diff --git a/src/main/java/com/marklogic/appdeployer/ConfigDir.java b/src/main/java/com/marklogic/appdeployer/ConfigDir.java index d34d73a5..d4f3f5e6 100644 --- a/src/main/java/com/marklogic/appdeployer/ConfigDir.java +++ b/src/main/java/com/marklogic/appdeployer/ConfigDir.java @@ -243,4 +243,8 @@ public void setDefaultContentDatabaseFilename(String contentDatabaseFilename) { public File getProjectDir() { return projectDir; } + + public File getSecureCredentialsDir() { + return new File(getSecurityDir(), "secure-credentials"); + } } diff --git a/src/main/java/com/marklogic/appdeployer/command/CommandMapBuilder.java b/src/main/java/com/marklogic/appdeployer/command/CommandMapBuilder.java index 6a3cf7b3..ad4b0d39 100644 --- a/src/main/java/com/marklogic/appdeployer/command/CommandMapBuilder.java +++ b/src/main/java/com/marklogic/appdeployer/command/CommandMapBuilder.java @@ -145,6 +145,7 @@ private void addCommandsThatDoNotWriteToDatabases(Map> map securityCommands.add(new DeployCertificateAuthoritiesCommand()); securityCommands.add(new InsertCertificateHostsTemplateCommand()); securityCommands.add(new DeployExternalSecurityCommand()); + securityCommands.add(new DeploySecureCredentialsCommand()); securityCommands.add(new DeployPrivilegesCommand()); securityCommands.add(new DeployPrivilegeRolesCommand()); securityCommands.add(new DeployProtectedCollectionsCommand()); diff --git a/src/main/java/com/marklogic/appdeployer/command/SortOrderConstants.java b/src/main/java/com/marklogic/appdeployer/command/SortOrderConstants.java index cd2dbc77..3e17ba96 100644 --- a/src/main/java/com/marklogic/appdeployer/command/SortOrderConstants.java +++ b/src/main/java/com/marklogic/appdeployer/command/SortOrderConstants.java @@ -17,6 +17,7 @@ public abstract class SortOrderConstants { public static Integer INSERT_HOST_CERTIFICATES = 28; public static Integer DEPLOY_EXTERNAL_SECURITY = 35; + public static Integer DEPLOY_SECURE_CREDENTIALS = 36; public static Integer DEPLOY_PROTECTED_COLLECTIONS = 40; public static Integer DEPLOY_MIMETYPES = 45; diff --git a/src/main/java/com/marklogic/appdeployer/command/security/DeploySecureCredentialsCommand.java b/src/main/java/com/marklogic/appdeployer/command/security/DeploySecureCredentialsCommand.java new file mode 100644 index 00000000..b07e4425 --- /dev/null +++ b/src/main/java/com/marklogic/appdeployer/command/security/DeploySecureCredentialsCommand.java @@ -0,0 +1,27 @@ +package com.marklogic.appdeployer.command.security; + +import com.marklogic.appdeployer.command.AbstractResourceCommand; +import com.marklogic.appdeployer.command.CommandContext; +import com.marklogic.appdeployer.command.SortOrderConstants; +import com.marklogic.mgmt.resource.ResourceManager; +import com.marklogic.mgmt.resource.security.SecureCredentialsManager; + +import java.io.File; + +public class DeploySecureCredentialsCommand extends AbstractResourceCommand { + + public DeploySecureCredentialsCommand() { + setExecuteSortOrder(SortOrderConstants.DEPLOY_SECURE_CREDENTIALS); + setUndoSortOrder(SortOrderConstants.DEPLOY_SECURE_CREDENTIALS); + } + + @Override + protected File[] getResourceDirs(CommandContext context) { + return findResourceDirs(context, configDir -> configDir.getSecureCredentialsDir()); + } + + @Override + protected ResourceManager getResourceManager(CommandContext context) { + return new SecureCredentialsManager(context.getManageClient()); + } +} diff --git a/src/main/java/com/marklogic/mgmt/resource/security/SecureCredentialsManager.java b/src/main/java/com/marklogic/mgmt/resource/security/SecureCredentialsManager.java new file mode 100644 index 00000000..b69a94f6 --- /dev/null +++ b/src/main/java/com/marklogic/mgmt/resource/security/SecureCredentialsManager.java @@ -0,0 +1,20 @@ +package com.marklogic.mgmt.resource.security; + +import com.marklogic.mgmt.ManageClient; +import com.marklogic.mgmt.resource.AbstractResourceManager; + +public class SecureCredentialsManager extends AbstractResourceManager { + public SecureCredentialsManager(ManageClient client) { + super(client); + } + + @Override + public String getResourcesPath() { + return "/manage/v2/credentials/secure"; + } + + @Override + protected String getIdFieldName() { + return "name"; + } +} diff --git a/src/test/java/com/marklogic/appdeployer/command/security/DeploySecureCredentialsTest.java b/src/test/java/com/marklogic/appdeployer/command/security/DeploySecureCredentialsTest.java new file mode 100644 index 00000000..7ae57d4c --- /dev/null +++ b/src/test/java/com/marklogic/appdeployer/command/security/DeploySecureCredentialsTest.java @@ -0,0 +1,24 @@ +package com.marklogic.appdeployer.command.security; + +import com.marklogic.appdeployer.command.AbstractManageResourceTest; +import com.marklogic.appdeployer.command.Command; +import com.marklogic.mgmt.resource.ResourceManager; +import com.marklogic.mgmt.resource.security.SecureCredentialsManager; + +public class DeploySecureCredentialsTest extends AbstractManageResourceTest { + + @Override + protected ResourceManager newResourceManager() { + return new SecureCredentialsManager(manageClient); + } + + @Override + protected Command newCommand() { + return new DeploySecureCredentialsCommand(); + } + + @Override + protected String[] getResourceNames() { + return new String[]{"sec-creds1"}; + } +} diff --git a/src/test/resources/sample-app/src/main/ml-config/security/secure-credentials/secure-credentials-1.json b/src/test/resources/sample-app/src/main/ml-config/security/secure-credentials/secure-credentials-1.json new file mode 100644 index 00000000..0276531d --- /dev/null +++ b/src/test/resources/sample-app/src/main/ml-config/security/secure-credentials/secure-credentials-1.json @@ -0,0 +1,23 @@ +{ + "name": "sec-creds1", + "description": "Secure Credentials", + "username": "sample-app-jane", + "password": "password", + "signing": false, + "target": [ + { + "uri-pattern": "http://.*:8080/test/", + "authentication": "basic" + }, + { + "uri-pattern": "https://.*:443/test/", + "authentication": "basic" + } + ], + "permission": [ + { + "role-name": "rest-reader", + "capability": "read" + } + ] +}