Mercurial > hg > ThermostatQA

view templates/storage-config/thermostat-roles.properties @ 181:e37e710e45df

Find changesets by keywords (author, files, the commit message), revision number or hash, or revset expression.
added support for compatibility tests and some other improvements (generating thermostat config files from templates, posiblity to show @Before methods logs in report, ...) Changes: Makefile: - added targets new for compatibility testing (and report generation) src/org/thermostat/qa2/framework/utils/ThermostatUtilities.java: - all thermostat and storage configuration code moved from TestRunner to ThermostatUtilities class - webapp deployment (tomcat) is moved from makefile to testsuite (ThermostatUtilities class) - storage configuration files are now generated from templates, which are placed in templates directory - added helper methods, which make using thermostat shell simpler src/org/thermostat/qa2/framework/utils/ThermostatUtilities.java: - code needed for replacing patterns moved from reporters Generator class to CommonUtilities class (because it is now also used to generate config files from templates) src/org/thermostat/qa2/reporter/Generator.java: src/org/thermostat/qa2/reporter/LogParser.java: src/org/thermostat/qa2/reporter/result/TestClassResult.java: src/org/thermostat/qa2/framework/TestRunner.java - added possibility to show logs of methods annotaded with @Before annotation, when some of tests in that their test class failes src/org/thermostat/qa2/tests/DBCommandsHeapDumpTest.java: - code updated to use new methods from ThermostatUtilities class src/org/thermostat/qa2/framework/annotations/SetupStorage.java - it is now possible set SAVE_ON_EXIT property in agent.properties using this annotation src/org/thermostat/qa2/framework/services/ThermostatStorage.java - framework is now not waiting for timeout, when message about thermostat setup is displayed src/org/thermostat/qa2/framework/ThermostatQAConfig.java - added/updated to contain framework new configuration data, removed code not needed anymore templates/storage-config/* - added thermostat config files templates
author Zdenek Zambersky <zzambers@redhat.com>
date Fri, 15 May 2015 18:51:56 +0200
parents
children
line wrap: on
line source

# This file is used if the PropertiesUsernameRolesLoginModule is used
# as a delegate in the JAAS configuration *and* the 'roles.properties' option
# has not been specified for the login module.
#
# If that is the case, this file does two things:
#    1.  It maps user names to roles.
#    2.  Defines an optional recursive set of roles. This is useful in order to
#        define role sets. Users can then be members of such defined role sets.
#        Note that every line which does not have a user name (as defined in the
#        corresponding users.properties file) on the left hand side of the
#        equals sign ('='), represents a role.
#
# A user is assigned multiple roles by separating them by a comma ','. Every
# entity in this file which isn't a user name, will be implicitly defined as a
# role.
#
# Format is as follows:
#
# user1 = my-role, my-role2
# user2 = new-role, role1
# role1 = other-role
#
# Considering users 'user1' and 'user2' are defined in users.properties, the
# above would assign 'user1' the roles 'my-role' and 'my-role2'. 'user2' would
# be a member of 'new-role', 'role1' and 'other-role' (transitively via role1)
#
#
#
# Example recursive role definition allowed-to-do-everything agent-users. You
# can uncomment the following lines and assign your agent users this
# "thermostat-agent" role.
#thermostat-agent = thermostat-cmdc-verify, \
#                   thermostat-login, \
#                   thermostat-prepare-statement, \
#                   thermostat-purge, \
#                   thermostat-register-category, \
#                   thermostat-realm, \
#                   thermostat-save-file, \
#                   thermostat-write, \
#                   thermostat-files-grant-write-filename-ALL
#
# Example recursive role definition for allowed-to-see-everything client-users.
# You may uncomment the following lines and assign your client users this
# "thermostat-client" role. "thermostat-write" is needed by the notes plugin.
# It's okay to not grant this permissions, the notes functionality will not
# work.
#thermostat-client = thermostat-agents-grant-read-agentId-ALL, \
#                    thermostat-cmdc-generate, \
#                    thermostat-hosts-grant-read-hostname-ALL, \
#                    thermostat-load-file, \
#                    thermostat-login, \
#                    thermostat-prepare-statement, \
#                    thermostat-query, \
#                    thermostat-realm, \
#                    thermostat-register-category, \
#                    thermostat-vms-grant-read-username-ALL, \
#                    thermostat-vms-grant-read-vmId-ALL, \
#                    thermostat-files-grant-read-filename-ALL, \
#                    thermostat-write
#
# Example recursive role definition which allows thermostat users to
# use the clean-data command, which may perform global delete operations.
# Consider assigning this role to client users if they need to use the
# clean-data command. Note that other roles for thermostat client users
# grant read-only access - at various levels - only.
#thermostat-cmd-clean-data = thermostat-purge
#
# Example recursive role definition that grants all command channel privileges.
# You may uncomment the following lines and assign your client users this
# "thermostat-cmdc" role.
#thermostat-cmdc = thermostat-cmdc-grant-garbage-collect, \
#                  thermostat-cmdc-grant-dump-heap, \
#                  thermostat-cmdc-grant-thread-harvester, \
#                  thermostat-cmdc-grant-killvm, \
#                  thermostat-cmdc-grant-ping, \
#                  thermostat-cmdc-grant-jmx-toggle-notifications
# Roles for our two dev users
${AGENT_USERNAME}=thermostat-agent, thermostat-grant-write-files-all-agent
# client-tester needs thermostat-purge role for clean-data command to work
${CLIENT_USERNAME}=thermostat-grant-read-all-client, thermostat-cmdc, thermostat-purge
# Agent recursive role
thermostat-agent = thermostat-cmdc-verify, \
                   thermostat-login, \
                   thermostat-prepare-statement, \
                   thermostat-purge, \
                   thermostat-register-category, \
                   thermostat-realm, \
                   thermostat-save-file, \
                   thermostat-write
# Grant agent to write any file
thermostat-grant-write-files-all-agent = thermostat-files-grant-write-filename-ALL
                   
# Client recursive role (granting a client to read all data + all files)
thermostat-grant-read-all-client = thermostat-agents-grant-read-agentId-ALL, \
                    thermostat-cmdc-generate, \
                    thermostat-hosts-grant-read-hostname-ALL, \
                    thermostat-load-file, \
                    thermostat-login, \
                    thermostat-prepare-statement, \
                    thermostat-query, \
                    thermostat-realm, \
                    thermostat-register-category, \
                    thermostat-vms-grant-read-username-ALL, \
                    thermostat-vms-grant-read-vmId-ALL, \
                    thermostat-files-grant-read-filename-ALL, \
                    thermostat-write
# Grants all command channel operations
thermostat-cmdc = thermostat-cmdc-grant-garbage-collect, \
                  thermostat-cmdc-grant-dump-heap, \
                  thermostat-cmdc-grant-thread-harvester, \
                  thermostat-cmdc-grant-killvm, \
                  thermostat-cmdc-grant-profile-vm, \
                  thermostat-cmdc-grant-ping, \
                  thermostat-cmdc-grant-jmx-toggle-notifications