public class RbacSanityCheckOperation extends Object implements OperationStepHandler
OperationStepHandler
to be executed at the end of stage MODEL to identify SOME situations where configuration
would lock out all remote access.
Due to role mapping using information from remote stores it is not possible to exhaustively verify that users will still be
assigned roles after a configuration change, however there are some configuration permutations where it is guaranteed no
roles can be assigned regardless of the user stores and we can detect and reject those configurations.Modifier and Type | Method and Description |
---|---|
static void |
addOperation(OperationContext context)
Add the operation at the end of Stage MODEL if this operation has not already been registered.
|
void |
execute(OperationContext context,
org.jboss.dmr.ModelNode operation)
Execute this step.
|
public void execute(OperationContext context, org.jboss.dmr.ModelNode operation) throws OperationFailedException
OperationStepHandler
context.getFailureDescription()
must be called, before calling one of the
context.completeStep variants
,
or an OperationFailedException
must be thrown.
If the operation succeeded, context.getResult()
should
be called and the result populated with the outcome, after which one of the
context.completeStep variants
must be called.
When this method is invoked the thread context classloader
will
be set to be the defining class loader of the class that implements this interface.
execute
in interface OperationStepHandler
context
- the operation contextoperation
- the operation being executedOperationFailedException
- if the operation failed before calling context.completeStep()
public static void addOperation(OperationContext context)
context
- - The OperationContext to use to register the step.Copyright © 2015 JBoss by Red Hat. All rights reserved.