1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
|
// Copyright 2020 Oath Inc. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
package com.yahoo.vespa.hosted.controller.api.integration.user;
import com.yahoo.config.provision.ApplicationName;
import com.yahoo.config.provision.TenantName;
import com.yahoo.vespa.hosted.controller.api.role.ApplicationRole;
import com.yahoo.vespa.hosted.controller.api.role.Role;
import com.yahoo.vespa.hosted.controller.api.role.RoleDefinition;
import com.yahoo.vespa.hosted.controller.api.role.TenantRole;
import java.util.List;
/**
* Validation, utility and serialization methods for roles used in user management.
*
* @author jonmv
*/
public class Roles {
private Roles() { }
/** Returns the list of {@link TenantRole}s a {@link UserId} may be a member of. */
public static List<TenantRole> tenantRoles(TenantName tenant) {
return List.of(Role.administrator(tenant),
Role.developer(tenant),
Role.reader(tenant));
}
/** Returns the list of {@link ApplicationRole}s a {@link UserId} may be a member of. */
public static List<ApplicationRole> applicationRoles(TenantName tenant, ApplicationName application) {
return List.of();
}
/** Returns the {@link Role} the given value represents. */
public static Role toRole(String value) {
String[] parts = value.split("\\.");
if (parts.length == 1 && parts[0].equals("hostedOperator")) return Role.hostedOperator();
if (parts.length == 2) return toRole(TenantName.from(parts[0]), parts[1]);
if (parts.length == 3) return toRole(TenantName.from(parts[0]), ApplicationName.from(parts[1]), parts[2]);
throw new IllegalArgumentException("Malformed or illegal role value '" + value + "'.");
}
/** Returns the {@link Role} the given tenant, application and role names correspond to. */
public static Role toRole(TenantName tenant, String roleName) {
switch (roleName) {
case "tenantOwner": return Role.tenantOwner(tenant);
case "tenantAdmin": return Role.tenantAdmin(tenant);
case "tenantOperator": return Role.tenantOperator(tenant);
case "administrator": return Role.administrator(tenant);
case "developer": return Role.developer(tenant);
case "reader": return Role.reader(tenant);
default: throw new IllegalArgumentException("Malformed or illegal role name '" + roleName + "'.");
}
}
/** Returns the {@link Role} the given tenant and role names correspond to. */
public static Role toRole(TenantName tenant, ApplicationName application, String roleName) {
switch (roleName) {
case "applicationAdmin": return Role.applicationAdmin(tenant, application);
case "applicationOperator": return Role.applicationOperator(tenant, application);
case "applicationDeveloper": return Role.applicationDeveloper(tenant, application);
case "applicationReader": return Role.applicationReader(tenant, application);
case "headless": return Role.headless(tenant, application);
default: throw new IllegalArgumentException("Malformed or illegal role name '" + roleName + "'.");
}
}
/** Returns a serialised representation the given role. */
public static String valueOf(Role role) {
if (role instanceof TenantRole) return valueOf((TenantRole) role);
if (role instanceof ApplicationRole) return valueOf((ApplicationRole) role);
throw new IllegalArgumentException("Unexpected role type '" + role.getClass().getName() + "'.");
}
private static String valueOf(TenantRole role) {
return valueOf(role.tenant()) + "." + valueOf(role.definition());
}
private static String valueOf(ApplicationRole role) {
return valueOf(role.tenant()) + "." + valueOf(role.application()) + "." + valueOf(role.definition());
}
private static String valueOf(TenantName tenant) {
if (tenant.value().contains("."))
throw new IllegalArgumentException("Tenant names may not contain '.'.");
return tenant.value();
}
private static String valueOf(ApplicationName application) {
if (application.value().contains("."))
throw new IllegalArgumentException("Application names may not contain '.'.");
return application.value();
}
private static String valueOf(RoleDefinition role) {
switch (role) {
case tenantOwner: return "tenantOwner";
case tenantAdmin: return "tenantAdmin";
case tenantOperator: return "tenantOperator";
case applicationAdmin: return "applicationAdmin";
case applicationOperator: return "applicationOperator";
case applicationDeveloper: return "applicationDeveloper";
case applicationReader: return "applicationReader";
case administrator: return "administrator";
case developer: return "developer";
case reader: return "reader";
case headless: return "headless";
default: throw new IllegalArgumentException("No value defined for role '" + role + "'.");
}
}
}
|
