Repository: knox Updated Branches: refs/heads/KNOX-1204 e4b75908d -> 8350e75d9
KNOX-1204 - begin work to combine policies Project: http://git-wip-us.apache.org/repos/asf/knox/repo Commit: http://git-wip-us.apache.org/repos/asf/knox/commit/8350e75d Tree: http://git-wip-us.apache.org/repos/asf/knox/tree/8350e75d Diff: http://git-wip-us.apache.org/repos/asf/knox/diff/8350e75d Branch: refs/heads/KNOX-1204 Commit: 8350e75d991a15c2863577a99499831368d9d2cb Parents: e4b7590 Author: Larry McCay <[email protected]> Authored: Fri Jun 29 08:39:40 2018 -0400 Committer: Larry McCay <[email protected]> Committed: Fri Jul 6 10:56:42 2018 -0400 ---------------------------------------------------------------------- .../service/idbroker/aws/AWSPolicyModel.java | 8 ++- .../service/knoxs3/S3BucketsResourceTest.java | 70 +++++++++++++++++++- 2 files changed, 76 insertions(+), 2 deletions(-) ---------------------------------------------------------------------- http://git-wip-us.apache.org/repos/asf/knox/blob/8350e75d/gateway-service-idbroker/src/main/java/org/apache/knox/gateway/service/idbroker/aws/AWSPolicyModel.java ---------------------------------------------------------------------- diff --git a/gateway-service-idbroker/src/main/java/org/apache/knox/gateway/service/idbroker/aws/AWSPolicyModel.java b/gateway-service-idbroker/src/main/java/org/apache/knox/gateway/service/idbroker/aws/AWSPolicyModel.java index 404ba05..d7cfb60 100644 --- a/gateway-service-idbroker/src/main/java/org/apache/knox/gateway/service/idbroker/aws/AWSPolicyModel.java +++ b/gateway-service-idbroker/src/main/java/org/apache/knox/gateway/service/idbroker/aws/AWSPolicyModel.java @@ -24,6 +24,7 @@ import java.util.Map; import org.apache.knox.gateway.util.JsonUtils; public class AWSPolicyModel { + private static final String ACTION = "Action"; HashMap<String, Object> policyModel = new HashMap<String, Object>(); ArrayList<String> actionArray = new ArrayList<String>(); HashMap<String, Object> statementMap = new HashMap<String, Object>(); @@ -34,7 +35,7 @@ public class AWSPolicyModel { ArrayList<Map<String, Object>> statement = new ArrayList<Map<String, Object>>(); policyModel.put("Statement", statement ); statement.add(statementMap); - statementMap.put("Action", actionArray ); + statementMap.put(ACTION, actionArray ); statementMap.put("Resource", resourcesArray); } @@ -57,4 +58,9 @@ public class AWSPolicyModel { public String toString() { return JsonUtils.renderAsJsonString(policyModel); } + + public void combine(AWSPolicyModel model) { + ArrayList<Map<String, Object>> statement = (ArrayList<Map<String, Object>>) policyModel.get("Statement"); + statement.add((Map<String, Object>)model.statementMap); + } } http://git-wip-us.apache.org/repos/asf/knox/blob/8350e75d/gateway-service-idbroker/src/test/java/org/apache/knox/gateway/service/knoxs3/S3BucketsResourceTest.java ---------------------------------------------------------------------- diff --git a/gateway-service-idbroker/src/test/java/org/apache/knox/gateway/service/knoxs3/S3BucketsResourceTest.java b/gateway-service-idbroker/src/test/java/org/apache/knox/gateway/service/knoxs3/S3BucketsResourceTest.java index 651c407..8291421 100644 --- a/gateway-service-idbroker/src/test/java/org/apache/knox/gateway/service/knoxs3/S3BucketsResourceTest.java +++ b/gateway-service-idbroker/src/test/java/org/apache/knox/gateway/service/knoxs3/S3BucketsResourceTest.java @@ -76,5 +76,73 @@ public class S3BucketsResourceTest { model.addResource("this"); model.addResource("that"); System.out.println(model); -} + } + + @Test + public void testCombinedPolicyCreation() { + + String policy = "{\n" + + " \"Version\": \"2012-10-17\",\n" + + " \"Statement\": [\n" + + " {\n" + + " \"Effect\": \"Allow\",\n" + + " \"Action\": [\n" + + " \"s3:Get*\",\n" + + " \"s3:List*\"\n" + + // " \"s3:Delete*\"\n" + + " ],\n" + + " \"Resource\": \"*\"\n" + + " }\n" + + " {\n" + + " \"Effect\": \"Allow\",\n" + + " \"Action\": [\n" + + " \"s3:Get*\",\n" + + " \"s3:List*\"\n" + + " \"s3:Delete*\"\n" + + " ],\n" + + " \"Resource\": \"ljm\"\n" + + " }\n" + + " ]\n" + + "}"; + System.out.println(policy); + + HashMap<String, Object> policyModel = new HashMap<String, Object>(); + policyModel.put("Version", "2012-10-17"); + ArrayList<Map<String, Object>> statement = new ArrayList<Map<String, Object>>(); + + policyModel.put("Version", "2012-10-17"); + policyModel.put("Statement", statement ); + HashMap<String, Object> statementMap = new HashMap<String, Object>(); + statementMap.put("Effect", "Allow"); + ArrayList<String> actionArray = new ArrayList<String>(); + actionArray.add("s3:Get*"); + actionArray.add("s3:List*"); + statementMap.put("Action", actionArray ); + statement.add(statementMap); + policyModel.put("Resource", "*"); + + System.out.println(JsonUtils.renderAsJsonString(policyModel)); + + AWSPolicyModel model = new AWSPolicyModel(); + model.setEffect("Allow"); + model.addAction("s3:Get*"); + model.addAction("s3:List*"); + model.setResource("*"); + System.out.println(model); + + AWSPolicyModel model2 = new AWSPolicyModel(); + model2.setEffect("Allow"); + model2.addAction("s3:Get*"); + model2.addAction("s3:List*"); + model2.addResource("this"); + model2.addResource("that"); + System.out.println(model2); + + ArrayList<AWSPolicyModel> models = new ArrayList<AWSPolicyModel>(); + models.add(model); + models.add(model2); + + model.combine(model2); + System.out.println("Aggregate: " + model); + } } \ No newline at end of file
