-
-
Notifications
You must be signed in to change notification settings - Fork 40
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
feat: Add manageState permission (#1313)
- Loading branch information
Showing
20 changed files
with
290 additions
and
105 deletions.
There are no files selected for viewing
33 changes: 33 additions & 0 deletions
33
api/src/main/java/org/terrakube/api/plugin/security/state/StateService.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,33 @@ | ||
package org.terrakube.api.plugin.security.state; | ||
|
||
import java.util.List; | ||
import java.util.UUID; | ||
|
||
import org.springframework.beans.factory.annotation.Autowired; | ||
import org.springframework.security.core.Authentication; | ||
import org.springframework.security.oauth2.server.resource.authentication.JwtAuthenticationToken; | ||
import org.springframework.stereotype.Service; | ||
import org.terrakube.api.repository.TeamRepository; | ||
import org.terrakube.api.rs.team.Team; | ||
|
||
@Service | ||
public class StateService { | ||
@Autowired | ||
private TeamRepository teamRepository; | ||
|
||
public boolean hasManageStatePermission(Authentication authentication, String orgnizationId) { | ||
Object groupNames = ((JwtAuthenticationToken) authentication).getTokenAttributes().get("groups"); | ||
if (groupNames == null) { | ||
return false; | ||
} | ||
@SuppressWarnings("unchecked") | ||
List<Team> teams = teamRepository.findAllByOrganizationIdAndNameIn(UUID.fromString(orgnizationId), (List<String>) groupNames); | ||
for (Team team : teams) { | ||
if (team.isManageState()) { | ||
return true; | ||
} | ||
} | ||
|
||
return false; | ||
} | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
11 changes: 11 additions & 0 deletions
11
api/src/main/java/org/terrakube/api/repository/TeamRepository.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
package org.terrakube.api.repository; | ||
|
||
import java.util.List; | ||
import java.util.UUID; | ||
|
||
import org.springframework.data.jpa.repository.JpaRepository; | ||
import org.terrakube.api.rs.team.Team; | ||
|
||
public interface TeamRepository extends JpaRepository<Team, UUID> { | ||
List<Team> findAllByOrganizationIdAndNameIn(UUID organizationId, List<String> names); | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
21 changes: 13 additions & 8 deletions
21
api/src/main/java/org/terrakube/api/rs/token/group/Group.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
11 changes: 11 additions & 0 deletions
11
api/src/main/resources/db/changelog/local/changelog-2.23.0-team-manage-state.xml
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,11 @@ | ||
<?xml version="1.0" encoding="UTF-8"?> | ||
<databaseChangeLog | ||
xmlns="http://www.liquibase.org/xml/ns/dbchangelog" | ||
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | ||
xsi:schemaLocation="http://www.liquibase.org/xml/ns/dbchangelog http://www.liquibase.org/xml/ns/dbchangelog/dbchangelog-4.3.xsd"> | ||
<changeSet id="2-23-0-2" author="Stanley Zhang (stanley.zhang@ityin.net)"> | ||
<addColumn tableName="team"> | ||
<column name="manage_state" type="boolean" defaultValue="false"/> | ||
</addColumn> | ||
</changeSet> | ||
</databaseChangeLog> |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.