From 3063f27c13272a9214b5e39e286645168f9abfa1 Mon Sep 17 00:00:00 2001 From: Prashant Jaikumar Date: Fri, 1 Dec 2023 10:38:29 -0800 Subject: [PATCH] Add connection management permissions --- .../ldap/role/permission/RolePermission.java | 3 +++ .../role/permission/RolePermissionConverter.java | 13 +++++++++++-- 2 files changed, 14 insertions(+), 2 deletions(-) diff --git a/cdap-ldap-role/src/main/java/io/cdap/cdap/security/authorization/ldap/role/permission/RolePermission.java b/cdap-ldap-role/src/main/java/io/cdap/cdap/security/authorization/ldap/role/permission/RolePermission.java index cd3df00..2e5a7c0 100644 --- a/cdap-ldap-role/src/main/java/io/cdap/cdap/security/authorization/ldap/role/permission/RolePermission.java +++ b/cdap-ldap-role/src/main/java/io/cdap/cdap/security/authorization/ldap/role/permission/RolePermission.java @@ -118,4 +118,7 @@ public enum RolePermission { // Source Control Management @JsonProperty("Manage Source Control") MANAGE_SCM, + + @JsonProperty("Manage Connections") + MANAGE_SYSTEM_APP_ENTITIES } diff --git a/cdap-ldap-role/src/main/java/io/cdap/cdap/security/authorization/ldap/role/permission/RolePermissionConverter.java b/cdap-ldap-role/src/main/java/io/cdap/cdap/security/authorization/ldap/role/permission/RolePermissionConverter.java index 4acb5b2..1c6aa7b 100644 --- a/cdap-ldap-role/src/main/java/io/cdap/cdap/security/authorization/ldap/role/permission/RolePermissionConverter.java +++ b/cdap-ldap-role/src/main/java/io/cdap/cdap/security/authorization/ldap/role/permission/RolePermissionConverter.java @@ -102,7 +102,9 @@ public static List convertToEntityTypeWithPermission(R new EntityTypeWithPermission(EntityType.APPLICATION, StandardPermission.CREATE), new EntityTypeWithPermission(EntityType.DATASET, StandardPermission.CREATE), new EntityTypeWithPermission(EntityType.APPLICATION, StandardPermission.GET), - new EntityTypeWithPermission(EntityType.ARTIFACT, StandardPermission.GET) + new EntityTypeWithPermission(EntityType.ARTIFACT, StandardPermission.GET), + new EntityTypeWithPermission(EntityType.SYSTEM_APP_ENTITY, StandardPermission.CREATE), + new EntityTypeWithPermission(EntityType.SYSTEM_APP_ENTITY, StandardPermission.USE) ); case DELETE_PIPELINE: return Arrays.asList( @@ -157,7 +159,8 @@ public static List convertToEntityTypeWithPermission(R case USE_WRANGLER: return Arrays.asList( new EntityTypeWithPermission(EntityType.APPLICATION, StandardPermission.GET, true), - new EntityTypeWithPermission(EntityType.DATASET, StandardPermission.LIST, true) + new EntityTypeWithPermission(EntityType.DATASET, StandardPermission.LIST, true), + new EntityTypeWithPermission(EntityType.SYSTEM_APP_ENTITY, StandardPermission.USE) ); case MANAGE_SECURE_KEY: return Arrays.asList( @@ -172,6 +175,12 @@ public static List convertToEntityTypeWithPermission(R new EntityTypeWithPermission(EntityType.NAMESPACE, NamespacePermission.WRITE_REPOSITORY), new EntityTypeWithPermission(EntityType.NAMESPACE, NamespacePermission.UPDATE_REPOSITORY_METADATA) ); + case MANAGE_SYSTEM_APP_ENTITIES: + return Arrays.asList( + new EntityTypeWithPermission(EntityType.SYSTEM_APP_ENTITY, StandardPermission.CREATE), + new EntityTypeWithPermission(EntityType.SYSTEM_APP_ENTITY, StandardPermission.UPDATE), + new EntityTypeWithPermission(EntityType.SYSTEM_APP_ENTITY, StandardPermission.DELETE) + ); } Permission cdapPermission = getPermission(permission);