Example 96 with NotFoundException
use of org.graylog2.database.NotFoundException in project graylog2-server by Graylog2.
the class UsersResource method editPermissions.
@PUT
@Path("{username}/permissions")
@RequiresPermissions(RestPermissions.USERS_PERMISSIONSEDIT)
@ApiOperation("Update a user's permission set.")
@ApiResponses({ @ApiResponse(code = 400, message = "Missing or invalid permission data.") })
@AuditEvent(type = AuditEventTypes.USER_PERMISSIONS_UPDATE)
public void editPermissions(@ApiParam(name = "username", value = "The name of the user to modify.", required = true) @PathParam("username") String username, @ApiParam(name = "JSON body", value = "The list of permissions to assign to the user.", required = true) @Valid @NotNull PermissionEditRequest permissionRequest) throws ValidationException {
final User user = userService.load(username);
if (user == null) {
throw new NotFoundException("Couldn't find user " + username);
}
user.setPermissions(getEffectiveUserPermissions(user, permissionRequest.permissions()));
userService.save(user);
}
Also used :
User(org.graylog2.plugin.database.users.User)
NotFoundException(javax.ws.rs.NotFoundException)
Path(javax.ws.rs.Path)
RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions)
ApiOperation(io.swagger.annotations.ApiOperation)
AuditEvent(org.graylog2.audit.jersey.AuditEvent)
PUT(javax.ws.rs.PUT)
ApiResponses(io.swagger.annotations.ApiResponses)
Example 97 with NotFoundException
use of org.graylog2.database.NotFoundException in project graylog2-server by Graylog2.
the class UsersResource method changeUser.
@PUT
@Path("{username}")
@ApiOperation("Modify user details.")
@ApiResponses({ @ApiResponse(code = 400, message = "Attempted to modify a read only user account (e.g. built-in or LDAP users)."), @ApiResponse(code = 400, message = "Missing or invalid user details.") })
@AuditEvent(type = AuditEventTypes.USER_UPDATE)
public void changeUser(@ApiParam(name = "username", value = "The name of the user to modify.", required = true) @PathParam("username") String username, @ApiParam(name = "JSON body", value = "Updated user information.", required = true) @Valid @NotNull ChangeUserRequest cr) throws ValidationException {
checkPermission(USERS_EDIT, username);
final User user = userService.load(username);
if (user == null) {
throw new NotFoundException("Couldn't find user " + username);
}
if (user.isReadOnly()) {
throw new BadRequestException("Cannot modify readonly user " + username);
}
// we only allow setting a subset of the fields in CreateStreamRuleRequest
if (cr.email() != null) {
user.setEmail(cr.email());
}
if (cr.fullName() != null) {
user.setFullName(cr.fullName());
}
final boolean permitted = isPermitted(USERS_PERMISSIONSEDIT, user.getName());
if (permitted && cr.permissions() != null) {
user.setPermissions(getEffectiveUserPermissions(user, cr.permissions()));
}
if (isPermitted(USERS_ROLESEDIT, user.getName())) {
setUserRoles(cr.roles(), user);
}
final String timezone = cr.timezone();
if (timezone == null) {
user.setTimeZone((String) null);
} else {
try {
if (timezone.isEmpty()) {
user.setTimeZone((String) null);
} else {
final DateTimeZone tz = DateTimeZone.forID(timezone);
user.setTimeZone(tz);
}
} catch (IllegalArgumentException e) {
LOG.error("Invalid timezone '{}', ignoring it for user {}.", timezone, username);
}
}
final Startpage startpage = cr.startpage();
if (startpage != null) {
user.setStartpage(startpage.type(), startpage.id());
}
if (isPermitted("*")) {
final Long sessionTimeoutMs = cr.sessionTimeoutMs();
if (sessionTimeoutMs != null && sessionTimeoutMs != 0) {
user.setSessionTimeoutMs(sessionTimeoutMs);
}
}
userService.save(user);
}
Also used :
User(org.graylog2.plugin.database.users.User)
Startpage(org.graylog2.rest.models.users.requests.Startpage)
NotFoundException(javax.ws.rs.NotFoundException)
BadRequestException(javax.ws.rs.BadRequestException)
DateTimeZone(org.joda.time.DateTimeZone)
Path(javax.ws.rs.Path)
ApiOperation(io.swagger.annotations.ApiOperation)
AuditEvent(org.graylog2.audit.jersey.AuditEvent)
PUT(javax.ws.rs.PUT)
ApiResponses(io.swagger.annotations.ApiResponses)
Example 98 with NotFoundException
use of org.graylog2.database.NotFoundException in project graylog2-server by Graylog2.
the class UsersResource method deletePermissions.
@DELETE
@Path("{username}/permissions")
@RequiresPermissions(RestPermissions.USERS_PERMISSIONSEDIT)
@ApiOperation("Revoke all permissions for a user without deleting the account.")
@ApiResponses({ @ApiResponse(code = 500, message = "When saving the user failed.") })
@AuditEvent(type = AuditEventTypes.USER_PERMISSIONS_DELETE)
public void deletePermissions(@ApiParam(name = "username", value = "The name of the user to modify.", required = true) @PathParam("username") String username) throws ValidationException {
final User user = userService.load(username);
if (user == null) {
throw new NotFoundException("Couldn't find user " + username);
}
user.setPermissions(Collections.emptyList());
userService.save(user);
}
Also used :
User(org.graylog2.plugin.database.users.User)
NotFoundException(javax.ws.rs.NotFoundException)
Path(javax.ws.rs.Path)
DELETE(javax.ws.rs.DELETE)
RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions)
ApiOperation(io.swagger.annotations.ApiOperation)
AuditEvent(org.graylog2.audit.jersey.AuditEvent)
ApiResponses(io.swagger.annotations.ApiResponses)
Example 99 with NotFoundException
use of org.graylog2.database.NotFoundException in project graylog2-server by Graylog2.
the class UsersResource method changePassword.
@PUT
@Path("{username}/password")
@ApiOperation("Update the password for a user.")
@ApiResponses({ @ApiResponse(code = 204, message = "The password was successfully updated. Subsequent requests must be made with the new password."), @ApiResponse(code = 400, message = "The new password is missing, or the old password is missing or incorrect."), @ApiResponse(code = 403, message = "The requesting user has insufficient privileges to update the password for the given user."), @ApiResponse(code = 404, message = "User does not exist.") })
@AuditEvent(type = AuditEventTypes.USER_PASSWORD_UPDATE)
public void changePassword(@ApiParam(name = "username", value = "The name of the user whose password to change.", required = true) @PathParam("username") String username, @ApiParam(name = "JSON body", value = "The old and new passwords.", required = true) @Valid ChangePasswordRequest cr) throws ValidationException {
final User user = userService.load(username);
if (user == null) {
throw new NotFoundException("Couldn't find user " + username);
}
if (!getSubject().isPermitted(RestPermissions.USERS_PASSWORDCHANGE + ":" + user.getName())) {
throw new ForbiddenException("Not allowed to change password for user " + username);
}
if (user.isExternalUser()) {
final String msg = "Cannot change password for LDAP user.";
LOG.error(msg);
throw new ForbiddenException(msg);
}
boolean checkOldPassword = true;
// the rationale is to prevent accidental or malicious change of admin passwords (e.g. to prevent locking out legitimate admins)
if (getSubject().isPermitted(RestPermissions.USERS_PASSWORDCHANGE + ":*")) {
if (username.equals(getSubject().getPrincipal())) {
LOG.debug("User {} is allowed to change the password of any user, but attempts to change own password. Must supply the old password.", getSubject().getPrincipal());
checkOldPassword = true;
} else {
LOG.debug("User {} is allowed to change the password for any user, including {}, ignoring old password", getSubject().getPrincipal(), username);
checkOldPassword = false;
}
}
boolean changeAllowed = false;
if (checkOldPassword) {
if (user.isUserPassword(cr.oldPassword())) {
changeAllowed = true;
}
} else {
changeAllowed = true;
}
if (changeAllowed) {
user.setPassword(cr.password());
userService.save(user);
} else {
throw new BadRequestException("Old password is missing or incorrect.");
}
}
Also used :
ForbiddenException(javax.ws.rs.ForbiddenException)
User(org.graylog2.plugin.database.users.User)
NotFoundException(javax.ws.rs.NotFoundException)
BadRequestException(javax.ws.rs.BadRequestException)
Path(javax.ws.rs.Path)
ApiOperation(io.swagger.annotations.ApiOperation)
AuditEvent(org.graylog2.audit.jersey.AuditEvent)
PUT(javax.ws.rs.PUT)
ApiResponses(io.swagger.annotations.ApiResponses)
Example 100 with NotFoundException
use of org.graylog2.database.NotFoundException in project graylog2-server by Graylog2.
the class InputsResource method create.
@POST
@Timed
@ApiOperation(value = "Launch input on this node", response = InputCreated.class)
@ApiResponses(value = { @ApiResponse(code = 404, message = "No such input type registered"), @ApiResponse(code = 400, message = "Missing or invalid configuration"), @ApiResponse(code = 400, message = "Type is exclusive and already has input running") })
@RequiresPermissions(RestPermissions.INPUTS_CREATE)
@AuditEvent(type = AuditEventTypes.MESSAGE_INPUT_CREATE)
public Response create(@ApiParam(name = "JSON body", required = true) @Valid @NotNull InputCreateRequest lr) throws ValidationException {
try {
// TODO Configuration type values need to be checked. See ConfigurationMapConverter.convertValues()
final MessageInput messageInput = messageInputFactory.create(lr, getCurrentUser().getName(), lr.node());
messageInput.checkConfiguration();
final Input input = this.inputService.create(messageInput.asMap());
final String newId = inputService.save(input);
final URI inputUri = getUriBuilderToSelf().path(InputsResource.class).path("{inputId}").build(newId);
return Response.created(inputUri).entity(InputCreated.create(newId)).build();
} catch (NoSuchInputTypeException e) {
LOG.error("There is no such input type registered.", e);
throw new NotFoundException("There is no such input type registered.", e);
} catch (ConfigurationException e) {
LOG.error("Missing or invalid input configuration.", e);
throw new BadRequestException("Missing or invalid input configuration.", e);
}
}
Also used :
Input(org.graylog2.inputs.Input)
MessageInput(org.graylog2.plugin.inputs.MessageInput)
ConfigurationException(org.graylog2.plugin.configuration.ConfigurationException)
MessageInput(org.graylog2.plugin.inputs.MessageInput)
NoSuchInputTypeException(org.graylog2.shared.inputs.NoSuchInputTypeException)
NotFoundException(javax.ws.rs.NotFoundException)
BadRequestException(javax.ws.rs.BadRequestException)
URI(java.net.URI)
RequiresPermissions(org.apache.shiro.authz.annotation.RequiresPermissions)
POST(javax.ws.rs.POST)
Timed(com.codahale.metrics.annotation.Timed)
ApiOperation(io.swagger.annotations.ApiOperation)
AuditEvent(org.graylog2.audit.jersey.AuditEvent)
ApiResponses(io.swagger.annotations.ApiResponses)
Aggregations
ApiOperation (io.swagger.annotations.ApiOperation)91
Timed (com.codahale.metrics.annotation.Timed)77
Path (javax.ws.rs.Path)75
ApiResponses (io.swagger.annotations.ApiResponses)66
AuditEvent (org.graylog2.audit.jersey.AuditEvent)60
Produces (javax.ws.rs.Produces)44
NotFoundException (org.graylog2.database.NotFoundException)32
GET (javax.ws.rs.GET)30
PUT (javax.ws.rs.PUT)28
BadRequestException (javax.ws.rs.BadRequestException)27
Stream (org.graylog2.plugin.streams.Stream)27
NotFoundException (javax.ws.rs.NotFoundException)26
Consumes (javax.ws.rs.Consumes)21
DELETE (javax.ws.rs.DELETE)21
POST (javax.ws.rs.POST)19
RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)15
MessageInput (org.graylog2.plugin.inputs.MessageInput)15
NoAuditEvent (org.graylog2.audit.jersey.NoAuditEvent)11
Input (org.graylog2.inputs.Input)11
ValidationException (org.graylog2.plugin.database.ValidationException)11
