Tuesday, June 10, 2008

Security interface in Anthill - Adding permissions to N resources at a time

If I was to point one of the most annoying weaknesses in Anthill I would say that it is it's web interface when setting security.

There is no way to apply the security for several resources at once, or to apply several permission at once.

I had to add execution permission to our server operations team, but I didn't want to spend 1 hour opening all of the 20 projects and 60 workflows and add one by one.

So I decided to use remote scripting to achieved what I wanted. Remote scripting enables you to use Beanshell language with the AnthillPro API and add the permissions programatically.

The script that follows add a read permission to all projects and execution permission to all workflows that have deploy in its name. You can change it as you want to tailor it to your needs.

To execute it, you need to :
1) save it in a text file ("script.bsh", for example)
2) Get the remote scripting API at your local AHP server: http://subversion:18080/tools/remoting/anthill3-remoting.zip
3) Expand it and run your script using:
ah3client.cmd [file_name]



import com.urbancode.anthill3.main.client.AnthillClient;
import com.urbancode.anthill3.persistence.UnitOfWork;
import com.urbancode.anthill3.domain.project.*;
import com.urbancode.anthill3.domain.workflow.*;
import com.urbancode.anthill3.domain.security.*;

String serverHost = "server";
int serverPort = 4567;
String userName = "admin";
String password = "adminpasswd";
// obtain connection to the Anthill server
AnthillClient anthill = AnthillClient.connect(serverHost, serverPort,
userName, password);
// create a Unit of Work
UnitOfWork uow = anthill.createUnitOfWork();


String roleName = "Tech Lead"; // change to the name of the role you want to grant permission to
Role role = RoleFactory.getInstance().restoreForName(roleName);


//adding role permission to all deployment workflows
Project[] projects = ProjectFactory.getInstance().restoreAll();
for (int i = 0; i < projects.length; i++) {
Project project=projects[i];
//giving permission for the project
Resource resource =ResourceFactory.getInstance().restoreForPersistent(project);
Permission perm = new Permission(true, resource, "read",role);
perm.store();

Workflow[] workflowArray = project.getWorkflowArray();
for (int j = 0; j < workflowArray.length; j++) {
Workflow workflow = workflowArray[j];
if (workflow.getName().indexOf("deploy")>0) {
System.out.print("Adding server support permission to: "+project.getName()+" - "+workflow.getName()+"--"+workflow.getDescription());
System.out.println();
Resource resource =ResourceFactory.getInstance().restoreForPersistent(workflow);
Permission perm = new Permission(true, resource, Workflow.SEC_PERM_EXEC,role);
perm.store();
}
}

}
uow.commitAndClose();



Some more info here in the docs:
http://www.anthillpro.com/anthill3-help-3.5/html/ch46.html
Posted by Emerson at 8:29 AM
Labels: , ,

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)