Package org.rhq.enterprise.server.authz

Examples of org.rhq.enterprise.server.authz.AuthorizationManagerLocal

142
143
144
145
146
147
148
149
150
151
152
     * value="${onf:getResourcePermission()}"/&gt; &lt;c:if test="${resourcePerm.measure}"&gt; ...</code>
     *
     * @return a <code>ResourcePermission</code> object for the resource with the specified id
     */
    public static ResourcePermission getResourcePermission() {
        AuthorizationManagerLocal authorizationManager = LookupUtil.getAuthorizationManager();
        Subject subject = EnterpriseFacesContextUtility.getSubject();
        Resource resource = EnterpriseFacesContextUtility.getResource();
        Set<Permission> resourcePerms = authorizationManager.getImplicitResourcePermissions(subject, resource.getId());
        return new ResourcePermission(resourcePerms);
    }
View Full Code Here
159
160
161
162
163
164
165
166
167
168
     * @param  groupId a {@link ResourceGroup} id
     *
     * @return a <code>ResourcePermission</code> object for the group with the specified id
     */
    public static ResourcePermission getGroupPermission(int groupId) {
        AuthorizationManagerLocal authorizationManager = LookupUtil.getAuthorizationManager();
        Subject subject = EnterpriseFacesContextUtility.getSubject();
        Set<Permission> groupPerms = authorizationManager.getImplicitGroupPermissions(subject, groupId);
        return new ResourcePermission(groupPerms);
    }
View Full Code Here
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
     *
     * 
     * @return
     */
    private boolean determineMeasurementManager() {
        AuthorizationManagerLocal authManager = LookupUtil.getAuthorizationManager();

        if (authManager.isInventoryManager(subject)) {
            return true;
        }

        List<Resource> resources = LookupUtil.getResourceGroupManager().findResourcesForAutoGroup(this.subject, this.getParentResource().getId(),
            this.getChildResourceType().getId());
        // Note, authManager does offer a single query solution for this but it has limits and is inefficient, for now let's
        // opt for more round trips on the assumption that the AG size is typically small.         
        for (Resource resource : resources) {
            if (!authManager.hasResourcePermission(subject, Permission.MANAGE_MEASUREMENTS, resource.getId())) {
                return false;
            }
        }

        return true;
View Full Code Here
203
204
205
206
207
208
209
210
211
212
213
    public void testResourceCriteriaBounded() throws Exception {
        ArrayList<GroupAvailCounts> gacs = new ArrayList<LargeGroupCriteriaTest.GroupAvailCounts>();
        gacs.add(new GroupAvailCounts(1100, 0, 0, 0)); // purposefully over 1,000, avails don't really matter

        ResourceManagerLocal resourceManager = LookupUtil.getResourceManager();
        AuthorizationManagerLocal authManager = LookupUtil.getAuthorizationManager();

        env = new ArrayList<LargeGroupEnvironment>(gacs.size());

        LargeGroupEnvironment lgeWithTypes = null;
        for (GroupAvailCounts gac : gacs) {
View Full Code Here
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
        return pageList;
    }

    private void testGroupQueries(ArrayList<GroupAvailCounts> groupAvailCounts) throws Exception {
        ResourceGroupManagerLocal groupManager = LookupUtil.getResourceGroupManager();
        AuthorizationManagerLocal authManager = LookupUtil.getAuthorizationManager();

        env = new ArrayList<LargeGroupEnvironment>(groupAvailCounts.size());

        LargeGroupEnvironment lgeWithTypes = null;
        for (GroupAvailCounts gac : groupAvailCounts) {
            env.add(createLargeGroupWithNormalUserRoleAccessWithInventoryStatus(lgeWithTypes, gac.total, gac.down,
                gac.unknown, gac.disabled, gac.uncommitted, Permission.CONFIGURE_READ));
            lgeWithTypes = env.get(0);
        }

        ResourceGroupCriteria criteria;
        PageList<ResourceGroupComposite> pageList;
        ResourceGroupComposite groupComp;
        long start;

        // test findResourceGroupCompositesByCriteria
        for (int i = 0; i < groupAvailCounts.size(); i++) {
            LargeGroupEnvironment lge = env.get(i);
            GroupAvailCounts gac = groupAvailCounts.get(i);

            SessionTestHelper.simulateLogin(lge.normalSubject);
            criteria = new ResourceGroupCriteria();
            start = System.currentTimeMillis();
            pageList = groupManager.findResourceGroupCompositesByCriteria(lge.normalSubject, criteria);
            System.out.println("findResourceGroupCompositesByCriteria #" + i + "==>"
                + (System.currentTimeMillis() - start) + "ms");
            assert pageList.size() == 1 : "the query should only have selected the one group for our user";
            groupComp = pageList.get(0);
            System.out.println("-->" + groupComp);
            assert groupComp.getExplicitCount() == gac.visibleTotal;
            assert groupComp.getExplicitCount() == groupComp.getImplicitCount(); // we aren't testing recursive groups
            assert groupComp.getExplicitUp() == gac.up;
            assert groupComp.getExplicitDown() == gac.down;
            assert groupComp.getExplicitUnknown() == gac.unknown;
            assert groupComp.getExplicitDisabled() == gac.disabled;

            // mainly to help test when there are uncommitted resources in the group - see BZ 820981
            Resource committed = pickAResourceWithInventoryStatus(lge.platformResource, InventoryStatus.COMMITTED);
            assert true == authManager.hasResourcePermission(lge.normalSubject, Permission.CONFIGURE_READ,
                Collections.singletonList(committed.getId()));
            assert false == authManager.hasResourcePermission(lge.normalSubject, Permission.CONTROL,
                Collections.singletonList(committed.getId())); // we weren't given CONTROL perms on the committed resource
            Resource uncommitted = pickAResourceWithInventoryStatus(lge.platformResource, InventoryStatus.NEW);
            if (uncommitted != null) {
                assert false == authManager.hasResourcePermission(lge.normalSubject, Permission.CONFIGURE_READ,
                    Collections.singletonList(uncommitted.getId())); // no permissions for uncommitted resource
            }
        }

        // test getResourceGroupComposite
View Full Code Here
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
    @Override
    protected boolean condition() throws JspTagException {
        try {
            HttpServletRequest request = (HttpServletRequest) pageContext.getRequest();
            AuthorizationManagerLocal authorizationManager = LookupUtil.getAuthorizationManager();
            Subject user = WebUtility.getSubject(request);

            if (isSuperuserCheck()) {
                return authorizationManager.isSystemSuperuser(user);
            }

            Permission permission = getPermissionEnum();

            if (user == null) {
                return false; // cannot authorize a non-authenticated user
            }

            Context context = Context.Global;
            int resourceId = getResourceId(request);
            if (resourceId != 0) {
                context = Context.Resource;
            }
            int groupId = getResourceGroupId(request);
            if (groupId != 0) {
                context = Context.Group;
            }

            if (context == Context.Resource) {
                return authorizationManager.hasResourcePermission(user, permission, resourceId);
            } else if (context == Context.Group) {
                return authorizationManager.hasGroupPermission(user, permission, groupId);
            } else if (context == Context.Global) {
                return authorizationManager.hasGlobalPermission(user, permission);
            } else {
                throw new JspTagException("Authorization tag does not yet support the context[" + context + "]");
            }
        } catch (JspTagException jte) {
            throw jte; // pass-through
View Full Code Here
212
213
214
215
216
217
218
219
220
221
        ResourceManagerLocal resourceManager = LookupUtil.getResourceManager();

        SubjectManagerLocal subjectManager = LookupUtil.getSubjectManager();

        AuthorizationManagerLocal authorizationManager = LookupUtil.getAuthorizationManager();

        Subject rhqadmin = subjectManager.loginUnauthenticated("rhqadmin");
        System.out.println(rhqadmin);
    }
View Full Code Here
TOP

Related Classes of org.rhq.enterprise.server.authz.AuthorizationManagerLocal

  • org.rhq.enterprise.gui.common.tag.FunctionTagLibrary
  • org.rhq.enterprise.gui.inventory.autogroup.AutoGroupUIBean
  • org.rhq.enterprise.gui.legacy.taglib.Authorization
  • org.rhq.enterprise.server.resource.group.test.LargeGroupCriteriaTest
  • org.rhq.enterprise.server.resource.test.ResourceStorageTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.