Package io.fathom.cloud.identity.commands

Source Code of io.fathom.cloud.identity.commands.RoleGrantCmdlet

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
package io.fathom.cloud.identity.commands;

import io.fathom.cloud.CloudException;
import io.fathom.cloud.commands.AuthenticatedCmdlet;
import io.fathom.cloud.identity.AuthServiceImpl;
import io.fathom.cloud.identity.model.AuthenticatedProject;
import io.fathom.cloud.identity.model.AuthenticatedUser;
import io.fathom.cloud.identity.services.IdentityService;
import io.fathom.cloud.protobuf.IdentityModel.DomainData;
import io.fathom.cloud.protobuf.IdentityModel.RoleData;
import io.fathom.cloud.protobuf.IdentityModel.UserData;
import io.fathom.cloud.server.auth.Auth;
import io.fathom.cloud.server.model.Project;

import javax.inject.Inject;

import org.kohsuke.args4j.Option;
import org.slf4j.Logger;
import org.slf4j.LoggerFactory;

import com.google.protobuf.Message;

public class RoleGrantCmdlet extends AuthenticatedCmdlet {
    private static final Logger log = LoggerFactory.getLogger(RoleGrantCmdlet.class);

    public RoleGrantCmdlet() {
        super("id-role-grant");
    }

    @Option(name = "-touser", usage = "user name", required = true)
    public String grantee;

    @Option(name = "-r", usage = "role", required = true)
    public String roleName;

    @Inject
    IdentityService identityService;

    @Override
    public Message run0() throws CloudException {
        if (projectName == null) {
            throw new IllegalArgumentException("Project is required");
        }
        doProjectGrant();
        return null;
    }

    private void doProjectGrant() throws CloudException {
        Auth auth = getAuth();

        Project project = auth.getProject();

        AuthenticatedUser authenticatedUser = ((AuthServiceImpl) authService).toAuthenticatedUser(auth);
        AuthenticatedProject authenticatedProject = identityService.authenticateToProject(authenticatedUser,
                project.getId());

        RoleData role = getRole();

        DomainData domain = identityService.getDefaultDomain();

        UserData grantee = getGrantee(domain);

        log.info("Doing project grant: {} {}", grantee.getName(), role.getName());
        identityService.grantRoleToUserOnProject(authenticatedProject, grantee.getId(), role.getId());
    }

    private UserData getGrantee(DomainData domain) throws CloudException {
        UserData user = identityService.findUserByName(domain.getId(), grantee);
        if (user == null) {
            throw new IllegalArgumentException("Cannot find user: " + grantee);
        }

        return user;
    }

    private RoleData getRole() throws CloudException {
        RoleData role = null;
        for (RoleData r : identityService.listRoles()) {
            if (roleName.equalsIgnoreCase(r.getName())) {
                role = r;
            }
        }
        if (role == null) {
            throw new IllegalArgumentException("Cannot find role: " + roleName);
        }
        return role;
    }
}
TOP

Related Classes of io.fathom.cloud.identity.commands.RoleGrantCmdlet

  • io.fathom.cloud.identity.model.AuthenticatedProject
  • io.fathom.cloud.identity.model.AuthenticatedUser
  • io.fathom.cloud.protobuf.IdentityModel.DomainData
  • io.fathom.cloud.protobuf.IdentityModel.RoleData
  • io.fathom.cloud.protobuf.IdentityModel.UserData
  • io.fathom.cloud.server.auth.Auth
  • io.fathom.cloud.server.model.Project
    • TOP
    Copyright © 2018 www.massapi.com. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.