> On June 1, 2017, 5:09 p.m., Jared Stewart wrote: > > geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java > > Lines 228 (patched) > > <https://reviews.apache.org/r/59692/diff/3/?file=1737978#file1737978line228> > > > > I think it might be nice to have a variant of `authorize()` that takes > > a Resource/Operation/Target rather than their String representations: > > > > ``` > > public void authorize(Resource resource, Operation operation){} > > public void authorize(Resource resource, Operation operation, Target > > target){} > > > > ``` > > > > Then these methods would look like > > ``` > > public void authorizeDiskManage() { > > authorize(Resource.CLUSTER, Operation.MANAGE, > > ResourcePermission.Target.DISK); > > } > > ```
Target can be a region name as well as the as a Target enum. Consequently, the ResourcePermission constructors that the authorize methods call currently all expect target as a string. - Ken ----------------------------------------------------------- This is an automatically generated e-mail. To reply, visit: https://reviews.apache.org/r/59692/#review176626 ----------------------------------------------------------- On June 1, 2017, 5:21 p.m., Jinmei Liao wrote: > > ----------------------------------------------------------- > This is an automatically generated e-mail. To reply, visit: > https://reviews.apache.org/r/59692/ > ----------------------------------------------------------- > > (Updated June 1, 2017, 5:21 p.m.) > > > Review request for geode, Emily Yeh, Jared Stewart, Ken Howe, Kirk Lund, and > Patrick Rhomberg. > > > Repository: geode > > > Description > ------- > > GEODE-2925: add target for resource operation for finer grained security > > > Diffs > ----- > > > geode-core/src/main/java/org/apache/geode/internal/security/IntegratedSecurityService.java > 600d5462b1d18cfc702d400f6d91c1ac1fab3755 > > geode-core/src/main/java/org/apache/geode/internal/security/SecurityService.java > 14784c391212095413c0d577cfc65de7247080b5 > > geode-core/src/main/java/org/apache/geode/management/internal/cli/commands/DiskStoreCommands.java > 226cfaf45fa2a1720a92e8e7ac2c179653240e2d > > geode-core/src/main/java/org/apache/geode/management/internal/security/MBeanServerWrapper.java > fe79efbed0aa7ec9a3d27526df2f4a86794513c2 > > geode-core/src/main/java/org/apache/geode/management/internal/security/ResourceOperation.java > db3a1872a87b558772902cf14580f3e14fca97b3 > geode-core/src/main/java/org/apache/geode/security/ResourcePermission.java > 45da464419779773c9116d824fcf11774bafbd79 > > geode-core/src/test/java/org/apache/geode/management/internal/security/ResourcePermissionTest.java > b728b271efb876d471b35e002c5b110919f10fcc > > geode-core/src/test/java/org/apache/geode/management/internal/security/TestCommand.java > 3f8f4d9d4ee0a8f9c3385cd66ee20655d126d34d > > geode-core/src/test/resources/org/apache/geode/codeAnalysis/excludedClasses.txt > 9cff80d1982bd30f6ba5d8a61ab7307a69862fd4 > > > Diff: https://reviews.apache.org/r/59692/diff/4/ > > > Testing > ------- > > precheckin runing > > > Thanks, > > Jinmei Liao > >
