@Override public boolean isUserAnAdmin(CaseInsensitiveString userName, List<Role> memberRoles) { return this.getAuthorizationPart().isUserAnAdmin(userName,memberRoles); }
public boolean isUserAdminOfGroup(final CaseInsensitiveString userName, PipelineConfigs group) { return group != null && group.isUserAnAdmin(userName, rolesForUser(userName)); }
@Override public List<String> getGroupsForUser(CaseInsensitiveString username, List<Role> roles) { ArrayList<String> groups = new ArrayList<>(); for (PipelineConfigs group : this.groups) { if (isAdministrator(username.toString()) || group.isUserAnAdmin(username, roles)) { groups.add(group.getGroup()); } } return groups; }
CruiseConfig cruiseConfig = ConfigMigrator.loadWithMigration(content).config; assertThat(cruiseConfig.schemaVersion(), is(CONFIG_SCHEMA_VERSION)); assertThat(cruiseConfig.findGroup("first").isUserAnAdmin(new CaseInsensitiveString("foo"), new ArrayList<>()), is(true));
private void validateOperatePermissions(ValidationContext validationContext) { if (validationContext.isWithinPipelines()) { PipelineConfigs group = validationContext.getPipelineGroup(); if (!group.hasOperationPermissionDefined()) { return; } AdminsConfig groupOperators = group.getAuthorization().getOperationConfig(); SecurityConfig serverSecurityConfig = validationContext.getServerSecurityConfig(); RolesConfig roles = serverSecurityConfig.getRoles(); for (Admin approver : authConfig) { boolean approverIsASuperAdmin = serverSecurityConfig.isAdmin(approver); boolean approverIsAGroupAdmin = group.isUserAnAdmin(approver.getName(), roles.memberRoles(approver)); boolean approverIsNotAnAdmin = !(approverIsASuperAdmin || approverIsAGroupAdmin); boolean approverIsNotAGroupOperator = !groupOperators.has(approver, roles.memberRoles(approver)); if (approverIsNotAnAdmin && approverIsNotAGroupOperator) { approver.addError(String.format("%s \"%s\" who is not authorized to operate pipeline group `%s` can not be authorized to approve stage", approver.describe(), approver, group.getGroup())); } } } }
CruiseConfig cruiseConfig = ConfigMigrator.loadWithMigration(content).config; assertThat(cruiseConfig.schemaVersion(), is(CONFIG_SCHEMA_VERSION)); assertThat(cruiseConfig.findGroup("first").isUserAnAdmin(new CaseInsensitiveString("foo"), asList(new RoleConfig(new CaseInsensitiveString("bar")))), is(true));