@Override public String getIdentifier() { return ResourceType.Flow.getValue(); }
@Override public String getIdentifier() { return ResourceType.SiteToSite.getValue(); }
@Override public String getIdentifier() { return ResourceType.Controller.getValue(); }
@Override public String getIdentifier() { return ResourceType.ProvenanceData.getValue(); }
@Override public String getIdentifier() { return ResourceType.Resource.getValue(); }
@Override public String getIdentifier() { return ResourceType.System.getValue(); }
@Override public String getIdentifier() { return ResourceType.Tenant.getValue(); }
@Override public String getIdentifier() { return ResourceType.Proxy.getValue(); }
@Override public String getIdentifier() { return ResourceType.RestrictedComponents.getValue(); }
@Override public String getIdentifier() { return resourceType.getValue() + "/" + identifier; }
@Override public String getIdentifier() { return ResourceType.Policy.getValue(); }
@Override public String getIdentifier() { return ResourceType.Counters.getValue(); }
@Override public String getIdentifier() { return ResourceType.Provenance.getValue(); }
@Override public String getIdentifier() { return ResourceType.Data.getValue(); }
/** * Get ResourceType from a raw resource value. * E.g. From "rovenance-data/processors/7ce897d6-0164-1000-fc87-caee3b08ba47", ProvenanceData will be returned. * @param rawValue the raw resource string representation * @return the type of the specified resource, or null if not found */ public static ResourceType fromRawValue(final String rawValue) throws IllegalArgumentException { for (final ResourceType rt : values()) { if (rt.getValue().equals(rawValue) || rawValue.startsWith(rt.getValue() + "/")) { return rt; } } return null; } }
@Override public String getIdentifier() { return ResourceType.DataTransfer.getValue() + resource.getIdentifier(); }
@Override public String getIdentifier() { return ResourceType.Operation.getValue() + resource.getIdentifier(); }
private Authorizable getAccessPolicy(final ResourceType resourceType, final String resource) { final String slashComponentId = StringUtils.substringAfter(resource, resourceType.getValue()); if (slashComponentId.startsWith("/")) { return getAccessPolicyByResource(resourceType, slashComponentId.substring(1)); } else { return getAccessPolicyByResource(resourceType); } }
addUserToAccessPolicy(authorizations, ResourceType.Proxy.getValue(), node.getIdentifier(), WRITE_CODE); addUserToAccessPolicy(authorizations, ResourceType.Data.getValue() + ResourceType.ProcessGroup.getValue() + "/" + rootGroupId, node.getIdentifier(), READ_CODE); addUserToAccessPolicy(authorizations, ResourceType.Data.getValue() + ResourceType.ProcessGroup.getValue() + "/" + rootGroupId, node.getIdentifier(), WRITE_CODE); addGroupToAccessPolicy(authorizations, ResourceType.Proxy.getValue(), nodeGroupIdentifier, WRITE_CODE); addGroupToAccessPolicy(authorizations, ResourceType.Data.getValue() + ResourceType.ProcessGroup.getValue() + "/" + rootGroupId, nodeGroupIdentifier, READ_CODE); addGroupToAccessPolicy(authorizations, ResourceType.Data.getValue() + ResourceType.ProcessGroup.getValue() + "/" + rootGroupId, nodeGroupIdentifier, WRITE_CODE);
/** * Creates the initial admin user and policies for access the flow and managing users and policies. */ private void populateInitialAdmin(final Authorizations authorizations) { final User initialAdmin = userGroupProvider.getUserByIdentity(initialAdminIdentity); if (initialAdmin == null) { throw new AuthorizerCreationException("Unable to locate initial admin " + initialAdminIdentity + " to seed policies"); } // grant the user read access to the /flow resource addUserToAccessPolicy(authorizations, ResourceType.Flow.getValue(), initialAdmin.getIdentifier(), READ_CODE); // grant the user read access to the root process group resource if (rootGroupId != null) { addUserToAccessPolicy(authorizations, ResourceType.Data.getValue() + ResourceType.ProcessGroup.getValue() + "/" + rootGroupId, initialAdmin.getIdentifier(), READ_CODE); addUserToAccessPolicy(authorizations, ResourceType.Data.getValue() + ResourceType.ProcessGroup.getValue() + "/" + rootGroupId, initialAdmin.getIdentifier(), WRITE_CODE); addUserToAccessPolicy(authorizations, ResourceType.ProcessGroup.getValue() + "/" + rootGroupId, initialAdmin.getIdentifier(), READ_CODE); addUserToAccessPolicy(authorizations, ResourceType.ProcessGroup.getValue() + "/" + rootGroupId, initialAdmin.getIdentifier(), WRITE_CODE); } // grant the user write to restricted components addUserToAccessPolicy(authorizations, ResourceType.RestrictedComponents.getValue(), initialAdmin.getIdentifier(), WRITE_CODE); // grant the user read/write access to the /tenants resource addUserToAccessPolicy(authorizations, ResourceType.Tenant.getValue(), initialAdmin.getIdentifier(), READ_CODE); addUserToAccessPolicy(authorizations, ResourceType.Tenant.getValue(), initialAdmin.getIdentifier(), WRITE_CODE); // grant the user read/write access to the /policies resource addUserToAccessPolicy(authorizations, ResourceType.Policy.getValue(), initialAdmin.getIdentifier(), READ_CODE); addUserToAccessPolicy(authorizations, ResourceType.Policy.getValue(), initialAdmin.getIdentifier(), WRITE_CODE); // grant the user read/write access to the /controller resource addUserToAccessPolicy(authorizations, ResourceType.Controller.getValue(), initialAdmin.getIdentifier(), READ_CODE); addUserToAccessPolicy(authorizations, ResourceType.Controller.getValue(), initialAdmin.getIdentifier(), WRITE_CODE); }