gschueler · March 29, 2013 22:30
diff --git a/EvalAuth.java b/EvalAuth.java
 package com.dtolabs.rundeck.core.authorization;

 import com.dtolabs.rundeck.core.Constants;
 import com.dtolabs.rundeck.core.authentication.Group;
 import com.dtolabs.rundeck.core.authentication.Username;
 import com.dtolabs.rundeck.core.authorization.providers.EnvironmentalContext;
 import com.dtolabs.rundeck.core.authorization.providers.PoliciesParseException;
 import com.dtolabs.rundeck.core.common.Framework;

 import javax.security.auth.Subject;
 import java.io.BufferedReader;
 import java.io.File;
 import java.io.IOException;
 import java.io.InputStreamReader;
 import java.net.URI;
 import java.util.*;

 /**
 * Created with IntelliJ IDEA.
 * User: greg
 * Date: 3/13/13
 * Time: 6:27 PM
 * To change this template use File | Settings | File Templates.
 */
 public class EvalAuth {
    public static void main(String... args) throws IOException, PoliciesParseException {
        doTest(args);
    }

    public static void doTest(String... args) throws IOException, PoliciesParseException {
        int i = 0;
        String rdeckbase = args[i++];
        String projectName = args[i++];

        String user = args[i++];
        String[] roles = args[i++].split(",\\s*");

        Framework framework = buildFramework(rdeckbase);
        SingleUserAclsAuthorization singleUserAclsAuthorization = new SingleUserAclsAuthorization(framework,
                new File(Constants.getFrameworkConfigDir(rdeckbase)), rdeckbase, roles);

        String[] actions = args[i++].split(",\\s*");
 //        String action = args[i++];
        HashSet<String> actionSet = new HashSet<String>(Arrays.asList(actions));

        Map<String, String> resmap = new HashMap<String, String>();
        for (; i < args.length; i++) {
            String[] z = args[i].split("[=:]", 2);
            if (z.length > 1) {
                resmap.put(z[0], z[1]);
            }
        }
        Set<Map<String, String>> resmapset = new HashSet<Map<String, String>>();

        resmapset.add(resmap);
        Set<Attribute> attributes;
        if (projectName.equalsIgnoreCase("--application")) {
            attributes = Collections.singleton(new Attribute(URI.create(EnvironmentalContext.URI_BASE + "application"), "rundeck"));
        } else {
            attributes = Collections.singleton(new Attribute(URI.create(EnvironmentalContext.URI_BASE + "project"), projectName));
        }
        Subject subject = createSubject(user, roles);
        Set<Decision> evaluate = singleUserAclsAuthorization.evaluate(resmapset, subject, actionSet, attributes);
        System.out.println("Evaluate: " + evaluate);

    }



    private static Subject createSubject(String user, String[] rolelist) {
        Subject subject = new Subject();
        subject.getPrincipals().add(new Username(user));
        for (String s : rolelist) {
            subject.getPrincipals().add(new Group(s));
        }
        return subject;
    }

    private static Framework buildFramework(String rdeckbase) {
        return Framework.getInstance(rdeckbase);
    }

    public static class SingleUserAclsAuthorization extends BaseAclsAuthorization {

        private String username;
        private String[] roles;

        public SingleUserAclsAuthorization(final Framework framework, final File basedir, String username, String[] roles)
                throws IOException, PoliciesParseException {
            super(framework, basedir);
            this.username = username;
            this.roles = roles;
        }

        public String[] determineUserRoles(String user) {
            if (username.equals(user)) {
                return roles;
            } else {
                return new String[0];

            }
        }

 //        public String cacheReport() {
 //            return this.authorization.cacheReport().toString();
 //        }
    }
 }
	package com.dtolabs.rundeck.core.authorization;

	import com.dtolabs.rundeck.core.Constants;
	import com.dtolabs.rundeck.core.authentication.Group;
	import com.dtolabs.rundeck.core.authentication.Username;
	import com.dtolabs.rundeck.core.authorization.providers.EnvironmentalContext;
	import com.dtolabs.rundeck.core.authorization.providers.PoliciesParseException;
	import com.dtolabs.rundeck.core.common.Framework;

	import javax.security.auth.Subject;
	import java.io.BufferedReader;
	import java.io.File;
	import java.io.IOException;
	import java.io.InputStreamReader;
	import java.net.URI;
	import java.util.*;

	/**
	* Created with IntelliJ IDEA.
	* User: greg
	* Date: 3/13/13
	* Time: 6:27 PM
	* To change this template use File \| Settings \| File Templates.
	*/
	public class EvalAuth {
	public static void main(String... args) throws IOException, PoliciesParseException {
	doTest(args);
	}

	public static void doTest(String... args) throws IOException, PoliciesParseException {
	int i = 0;
	String rdeckbase = args[i++];
	String projectName = args[i++];

	String user = args[i++];
	String[] roles = args[i++].split(",\\s*");

	Framework framework = buildFramework(rdeckbase);
	SingleUserAclsAuthorization singleUserAclsAuthorization = new SingleUserAclsAuthorization(framework,
	new File(Constants.getFrameworkConfigDir(rdeckbase)), rdeckbase, roles);

	String[] actions = args[i++].split(",\\s*");
	// String action = args[i++];
	HashSet<String> actionSet = new HashSet<String>(Arrays.asList(actions));

	Map<String, String> resmap = new HashMap<String, String>();
	for (; i < args.length; i++) {
	String[] z = args[i].split("[=:]", 2);
	if (z.length > 1) {
	resmap.put(z[0], z[1]);
	}
	}
	Set<Map<String, String>> resmapset = new HashSet<Map<String, String>>();

	resmapset.add(resmap);
	Set<Attribute> attributes;
	if (projectName.equalsIgnoreCase("--application")) {
	attributes = Collections.singleton(new Attribute(URI.create(EnvironmentalContext.URI_BASE + "application"), "rundeck"));
	} else {
	attributes = Collections.singleton(new Attribute(URI.create(EnvironmentalContext.URI_BASE + "project"), projectName));
	}
	Subject subject = createSubject(user, roles);
	Set<Decision> evaluate = singleUserAclsAuthorization.evaluate(resmapset, subject, actionSet, attributes);
	System.out.println("Evaluate: " + evaluate);

	}



	private static Subject createSubject(String user, String[] rolelist) {
	Subject subject = new Subject();
	subject.getPrincipals().add(new Username(user));
	for (String s : rolelist) {
	subject.getPrincipals().add(new Group(s));
	}
	return subject;
	}

	private static Framework buildFramework(String rdeckbase) {
	return Framework.getInstance(rdeckbase);
	}

	public static class SingleUserAclsAuthorization extends BaseAclsAuthorization {

	private String username;
	private String[] roles;

	public SingleUserAclsAuthorization(final Framework framework, final File basedir, String username, String[] roles)
	throws IOException, PoliciesParseException {
	super(framework, basedir);
	this.username = username;
	this.roles = roles;
	}

	public String[] determineUserRoles(String user) {
	if (username.equals(user)) {
	return roles;
	} else {
	return new String[0];

	}
	}

	// public String cacheReport() {
	// return this.authorization.cacheReport().toString();
	// }
	}
	}