Gitiles
Code Review Sign In
gerrit.onosproject.org / onos / 7716ec9268f3a46c3948142d596662eae2a975f0 / . / cli / src / main / java / org / onosproject / cli / security / PermissionCommand.java
blob: f72b0b23af6f77c1e27f4ba8af1286dcfe15353c [file] [log] [blame]
Changhoon Yoon23dee8f2015-05-18 22:19:49 +0900[diff] [blame]1/*
2 * Copyright 2015 Open Networking Laboratory
3 *
4 * Licensed under the Apache License, Version 2.0 (the "License");
5 * you may not use this file except in compliance with the License.
6 * You may obtain a copy of the License at
7 *
8 * http://www.apache.org/licenses/LICENSE-2.0
9 *
10 * Unless required by applicable law or agreed to in writing, software
11 * distributed under the License is distributed on an "AS IS" BASIS,
12 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 * See the License for the specific language governing permissions and
14 * limitations under the License.
15 */
16
17package org.onosproject.cli.security;
18
19import com.google.common.collect.ImmutableSet;
20import com.google.common.collect.Sets;
21import org.apache.karaf.shell.commands.Argument;
22import org.apache.karaf.shell.commands.Command;
23import org.onosproject.app.ApplicationAdminService;
24import org.onosproject.cli.AbstractShellCommand;
25import org.onosproject.core.Application;
26import org.onosproject.core.ApplicationId;
27import org.onosproject.core.Permission;
28
29import java.util.Set;
30import java.util.stream.Collectors;
31
32/**
33 * Manages application permissions.
34 */
35@Command(scope = "onos", name = "perm",
36 description = "Manages application permissions")
37public class PermissionCommand extends AbstractShellCommand {
38
39 static final String ADD = "add";
40 static final String REMOVE = "remove";
41 static final String LIST = "list";
42 static final String CLEAR = "clear";
43
44
45 @Argument(index = 0, name = "command",
46 description = "Command name (add|remove)",
47 required = true, multiValued = false)
48 String command = null;
49
50 @Argument(index = 1, name = "name", description = "Application name",
51 required = true, multiValued = false)
52 String name = null;
53
54 @Argument(index = 2, name = "permissions", description = "List of permissions",
55 required = false, multiValued = true)
56 String[] permissions = null;
57
58 @Override
59 protected void execute() {
60 ApplicationAdminService applicationAdminService = get(ApplicationAdminService.class);
61 Set<Permission> newPermSet = Sets.newHashSet();
62 if (command.equals(ADD)) {
63 ApplicationId appId = applicationAdminService.getId(name);
64 if (appId == null) {
65 print("No such application: %s", name);
66 return;
67 }
68 Application app = applicationAdminService.getApplication(appId);
69
70 for (String perm : permissions) {
71 try {
72 Permission permission = Permission.valueOf(perm);
73 newPermSet.add(permission);
74 } catch (IllegalArgumentException e) {
75 print("%s is not a valid permission.", perm);
76 return;
77 }
78
79 }
80 Set<Permission> oldPermSet = applicationAdminService.getPermissions(appId);
81 if (oldPermSet != null) {
82 newPermSet.addAll(oldPermSet);
83 } else {
84 newPermSet.addAll(app.permissions());
85 }
86 applicationAdminService.setPermissions(appId, ImmutableSet.copyOf(newPermSet));
87
88 } else if (command.equals(REMOVE)) {
89 ApplicationId appId = applicationAdminService.getId(name);
90 Application app = applicationAdminService.getApplication(appId);
91 if (appId == null) {
92 print("No such application: %s", name);
93 return;
94 }
95 Set<Permission> oldPermSet = applicationAdminService.getPermissions(appId);
96 if (oldPermSet == null) {
97 oldPermSet = app.permissions();
98 }
99 Set<String> clearPermSet = Sets.newHashSet(permissions);
100 newPermSet.addAll(oldPermSet.stream().filter(
101 perm -> !clearPermSet.contains(perm.name().toUpperCase())).collect(Collectors.toList()));
102 applicationAdminService.setPermissions(appId, ImmutableSet.copyOf(newPermSet));
103 } else if (command.equals(CLEAR)) {
104 ApplicationId appId = applicationAdminService.getId(name);
105 if (appId == null) {
106 print("No such application: %s", name);
107 return;
108 }
109 applicationAdminService.setPermissions(appId, ImmutableSet.of());
110 print("Cleared the permission list of %s.", appId.name());
111 } else if (command.equals(LIST)) {
112 ApplicationId appId = applicationAdminService.getId(name);
113 if (appId == null) {
114 print("No such application: %s", name);
115 return;
116 }
117 Application app = applicationAdminService.getApplication(appId);
118 Set<Permission> userPermissions = applicationAdminService.getPermissions(appId);
119 Set<Permission> defaultPermissions = app.permissions();
120 print("Application Role");
121 print("\trole=%s", app.role().name());
122
123 if (defaultPermissions != null) {
124 if (!defaultPermissions.isEmpty()) {
125 print("Default permissions (specified in app.xml)");
126 for (Permission perm : defaultPermissions) {
127 print("\tpermission=%s", perm.name());
128 }
129 } else {
130 print("(No default permissions specified in app.xml)");
131 }
132 }
133 if (userPermissions != null) {
134 if (!userPermissions.isEmpty()) {
135 print("User permissions");
136 for (Permission perm : userPermissions) {
137 print("\tpermission=%s", perm.name());
138 }
139 } else {
140 print("(User has removed all the permissions");
141 }
142 }
143
144 }
145 }
146}