AIRAVATA-2419 Add user resource profile methods to permissions
Project: http://git-wip-us.apache.org/repos/asf/airavata/repo Commit: http://git-wip-us.apache.org/repos/asf/airavata/commit/fa892443 Tree: http://git-wip-us.apache.org/repos/asf/airavata/tree/fa892443 Diff: http://git-wip-us.apache.org/repos/asf/airavata/diff/fa892443 Branch: refs/heads/keycloak-prod-migration Commit: fa8924435bc857079e78421f845623bc9204a845 Parents: 30a0132 Author: Marcus Christie <[email protected]> Authored: Fri Jun 30 12:59:12 2017 -0400 Committer: Marcus Christie <[email protected]> Committed: Fri Jun 30 12:59:12 2017 -0400 ---------------------------------------------------------------------- .../service/security/KeyCloakSecurityManager.java | 12 ++++++++++-- 1 file changed, 10 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/airavata/blob/fa892443/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java ---------------------------------------------------------------------- diff --git a/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java b/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java index 25a2935..97d55c6 100644 --- a/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java +++ b/airavata-services/services-security/src/main/java/org/apache/airavata/service/security/KeyCloakSecurityManager.java @@ -55,6 +55,13 @@ public class KeyCloakSecurityManager implements AiravataSecurityManager { private HashMap<String, String> rolePermissionConfig = new HashMap<>(); + // Methods that users user to manage their user resource profile + private final static String USER_RESOURCE_PROFILE_USER_METHODS = "/airavata/registerUserResourceProfile|/airavata/getUserResourceProfile" + + "|/airavata/updateUserResourceProfile|/airavata/deleteUserResourceProfile|/airavata/addUserComputeResourcePreference" + + "|/airavata/addUserStoragePreference|/airavata/getUserComputeResourcePreference|/airavata/getUserStoragePreference" + + "|/airavata/getAllUserComputeResourcePreferences|/airavata/getAllUserStoragePreferences" + + "|/airavata/updateUserComputeResourcePreference|/airavata/updateUserStoragePreference" + + "|/airavata/deleteUserComputeResourcePreference|/airavata/deleteUserStoragePreference"; public KeyCloakSecurityManager() throws AiravataSecurityException { rolePermissionConfig.put("admin", "/airavata/.*"); @@ -82,7 +89,8 @@ public class KeyCloakSecurityManager implements AiravataSecurityManager { "|/airavata/getComputeResource|/airavata/getAllComputeResourceNames|/airavata/getWorkflow|/airavata/getWorkflowTemplateId" + "|/airavata/isWorkflowExistWithName|/airavata/registerDataProduct|/airavata/getDataProduct|/airavata/registerReplicaLocation" + "|/airavata/getParentDataProduct|/airavata/getChildDataProducts|/airavata/getAllAccessibleUsers" + - "|/airavata/getExperimentByAdmin|/airavata/cloneExperimentByAdmin"); + "|/airavata/getExperimentByAdmin|/airavata/cloneExperimentByAdmin" + + "|" + USER_RESOURCE_PROFILE_USER_METHODS + "|/airavata/getAllUserResourceProfiles"); rolePermissionConfig.put("gateway-user", "/airavata/getAPIVersion|/airavata/getNotification|/airavata/getAllNotifications|" + "/airavata/createProject|/airavata/updateProject|/airavata/getProject|/airavata/deleteProject|/airavata/getUserProjects|" + "/airavata/searchProjectsByProjectName|/airavata/searchProjectsByProjectDesc|/airavata/searchExperimentsByName|" + @@ -97,7 +105,7 @@ public class KeyCloakSecurityManager implements AiravataSecurityManager { "/airavata/getAvailableAppInterfaceComputeResources|/airavata/getComputeResource|/airavata/getAllComputeResourceNames|" + "/airavata/getWorkflow|/airavata/getWorkflowTemplateId|/airavata/isWorkflowExistWithName|/airavata/registerDataProduct|" + "/airavata/getDataProduct|/airavata/registerReplicaLocation|/airavata/getParentDataProduct|/airavata/getChildDataProducts|" + - "/airavata/getAllAccessibleUsers|/airavata/getAllApplicationDeployments"); + "/airavata/getAllAccessibleUsers|/airavata/getAllApplicationDeployments|" + USER_RESOURCE_PROFILE_USER_METHODS); initializeSecurityInfra(); }
