Merge pull request #320 from joesondow/ASGARD-1163-auth-requirement-t…

…oggle Asgard-1163 - Auth requirement toggle
Netflix · Jun 17, 2013 · c7b2bc2 · c7b2bc2
2 parents d8db3f8 + 2937b3b
commit c7b2bc2
Show file tree

Hide file tree

Showing 6 changed files with 32 additions and 9 deletions.
diff --git a/grails-app/conf/AuthorizationFilters.groovy b/grails-app/conf/AuthorizationFilters.groovy
@@ -1,5 +1,19 @@
+/*
+ * Copyright 2013 Netflix, Inc.
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *     http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
 import com.netflix.asgard.plugin.AuthorizationProvider
-import org.apache.shiro.SecurityUtils
 
 /**
  * Invokes Shiro's access control if any of the configured {@link AuthorizationProvider} objects indicates the current

diff --git a/grails-app/conf/BootStrap.groovy b/grails-app/conf/BootStrap.groovy
@@ -1,6 +1,3 @@
-import com.netflix.asgard.FastProperty
-import grails.converters.JSON
-
 /*
  * Copyright 2012 Netflix, Inc.
  *
@@ -16,12 +13,13 @@ import grails.converters.JSON
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+import com.netflix.asgard.FastProperty
+import grails.converters.JSON
+
 class BootStrap {
 
-    def cacheLoadStartService
     def configService
     def initService
-    def monkeyPatcherService
 
     def init = { servletContext ->
         if (configService.appConfigured) { // Only start warming the caches if Asgard has been configured

diff --git a/grails-app/conf/SettingsFilters.groovy b/grails-app/conf/SettingsFilters.groovy
@@ -1,5 +1,3 @@
-import org.apache.shiro.SecurityUtils
-
 /*
  * Copyright 2012 Netflix, Inc.
  *
@@ -15,6 +13,7 @@ import org.apache.shiro.SecurityUtils
  * See the License for the specific language governing permissions and
  * limitations under the License.
  */
+import org.apache.shiro.SecurityUtils
 
 class SettingsFilters {
 

diff --git a/grails-app/services/com/netflix/asgard/ConfigService.groovy b/grails-app/services/com/netflix/asgard/ConfigService.groovy
@@ -27,6 +27,7 @@ class ConfigService {
     static transactional = false
 
     def grailsApplication
+    def flagService
 
     /**
      * Gets the most commonly used namespace for Amazon CloudWatch metrics used for auto scaling policies. If not
@@ -559,6 +560,9 @@ class ConfigService {
      * @return true if edit links should be hidden for unauthenticated users, false to show edit links to all users
      */
     boolean isAuthenticationRequiredForEdit() {
+        if (flagService.isOn(Flag.SUSPEND_AUTHENTICATION_REQUIREMENT)) {
+            return false
+        }
         grailsApplication.config.security?.authenticationRequiredForEdit ?: false
     }
 

diff --git a/grails-app/services/com/netflix/asgard/PluginService.groovy b/grails-app/services/com/netflix/asgard/PluginService.groovy
@@ -31,6 +31,7 @@ class PluginService implements ApplicationContextAware {
 
     ApplicationContext applicationContext
     ConfigService configService
+    FlagService flagService
 
     UserDataProvider getUserDataProvider() {
         String beanName = configService.getBeanNamesForPlugin(USER_DATA_PROVIDER) ?: 'defaultUserDataProvider'
@@ -46,6 +47,9 @@ class PluginService implements ApplicationContextAware {
      * @return The configured {@link AuthenticationProvider} Spring bean, null if one isn't configured.
      */
     AuthenticationProvider getAuthenticationProvider() {
+        if (flagService.isOn(Flag.SUSPEND_AUTHENTICATION_REQUIREMENT)) {
+            return null
+        }
         String beanName = configService.getBeanNamesForPlugin(AUTHENTICATION_PROVIDER)
         if (beanName) {
             return applicationContext.getBean(beanName) as AuthenticationProvider
@@ -56,6 +60,9 @@ class PluginService implements ApplicationContextAware {
      * @return A list of configured {@link AuthorizationProvider} Spring beans, empty list if none configured.
      */
     Collection<AuthorizationProvider> getAuthorizationProviders() {
+        if (flagService.isOn(Flag.SUSPEND_AUTHENTICATION_REQUIREMENT)) {
+            return []
+        }
         List<String> beanNames = configService.getBeanNamesForPlugin(AUTHORIZATION_PROVIDERS) ?: []
         beanNames.collect { applicationContext.getBean(it) as AuthorizationProvider }
     }

diff --git a/src/groovy/com/netflix/asgard/Flag.groovy b/src/groovy/com/netflix/asgard/Flag.groovy
@@ -17,7 +17,8 @@ package com.netflix.asgard
 
 enum Flag {
     SHORT_MAX_TIME_PER_BATCH,
-    SHORT_WAIT_FOR_EXTERNAL_MONITORING_SYSTEMS
+    SHORT_WAIT_FOR_EXTERNAL_MONITORING_SYSTEMS,
+    SUSPEND_AUTHENTICATION_REQUIREMENT
 
     static List<String> names() {
         Flag.values().collect { it.name() }