1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
|
// Copyright Vespa.ai. Licensed under the terms of the Apache 2.0 license. See LICENSE in the project root.
package com.yahoo.vespa.hosted.controller.api.role;
import java.util.EnumSet;
import java.util.HashSet;
import java.util.Set;
/**
* This declares all tenant roles known to the controller. A role contains one or more {@link Policy}s which decide
* what actions a member of a role can perform, given a {@link Context} for the action.
*
* Optionally, some role definitions also inherit all policies from a "lower ranking" role.
*
* See {@link Role} for roles bound to a context, where policies can be evaluated.
*
* @author mpolden
* @author jonmv
*/
public enum RoleDefinition {
/** Deus ex machina. */
hostedOperator(Policy.operator),
/** Machina autem exspiravit. */
hostedSupporter(Policy.supporter),
/** Base role which every user is part of. */
everyone(Policy.classifiedRead,
Policy.publicRead,
Policy.user,
Policy.tenantCreate,
Policy.emailVerification),
/** Build service which may submit new applications for continuous deployment. */
buildService(everyone,
Policy.tenantRead,
Policy.applicationRead,
Policy.deploymentRead,
Policy.submission),
/** Reader — the base role for all tenant users */
reader(Policy.tenantRead,
Policy.applicationRead,
Policy.deploymentRead,
Policy.publicRead,
Policy.billingInformationRead,
Policy.horizonProxyOperations),
/** User — the dev.ops. role for normal Vespa tenant users */
developer(Policy.applicationCreate,
Policy.applicationUpdate,
Policy.applicationDelete,
Policy.applicationOperations,
Policy.developmentDeployment,
Policy.keyManagement,
Policy.submission,
Policy.billingInformationRead,
Policy.secretStoreOperations,
Policy.dataplaneToken),
/** Developer for manual deployments for a tenant */
hostedDeveloper(Policy.developmentDeployment),
/** Admin — the administrative function for user management etc. */
administrator(Policy.tenantUpdate,
Policy.tenantManager,
Policy.tenantDelete,
Policy.tenantArchiveAccessManagement,
Policy.applicationManager,
Policy.keyRevokal,
Policy.billingInformationRead,
Policy.accessRequests
),
/** Headless — the application specific role identified by deployment keys for production */
headless(Policy.submission),
/** Tenant administrator with full access to all child resources. */
athenzTenantAdmin(everyone,
Policy.tenantRead,
Policy.tenantUpdate,
Policy.tenantDelete,
Policy.applicationCreate,
Policy.applicationUpdate,
Policy.applicationDelete,
Policy.applicationOperations,
Policy.keyManagement,
Policy.developmentDeployment),
systemFlagsDeployer(Policy.systemFlagsDeploy, Policy.systemFlagsDryrun),
systemFlagsDryrunner(Policy.systemFlagsDryrun),
paymentProcessor(Policy.paymentProcessor),
hostedAccountant(Policy.hostedAccountant,
Policy.planUpdate,
Policy.tenantUpdate);
private final Set<RoleDefinition> parents;
private final Set<Policy> policies;
RoleDefinition(Policy... policies) {
this(Set.of(), policies);
}
RoleDefinition(RoleDefinition parent, Policy... policies) {
this(Set.of(parent), policies);
}
RoleDefinition(Set<RoleDefinition> parents, Policy... policies) {
this.parents = new HashSet<>(parents);
this.policies = EnumSet.copyOf(Set.of(policies));
for (RoleDefinition parent : parents) {
this.parents.addAll(parent.parents);
this.policies.addAll(parent.policies);
}
}
Set<Policy> policies() {
return policies;
}
Set<RoleDefinition> inherited() {
return parents;
}
}
|