• Home
• io.spinnaker.fiat
• fiat-roles
• 1.52.0
• source code
• BaseServiceAccountResourceProvider.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

com.netflix.spinnaker.fiat.providers.BaseServiceAccountResourceProvider Maven / Gradle / Ivy

package com.netflix.spinnaker.fiat.providers;

import com.netflix.spinnaker.fiat.model.resources.Role;
import com.netflix.spinnaker.fiat.model.resources.ServiceAccount;
import java.util.Collection;
import java.util.Collections;
import java.util.List;
import java.util.Set;
import java.util.stream.Collectors;
import lombok.NonNull;

public abstract class BaseServiceAccountResourceProvider
    extends BaseResourceProvider {
  private final Collection serviceAccountPredicateProviders;

  public BaseServiceAccountResourceProvider(
      Collection serviceAccountPredicateProviders) {
    this.serviceAccountPredicateProviders = serviceAccountPredicateProviders;
  }

  @Override
  public Set getAllRestricted(
      @NonNull String userId, @NonNull Set userRoles, boolean isAdmin)
      throws ProviderException {
    List userRoleNames = userRoles.stream().map(Role::getName).collect(Collectors.toList());
    return getAll().stream()
        .filter(svcAcct -> !svcAcct.getMemberOf().isEmpty())
        .filter(
            svcAcct ->
                serviceAccountPredicateProviders.stream()
                    .anyMatch(p -> p.get(userId, userRoleNames, isAdmin).test(svcAcct)))
        .collect(Collectors.toSet());
  }

  @Override
  public Set getAllUnrestricted() throws ProviderException {
    return Collections.emptySet();
  }
}