Package org.jboss.ballroom.client.rbac

Examples of org.jboss.ballroom.client.rbac.AuthorisationDecision


    @Override
    public AuthorisationDecision getOperationPriviledge(final String resourceAddress, final String operationName) {

        Constraints constraints = getConstraints(resourceAddress, true);
        boolean execPerm = constraints.isOperationExec(resourceAddress, operationName);
        AuthorisationDecision descision = new AuthorisationDecision(true);
        descision.setGranted(execPerm);
        return descision;
    }
View Full Code Here


                ToolButton btn = (ToolButton) widget;
                boolean granted;
                if (btn.hasOperationAddress()) {
                    // fine grained, doesn't usually apply but can help to overcome dge cases
                    String[] operationAddress = btn.getOperationAddress();
                    AuthorisationDecision operationPriviledge = securityContext
                            .getOperationPriviledge(operationAddress[0], operationAddress[1]);
                    granted = operationPriviledge.isGranted();
                } else {
                    granted = overallPrivilege; // coarse grained, inherited from parent
                }

                if (update) {
View Full Code Here

                            throw new RuntimeException("Unsupported ModelType "+type);
                    }


                    // RBAC: attribute constraints
                    AuthorisationDecision writePriviledge = securityContext.getAttributeWritePriviledge(attr.getName());
                    if(!writePriviledge.isGranted())
                    {
                        items.get(items.size()-1).setFiltered(true);
                    }
                }
            }
View Full Code Here

        boolean outcome = false;

        if(securityService.hasContext(token))
        {
            SecurityContext securityContext = securityService.getSecurityContext(token);
            final AuthorisationDecision readPriviledge = securityContext.getReadPriviledge();
            outcome = readPriviledge.isGranted();

            //notify listeners (error messages, etc)
            Scheduler.get().scheduleDeferred(new Scheduler.ScheduledCommand() {
                @Override
                public void execute() {
View Full Code Here

        return this;
    }

    HtmlGenerator startLinks(boolean groupLinks) {

        AuthorisationDecision startGroupPriv = SECURITY_SERVICE.getSecurityContext().getOperationPriviledge("/server-group={addressable.group}", "start-servers");

        if (startGroupPriv.isGranted()) {
            appendHtmlConstant("<div>");
        } else {
            appendHtmlConstant("<div class='rbac-suppressed'>");
        }
View Full Code Here

                ToolButton btn = (ToolButton) widget;
                boolean visible = true;
                if (btn.hasOperationAddress()) // fine grained, doesn't usually apply but can help to overcome dge cases
                {
                    String[] operationAddress = btn.getOperationAddress();
                    AuthorisationDecision operationPriviledge = securityContext
                            .getOperationPriviledge(operationAddress[0], operationAddress[1]);
                    visible = operationPriviledge.isGranted();
                } else {
                    visible = overallPrivilege; // coarse grained, inherited from parent
                }

                if (!visible) {
View Full Code Here

        appendHtmlConstant("</div>");
        return this;
    }

    HtmlGenerator startLinks(final SecurityContext securityContext, boolean groupLinks) {
        AuthorisationDecision decision;
        if (groupLinks) {
            decision = securityContext.getOperationPriviledge("/server-group=*", "start-servers");
        } else {
            decision = securityContext.getOperationPriviledge("/{selected.host}/server-config=*", "start");
        }

        if (decision.isGranted()) {
            appendHtmlConstant("<div>");
        } else {
            appendHtmlConstant("<div class='rbac-suppressed'>");
        }

View Full Code Here

        String token = placemanager.getCurrentPlaceRequest().getNameToken();

        if (securityFramework.hasContext(token)) {
            try {
                SecurityContext securityContext = securityFramework.getSecurityContext(token);
                final AuthorisationDecision readPrivilege = securityContext.getReadPriviledge();

                // bootstrap operations
                boolean bootstrapRequirementsSatisfied = true;
                for (String op : accessControlMetaData.getOperations(token)) {
                    int idx = op.indexOf("#");
                    AuthorisationDecision opPrivilege = securityContext.getOperationPriviledge(
                            op.substring(0, idx),
                            op.substring(idx + 1, op.length())
                    );

                    if (!opPrivilege.isGranted()) {
                        bootstrapRequirementsSatisfied = false;
                        break;
                    }
                }
                outcome = readPrivilege.isGranted() && bootstrapRequirementsSatisfied;
View Full Code Here

    private AuthorisationDecision checkPriviledge(Priviledge p, boolean includeOptional) {

        if(!sealed)
            throw new RuntimeException("Should be sealed before policy decisions are evaluated");

        AuthorisationDecision decision = new AuthorisationDecision(true);
        for(ResourceRef ref : requiredResources)
        {
            if(ref.optional) continue; // skip optional ones

            final Constraints model = getConstraints(ref.address, includeOptional);
            if(model!=null)
            {
                if(!p.isGranted(model))
                {
                    decision.getErrorMessages().add(ref.address);
                }
            }
            else
            {
                decision.getErrorMessages().add("Missing constraints for "+ ref.address);
            }

            if(decision.hasErrorMessages())
            {
                decision.setGranted(false);
                break;
            }
        }

        return decision;
View Full Code Here

    }

    @Override
    public AuthorisationDecision getReadPrivilege(String resourceAddress) {
        Constraints constraints = getConstraints(resourceAddress, false);
        return new AuthorisationDecision(constraints.isReadResource());
    }
View Full Code Here

TOP

Related Classes of org.jboss.ballroom.client.rbac.AuthorisationDecision

Copyright © 2018 www.massapicom. All rights reserved.
All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.