Class RoleMap
- java.lang.Object
-
- com.michelin.cio.hudson.plugins.rolestrategy.RoleMap
-
public class RoleMap extends Object
Class holding a map for each kind ofAccessControlled
object, associating eachRole
with the concernedUser
s/groups.- Author:
- Thomas Maurel
-
-
Field Summary
Fields Modifier and Type Field Description static boolean
FORCE_CASE_SENSITIVE
-
Constructor Summary
Constructors Constructor Description RoleMap(SortedMap<Role,Set<PermissionEntry>> grantedRoles)
Constructor.
-
Method Summary
All Methods Static Methods Instance Methods Concrete Methods Deprecated Methods Modifier and Type Method Description void
addRole(Role role)
Add the given role to thisRoleMap
.void
addRole(Role role, Set<PermissionEntry> sids)
Add the given role to thisRoleMap
and assign the sids to it.void
assignRole(Role role, PermissionEntry sid)
Assign the sid to the givenRole
.void
assignRole(Role role, String sid)
Deprecated.void
clearSids()
void
clearSidsForRole(Role role)
Clear all the sids associated to the givenRole
.void
deleteRoleSid(PermissionEntry sid, String rolename)
Clear specific role associated to the given sid.void
deleteRoleSid(String sid, String rolename)
Deprecated.void
deleteSids(PermissionEntry sid)
Clear all the roles associated to the given sid.void
deleteSids(String sid)
Deprecated.SidACL
getACL(RoleType roleType, AccessControlled controlledItem)
Get the ACL for the currentRoleMap
.SortedMap<Role,Set<String>>
getGrantedRoles()
Deprecated.SortedMap<Role,Set<PermissionEntry>>
getGrantedRolesEntries()
Get an unmodifiable sorted map containingRole
s and their assigned sids.static List<String>
getMatchingAgentNames(Pattern pattern, int maxAgents)
Deprecated.No replacement available.static List<String>
getMatchingJobNames(Pattern pattern, int maxJobs)
Deprecated.No replacement available.Role
getRole(String name)
Get theRole
object named after the given param.Set<Role>
getRoles()
Set<String>
getRolesForAuth(org.springframework.security.core.Authentication auth)
Get all roles associated with the given Authentication.Set<String>
getRolesForUser(User user)
Get all roles associated with the given User.SortedSet<PermissionEntry>
getSidEntries()
Get all the sids referenced in thisRoleMap
, minus theAnonymous
sid.SortedSet<PermissionEntry>
getSidEntries(Boolean includeAnonymous)
Get all the sids referenced in thisRoleMap
.Set<PermissionEntry>
getSidEntriesForRole(String roleName)
Get all the permission entries assigned to theRole
named after theroleName
param.SortedSet<String>
getSids()
Deprecated.usegetSidEntries()
SortedSet<String>
getSids(Boolean includeAnonymous)
Deprecated.Set<String>
getSidsForRole(String roleName)
Deprecated.boolean
hasPermission(PermissionEntry sid, Permission permission, RoleType roleType, AccessControlled controlledItem)
Check if the given sid has the providedPermission
.boolean
hasRole(Role role)
RoleMap
newMatchingRoleMap(String itemNamePrefix)
void
removeRole(Role role)
Removes aRole
.void
unAssignRole(Role role, PermissionEntry sid)
unAssign the sid from the givenRole
.void
unAssignRole(Role role, String sid)
Deprecated.
-
-
-
Constructor Detail
-
RoleMap
@DataBoundConstructor public RoleMap(@NonNull SortedMap<Role,Set<PermissionEntry>> grantedRoles)
Constructor.- Parameters:
grantedRoles
- Roles to be granted.
-
-
Method Detail
-
hasPermission
@Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public boolean hasPermission(PermissionEntry sid, Permission permission, RoleType roleType, AccessControlled controlledItem)
Check if the given sid has the providedPermission
.- Returns:
- True if the sid's granted permission
-
hasRole
public boolean hasRole(@NonNull Role role)
- Parameters:
role
- Role to be checked- Returns:
true
if theRoleMap
contains the given role
-
getACL
public SidACL getACL(RoleType roleType, AccessControlled controlledItem)
Get the ACL for the currentRoleMap
.- Returns:
- ACL for the current
RoleMap
-
addRole
public void addRole(Role role)
Add the given role to thisRoleMap
.- Parameters:
role
- TheRole
to add
-
addRole
public void addRole(Role role, Set<PermissionEntry> sids)
Add the given role to thisRoleMap
and assign the sids to it. If a role
-
assignRole
public void assignRole(Role role, PermissionEntry sid)
Assign the sid to the givenRole
.- Parameters:
role
- TheRole
to assign the sid tosid
- The sid to assign
-
assignRole
@Deprecated public void assignRole(Role role, String sid)
Deprecated.Assign the sid to the givenRole
. Assigns are aAuthorizationType.EITHER
- Parameters:
role
- TheRole
to assign the sid tosid
- The sid to assign
-
unAssignRole
public void unAssignRole(Role role, PermissionEntry sid)
unAssign the sid from the givenRole
.- Parameters:
role
- TheRole
to unassign the sid tosid
- The sid to unassign
-
unAssignRole
@Deprecated public void unAssignRole(Role role, String sid)
Deprecated.unAssign the sid from the givenRole
. This will only unassign entries of typeAuthorizationType.EITHER
.- Parameters:
role
- TheRole
to unassign the sid tosid
- The sid to unassign- Since:
- 2.6.0
-
clearSidsForRole
public void clearSidsForRole(Role role)
Clear all the sids associated to the givenRole
.- Parameters:
role
- TheRole
for which you want to clear the sids
-
deleteSids
public void deleteSids(PermissionEntry sid)
Clear all the roles associated to the given sid.- Parameters:
sid
- The sid for which you want to clear theRole
s
-
deleteSids
@Deprecated public void deleteSids(String sid)
Deprecated.Clear all the roles associated to the given sid. This will only find sids of typeAuthorizationType.EITHER
- Parameters:
sid
- The sid for which you want to clear theRole
s
-
deleteRoleSid
public void deleteRoleSid(PermissionEntry sid, String rolename)
Clear specific role associated to the given sid.
-
deleteRoleSid
@Deprecated public void deleteRoleSid(String sid, String rolename)
Deprecated.Clear specific role associated to the given sid. This will only find sids of typeAuthorizationType.EITHER
-
clearSids
public void clearSids()
-
getRole
@CheckForNull public Role getRole(String name)
Get theRole
object named after the given param.
-
removeRole
public void removeRole(Role role)
Removes aRole
.- Parameters:
role
- TheRole
which shall be removed
-
getGrantedRolesEntries
public SortedMap<Role,Set<PermissionEntry>> getGrantedRolesEntries()
Get an unmodifiable sorted map containingRole
s and their assigned sids.- Returns:
- An unmodifiable sorted map containing the
Role
s and their associated sids
-
getGrantedRoles
@Deprecated public SortedMap<Role,Set<String>> getGrantedRoles()
Deprecated.Get an unmodifiable sorted map containingRole
s and their assigned sids. All types are returned to keep the api as compatible as possible.- Returns:
- An unmodifiable sorted map containing the
Role
s and their associated sids
-
getSids
@Deprecated public SortedSet<String> getSids()
Deprecated.usegetSidEntries()
Get all the sids referenced in thisRoleMap
, minus theAnonymous
sid. All types are returned to keep the api as compatible as possible.- Returns:
- A sorted set containing all the sids, minus the
Anonymous
sid
-
getSids
@Deprecated public SortedSet<String> getSids(Boolean includeAnonymous)
Deprecated.Get all the sids referenced in thisRoleMap
. All types are returned to keep the api as compatible as possible.- Parameters:
includeAnonymous
- True if you want theAnonymous
sid to be included in the set- Returns:
- A sorted set containing all the sids
-
getSidEntries
public SortedSet<PermissionEntry> getSidEntries()
Get all the sids referenced in thisRoleMap
, minus theAnonymous
sid.- Returns:
- A sorted set containing all the sids, minus the
Anonymous
sid
-
getSidEntries
public SortedSet<PermissionEntry> getSidEntries(Boolean includeAnonymous)
Get all the sids referenced in thisRoleMap
.- Parameters:
includeAnonymous
- True if you want theAnonymous
sid to be included in the set- Returns:
- A sorted set containing all the sids
-
getSidEntriesForRole
@CheckForNull public Set<PermissionEntry> getSidEntriesForRole(String roleName)
Get all the permission entries assigned to theRole
named after theroleName
param.- Parameters:
roleName
- The name of the role- Returns:
- A sorted set containing all the sids.
null
if the role is missing.
-
getSidsForRole
@CheckForNull @Deprecated public Set<String> getSidsForRole(String roleName)
Deprecated.Get all the sids assigned to theRole
named after theroleName
param. All types are returned to keep the api as compatible as possible.- Parameters:
roleName
- The name of the role- Returns:
- A sorted set containing all the sids.
null
if the role is missing.
-
getRolesForUser
@NonNull public Set<String> getRolesForUser(User user) throws org.springframework.security.core.userdetails.UsernameNotFoundException
Get all roles associated with the given User.- Parameters:
user
- The User for which to get the roles- Returns:
- a set of roles
- Throws:
org.springframework.security.core.userdetails.UsernameNotFoundException
- when user is not found
-
getRolesForAuth
@NonNull @Restricted(org.kohsuke.accmod.restrictions.NoExternalUse.class) public Set<String> getRolesForAuth(org.springframework.security.core.Authentication auth)
Get all roles associated with the given Authentication.- Parameters:
auth
- The Authentication for which to get the roles- Returns:
- a set of roles
-
newMatchingRoleMap
public RoleMap newMatchingRoleMap(String itemNamePrefix)
- Parameters:
itemNamePrefix
- the name of theAbstractItem
orComputer
- Returns:
- A
RoleMap
containing roles that are applicable on the itemNamePrefix
-
getMatchingJobNames
@Deprecated public static List<String> getMatchingJobNames(Pattern pattern, int maxJobs)
Deprecated.No replacement available. It was never intended for public usage.Get all job names matching the given pattern, viewable to the requesting user.- Parameters:
pattern
- Pattern to match againstmaxJobs
- Max matching jobs to look for- Returns:
- List of matching job names
-
getMatchingAgentNames
@Deprecated public static List<String> getMatchingAgentNames(Pattern pattern, int maxAgents)
Deprecated.No replacement available. It was never intended for public usage.Get all agent names matching the given pattern, viewable to the requesting user.- Parameters:
pattern
- Pattern to match againstmaxAgents
- Max matching agents to look for- Returns:
- List of matching agent names
-
-