RoleConfigCommand.java

/*
 * Copyright 2016 ThoughtWorks, Inc.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 *     http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package com.thoughtworks.go.config.update;

import com.thoughtworks.go.config.*;
import com.thoughtworks.go.config.commands.EntityConfigUpdateCommand;
import com.thoughtworks.go.config.materials.MaterialConfigs;
import com.thoughtworks.go.config.remote.ConfigReposConfig;
import com.thoughtworks.go.domain.packagerepository.PackageRepository;
import com.thoughtworks.go.domain.scm.SCM;
import com.thoughtworks.go.i18n.LocalizedMessage;
import com.thoughtworks.go.server.domain.Username;
import com.thoughtworks.go.server.service.GoConfigService;
import com.thoughtworks.go.server.service.result.LocalizedOperationResult;
import com.thoughtworks.go.serverhealth.HealthStateType;

abstract class RoleConfigCommand implements EntityConfigUpdateCommand<Role> {
    protected final GoConfigService goConfigService;
    protected final Role role;
    protected final Username currentUser;
    protected final LocalizedOperationResult result;
    protected Role preprocessedRole;

    public RoleConfigCommand(GoConfigService goConfigService, Role role, Username currentUser, LocalizedOperationResult result) {
        this.goConfigService = goConfigService;
        this.role = role;
        this.currentUser = currentUser;
        this.result = result;
    }

    @Override
    public void clearErrors() {
        BasicCruiseConfig.clearErrors(role);
    }

    @Override
    public Role getPreprocessedEntityConfig() {
        return preprocessedRole;
    }

    @Override
    public boolean canContinue(CruiseConfig cruiseConfig) {
        return isAuthorized();
    }

    @Override
    public boolean isValid(CruiseConfig preprocessedConfig) {
        preprocessedRole = preprocessedConfig.server().security().getRoles().findByNameAndType(role.getName(), role.getClass());

        if (!preprocessedRole.validateTree(validationContextWithSecurityConfig(preprocessedConfig))) {
            BasicCruiseConfig.copyErrors(preprocessedRole, role);
            return false;
        }

        return true;
    }

    protected ValidationContext validationContextWithSecurityConfig(final CruiseConfig preprocessedConfig) {
        return new ValidationContext() {
            @Override
            public ConfigReposConfig getConfigRepos() {
                return null;
            }

            @Override
            public boolean isWithinPipelines() {
                return false;
            }

            @Override
            public PipelineConfig getPipeline() {
                return null;
            }

            @Override
            public MaterialConfigs getAllMaterialsByFingerPrint(String fingerprint) {
                return null;
            }

            @Override
            public StageConfig getStage() {
                return null;
            }

            @Override
            public boolean isWithinTemplates() {
                return false;
            }

            @Override
            public String getParentDisplayName() {
                return null;
            }

            @Override
            public Validatable getParent() {
                return null;
            }

            @Override
            public JobConfig getJob() {
                return null;
            }

            @Override
            public PipelineConfigs getPipelineGroup() {
                return null;
            }

            @Override
            public PipelineTemplateConfig getTemplate() {
                return null;
            }

            @Override
            public PipelineConfig getPipelineConfigByName(CaseInsensitiveString pipelineName) {
                return null;
            }

            @Override
            public boolean shouldCheckConfigRepo() {
                return false;
            }

            @Override
            public SecurityConfig getServerSecurityConfig() {
                return preprocessedConfig.server().security();
            }

            @Override
            public boolean doesTemplateExist(CaseInsensitiveString template) {
                return false;
            }

            @Override
            public SCM findScmById(String scmID) {
                return null;
            }

            @Override
            public PackageRepository findPackageById(String packageId) {
                return null;
            }

            @Override
            public ValidationContext withParent(Validatable validatable) {
                return null;
            }

            @Override
            public boolean isValidProfileId(String profileId) {
                return false;
            }

            @Override
            public boolean shouldNotCheckRole() {
                return false;
            }
        };
    }

    final Role findExistingRole(CruiseConfig cruiseConfig) {
        return cruiseConfig.server().security().getRoles().findByName(role.getName());
    }

    protected final boolean isAuthorized() {
        if (goConfigService.isUserAdmin(currentUser)) {
            return true;
        }
        result.unauthorized(LocalizedMessage.string("UNAUTHORIZED_TO_EDIT"), HealthStateType.unauthorised());
        return false;
    }

}