@Override public List<AdminUser> getOperateUsers() { return authorization.getOperationConfig().getUsers(); }
public static boolean noSuperAdminsDefined(SecurityConfig securityConfig) { AdminsConfig adminsConfig = securityConfig.adminsConfig(); return adminsConfig.getRoles().isEmpty() && adminsConfig.getUsers().isEmpty(); }
/** * Compiles a list of users from an {@link AdminsConfig}, denormalizing roles to the underlying * members. * * @param adminsConfig the config fragment * @param rolesToUsers a {@link Map} of member users to their respective roles * @return a {@link Set} of user names from the config */ public static Set<String> namesOf(AdminsConfig adminsConfig, Map<String, Collection<String>> rolesToUsers) { List<AdminUser> admins = adminsConfig.getUsers(); Set<String> adminNames = new HashSet<>(); for (AdminUser admin : admins) { adminNames.add(admin.getName().toLower()); } for (AdminRole adminRole : adminsConfig.getRoles()) { adminNames.addAll(emptyIfNull(rolesToUsers.get(adminRole.getName().toLower()))); } return adminNames; }
public static void toJSONWithoutLinks(OutputWriter jsonWriter, AdminsConfig admin) { jsonWriter.addChildList("roles", rolesAsString(admin.getRoles())); jsonWriter.addChildList("users", userAsString(admin.getUsers())); if (admin.hasErrors()) { jsonWriter.addChild("errors", errorWriter -> new ErrorGetter(Collections.singletonMap("SystemAdmin", "system_admin")) .toJSON(errorWriter, admin)); } }
public static void toJSON(OutputWriter jsonWriter, AdminsConfig admin) { jsonWriter.addLinks( outputLinkWriter -> outputLinkWriter.addAbsoluteLink("doc", Routes.SystemAdmins.DOC) .addLink("self", Routes.SystemAdmins.BASE)); jsonWriter.addChildList("roles", rolesAsString(admin.getRoles())); jsonWriter.addChildList("users", userAsString(admin.getUsers())); if (admin.hasErrors()) { jsonWriter.addChild("errors", errorWriter -> new ErrorGetter(Collections.singletonMap("SystemAdmin", "system_admin")) .toJSON(errorWriter, admin)); } }
public static void toJSON(OutputWriter jsonWriter, Authorization authorization) { ViewConfig viewConfig = authorization.getViewConfig(); if (!viewConfig.isEmpty()) { jsonWriter.addChild("view", viewWriter -> writeUsersAndRoles(viewWriter, viewConfig.getUsers(), viewConfig.getRoles())); } AdminsConfig operationConfig = authorization.getOperationConfig(); if (!operationConfig.isEmpty()) { jsonWriter.addChild("operate", operateWriter -> writeUsersAndRoles(operateWriter, operationConfig.getUsers(), operationConfig.getRoles())); } AdminsConfig adminsConfig = authorization.getAdminsConfig(); if (!adminsConfig.isEmpty()) { jsonWriter.addChild("admins", adminsWriter -> writeUsersAndRoles(adminsWriter, adminsConfig.getUsers(), adminsConfig.getRoles())); } }
@Test public void shouldAllowEmptyAuthorizationTagUnderEachTemplateWhileLoading() throws Exception { String configString = "<cruise schemaVersion='" + CONFIG_SCHEMA_VERSION + "'>\n" + " <templates>" + " <pipeline name='template-name'>" + " <authorization>" + " <admins>" + " </admins>" + " </authorization>" + " <stage name='stage-name'>" + " <jobs>" + " <job name='job-name'/>" + " </jobs>" + " </stage>" + " </pipeline>" + " </templates>" + "</cruise>"; CruiseConfig configForEdit = ConfigMigrator.loadWithMigration(configString).configForEdit; PipelineTemplateConfig template = configForEdit.getTemplateByName(new CaseInsensitiveString("template-name")); Authorization authorization = template.getAuthorization(); assertThat(authorization, is(not(nullValue()))); assertThat(authorization.getAdminsConfig().getUsers(), is(empty())); assertThat(authorization.getAdminsConfig().getRoles(), is(empty())); }