<configuration>
<instructions>
<Import-Package>
+ org.opendaylight.controller.containermanager,
org.opendaylight.controller.sal.authorization,
org.opendaylight.controller.sal.utils,
org.opendaylight.controller.usermanager,
org.slf4j,
org.apache.felix.dm,
- org.apache.commons.lang3.builder,
- org.eclipse.osgi.framework.console
</Import-Package>
<Export-Package>
org.opendaylight.controller.appauth,
<artifactId>sal</artifactId>
<version>0.5.1-SNAPSHOT</version>
</dependency>
+ <dependency>
+ <groupId>org.opendaylight.controller</groupId>
+ <artifactId>containermanager</artifactId>
+ <version>0.5.1-SNAPSHOT</version>
+ </dependency>
<dependency>
<groupId>org.opendaylight.controller</groupId>
<artifactId>usermanager</artifactId>
import java.util.Set;
import java.util.concurrent.ConcurrentMap;
+import org.opendaylight.controller.containermanager.IContainerAuthorization;
import org.opendaylight.controller.sal.authorization.AppRoleLevel;
import org.opendaylight.controller.sal.authorization.IResourceAuthorization;
import org.opendaylight.controller.sal.authorization.Privilege;
"Controller roles cannot be explicitely "
+ "created in App context");
}
+ if (isContainerRole(role)) {
+ return new Status(StatusCode.NOTALLOWED,
+ "Container roles cannot be explicitely "
+ + "created in App context");
+ }
if (isRoleInUse(role)) {
return new Status(StatusCode.CONFLICT, "Role already in use");
}
return new Status(StatusCode.NOTALLOWED,
"Controller roles cannot be removed");
}
-
+ if (isContainerRole(role)) {
+ return new Status(StatusCode.NOTALLOWED,
+ "Container roles cannot be removed");
+ }
return removeRoleInternal(role);
}
.equals(UserLevel.NETWORKOPERATOR.toString()));
}
+ private boolean isContainerRole(String role) {
+ IContainerAuthorization containerAuth = (IContainerAuthorization) ServiceHelper.getGlobalInstance(
+ IContainerAuthorization.class, this);
+ if (containerAuth == null) {
+ return false;
+ }
+ return containerAuth.isApplicationRole(role);
+ }
+
private boolean isRoleInUse(String role) {
IUserManager userManager = (IUserManager) ServiceHelper
.getGlobalInstance(IUserManager.class, this);