Skip to content

Commit

Permalink
Replace Teletraan AuthN and AuthZ implementation
Browse files Browse the repository at this point in the history
commit-id:bf5d6dfa
  • Loading branch information
tylerwowen committed Mar 25, 2024
1 parent 37a187d commit 2bdc351
Show file tree
Hide file tree
Showing 96 changed files with 3,020 additions and 1,765 deletions.
Original file line number Diff line number Diff line change
Expand Up @@ -16,6 +16,8 @@
package com.pinterest.deployservice.bean;

import com.fasterxml.jackson.annotation.JsonProperty;
import com.pinterest.teletraan.universal.security.bean.AuthZResource;

import org.apache.commons.lang.builder.ReflectionToStringBuilder;

import javax.validation.constraints.NotEmpty;
Expand All @@ -36,45 +38,47 @@ public class GroupRolesBean implements Updatable {
@JsonProperty("name")
private String group_name;

@NotEmpty
@JsonProperty("resource")
private String resource_id;

@NotNull
@JsonProperty("type")
private Resource.Type resource_type;
private AuthZResource.Type resource_type;

@NotNull
@JsonProperty("role")
private Role role;
private TeletraanPrincipalRole role;

public String getGroup_name() {
return group_name;
}

public void setGroup_name(String user_name) {
this.group_name = user_name;
public void setGroup_name(String userName) {
this.group_name = userName;
}

public String getResource_id() {
return resource_id;
}

public void setResource_id(String resource_id) {
this.resource_id = resource_id;
public void setResource_id(String resourceId) {
this.resource_id = resourceId;
}

public Resource.Type getResource_type() {
public AuthZResource.Type getResource_type() {
return resource_type;
}

public void setResource_type(Resource.Type resource_type) {
this.resource_type = resource_type;
public void setResource_type(AuthZResource.Type resourceType) {
this.resource_type = resourceType;
}

public Role getRole() {
public TeletraanPrincipalRole getRole() {
return role;
}

public void setRole(Role role) {
public void setRole(TeletraanPrincipalRole role) {
this.role = role;
}

Expand Down

This file was deleted.

This file was deleted.

Original file line number Diff line number Diff line change
@@ -0,0 +1,64 @@
/**
* Copyright (c) 2024, Pinterest Inc. All rights reserved.
*/
package com.pinterest.deployservice.bean;

import com.pinterest.teletraan.universal.security.bean.RoleEnum;
import com.pinterest.teletraan.universal.security.bean.ValueBasedRole;


/**
* READER:
* Default role, everyone who is able to use Teletraan has READER access.
* PINGER:
* Role required to ping server.
* PUBLISHER:
* Role required to publish artifacts.
* OPERATOR:
* Role where user can modify a specific environment's config and
* perform deploy related actions.
* ADMIN:
* Role that has the same environment specific privileges as OPERATOR
* plus the ability specify new OPERATORS and ADMINs for said environment.
* When a new environment is created the creating user is the designated the
* first ADMIN.
*/
public enum TeletraanPrincipalRole implements RoleEnum<ValueBasedRole> {
READ(-1),
READER(0), // legacy
PINGER(1), // legacy
PUBLISHER(1), // legacy
EXECUTE(9),
WRITE(9),
DELETE(9),
OPERATOR(10), // legacy
ADMIN(20);

public class Names {
private Names() {}
public static final String PINGER = "PINGER";
public static final String PUBLISHER = "PUBLISHER";
public static final String READER = "READER";
public static final String OPERATOR = "OPERATOR";
public static final String ADMIN = "ADMIN";

public static final String READ = "READ";
public static final String WRITE = "WRITE";
public static final String EXECUTE = "EXECUTE";
public static final String DELETE = "DELETE";
}

private final ValueBasedRole role;

TeletraanPrincipalRole(int value) {
this.role = new ValueBasedRole(value);
}

public ValueBasedRole getRole() {
return role;
}

public boolean isEqualOrSuperior(TeletraanPrincipalRole otherRole) {
return this.role.isEqualOrSuperior(otherRole.getRole());
}
}
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,11 @@
package com.pinterest.deployservice.bean;

import com.fasterxml.jackson.annotation.JsonProperty;
import com.pinterest.teletraan.universal.security.bean.AuthZResource;

import org.apache.commons.lang.builder.ReflectionToStringBuilder;

import javax.annotation.Nonnull;
import javax.validation.constraints.NotEmpty;
import javax.validation.constraints.NotNull;

Expand All @@ -38,19 +41,23 @@ public class TokenRolesBean implements Updatable {
@JsonProperty("name")
private String script_name;

@NotEmpty
@JsonProperty("resource")
private String resource_id;

@NotNull
@JsonProperty("type")
private Resource.Type resource_type;
private AuthZResource.Type resource_type;

@NotEmpty
@JsonProperty("token")
private String token;

@NotNull
@JsonProperty("role")
private Role role;
private TeletraanPrincipalRole role;

@NotNull
@JsonProperty("expireDate")
private Long expire_date;

Expand All @@ -66,40 +73,40 @@ public String getScript_name() {
return script_name;
}

public void setScript_name(String script_name) {
this.script_name = script_name;
public void setScript_name(String scriptName) {
this.script_name = scriptName;
}

public String getResource_id() {
public @Nonnull String getResource_id() {
return resource_id;
}

public void setResource_id(String resource_id) {
this.resource_id = resource_id;
public void setResource_id(String resourceId) {
this.resource_id = resourceId;
}

public Resource.Type getResource_type() {
public AuthZResource.Type getResource_type() {
return resource_type;
}

public void setResource_type(Resource.Type resource_type) {
this.resource_type = resource_type;
public void setResource_type(AuthZResource.Type resourceType) {
this.resource_type = resourceType;
}

public Role getRole() {
public TeletraanPrincipalRole getRole() {
return role;
}

public void setRole(Role role) {
public void setRole(TeletraanPrincipalRole role) {
this.role = role;
}

public Long getExpire_date() {
return expire_date;
}

public void setExpire_date(Long expire_date) {
this.expire_date = expire_date;
public void setExpire_date(Long expireDate) {
this.expire_date = expireDate;
}

@Override
Expand Down
Loading

0 comments on commit 2bdc351

Please sign in to comment.