Package org.rhq.enterprise.server.authz

Examples of org.rhq.enterprise.server.authz.RoleManagerLocal

87
88
89
90
91
92
93
94
95
96
97
98
99
100
        String nameString = names.toString();
        return nameString.substring(1, nameString.length() - 1);
    }

    private List<String> getRoleNames(List<Integer> roleIds) {
        RoleManagerLocal roleManager = LookupUtil.getRoleManager();
        List<String> results = new ArrayList<String>();
        for (Integer nextRoleId : roleIds) {
            Role nextRole = roleManager.getRoleById(nextRoleId);
            if (nextRole != null) { // handle unknown role ids
                results.add(nextRole.getName());
            }
        }
View Full Code Here
100
101
102
103
104
105
106
107
108
109
110
111
112
113
        return results;
    }

    private List<String> getRoleEmails(List<Integer> roleIds) {
        RoleManagerLocal roleManager = LookupUtil.getRoleManager();
        List<String> results = new ArrayList<String>();
        for (Integer nextRoleId : roleIds) {
            Role nextRole = roleManager.getRoleById(nextRoleId);
            if (nextRole != null) { // handle unknown role ids
                for (Subject nextSubject : nextRole.getSubjects()) {
                    String nextEmail = nextSubject.getEmailAddress();
                    if (nextEmail != null) {
                        results.add(nextEmail);
View Full Code Here
63
64
65
66
67
68
69
70
71
72
73
74
        }

        log.trace("creating role [" + role.getName() + "] with attributes " + newForm);

        try {
            RoleManagerLocal roleManager = LookupUtil.getRoleManager();
            role = roleManager.createRole(RequestUtils.getSubject(request), role);
        } catch (Exception ex) {
            log.debug("role creation failed:", ex);
            RequestUtils.setError(request, Constants.ERR_ROLE_CREATION);
            return returnFailure(request, mapping);
        }
View Full Code Here
200
201
202
203
204
205
206
207
208
209
210
        if (log.isTraceEnabled()) {
            log.trace("finding role [" + roleId + "]");
        }

        RoleManagerLocal roleManager = LookupUtil.getRoleManager();
        Role role = roleManager.getRoleById(roleId);

        request.setAttribute(Constants.ROLE_ATTR, role);
        request.setAttribute(Constants.TITLE_PARAM_ATTR, role.getName());
    }
View Full Code Here
72
73
74
75
76
77
78
79
80
81
82
83
            .getList(session, Constants.PENDING_RESGRPS_SES_ATTR));
        for (int i = 0; i < pendingGroupIds.length; i++) {
            log.debug("adding group [" + pendingGroupIds[i] + "] for role [" + roleId + "]");
        }

        RoleManagerLocal roleManager = LookupUtil.getRoleManager();
        roleManager.addResourceGroupsToRole(RequestUtils.getSubject(request), roleId, pendingGroupIds);

        log.debug("removing pending group list");
        SessionUtils.removeList(session, Constants.PENDING_RESGRPS_SES_ATTR);

        RequestUtils.setConfirmation(request, "admin.role.confirm.AddResourceGroups");
View Full Code Here
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
        log.trace("available page control: " + pca);
        log.trace("pending page control: " + pcp);
        log.trace("getting user [" + userId + "]");

        SubjectManagerLocal subjectManager = LookupUtil.getSubjectManager();
        RoleManagerLocal roleManager = LookupUtil.getRoleManager();

        Subject user = subjectManager.getSubjectById(userId);
        if (user == null) {
            throw new NullPointerException("User [" + userId + "] is not known");
        }

        request.setAttribute(Constants.USER_ATTR, user);
        addForm.setU(user.getId());

        /* pending roles are those on the right side of the "add
         * to list" widget- awaiting association with the userwhen the form's "ok" button is clicked. */
        Integer[] pendingRoleIds = SessionUtils.getList(request.getSession(), Constants.PENDING_ROLES_SES_ATTR);

        log.trace("getting pending roles for user [" + userId + "]");
        PageList<Role> pendingRoles = roleManager.findRolesByIds(pendingRoleIds, pcp);
        request.setAttribute(Constants.PENDING_ROLES_ATTR, pendingRoles);

        /*
         * available roles are all roles in the system that are not associated with the user and are not pending
         */
        log.trace("getting available roles for user [" + userId + "]");
        PageList<Role> availableRoles = roleManager.findAvailableRolesForSubject(RequestUtils.getSubject(request),
            userId, pendingRoleIds, pca);
        request.setAttribute(Constants.AVAIL_ROLES_ATTR, availableRoles);

        return null;
    }
View Full Code Here
819
820
821
822
823
824
825
826
827
828
829
830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
        try {
            Subject testSubject = SessionTestHelper.createNewSubject(em, "testSubject");
            Role testRole = SessionTestHelper.createNewRoleForSubject(em, testSubject, "testRole");

            // moved setPerm to the role manager - leave this test here, just use that manager instead
            RoleManagerLocal roleManager = LookupUtil.getRoleManager();
            Subject superuser = LookupUtil.getSubjectManager().getOverlord();

            /* verify role got all global permissions */
            Set<Permission> globalPermissions = SessionTestHelper.getAllGlobalPerms();
            roleManager.setPermissions(superuser, testRole.getId(), globalPermissions);
            em.refresh(testRole);
            assert SessionTestHelper.samePermissions(testRole.getPermissions(), globalPermissions) : "Failed to set global permissions";

            /* verify role still has global and got all resource permissions */
            Set<Permission> resourcePermissions = SessionTestHelper.getAllResourcePerms();
            roleManager.setPermissions(superuser, testRole.getId(), resourcePermissions);
            em.refresh(testRole);
            assert SessionTestHelper.samePermissions(testRole.getPermissions(), resourcePermissions) : "Failed to set resource permissions";

            /* verify role still has global and got all resource permissions */
            Set<Permission> noPermissions = EnumSet.noneOf(Permission.class);
            roleManager.setPermissions(superuser, testRole.getId(), noPermissions);
            em.refresh(testRole);
            assert SessionTestHelper.samePermissions(testRole.getPermissions(), noPermissions) : "Failed to set empty list of permissions";
        } finally {
            getTransactionManager().rollback();
        }
View Full Code Here
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
        DbSetupUtility.dbsetup();
    }

    public void testRoles() throws Exception {
        SubjectManagerLocal subjectManager = LookupUtil.getSubjectManager();
        RoleManagerLocal roleManager = LookupUtil.getRoleManager();
        Subject overlord = subjectManager.getOverlord();

        Role superuserRole = roleManager.getRole(overlord, 1);
        Set<Permission> superuserRoleOriginalPermissions = superuserRole.getPermissions();
        assertTrue("[Superuser] role does not have all global permissions.",
            superuserRoleOriginalPermissions.containsAll(Permission.GLOBAL_ALL));
        assertTrue("[Superuser] role does not have all Resource permissions.",
            superuserRoleOriginalPermissions.containsAll(Permission.RESOURCE_ALL));
               
        Role allResourcesRole = roleManager.getRole(overlord, 2);
        Set<Permission> allResourcesRoleOriginalPermissions = allResourcesRole.getPermissions();
        assertTrue("[All Resources] role does not have MANAGE_INVENTORY permission.",
            allResourcesRoleOriginalPermissions.contains(Permission.MANAGE_INVENTORY));
        assertTrue("[All Resources] role does not have all Resource permissions.",
            allResourcesRoleOriginalPermissions.containsAll(Permission.RESOURCE_ALL));
View Full Code Here
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
        DbSetupUtility.dbupgrade("LATEST");
    }

    public void testUpgradeToV2_119() throws Exception {
        SubjectManagerLocal subjectManager = LookupUtil.getSubjectManager();
        RoleManagerLocal roleManager = LookupUtil.getRoleManager();
        Subject overlord = subjectManager.getOverlord();

        Role customRole = new Role("role" + UUID.randomUUID());
        customRole.addPermission(Permission.MANAGE_REPOSITORIES);
        customRole.addPermission(Permission.MANAGE_MEASUREMENTS);
        customRole = roleManager.createRole(overlord, customRole);
        Set<Permission> customRoleOriginalPermissions = customRole.getPermissions();       
        assertFalse(customRoleOriginalPermissions.contains(Permission.VIEW_USERS));

        Role superuserRole = roleManager.getRole(overlord, 1);
        Set<Permission> superuserRoleOriginalPermissions = superuserRole.getPermissions();
        assertFalse(superuserRoleOriginalPermissions.contains(Permission.VIEW_USERS));
               
        Role allResourcesRole = roleManager.getRole(overlord, 2);
        Set<Permission> allResourcesRoleOriginalPermissions = allResourcesRole.getPermissions();
        assertFalse(allResourcesRoleOriginalPermissions.contains(Permission.VIEW_USERS));
       
        // Now upgrade the DB schema to v2.119, which introduces the VIEW_USERS global permission and adds it to any
        // existing roles.
        DbSetupUtility.dbupgrade("2.119");
       
        customRole = roleManager.getRole(overlord, customRole.getId());
        Set<Permission> customRoleNewPermissions = customRole.getPermissions();
        customRoleOriginalPermissions.add(Permission.VIEW_USERS);
        assertEquals(customRoleOriginalPermissions, customRoleNewPermissions);

        superuserRole = roleManager.getRole(overlord, 1);
        Set<Permission> superuserRoleNewPermissions = superuserRole.getPermissions();
        superuserRoleOriginalPermissions.add(Permission.VIEW_USERS);
        assertEquals(superuserRoleOriginalPermissions, superuserRoleNewPermissions);

        allResourcesRole = roleManager.getRole(overlord, 2);
        Set<Permission> allResourcesRoleNewPermissions = allResourcesRole.getPermissions();
        allResourcesRoleOriginalPermissions.add(Permission.VIEW_USERS);
        assertEquals(allResourcesRoleOriginalPermissions, allResourcesRoleNewPermissions);
    }
View Full Code Here
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
     */
    public void testFindSubjectsWithRoles() throws NotSupportedException, SystemException {
        getTransactionManager().begin();
        EntityManager entityMgr = getEntityManager();
        SubjectManagerLocal subjectManager = LookupUtil.getSubjectManager();
        RoleManagerLocal roleManager = LookupUtil.getRoleManager();
        Subject overlord = subjectManager.getOverlord();

        try {
            //create new subject
            Subject subject = SessionTestHelper.createNewSubject(entityMgr, "testSubject");
            //create new role for subject
            Role roleWithSubject = SessionTestHelper.createNewRoleForSubject(entityMgr, subject, "role with subject");
            roleWithSubject.addPermission(Permission.VIEW_RESOURCE);
            Role newRole = new Role("role without subject");
            Role roleWithoutSubject = roleManager.createRole(overlord, newRole);

            //exercise findAvailableSubjectsForRole
            Integer[] pendingSubjectIds = new Integer[0];
            PageList<Subject> subjects = subjectManager.findAvailableSubjectsForRole(subjectManager.getOverlord(),
                roleWithoutSubject.getId(), pendingSubjectIds, PageControl.getUnlimitedInstance());
View Full Code Here
TOP

Related Classes of org.rhq.enterprise.server.authz.RoleManagerLocal

  • org.rhq.enterprise.gui.admin.role.AddResourceGroupsAction
  • org.rhq.enterprise.gui.admin.role.EditAction
  • org.rhq.enterprise.gui.admin.role.NewAction
  • org.rhq.enterprise.gui.admin.role.RemoveAction
  • org.rhq.enterprise.gui.admin.role.RemoveUsersAction
  • org.rhq.enterprise.gui.admin.role.RoleAdminPortalAction
  • org.rhq.enterprise.gui.admin.user.AddUserRolesFormPrepareAction
  • org.rhq.enterprise.server.auth.test.SubjectManagerBeanTest
  • org.rhq.enterprise.server.authz.test.AuthorizationManagerBeanTest
  • org.rhq.enterprise.server.db.DbSetupTest
    • Copyright © 2018 www.massapicom. All rights reserved.
    All source code are property of their respective owners. Java is a trademark of Sun Microsystems, Inc and owned by ORACLE Inc. Contact coftware#gmail.com.