gremlin-server/src/test/java/org/apache/tinkerpop/gremlin/server/authz/AllowList.java - tinkerpop - Git at Google

 /*
  * Licensed to the Apache Software Foundation (ASF) under one
  * or more contributor license agreements.  See the NOTICE file
  * distributed with this work for additional information
  * regarding copyright ownership.  The ASF licenses this file
  * to you under the Apache License, Version 2.0 (the
  * "License"); you may not use this file except in compliance
  * with the License.  You may obtain a copy of the License at
  *
  * http://www.apache.org/licenses/LICENSE-2.0
  *
  * Unless required by applicable law or agreed to in writing,
  * software distributed under the License is distributed on an
  * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
  * KIND, either express or implied.  See the License for the
  * specific language governing permissions and limitations
  * under the License.
  */
 package org.apache.tinkerpop.gremlin.server.authz;

 import org.yaml.snakeyaml.TypeDescription;
 import org.yaml.snakeyaml.Yaml;
 import org.yaml.snakeyaml.constructor.Constructor;

 import java.io.File;
 import java.io.FileInputStream;
 import java.io.InputStream;
 import java.util.List;
 import java.util.Map;
 import java.util.Optional;


 /**
  * AllowList for the AllowListAuthorizer as configured by a YAML file.
  *
  * @author Marc de Lignie
  */
 public class AllowList {

     /**
      * Holds lists of groups by grant. A grant is either a TraversalSource name or the "sandbox" value. With the
      * sandbox grant users can access all TraversalSource instances and execute groovy scripts as string based
      * requests or as lambda functions, only limited by Gremlin Server's sandbox definition.
      */
     public Map<String, List<String>> grants;

     /**
      * Holds lists of user names by groupname. The "anonymous" user name can be used to denote any user.
      */
     public Map<String, List<String>> groups;

     /**
      * Read a configuration from a YAML file into an {@link AllowList} object.
      *
      * @param file the location of a AllowList YAML configuration file
      * @return An {@link Optional} object wrapping the created {@link AllowList}
      */
     public static AllowList read(final String file) throws Exception {
         final InputStream stream = new FileInputStream(new File(file));

         final Constructor constructor = new Constructor(AllowList.class);
         final TypeDescription allowListDescription = new TypeDescription(AllowList.class);
         allowListDescription.putMapPropertyType("grants", String.class, Object.class);
         allowListDescription.putMapPropertyType("groups", String.class, Object.class);
         constructor.addTypeDescription(allowListDescription);

         final Yaml yaml = new Yaml(constructor);
         return yaml.loadAs(stream, AllowList.class);
     }
 }
	/*
	* Licensed to the Apache Software Foundation (ASF) under one
	* or more contributor license agreements. See the NOTICE file
	* distributed with this work for additional information
	* regarding copyright ownership. The ASF licenses this file
	* to you under the Apache License, Version 2.0 (the
	* "License"); you may not use this file except in compliance
	* with the License. You may obtain a copy of the License at
	*
	* http://www.apache.org/licenses/LICENSE-2.0
	*
	* Unless required by applicable law or agreed to in writing,
	* software distributed under the License is distributed on an
	* "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
	* KIND, either express or implied. See the License for the
	* specific language governing permissions and limitations
	* under the License.
	*/
	package org.apache.tinkerpop.gremlin.server.authz;

	import org.yaml.snakeyaml.TypeDescription;
	import org.yaml.snakeyaml.Yaml;
	import org.yaml.snakeyaml.constructor.Constructor;

	import java.io.File;
	import java.io.FileInputStream;
	import java.io.InputStream;
	import java.util.List;
	import java.util.Map;
	import java.util.Optional;


	/**
	* AllowList for the AllowListAuthorizer as configured by a YAML file.
	*
	* @author Marc de Lignie
	*/
	public class AllowList {

	/**
	* Holds lists of groups by grant. A grant is either a TraversalSource name or the "sandbox" value. With the
	* sandbox grant users can access all TraversalSource instances and execute groovy scripts as string based
	* requests or as lambda functions, only limited by Gremlin Server's sandbox definition.
	*/
	public Map<String, List<String>> grants;

	/**
	* Holds lists of user names by groupname. The "anonymous" user name can be used to denote any user.
	*/
	public Map<String, List<String>> groups;

	/**
	* Read a configuration from a YAML file into an {@link AllowList} object.
	*
	* @param file the location of a AllowList YAML configuration file
	* @return An {@link Optional} object wrapping the created {@link AllowList}
	*/
	public static AllowList read(final String file) throws Exception {
	final InputStream stream = new FileInputStream(new File(file));

	final Constructor constructor = new Constructor(AllowList.class);
	final TypeDescription allowListDescription = new TypeDescription(AllowList.class);
	allowListDescription.putMapPropertyType("grants", String.class, Object.class);
	allowListDescription.putMapPropertyType("groups", String.class, Object.class);
	constructor.addTypeDescription(allowListDescription);

	final Yaml yaml = new Yaml(constructor);
	return yaml.loadAs(stream, AllowList.class);
	}
	}