Merge pull request #357 from atlanhq/DVX-74

Adds domain policy management for personas
atlanhq · Nov 30, 2023 · 4b9db55 · 4b9db55
2 parents 945c422 + 65b0843
commit 4b9db55
Show file tree

Hide file tree

Showing 4 changed files with 87 additions and 0 deletions.
diff --git a/sdk/src/main/java/com/atlan/model/assets/Persona.java b/sdk/src/main/java/com/atlan/model/assets/Persona.java
@@ -14,6 +14,7 @@
 import com.atlan.model.enums.AuthPolicyResourceCategory;
 import com.atlan.model.enums.AuthPolicyType;
 import com.atlan.model.enums.DataAction;
+import com.atlan.model.enums.PersonaDomainAction;
 import com.atlan.model.enums.PersonaGlossaryAction;
 import com.atlan.model.enums.PersonaMetadataAction;
 import com.atlan.model.fields.AtlanField;
@@ -659,6 +660,28 @@ public static List<Persona> findByName(AtlanClient client, String name, List<Atl
                 .accessControl(Persona.refByGuid(personaId));
     }
 
+    /**
+     * Builds the minimal object necessary to create a domain policy for a Persona.
+     *
+     * @param name of the policy
+     * @param personaId unique identifier (GUID) of the persona for which to create this metadata policy
+     * @param actions to include in the policy
+     * @param resources against which to apply the policy, given in the form {@code entity:qualifiedName} where the qualifiedName is for a domain or subdomain
+     * @return the minimal request necessary to create the metadata policy for the Persona, as a builder
+     */
+    public static AuthPolicy.AuthPolicyBuilder<?, ?> createDomainPolicy(
+            String name, String personaId, Collection<PersonaDomainAction> actions, Collection<String> resources) {
+        return AuthPolicy.creator(name)
+                .policyActions(actions)
+                .policyCategory(AuthPolicyCategory.PERSONA)
+                .policyType(AuthPolicyType.ALLOW)
+                .policyResources(resources)
+                .policyResourceCategory(AuthPolicyResourceCategory.CUSTOM)
+                .policyServiceName("atlas")
+                .policySubCategory("domain")
+                .accessControl(Persona.refByGuid(personaId));
+    }
+
     /**
      * Remove the system description from a Persona.
      *

diff --git a/sdk/src/main/java/com/atlan/model/enums/PersonaDomainAction.java b/sdk/src/main/java/com/atlan/model/enums/PersonaDomainAction.java
@@ -0,0 +1,38 @@
+/* SPDX-License-Identifier: Apache-2.0
+   Copyright 2022 Atlan Pte. Ltd. */
+package com.atlan.model.enums;
+
+import com.fasterxml.jackson.annotation.JsonValue;
+import lombok.Getter;
+
+public enum PersonaDomainAction implements AtlanEnum, AtlanPolicyAction {
+    CREATE_DOMAIN("persona-domain-create"),
+    READ_DOMAIN("persona-domain-read"),
+    UPDATE_DOMAIN("persona-domain-update"),
+    DELETE_DOMAIN("persona-domain-delete"),
+    CREATE_SUBDOMAIN("persona-domain-sub-domain-create"),
+    READ_SUBDOMAIN("persona-domain-sub-domain-read"),
+    UPDATE_SUBDOMAIN("persona-domain-sub-domain-update"),
+    DELETE_SUBDOMAIN("persona-domain-sub-domain-delete"),
+    CREATE_PRODUCTS("persona-domain-product-create"),
+    READ_PRODUCTS("persona-domain-product-read"),
+    UPDATE_PRODUCTS("persona-domain-product-update"),
+    DELETE_PRODUCTS("persona-domain-product-delete");
+
+    @JsonValue
+    @Getter(onMethod_ = {@Override})
+    private final String value;
+
+    PersonaDomainAction(String value) {
+        this.value = value;
+    }
+
+    public static PersonaDomainAction fromValue(String value) {
+        for (PersonaDomainAction b : PersonaDomainAction.values()) {
+            if (b.value.equals(value)) {
+                return b;
+            }
+        }
+        return null;
+    }
+}
diff --git a/sdk/src/main/resources/templates/Persona.ftl b/sdk/src/main/resources/templates/Persona.ftl
@@ -248,6 +248,31 @@
             .accessControl(Persona.refByGuid(personaId));
     }
 
+    /**
+     * Builds the minimal object necessary to create a domain policy for a Persona.
+     *
+     * @param name of the policy
+     * @param personaId unique identifier (GUID) of the persona for which to create this metadata policy
+     * @param actions to include in the policy
+     * @param resources against which to apply the policy, given in the form {@code entity:qualifiedName} where the qualifiedName is for a domain or subdomain
+     * @return the minimal request necessary to create the metadata policy for the Persona, as a builder
+     */
+    public static AuthPolicy.AuthPolicyBuilder<?, ?> createDomainPolicy(
+        String name,
+        String personaId,
+        Collection<PersonaDomainAction> actions,
+        Collection<String> resources) {
+        return AuthPolicy.creator(name)
+            .policyActions(actions)
+            .policyCategory(AuthPolicyCategory.PERSONA)
+            .policyType(AuthPolicyType.ALLOW)
+            .policyResources(resources)
+            .policyResourceCategory(AuthPolicyResourceCategory.CUSTOM)
+            .policyServiceName("atlas")
+            .policySubCategory("domain")
+            .accessControl(Persona.refByGuid(personaId));
+    }
+
     /**
      * Remove the system description from a ${className}.
      *

diff --git a/sdk/src/main/resources/templates/entity.ftl b/sdk/src/main/resources/templates/entity.ftl
@@ -35,6 +35,7 @@ import com.atlan.model.enums.AuthPolicyType;
 import com.atlan.model.enums.PersonaMetadataAction;
 import com.atlan.model.enums.PersonaGlossaryAction;
 import com.atlan.model.enums.PurposeMetadataAction;
+import com.atlan.model.enums.PersonaDomainAction;
 import com.atlan.model.enums.DataAction;
 import com.atlan.model.enums.CertificateStatus;
 import com.atlan.model.enums.KeywordFields;