|
(→AHPSCRIPTS-74)
|
(→AHPSCRIPTS-72)
|
| Line 1196: | |||
| uow.commitAndClose();</pre> | uow.commitAndClose();</pre> | ||
| + | = Give All Roles Read Permission to All Agents = | ||
| + | *Here's an example of how to use the remoting library to make mass security changes. Naturally, you'll need to run this script with permissions that can see every agent and every role. For teams that find the new agent security in 3.5 annoying, this can be a great way to open up the permissions to those agents. All roles get read permissions to every agent, the "Build Master" role also gets "write" permissions to every agent. | ||
| + | ==== AHPSCRIPTS-86 ==== | ||
| + | <pre>import com.urbancode.anthill3.main.client.AnthillClient; | ||
| + | import com.urbancode.anthill3.persistence.UnitOfWork; | ||
| + | import com.urbancode.anthill3.domain.agent.*; | ||
| + | import com.urbancode.anthill3.domain.authentication.*; | ||
| + | import com.urbancode.anthill3.domain.security.*; | ||
| + | import java.util.*; | ||
| + | String serverHost = "myServerUrl"; | ||
| + | int serverPort = 4567; | ||
| + | String userName = "admin"; | ||
| + | String password = "enterThisOnCommandLine"; | ||
| + | //serverHost = bsh.args[0]; | ||
| + | //serverPort = Integer.parseInt(bsh.args[1]); | ||
| + | if (bsh.args.length != 2) { | ||
| + | print(""); | ||
| + | print("Invalid snyax. Please enter the command as: "); | ||
| + | print("ah3client createUser.bsh [user name] [password]"); | ||
| + | return 0; | ||
| + | } | ||
| + | userName = bsh.args[0]; | ||
| + | password = bsh.args[1]; | ||
| + | // obtain connection to the Anthill server | ||
| + | AnthillClient anthill = AnthillClient.connect(serverHost, serverPort, | ||
| + | userName, password); | ||
| + | // create a Unit of Work | ||
| + | UnitOfWork uow = anthill.createUnitOfWork(); | ||
| + | agentArray = AgentFactory.getInstance().restoreAllNotIgnored(); | ||
| + | allRolesArray = RoleFactory.getInstance().restoreAllActive(); | ||
| + | for (Agent agent: agentArray) { | ||
| + | boolean buildMasterHasWrite = false; | ||
| + | resource = ResourceFactory.getInstance().restoreForPersistent(agent); | ||
| + | |||
| + | // Determine roles don't have read access to an agent | ||
| + | HashSet roleWithoutReadPermSet = new HashSet(); | ||
| + | roleWithoutReadPermSet.addAll(Arrays.asList(allRolesArray)); | ||
| + | Permission[] permissions = PermissionFactory.getInstance().restoreAllForResource(resource); | ||
| + | for (Permission permission : permissions) { | ||
| + | Role role = permission.getRole(); | ||
| + | action = permission.getAction(); | ||
| + | if (!role.isUserRole() && role.isActive() && action.equals("read")) { | ||
| + | roleWithoutReadPermSet.remove(role); | ||
| + | } | ||
| + | else if (role.isUserRole() || !role.isActive()) { | ||
| + | roleWithoutReadPermSet.remove(role); | ||
| + | } | ||
| + | else if (role.getName().equals("Build Master") && action.equals("write")) { | ||
| + | buildMasterHasWrite = true; | ||
| + | } | ||
| + | } | ||
| + | |||
| + | // Create the missing Read Permissions | ||
| + | Iterator roleItr = roleWithoutReadPermSet.iterator(); | ||
| + | while (roleItr.hasNext()) { | ||
| + | Role role = roleItr.next(); | ||
| + | p = new Permission(true, resource, "read", role); | ||
| + | p.store(); | ||
| + | } | ||
| + | |||
| + | // Give Build Master Write Permission | ||
| + | if (!buildMasterHasWrite) { | ||
| + | Role bmRole = RoleFactory.getInstance().restoreForName("Build Master"); | ||
| + | p = new Permission(true, resource, "write", bmRole); | ||
| + | p.store(); | ||
| + | } | ||
| + | } | ||
| + | print("Committing Changes"); | ||
| + | uow.commitAndClose();</pre> | ||
