cli/src/main/java/org/onosproject/cli/security/PermissionCommand.java - onos - Gitiles

 /*
  * Copyright 2015 Open Networking Laboratory
  *
  * Licensed under the Apache License, Version 2.0 (the "License");
  * you may not use this file except in compliance with the License.
  * You may obtain a copy of the License at
  *
  *     http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing, software
  * distributed under the License is distributed on an "AS IS" BASIS,
  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */

 package org.onosproject.cli.security;

 import com.google.common.collect.ImmutableSet;
 import com.google.common.collect.Sets;
 import org.apache.karaf.shell.commands.Argument;
 import org.apache.karaf.shell.commands.Command;
 import org.onosproject.app.ApplicationAdminService;
 import org.onosproject.cli.AbstractShellCommand;
 import org.onosproject.core.Application;
 import org.onosproject.core.ApplicationId;
 import org.onosproject.core.Permission;

 import java.util.Set;
 import java.util.stream.Collectors;

 /**
  * Manages application permissions.
  */
 @Command(scope = "onos", name = "perm",
         description = "Manages application permissions")
 public class PermissionCommand extends AbstractShellCommand {

     static final String ADD = "add";
     static final String REMOVE = "remove";
     static final String LIST = "list";
     static final String CLEAR = "clear";


     @Argument(index = 0, name = "command",
             description = "Command name (add|remove)",
             required = true, multiValued = false)
     String command = null;

     @Argument(index = 1, name = "name", description = "Application name",
             required = true, multiValued = false)
     String name = null;

     @Argument(index = 2, name = "permissions", description = "List of permissions",
             required = false, multiValued = true)
     String[] permissions = null;

     @Override
     protected void execute() {
         ApplicationAdminService applicationAdminService = get(ApplicationAdminService.class);
         Set<Permission> newPermSet = Sets.newHashSet();
         if (command.equals(ADD)) {
             ApplicationId appId = applicationAdminService.getId(name);
             if (appId == null) {
                 print("No such application: %s", name);
                 return;
             }
             Application app = applicationAdminService.getApplication(appId);

             for (String perm : permissions) {
                 try {
                     Permission permission = Permission.valueOf(perm);
                     newPermSet.add(permission);
                 } catch (IllegalArgumentException e) {
                     print("%s is not a valid permission.", perm);
                     return;
                 }

             }
             Set<Permission> oldPermSet = applicationAdminService.getPermissions(appId);
             if (oldPermSet != null) {
                 newPermSet.addAll(oldPermSet);
             } else {
                 newPermSet.addAll(app.permissions());
             }
             applicationAdminService.setPermissions(appId, ImmutableSet.copyOf(newPermSet));

         } else if (command.equals(REMOVE)) {
             ApplicationId appId = applicationAdminService.getId(name);
             Application app = applicationAdminService.getApplication(appId);
             if (appId == null) {
                 print("No such application: %s", name);
                 return;
             }
             Set<Permission> oldPermSet = applicationAdminService.getPermissions(appId);
             if (oldPermSet == null) {
                 oldPermSet = app.permissions();
             }
             Set<String> clearPermSet = Sets.newHashSet(permissions);
             newPermSet.addAll(oldPermSet.stream().filter(
                     perm -> !clearPermSet.contains(perm.name().toUpperCase())).collect(Collectors.toList()));
             applicationAdminService.setPermissions(appId, ImmutableSet.copyOf(newPermSet));
         } else if (command.equals(CLEAR)) {
             ApplicationId appId = applicationAdminService.getId(name);
             if (appId == null) {
                 print("No such application: %s", name);
                 return;
             }
             applicationAdminService.setPermissions(appId, ImmutableSet.of());
             print("Cleared the permission list of %s.", appId.name());
         } else if (command.equals(LIST)) {
             ApplicationId appId = applicationAdminService.getId(name);
             if (appId == null) {
                 print("No such application: %s", name);
                 return;
             }
             Application app = applicationAdminService.getApplication(appId);
             Set<Permission> userPermissions = applicationAdminService.getPermissions(appId);
             Set<Permission> defaultPermissions = app.permissions();
             print("Application Role");
             print("\trole=%s", app.role().name());

             if (defaultPermissions != null) {
                 if (!defaultPermissions.isEmpty()) {
                     print("Default permissions (specified in app.xml)");
                     for (Permission perm : defaultPermissions) {
                         print("\tpermission=%s", perm.name());
                     }
                 } else {
                     print("(No default permissions specified in app.xml)");
                 }
             }
             if (userPermissions != null) {
                 if (!userPermissions.isEmpty()) {
                     print("User permissions");
                     for (Permission perm : userPermissions) {
                         print("\tpermission=%s", perm.name());
                     }
                 } else {
                     print("(User has removed all the permissions");
                 }
             }

         }
     }
 }
	/*
	* Copyright 2015 Open Networking Laboratory
	*
	* Licensed under the Apache License, Version 2.0 (the "License");
	* you may not use this file except in compliance with the License.
	* You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing, software
	* distributed under the License is distributed on an "AS IS" BASIS,
	* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
	* See the License for the specific language governing permissions and
	* limitations under the License.
	*/

	package org.onosproject.cli.security;

	import com.google.common.collect.ImmutableSet;
	import com.google.common.collect.Sets;
	import org.apache.karaf.shell.commands.Argument;
	import org.apache.karaf.shell.commands.Command;
	import org.onosproject.app.ApplicationAdminService;
	import org.onosproject.cli.AbstractShellCommand;
	import org.onosproject.core.Application;
	import org.onosproject.core.ApplicationId;
	import org.onosproject.core.Permission;

	import java.util.Set;
	import java.util.stream.Collectors;

	/**
	* Manages application permissions.
	*/
	@Command(scope = "onos", name = "perm",
	description = "Manages application permissions")
	public class PermissionCommand extends AbstractShellCommand {

	static final String ADD = "add";
	static final String REMOVE = "remove";
	static final String LIST = "list";
	static final String CLEAR = "clear";


	@Argument(index = 0, name = "command",
	description = "Command name (add\|remove)",
	required = true, multiValued = false)
	String command = null;

	@Argument(index = 1, name = "name", description = "Application name",
	required = true, multiValued = false)
	String name = null;

	@Argument(index = 2, name = "permissions", description = "List of permissions",
	required = false, multiValued = true)
	String[] permissions = null;

	@Override
	protected void execute() {
	ApplicationAdminService applicationAdminService = get(ApplicationAdminService.class);
	Set<Permission> newPermSet = Sets.newHashSet();
	if (command.equals(ADD)) {
	ApplicationId appId = applicationAdminService.getId(name);
	if (appId == null) {
	print("No such application: %s", name);
	return;
	}
	Application app = applicationAdminService.getApplication(appId);

	for (String perm : permissions) {
	try {
	Permission permission = Permission.valueOf(perm);
	newPermSet.add(permission);
	} catch (IllegalArgumentException e) {
	print("%s is not a valid permission.", perm);
	return;
	}

	}
	Set<Permission> oldPermSet = applicationAdminService.getPermissions(appId);
	if (oldPermSet != null) {
	newPermSet.addAll(oldPermSet);
	} else {
	newPermSet.addAll(app.permissions());
	}
	applicationAdminService.setPermissions(appId, ImmutableSet.copyOf(newPermSet));

	} else if (command.equals(REMOVE)) {
	ApplicationId appId = applicationAdminService.getId(name);
	Application app = applicationAdminService.getApplication(appId);
	if (appId == null) {
	print("No such application: %s", name);
	return;
	}
	Set<Permission> oldPermSet = applicationAdminService.getPermissions(appId);
	if (oldPermSet == null) {
	oldPermSet = app.permissions();
	}
	Set<String> clearPermSet = Sets.newHashSet(permissions);
	newPermSet.addAll(oldPermSet.stream().filter(
	perm -> !clearPermSet.contains(perm.name().toUpperCase())).collect(Collectors.toList()));
	applicationAdminService.setPermissions(appId, ImmutableSet.copyOf(newPermSet));
	} else if (command.equals(CLEAR)) {
	ApplicationId appId = applicationAdminService.getId(name);
	if (appId == null) {
	print("No such application: %s", name);
	return;
	}
	applicationAdminService.setPermissions(appId, ImmutableSet.of());
	print("Cleared the permission list of %s.", appId.name());
	} else if (command.equals(LIST)) {
	ApplicationId appId = applicationAdminService.getId(name);
	if (appId == null) {
	print("No such application: %s", name);
	return;
	}
	Application app = applicationAdminService.getApplication(appId);
	Set<Permission> userPermissions = applicationAdminService.getPermissions(appId);
	Set<Permission> defaultPermissions = app.permissions();
	print("Application Role");
	print("\trole=%s", app.role().name());

	if (defaultPermissions != null) {
	if (!defaultPermissions.isEmpty()) {
	print("Default permissions (specified in app.xml)");
	for (Permission perm : defaultPermissions) {
	print("\tpermission=%s", perm.name());
	}
	} else {
	print("(No default permissions specified in app.xml)");
	}
	}
	if (userPermissions != null) {
	if (!userPermissions.isEmpty()) {
	print("User permissions");
	for (Permission perm : userPermissions) {
	print("\tpermission=%s", perm.name());
	}
	} else {
	print("(User has removed all the permissions");
	}
	}

	}
	}
	}