Return-Path: X-Original-To: archive-asf-public-internal@cust-asf2.ponee.io Delivered-To: archive-asf-public-internal@cust-asf2.ponee.io Received: from cust-asf.ponee.io (cust-asf.ponee.io [163.172.22.183]) by cust-asf2.ponee.io (Postfix) with ESMTP id 31C31200CBA for ; Mon, 3 Jul 2017 22:31:55 +0200 (CEST) Received: by cust-asf.ponee.io (Postfix) id 30619160BD2; Mon, 3 Jul 2017 20:31:55 +0000 (UTC) Delivered-To: archive-asf-public@cust-asf.ponee.io Received: from mail.apache.org (hermes.apache.org [140.211.11.3]) by cust-asf.ponee.io (Postfix) with SMTP id D125F160C0D for ; Mon, 3 Jul 2017 22:31:53 +0200 (CEST) Received: (qmail 58097 invoked by uid 500); 3 Jul 2017 20:31:53 -0000 Mailing-List: contact commits-help@airavata.apache.org; run by ezmlm Precedence: bulk List-Help: List-Unsubscribe: List-Post: List-Id: Reply-To: dev@airavata.apache.org Delivered-To: mailing list commits@airavata.apache.org Received: (qmail 57779 invoked by uid 99); 3 Jul 2017 20:31:52 -0000 Received: from git1-us-west.apache.org (HELO git1-us-west.apache.org) (140.211.11.23) by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 03 Jul 2017 20:31:52 +0000 Received: by git1-us-west.apache.org (ASF Mail Server at git1-us-west.apache.org, from userid 33) id 2B48BF3243; Mon, 3 Jul 2017 20:31:52 +0000 (UTC) Content-Type: text/plain; charset="us-ascii" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit From: machristie@apache.org To: commits@airavata.apache.org Date: Mon, 03 Jul 2017 20:32:03 -0000 Message-Id: <02c58479d0114c23aed6786cbe858b45@git.apache.org> In-Reply-To: <22f0b836c3d04853bb08c117955fe88c@git.apache.org> References: <22f0b836c3d04853bb08c117955fe88c@git.apache.org> X-Mailer: ASF-Git Admin Mailer Subject: [13/26] airavata git commit: AIRAVATA-2419 Add user resource profile methods to permissions archived-at: Mon, 03 Jul 2017 20:31:55 -0000 AIRAVATA-2419 Add user resource profile methods to permissions Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/fa892443 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/fa892443 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/fa892443 Branch: refs/heads/keycloak-prod-migration Commit: fa8924435bc857079e78421f845623bc9204a845 Parents: 30a0132 Author: Marcus Christie Authored: Fri Jun 30 12:59:12 2017 -0400 Committer: Marcus Christie Committed: Fri Jun 30 12:59:12 2017 -0400 ---------------------------------------------------------------------- .../service/security/KeyCloakSecurityManager.java | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata/blob/fa892443/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java ---------------------------------------------------------------------- diff --git a/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java b/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java index 25a2935..97d55c6 100644 --- a/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java +++ b/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java @@ -55,6 +55,13 @@ public class KeyCloakSecurityManager implements AiravataSecurityManager { private HashMap rolePermissionConfig = new HashMap<>(); + // Methods that users user to manage their user resource profile + private final static String USER_RESOURCE_PROFILE_USER_METHODS = "/airavata/registerUserResourceProfile|/airavata/getUserResourceProfile" + + "|/airavata/updateUserResourceProfile|/airavata/deleteUserResourceProfile|/airavata/addUserComputeResourcePreference" + + "|/airavata/addUserStoragePreference|/airavata/getUserComputeResourcePreference|/airavata/getUserStoragePreference" + + "|/airavata/getAllUserComputeResourcePreferences|/airavata/getAllUserStoragePreferences" + + "|/airavata/updateUserComputeResourcePreference|/airavata/updateUserStoragePreference" + + "|/airavata/deleteUserComputeResourcePreference|/airavata/deleteUserStoragePreference"; public KeyCloakSecurityManager() throws AiravataSecurityException { rolePermissionConfig.put("admin", "/airavata/.*"); @@ -82,7 +89,8 @@ public class KeyCloakSecurityManager implements AiravataSecurityManager { "|/airavata/getComputeResource|/airavata/getAllComputeResourceNames|/airavata/getWorkflow|/airavata/getWorkflowTemplateId" + "|/airavata/isWorkflowExistWithName|/airavata/registerDataProduct|/airavata/getDataProduct|/airavata/registerReplicaLocation" + "|/airavata/getParentDataProduct|/airavata/getChildDataProducts|/airavata/getAllAccessibleUsers" + - "|/airavata/getExperimentByAdmin|/airavata/cloneExperimentByAdmin"); + "|/airavata/getExperimentByAdmin|/airavata/cloneExperimentByAdmin" + + "|" + USER_RESOURCE_PROFILE_USER_METHODS + "|/airavata/getAllUserResourceProfiles"); rolePermissionConfig.put("gateway-user", "/airavata/getAPIVersion|/airavata/getNotification|/airavata/getAllNotifications|" + "/airavata/createProject|/airavata/updateProject|/airavata/getProject|/airavata/deleteProject|/airavata/getUserProjects|" + "/airavata/searchProjectsByProjectName|/airavata/searchProjectsByProjectDesc|/airavata/searchExperimentsByName|" + @@ -97,7 +105,7 @@ public class KeyCloakSecurityManager implements AiravataSecurityManager { "/airavata/getAvailableAppInterfaceComputeResources|/airavata/getComputeResource|/airavata/getAllComputeResourceNames|" + "/airavata/getWorkflow|/airavata/getWorkflowTemplateId|/airavata/isWorkflowExistWithName|/airavata/registerDataProduct|" + "/airavata/getDataProduct|/airavata/registerReplicaLocation|/airavata/getParentDataProduct|/airavata/getChildDataProducts|" + - "/airavata/getAllAccessibleUsers|/airavata/getAllApplicationDeployments"); + "/airavata/getAllAccessibleUsers|/airavata/getAllApplicationDeployments|" + USER_RESOURCE_PROFILE_USER_METHODS); initializeSecurityInfra(); }