Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Feature/ldap rules in new core #414

Merged
merged 22 commits into from Mar 11, 2019

Conversation

Projects
None yet
3 participants
@coutoPL
Copy link
Contributor

coutoPL commented Mar 10, 2019

Reimplementation of LDAP rules in new experimental core.

coutoPL added some commits Mar 11, 2019

import scala.language.higherKinds

abstract class BaseDecoderTest[F[_] : Functor, A, B](decoder: ADecoder[F, A])
(implicit C: Comonad[F])
}

def downNonEmptyOptionalField(name: String): Decoder.Result[Option[NonEmptyString]] = {
import tech.beshu.ror.acl.factory.decoders.common.nonEmptyStringDecoder

This comment has been minimized.

|""".stripMargin,
assertion = errors => {
errors should have size 1
errors.head should be(RulesLevelCreationError(MalformedValue(

This comment has been minimized.

@codacy-bot
private class UnboundidSearchResultListener extends com.unboundid.ldap.sdk.AsyncSearchResultListener {
private val searchResultEntries = new AtomicReference(List.empty[SearchResultEntry])

private val promise = Promise[Either[SearchResult, List[SearchResultEntry]]]

This comment has been minimized.

new SingleServerSet(ldap.host, ldap.port, socketFactory(trustAllCerts), options)
case ConnectionMethod.SingleServer(ldap) =>
new SingleServerSet(ldap.host, ldap.port, options)
case ConnectionMethod.SeveralServers(hosts, HaMethod.Failover) if hosts.toNonEmptyList.head.isSecure =>

This comment has been minimized.

@codacy-bot
@@ -38,10 +39,11 @@ import tech.beshu.ror.acl.factory.decoders.ruleDecoders.ruleDecoderBy
import tech.beshu.ror.acl.logging.AuditingTool
import tech.beshu.ror.acl.orders._
import tech.beshu.ror.acl.utils.CirceOps.DecoderHelpers.FieldListResult.{FieldListValue, NoField}
import tech.beshu.ror.acl.utils.CirceOps.{DecoderHelpers, DecoderOps, DecodingFailureOps}
import tech.beshu.ror.acl.utils.CirceOps.{DecoderHelpers, DecodingFailureOps}

This comment has been minimized.

|""".stripMargin,
assertion = errors => {
errors should have size 1
errors.head should be(RulesLevelCreationError(Message("Cannot find LDAP service with name: ldap2")))

This comment has been minimized.

@codacy-bot
""".stripMargin,
assertion = { definitions =>
definitions.items should have size 2
val ldap1Service = definitions.items.head

This comment has been minimized.

@codacy-bot
@@ -53,6 +53,7 @@ class KibanaAccessRule(val settings: Settings)
// Any index, read op
else if (Matchers.roMatcher.`match`(requestContext.action)) Fulfilled(modifyMatched(blockContext))
else if (Matchers.clusterMatcher.`match`(requestContext.action)) Fulfilled(modifyMatched(blockContext))
else if (emptyIndicesMatch(requestContext)) Fulfilled(modifyMatched(blockContext))

This comment has been minimized.

|""".stripMargin,
assertion = errors => {
errors should have size 1
errors.head should be(RulesLevelCreationError(Message("Service: ldap1 cannot be used in 'ldap_authorization' rule")))

This comment has been minimized.

@codacy-bot
""".stripMargin,
assertion = { definitions =>
definitions.items should have size 1
val ldapService = definitions.items.head

This comment has been minimized.

@codacy-bot
|""".stripMargin,
assertion = errors => {
errors should have size 1
errors.head should be(RulesLevelCreationError(Message("Service: ldap1 cannot be used in 'ldap_auth' rule")))

This comment has been minimized.

@codacy-bot
|""".stripMargin,
assertion = errors => {
errors should have size 1
errors.head should be(RulesLevelCreationError(Message("Non empty list of groups are required")))

This comment has been minimized.

@codacy-bot
|""".stripMargin,
assertion = errors => {
errors should have size 1
errors.head should be(RulesLevelCreationError(Message("Cannot find LDAP service with name: ldap2")))

This comment has been minimized.

@codacy-bot
|""".stripMargin,
assertion = errors => {
errors should have size 1
errors.head should be(RulesLevelCreationError(MalformedValue(

This comment has been minimized.

@codacy-bot
// Only requested X-cluster when we don't have remote, will return empty.
val crossClusterIndices = requestContext.indices.filter(_.isClusterIndex)
if (requestContext.indices.nonEmpty && requestContext.indices.size == crossClusterIndices.size) {
return Fulfilled(blockContext)

This comment has been minimized.

@codacy-bot
(ldap, new SingleServerSet(ldap.host, ldap.port, socketFactory(connectionConfig.trustAllCerts), options)) :: Nil
case ConnectionMethod.SingleServer(ldap) =>
(ldap, new SingleServerSet(ldap.host, ldap.port, options)) :: Nil
case ConnectionMethod.SeveralServers(ldaps, _) if ldaps.toNonEmptyList.head.isSecure =>

This comment has been minimized.

@codacy-bot
.orElse(Try(UrlWithAuthority.parse(s"""//$value""")))
.toOption
.flatMap { url =>
if(url.path.nonEmpty) None

This comment has been minimized.

@sscarduzio

This comment has been minimized.

Copy link
Owner

sscarduzio commented Mar 11, 2019

Thank you, merging.

@sscarduzio sscarduzio merged commit 9992a58 into sscarduzio:master Mar 11, 2019

2 of 3 checks passed

Codacy/PR Quality Review Not up to standards. This pull request quality could be better.
Details
clahub All contributors have signed the Contributor License Agreement.
Details
continuous-integration/travis-ci/pr The Travis CI build passed
Details
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.