• Home
• org.apache.solr
• solr-core
• 9.6.0
• source code
• PermissionNameProvider.java

×

Project download

Many resources are needed to download a project. Please understand that we have to compensate our server costs. Thank you in advance.
Project price only 1 $

You can buy this project and download/modify it how often you want.

org.apache.solr.security.PermissionNameProvider Maven / Gradle / Ivy

/*
 * Licensed to the Apache Software Foundation (ASF) under one or more
 * contributor license agreements.  See the NOTICE file distributed with
 * this work for additional information regarding copyright ownership.
 * The ASF licenses this file to You under the Apache License, Version 2.0
 * (the "License"); you may not use this file except in compliance with
 * the License.  You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.apache.solr.security;

import static java.util.Arrays.asList;
import static java.util.Collections.singleton;
import static java.util.Collections.unmodifiableMap;
import static java.util.Collections.unmodifiableSet;
import static java.util.function.Function.identity;
import static java.util.stream.Collectors.toMap;

import java.util.HashSet;
import java.util.Map;
import java.util.Set;

/**
 * A requestHandler should implement this interface to provide the well known permission at request
 * time
 */
public interface PermissionNameProvider {
  // 'null' means the permission applies to system-level, while '*' means any collection
  @SuppressWarnings("ImmutableEnumChecker")
  enum Name {
    COLL_EDIT_PERM("collection-admin-edit", null),
    COLL_READ_PERM("collection-admin-read", null),
    CORE_READ_PERM("core-admin-read", null),
    CORE_EDIT_PERM("core-admin-edit", null),
    ZK_READ_PERM("zk-read", null),
    READ_PERM("read", "*"),
    UPDATE_PERM("update", "*"),
    CONFIG_EDIT_PERM("config-edit", unmodifiableSet(new HashSet<>(asList("*", null)))),
    CONFIG_READ_PERM("config-read", unmodifiableSet(new HashSet<>(asList("*", null)))),
    SCHEMA_READ_PERM("schema-read", "*"),
    SCHEMA_EDIT_PERM("schema-edit", "*"),
    SECURITY_EDIT_PERM("security-edit", null),
    SECURITY_READ_PERM("security-read", null),
    METRICS_READ_PERM("metrics-read", unmodifiableSet(new HashSet<>(asList("*", null)))),
    HEALTH_PERM("health", unmodifiableSet(new HashSet<>(asList("*", null)))),
    FILESTORE_READ_PERM("filestore-read", null),
    FILESTORE_WRITE_PERM("filestore-write", null),
    PACKAGE_EDIT_PERM("package-edit", null),
    PACKAGE_READ_PERM("package-read", null),

    ALL("all", unmodifiableSet(new HashSet<>(asList("*", null))));
    final String name;
    final Set collName;

    @SuppressWarnings({"unchecked"})
    Name(String s, Object collName) {
      name = s;
      this.collName =
          collName instanceof Set ? (Set) collName : singleton((String) collName);
    }

    public static Name get(String s) {
      return values.get(s);
    }

    public String getPermissionName() {
      return name;
    }
  }

  Set NULL = singleton(null);
  Set ANY = singleton("*");

  Map values =
      unmodifiableMap(
          asList(Name.values()).stream().collect(toMap(Name::getPermissionName, identity())));

  Name getPermissionName(AuthorizationContext request);
}