param("bar", "zer"))), fieldCache).resolve(securityConfig); assertThat(CaseInsensitiveString.str(securityConfig.adminsConfig().get(0).getName()), is("loser")); assertThat(CaseInsensitiveString.str(securityConfig.getRoles().get(0).getName()), is("boozer")); assertThat(CaseInsensitiveString.str(securityConfig.getRoles().get(0).getUsers().get(0).getName()), is("chooser")); }
@Test public void shouldReturnFalseIfViewPermissionIsNotDefined_When2ConfigParts() { BasicPipelineConfigs filePart = new BasicPipelineConfigs(PipelineConfigMother.pipelineConfig("pipeline3")); filePart.setOrigin(new FileConfigOrigin()); PipelineConfigs group = new MergePipelineConfigs( new BasicPipelineConfigs(PipelineConfigMother.pipelineConfig("pipeline1")), new BasicPipelineConfigs(PipelineConfigMother.pipelineConfig("pipeline2")),filePart); group.getAuthorization().getOperationConfig().add(new AdminUser(new CaseInsensitiveString("jez"))); assertThat(group.hasViewPermission(new CaseInsensitiveString("jez"), null), is(false)); }