public class RbacSanityCheckOperation extends Object implements OperationStepHandler
OperationStepHandler
to be executed at the end of stage MODEL to identify SOME situations where configuration
would lock out all remote access.
Due to role mapping using information from remote stores it is not possible to exhaustively verify that users will still be
assigned roles after a configuration change, however there are some configuration permutations where it is guaranteed no
roles can be assigned regardless of the user stores and we can detect and reject those configurations.Modifier and Type | Method and Description |
---|---|
static void |
addOperation(OperationContext context)
Add the operation at the end of Stage MODEL if this operation has not already been registered.
|
void |
execute(OperationContext context,
org.jboss.dmr.ModelNode operation)
Execute this step.
|
public void execute(OperationContext context, org.jboss.dmr.ModelNode operation) throws OperationFailedException
OperationStepHandler
context.getFailureDescription()
must be called, or an OperationFailedException
must be thrown.
If the operation succeeded and the operation provides a return value, context.getResult()
should
be called and the result populated with the outcome. If the handler wishes to take further action once the result
of the overall operation execution is known, one of the
context.completeStep variants
should be called to register a callback. The callback will not be invoked if this method throws an exception.
When this method is invoked the thread context classloader
will
be set to be the defining class loader of the class that implements this interface.
execute
in interface OperationStepHandler
context
- the operation contextoperation
- the operation being executedOperationFailedException
- if the operation failed before calling context.completeStep()
public static void addOperation(OperationContext context)
context
- - The OperationContext to use to register the step.Copyright © 2023 JBoss by Red Hat. All rights reserved.