use of org.graylog2.plugin.database.users.User in project graylog2-server by Graylog2.
the class UserPermissionMigrationPeriodical method doRun.
@Override
public void doRun() {
final List<User> users = userService.loadAll();
final String adminRoleId = roleService.getAdminRoleObjectId();
final String readerRoleId = roleService.getReaderRoleObjectId();
for (User user : users) {
if (user.isLocalAdmin()) {
log.debug("Skipping local admin user.");
continue;
}
final Set<String> fixedPermissions = Sets.newHashSet();
final Set<String> fixedRoleIds = Sets.newHashSet(user.getRoleIds());
final Set<String> permissionSet = Sets.newHashSet(user.getPermissions());
boolean hasWildcardPermission = permissionSet.contains("*");
if (hasWildcardPermission && !user.getRoleIds().contains(adminRoleId)) {
// need to add the admin role to this user
fixedRoleIds.add(adminRoleId);
}
final Set<String> basePermissions = permissions.readerPermissions(user.getName());
final boolean hasCompleteReaderSet = permissionSet.containsAll(basePermissions);
// - it has the wildcard permissions
if (!user.getRoleIds().isEmpty() && hasCompleteReaderSet && hasWildcardPermission) {
log.debug("Not migrating user {}, it has already been migrated.", user.getName());
continue;
}
if (hasCompleteReaderSet && !user.getRoleIds().contains(readerRoleId)) {
// need to add the reader role to this user
fixedRoleIds.add(readerRoleId);
}
// filter out the individual permissions to dashboards and streams
final List<String> dashboardStreamPermissions = Lists.newArrayList(Sets.filter(permissionSet, permission -> !basePermissions.contains(permission) && !"*".equals(permission)));
// add the minimal permission set back to the user
fixedPermissions.addAll(permissions.userSelfEditPermissions(user.getName()));
fixedPermissions.addAll(dashboardStreamPermissions);
log.info("Migrating permissions to roles for user {} from permissions {} and roles {} to new permissions {} and roles {}", user.getName(), permissionSet, user.getRoleIds(), fixedPermissions, fixedRoleIds);
user.setRoleIds(fixedRoleIds);
user.setPermissions(Lists.newArrayList(fixedPermissions));
try {
userService.save(user);
} catch (ValidationException e) {
log.error("Unable to migrate user permissions for user " + user.getName(), e);
}
}
log.info("Marking user permission migration as done.");
clusterConfigService.write(UserPermissionMigrationState.create(true));
}
use of org.graylog2.plugin.database.users.User in project graylog2-server by Graylog2.
the class SyslogCodecTest method rfc3164_section5_4_messages.
@Test
public void rfc3164_section5_4_messages() {
// See https://tools.ietf.org/html/rfc3164#section-5.4
final Map<String, Map<String, Object>> rfc3164messages = ImmutableMap.of("<34>Oct 11 22:14:15 mymachine su: 'su root' failed for lonvick on /dev/pts/8", ImmutableMap.of("timestamp", new DateTime(YEAR + "-10-11T22:14:15"), "source", "mymachine", "level", 2, "facility", "security/authorization", "message", "mymachine su: 'su root' failed for lonvick on /dev/pts/8"), "<13>Feb 5 17:32:18 10.0.0.99 Use the BFG!", ImmutableMap.of("timestamp", new DateTime(YEAR + "-02-05T17:32:18"), "source", "10.0.0.99", "level", 5, "facility", "user-level", "message", "10.0.0.99 Use the BFG!"));
for (Map.Entry<String, Map<String, Object>> entry : rfc3164messages.entrySet()) {
final Message message = codec.decode(buildRawMessage(entry.getKey()));
assertThat(message).isNotNull();
assertThat(message.getFields()).containsAllEntriesOf(entry.getValue());
}
}
use of org.graylog2.plugin.database.users.User in project graylog2-server by Graylog2.
the class JsonExtractorTest method testRunWithFlattenedObjectAndDifferentKVSeparator.
@Test
public void testRunWithFlattenedObjectAndDifferentKVSeparator() throws Exception {
final JsonExtractor jsonExtractor = new JsonExtractor(new MetricRegistry(), "json", "title", 0L, Extractor.CursorStrategy.COPY, "source", "target", ImmutableMap.<String, Object>of("flatten", true, "kv_separator", ":"), "user", Collections.<Converter>emptyList(), Extractor.ConditionType.NONE, "");
final String value = "{\"object\": {\"text\": \"foobar\", \"number\": 1234.5678, \"bool\": true, \"nested\": {\"text\": \"foobar\"}}}";
final Extractor.Result[] results = jsonExtractor.run(value);
assertThat(results).contains(new Extractor.Result("text:foobar, number:1234.5678, bool:true, nested:{text=foobar}", "object", -1, -1));
}
use of org.graylog2.plugin.database.users.User in project graylog2-server by Graylog2.
the class JsonExtractorTest method testRunWithWhitespaceInNestedKey.
@Test
public void testRunWithWhitespaceInNestedKey() throws Exception {
final String value = "{\"foo\":{\"b a r\":{\"b a z\": 42}}}";
final JsonExtractor jsonExtractor = new JsonExtractor(new MetricRegistry(), "json", "title", 0L, Extractor.CursorStrategy.COPY, "source", "target", ImmutableMap.of("replace_key_whitespace", true, "key_whitespace_replacement", "-"), "user", Collections.emptyList(), Extractor.ConditionType.NONE, "");
assertThat(jsonExtractor.run(value)).containsOnly(new Extractor.Result(42, "foo_b-a-r_b-a-z", -1, -1));
}
use of org.graylog2.plugin.database.users.User in project graylog2-server by Graylog2.
the class RegexReplaceExtractorTest method testReplacementWithReplaceAll.
@Test
public void testReplacementWithReplaceAll() throws Exception {
final Message message = new Message("Foobar 123 Foobaz 456", "source", Tools.nowUTC());
final RegexReplaceExtractor extractor = new RegexReplaceExtractor(metricRegistry, "id", "title", 0L, Extractor.CursorStrategy.COPY, "message", "message", ImmutableMap.<String, Object>of("regex", "(\\w+) (\\d+)", "replacement", "$2/$1", "replace_all", true), "user", Collections.<Converter>emptyList(), Extractor.ConditionType.NONE, null);
extractor.runExtractor(message);
assertThat(message.getMessage()).isEqualTo("123/Foobar 456/Foobaz");
}
Aggregations