zydronium/google-nomulus
1
0
Fork 0
mirror of https://github.com/google/nomulus.git synced 2025-05-01 20:47:52 +02:00
Code Issues Projects Releases Packages Wiki Activity
google-nomulus/java/google/registry/rdap/RdapAuthorization.java
guyben d2ca67460c Allow admins read/write access to all registrar in web console 
This CL removes the "READ vs UPDATE" feature completely. Now anyone with access
has full read+write access.

We still keep track of which role a user has (did they get access "explicitly"
because they are an "allowed access" contact? Or do they have access because
they are admins?) for the logs and UI, and also so we could in the (very near)
future have features only available to admins.

-------------
Created by MOE: https://github.com/google/moe
MOE_MIGRATED_REVID=218169608
2018-10-22 19:08:09 -04:00

61 lines
1.9 KiB
Java
Raw Blame History

// Copyright 2017 The Nomulus Authors. All Rights Reserved.
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
// http://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
package google.registry.rdap;
import com.google.auto.value.AutoValue;
import com.google.common.collect.ImmutableSet;
import google.registry.model.ImmutableObject;
/** Authorization information for RDAP data access. */
@AutoValue
public abstract class RdapAuthorization extends ImmutableObject {
enum Role {
ADMINISTRATOR,
REGISTRAR,
PUBLIC
}
/** The role to be used for access. */
public abstract Role role();
/** The registrar client IDs for which access is granted (used only if the role is REGISTRAR. */
public abstract ImmutableSet<String> clientIds();
static RdapAuthorization create(Role role, String clientId) {
return new AutoValue_RdapAuthorization(role, ImmutableSet.of(clientId));
}
static RdapAuthorization create(Role role, ImmutableSet<String> clientIds) {
return new AutoValue_RdapAuthorization(role, clientIds);
}
boolean isAuthorizedForClientId(String clientId) {
switch (role()) {
case ADMINISTRATOR:
return true;
case REGISTRAR:
return clientIds().contains(clientId);
default:
return false;
}
}
public static final RdapAuthorization PUBLIC_AUTHORIZATION =
create(Role.PUBLIC, ImmutableSet.of());
public static final RdapAuthorization ADMINISTRATOR_AUTHORIZATION =
create(Role.ADMINISTRATOR, ImmutableSet.of());
}
Reference in a new issue View git blame Copy permalink