@Override public AuthorizationResult authorizeJmxOperation(Caller caller, Environment callEnvironment, JmxAction action) { Set<String> roles = jmxPermissionFactory.getUserRoles(caller, null, FAKE_JMX_ACTION, (TargetResource) null); if (action.getImpact() == Impact.EXTRA_SENSITIVE) { return authorize(roles, StandardRole.SUPERUSER, StandardRole.ADMINISTRATOR); } else if (jmxPermissionFactory.isNonFacadeMBeansSensitive()) { if (action.getImpact() == Impact.READ_ONLY) { return authorize(roles, StandardRole.SUPERUSER, StandardRole.ADMINISTRATOR, StandardRole.AUDITOR); } else { return authorize(roles, StandardRole.SUPERUSER, StandardRole.ADMINISTRATOR); } } else { if (action.getImpact() == Impact.READ_ONLY) { //Everybody can read mbeans when not sensitive return AuthorizationResult.PERMITTED; //authorize(exception, roles, StandardRole.SUPERUSER, StandardRole.ADMINISTRATOR, StandardRole.OPERATOR, StandardRole.MAINTAINER, StandardRole.AUDITOR, StandardRole.MONITOR, StandardRole.DEPLOYER); } else { return authorize(roles, StandardRole.SUPERUSER, StandardRole.ADMINISTRATOR, StandardRole.OPERATOR, StandardRole.MAINTAINER); } } }
@Override public AuthorizationResult authorizeJmxOperation(Caller caller, Environment callEnvironment, JmxAction action, JmxTarget target) { if (isServerBooting(callEnvironment)) { return AuthorizationResult.PERMITTED; } PermissionCollection userPerms = permissionFactory.getUserPermissions(caller, callEnvironment, action, target); PermissionCollection requiredPerms = permissionFactory.getRequiredPermissions(action, target); return authorize(userPerms, requiredPerms); }
@Override public AuthorizationResult authorize(Caller caller, Environment callEnvironment, Action action, TargetAttribute target) { // TODO a direct "booting" flag might be better if (callEnvironment.getProcessState() == ControlledProcessState.State.STARTING) { return AuthorizationResult.PERMITTED; } PermissionCollection userPerms = permissionFactory.getUserPermissions(caller, callEnvironment, action, target); PermissionCollection requiredPerms = permissionFactory.getRequiredPermissions(action, target); return authorize(userPerms, requiredPerms); }
@Override public AuthorizationResult authorizeJmxOperation(Caller caller, Environment callEnvironment, JmxAction action, JmxTarget target) { if (isServerBooting(callEnvironment)) { return AuthorizationResult.PERMITTED; } PermissionCollection userPerms = permissionFactory.getUserPermissions(caller, callEnvironment, action, target); PermissionCollection requiredPerms = permissionFactory.getRequiredPermissions(action, target); return authorize(userPerms, requiredPerms); }
@Override public AuthorizationResult authorize(Caller caller, Environment callEnvironment, Action action, TargetResource target) { // TODO a direct "booting" flag might be better if (callEnvironment.getProcessState() == ControlledProcessState.State.STARTING) { return AuthorizationResult.PERMITTED; } PermissionCollection userPerms = permissionFactory.getUserPermissions(caller, callEnvironment, action, target); PermissionCollection requiredPerms = permissionFactory.getRequiredPermissions(action, target); return authorize(userPerms, requiredPerms); }
@Override public AuthorizationResult authorize(Caller caller, Environment callEnvironment, Action action, TargetResource target) { assert assertSameAddress(action, target); if (isServerBooting(callEnvironment)) { return AuthorizationResult.PERMITTED; } PermissionCollection userPerms = permissionFactory.getUserPermissions(caller, callEnvironment, action, target); if (userPerms == AllPermissionsCollection.INSTANCE) { return AuthorizationResult.PERMITTED; } PermissionCollection requiredPerms = permissionFactory.getRequiredPermissions(action, target); return authorize(userPerms, requiredPerms); }
@Override public AuthorizationResult authorize(Caller caller, Environment callEnvironment, Action action, TargetResource target) { assert assertSameAddress(action, target); if (isServerBooting(callEnvironment)) { return AuthorizationResult.PERMITTED; } PermissionCollection userPerms = permissionFactory.getUserPermissions(caller, callEnvironment, action, target); if (userPerms == AllPermissionsCollection.INSTANCE) { return AuthorizationResult.PERMITTED; } PermissionCollection requiredPerms = permissionFactory.getRequiredPermissions(action, target); return authorize(userPerms, requiredPerms); }
@Override public AuthorizationResult authorize(Caller caller, Environment callEnvironment, Action action, TargetAttribute target) { assert assertSameAddress(action, target.getTargetResource()); if (isServerBooting(callEnvironment)) { return AuthorizationResult.PERMITTED; } PermissionCollection userPerms = permissionFactory.getUserPermissions(caller, callEnvironment, action, target); PermissionCollection requiredPerms = permissionFactory.getRequiredPermissions(action, target); return authorize(userPerms, requiredPerms); }
@Override public AuthorizationResult authorize(Caller caller, Environment callEnvironment, Action action, TargetAttribute target) { assert assertSameAddress(action, target.getTargetResource()); if (isServerBooting(callEnvironment)) { return AuthorizationResult.PERMITTED; } PermissionCollection userPerms = permissionFactory.getUserPermissions(caller, callEnvironment, action, target); PermissionCollection requiredPerms = permissionFactory.getRequiredPermissions(action, target); return authorize(userPerms, requiredPerms); }