SecurityManagerExtensionTransformerRegistration.java

/*
 * JBoss, Home of Professional Open Source
 * Copyright 2016, Red Hat, Inc., and individual contributors as indicated
 * by the @authors tag.
 *
 * Licensed under the Apache License, Version 2.0 (the "License");
 * you may not use this file except in compliance with the License.
 * You may obtain a copy of the License at
 *
 * http://www.apache.org/licenses/LICENSE-2.0
 *
 * Unless required by applicable law or agreed to in writing, software
 * distributed under the License is distributed on an "AS IS" BASIS,
 * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
 * See the License for the specific language governing permissions and
 * limitations under the License.
 */

package org.wildfly.extension.security.manager;

import java.util.Map;

import org.jboss.as.controller.ModelVersion;
import org.jboss.as.controller.PathAddress;
import org.jboss.as.controller.transform.ExtensionTransformerRegistration;
import org.jboss.as.controller.transform.SubsystemTransformerRegistration;
import org.jboss.as.controller.transform.TransformationContext;
import org.jboss.as.controller.transform.description.RejectAttributeChecker;
import org.jboss.as.controller.transform.description.ResourceTransformationDescriptionBuilder;
import org.jboss.as.controller.transform.description.TransformationDescription;
import org.jboss.dmr.ModelNode;
import org.wildfly.extension.security.manager.logging.SecurityManagerLogger;

/**
 * @author Tomaz Cerar (c) 2016 Red Hat Inc.
 */
public class SecurityManagerExtensionTransformerRegistration implements ExtensionTransformerRegistration {
    private static final ModelVersion EAP_7_0_0_MODEL_VERSION = ModelVersion.create(2, 0, 0);

    @Override
    public String getSubsystemName() {
        return Constants.SUBSYSTEM_NAME;
    }

    /**
     * Registers the transformers for JBoss EAP 7.0.0.
     *
     * @param subsystemRegistration contains data about the subsystem registration
     */
    @Override
    public void registerTransformers(SubsystemTransformerRegistration subsystemRegistration) {
        ResourceTransformationDescriptionBuilder builder = ResourceTransformationDescriptionBuilder.Factory.createSubsystemInstance();
        builder.addChildResource(DeploymentPermissionsResourceDefinition.DEPLOYMENT_PERMISSIONS_PATH).
                getAttributeBuilder().addRejectCheck(new RejectAttributeChecker.DefaultRejectAttributeChecker() {

            @Override
            protected boolean rejectAttribute(PathAddress address, String attributeName, ModelNode value, TransformationContext context) {
                // reject the maximum set if it is defined and empty as that would result in complete incompatible policies
                // being used in nodes running earlier versions of the subsystem.
                if (value.isDefined() && value.asList().isEmpty()) { return true; }
                return false;
            }

            @Override
            public String getRejectionLogMessage(Map<String, ModelNode> attributes) {
                return SecurityManagerLogger.ROOT_LOGGER.rejectedEmptyMaximumSet();
            }
        }, DeploymentPermissionsResourceDefinition.MAXIMUM_PERMISSIONS);
        TransformationDescription.Tools.register(builder.build(), subsystemRegistration, EAP_7_0_0_MODEL_VERSION);
    }
}