import java.util.Set;
import java.util.concurrent.ConcurrentMap;
+import org.opendaylight.controller.containermanager.IContainerAuthorization;
import org.opendaylight.controller.sal.authorization.AppRoleLevel;
import org.opendaylight.controller.sal.authorization.IResourceAuthorization;
import org.opendaylight.controller.sal.authorization.Privilege;
"Controller roles cannot be explicitely "
+ "created in App context");
}
+ if (isContainerRole(role)) {
+ return new Status(StatusCode.NOTALLOWED,
+ "Container roles cannot be explicitely "
+ + "created in App context");
+ }
if (isRoleInUse(role)) {
return new Status(StatusCode.CONFLICT, "Role already in use");
}
return new Status(StatusCode.NOTALLOWED,
"Controller roles cannot be removed");
}
-
+ if (isContainerRole(role)) {
+ return new Status(StatusCode.NOTALLOWED,
+ "Container roles cannot be removed");
+ }
return removeRoleInternal(role);
}
.equals(UserLevel.NETWORKOPERATOR.toString()));
}
+ private boolean isContainerRole(String role) {
+ IContainerAuthorization containerAuth = (IContainerAuthorization) ServiceHelper.getGlobalInstance(
+ IContainerAuthorization.class, this);
+ if (containerAuth == null) {
+ return false;
+ }
+ return containerAuth.isApplicationRole(role);
+ }
+
private boolean isRoleInUse(String role) {
IUserManager userManager = (IUserManager) ServiceHelper
.getGlobalInstance(IUserManager.class, this);