Search in sources :

Example 16 with Subject

use of ddf.security.Subject in project ddf by codice.

the class FtpRequestHandler method store.

private FtpletResult store(FtpSession session, FtpRequest request, boolean isStoreUnique) throws FtpException, IOException {
    LOGGER.debug("Beginning FTP ingest of {}", request.getArgument());
    Subject shiroSubject = (Subject) session.getAttribute(SUBJECT);
    if (shiroSubject == null) {
        return FtpletResult.DISCONNECT;
    }
    FtpFile ftpFile = null;
    String fileName = request.getArgument();
    try {
        ftpFile = session.getFileSystemView().getFile(fileName);
    } catch (FtpException e) {
        LOGGER.debug("Failed to retrieve file from FTP session");
    }
    String requestTypeString = isStoreUnique ? STOU_REQUEST : STOR_REQUEST;
    if (ftpFile == null) {
        LOGGER.debug("Sending FTP status code 501 to client - syntax errors in request parameters");
        session.write(new DefaultFtpReply(FtpReply.REPLY_501_SYNTAX_ERROR_IN_PARAMETERS_OR_ARGUMENTS, requestTypeString));
        throw new FtpException("File to be transferred from client did not exist");
    }
    DataConnectionFactory connFactory = session.getDataConnection();
    if (connFactory instanceof IODataConnectionFactory) {
        InetAddress address = ((IODataConnectionFactory) connFactory).getInetAddress();
        if (address == null) {
            session.write(new DefaultFtpReply(FtpReply.REPLY_503_BAD_SEQUENCE_OF_COMMANDS, "PORT or PASV must be issued first"));
            LOGGER.debug("Sending FTP status code 503 to client - PORT or PASV must be issued before STOR");
            throw new FtpException("FTP client address was null");
        }
    }
    if (!ftpFile.isWritable()) {
        session.write(new DefaultFtpReply(FtpReply.REPLY_550_REQUESTED_ACTION_NOT_TAKEN, "Insufficient permissions"));
        LOGGER.debug("Sending FTP status code 550 to client - insufficient permissions to write file.");
        throw new FtpException("Insufficient permissions to write file");
    }
    session.write(new DefaultFtpReply(FtpReply.REPLY_150_FILE_STATUS_OKAY, requestTypeString + " " + fileName));
    LOGGER.debug("Replying to client with code 150 - file status okay");
    if (isDotFile(request.getArgument())) {
        DataConnection dataConnection;
        try {
            dataConnection = connFactory.openConnection();
        } catch (Exception e) {
            throw new IOException("Error getting the output stream from FTP session", e);
        }
        dataConnection.transferFromClient(session, addTempFileToSession(session, ftpFile.getAbsolutePath(), new TemporaryFileBackedOutputStream()));
        if (isStoreUnique) {
            session.write(new DefaultFtpReply(FtpReply.REPLY_125_DATA_CONNECTION_ALREADY_OPEN, "Storing data with unique name: " + fileName));
        }
        session.write(new DefaultFtpReply(FtpReply.REPLY_226_CLOSING_DATA_CONNECTION, "Closing data connection"));
        LOGGER.debug("Sending FTP status code 226 to client - closing data connection");
    } else {
        try (TemporaryFileBackedOutputStream outputStream = new TemporaryFileBackedOutputStream()) {
            DataConnection dataConnection = connFactory.openConnection();
            dataConnection.transferFromClient(session, outputStream);
            CreateStorageRequest createRequest = getCreateStorageRequest(fileName, outputStream);
            List<Metacard> storedMetacards = storeObject(shiroSubject, fileName, createRequest);
            if (isStoreUnique && !storedMetacards.isEmpty()) {
                String ids = storedMetacards.stream().map(Metacard::getId).collect(Collectors.joining(","));
                session.write(new DefaultFtpReply(FtpReply.REPLY_125_DATA_CONNECTION_ALREADY_OPEN, "Storing data with unique name: " + ids));
            }
            session.write(new DefaultFtpReply(FtpReply.REPLY_226_CLOSING_DATA_CONNECTION, "Closing data connection"));
            LOGGER.debug("Sending FTP status code 226 to client - closing data connection");
        } catch (FtpException fe) {
            throw new FtpException("Failure to create metacard for file " + fileName, fe);
        } catch (Exception e) {
            throw new IOException("Error getting the output stream from FTP session", e);
        } finally {
            session.getDataConnection().closeDataConnection();
        }
    }
    return FtpletResult.SKIP;
}
Also used : DataConnection(org.apache.ftpserver.ftplet.DataConnection) TemporaryFileBackedOutputStream(org.codice.ddf.platform.util.TemporaryFileBackedOutputStream) IODataConnectionFactory(org.apache.ftpserver.impl.IODataConnectionFactory) IOException(java.io.IOException) FtpFile(org.apache.ftpserver.ftplet.FtpFile) Subject(ddf.security.Subject) DefaultFtpReply(org.apache.ftpserver.ftplet.DefaultFtpReply) SourceUnavailableException(ddf.catalog.source.SourceUnavailableException) FtpException(org.apache.ftpserver.ftplet.FtpException) IngestException(ddf.catalog.source.IngestException) IOException(java.io.IOException) MimeTypeResolutionException(ddf.mime.MimeTypeResolutionException) DataConnectionFactory(org.apache.ftpserver.ftplet.DataConnectionFactory) IODataConnectionFactory(org.apache.ftpserver.impl.IODataConnectionFactory) Metacard(ddf.catalog.data.Metacard) FtpException(org.apache.ftpserver.ftplet.FtpException) InetAddress(java.net.InetAddress) CreateStorageRequest(ddf.catalog.content.operation.CreateStorageRequest)

Example 17 with Subject

use of ddf.security.Subject in project ddf by codice.

the class FtpRequestHandlerTest method testCreateStorageRequestFail.

@SuppressWarnings("unchecked")
@Test(expected = FtpException.class)
public void testCreateStorageRequestFail() throws Exception {
    Subject subject = mock(Subject.class);
    FtpFile ftpFile = mock(FtpFile.class);
    when(session.getAttribute(SUBJECT)).thenReturn(subject);
    when(request.getArgument()).thenReturn(FILE_NAME);
    when(session.getFileSystemView().getFile(FILE_NAME)).thenReturn(ftpFile);
    when(ftpFile.isWritable()).thenReturn(true);
    when(ftpFile.getAbsolutePath()).thenReturn(FILE_NAME);
    when(subject.execute(any(Callable.class))).thenAnswer(invocationOnMock -> ((Callable) invocationOnMock.getArguments()[0]).call());
    when(catalogFramework.create((CreateStorageRequest) anyObject())).thenThrow(new IngestException());
    ftplet.onUploadStart(session, request);
}
Also used : IngestException(ddf.catalog.source.IngestException) FtpFile(org.apache.ftpserver.ftplet.FtpFile) Subject(ddf.security.Subject) Callable(java.util.concurrent.Callable) Test(org.junit.Test)

Example 18 with Subject

use of ddf.security.Subject in project ddf by codice.

the class FtpRequestHandlerTest method testOnUploadStartNoClientAddress.

@Test(expected = FtpException.class)
public void testOnUploadStartNoClientAddress() throws FtpException, IOException {
    Subject subject = mock(Subject.class);
    IODataConnectionFactory dataConnectionFactory = mock(IODataConnectionFactory.class);
    when(session.getAttribute(SUBJECT)).thenReturn(subject);
    when(session.getDataConnection()).thenReturn(dataConnectionFactory);
    when(dataConnectionFactory.getInetAddress()).thenReturn(null);
    ftplet.onUploadStart(session, request);
}
Also used : IODataConnectionFactory(org.apache.ftpserver.impl.IODataConnectionFactory) Subject(ddf.security.Subject) Test(org.junit.Test)

Example 19 with Subject

use of ddf.security.Subject in project ddf by codice.

the class FtpRequestHandlerTest method testOnUploadStartNullFtpFile.

@Test(expected = FtpException.class)
public void testOnUploadStartNullFtpFile() throws FtpException, IOException {
    Subject subject = mock(Subject.class);
    when(request.getArgument()).thenReturn(FILE_NAME);
    when(session.getAttribute(SUBJECT)).thenReturn(subject);
    when(session.getFileSystemView().getFile(FILE_NAME)).thenReturn(null);
    ftplet.onUploadStart(session, request);
}
Also used : Subject(ddf.security.Subject) Test(org.junit.Test)

Example 20 with Subject

use of ddf.security.Subject in project ddf by codice.

the class SendEventTest method setUp.

@Before
public void setUp() throws Exception {
    System.setProperty("ddf.home", ".");
    callbackURI = new URL("https://localhost:12345/services/csw/subscription/event");
    ObjectFactory objectFactory = new ObjectFactory();
    request = new GetRecordsType();
    request.setOutputSchema(CswConstants.CSW_OUTPUT_SCHEMA);
    request.setResultType(ResultType.RESULTS);
    request.getResponseHandler().add(callbackURI.toString());
    queryType = new QueryType();
    elementSetNameType = new ElementSetNameType();
    elementSetNameType.setValue(ElementSetType.BRIEF);
    queryType.setElementSetName(elementSetNameType);
    request.setAbstractQuery(objectFactory.createAbstractQuery(queryType));
    transformerManager = mock(TransformerManager.class);
    transformer = mock(QueryResponseTransformer.class);
    binaryContent = mock(BinaryContent.class);
    when(transformerManager.getTransformerBySchema(Matchers.contains(CswConstants.CSW_OUTPUT_SCHEMA))).thenReturn(transformer);
    when(transformer.transform(any(SourceResponse.class), anyMap())).thenReturn(binaryContent);
    when(binaryContent.getByteArray()).thenReturn("byte array with message contents".getBytes());
    query = mock(QueryRequest.class);
    metacard = mock(Metacard.class);
    webclient = mock(WebClient.class);
    mockCxfClientFactory = mock(SecureCxfClientFactory.class);
    response = mock(Response.class);
    subject = mock(Subject.class);
    mockSecurity = mock(Security.class);
    headers.put(Subject.class.toString(), Arrays.asList(new Subject[] { subject }));
    AccessPlugin accessPlugin = mock(AccessPlugin.class);
    accessPlugins.add(accessPlugin);
    when(mockCxfClientFactory.getWebClient()).thenReturn(webclient);
    when(webclient.invoke(anyString(), any(QueryResponse.class))).thenReturn(response);
    when(response.getHeaders()).thenReturn(headers);
    when(accessPlugin.processPostQuery(any(QueryResponse.class))).thenAnswer(invocationOnMock -> invocationOnMock.getArguments()[0]);
    sendEvent = new SendEventExtension(transformerManager, request, query, mockCxfClientFactory);
    sendEvent.setSubject(subject);
}
Also used : TransformerManager(org.codice.ddf.spatial.ogc.csw.catalog.common.transformer.TransformerManager) SourceResponse(ddf.catalog.operation.SourceResponse) QueryRequest(ddf.catalog.operation.QueryRequest) SecureCxfClientFactory(org.codice.ddf.cxf.SecureCxfClientFactory) AccessPlugin(ddf.catalog.plugin.AccessPlugin) GetRecordsType(net.opengis.cat.csw.v_2_0_2.GetRecordsType) BinaryContent(ddf.catalog.data.BinaryContent) Security(org.codice.ddf.security.common.Security) WebClient(org.apache.cxf.jaxrs.client.WebClient) URL(java.net.URL) Subject(ddf.security.Subject) QueryResponse(ddf.catalog.operation.QueryResponse) SourceResponse(ddf.catalog.operation.SourceResponse) Response(javax.ws.rs.core.Response) Metacard(ddf.catalog.data.Metacard) ObjectFactory(net.opengis.cat.csw.v_2_0_2.ObjectFactory) QueryResponseTransformer(ddf.catalog.transform.QueryResponseTransformer) QueryResponse(ddf.catalog.operation.QueryResponse) ElementSetNameType(net.opengis.cat.csw.v_2_0_2.ElementSetNameType) QueryType(net.opengis.cat.csw.v_2_0_2.QueryType) Before(org.junit.Before)

Aggregations

Subject (ddf.security.Subject)94 Test (org.junit.Test)47 SecurityAssertion (ddf.security.assertion.SecurityAssertion)23 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)23 HashMap (java.util.HashMap)20 Metacard (ddf.catalog.data.Metacard)18 SecurityManager (ddf.security.service.SecurityManager)14 IOException (java.io.IOException)14 Serializable (java.io.Serializable)14 CollectionPermission (ddf.security.permission.CollectionPermission)13 ArrayList (java.util.ArrayList)12 Map (java.util.Map)12 CreateRequest (ddf.catalog.operation.CreateRequest)11 CreateRequestImpl (ddf.catalog.operation.impl.CreateRequestImpl)11 UnsupportedQueryException (ddf.catalog.source.UnsupportedQueryException)10 SecurityServiceException (ddf.security.service.SecurityServiceException)10 HashSet (java.util.HashSet)10 PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)9 Before (org.junit.Before)9 HttpServletRequest (javax.servlet.http.HttpServletRequest)8