Example 1 with User
use of org.graylog2.plugin.database.users.User in project graylog2-server by Graylog2.
the class UserPermissionMigrationPeriodical method doRun.
@Override
public void doRun() {
final List<User> users = userService.loadAll();
final String adminRoleId = roleService.getAdminRoleObjectId();
final String readerRoleId = roleService.getReaderRoleObjectId();
for (User user : users) {
if (user.isLocalAdmin()) {
log.debug("Skipping local admin user.");
continue;
}
final Set<String> fixedPermissions = Sets.newHashSet();
final Set<String> fixedRoleIds = Sets.newHashSet(user.getRoleIds());
final Set<String> permissionSet = Sets.newHashSet(user.getPermissions());
boolean hasWildcardPermission = permissionSet.contains("*");
if (hasWildcardPermission && !user.getRoleIds().contains(adminRoleId)) {
// need to add the admin role to this user
fixedRoleIds.add(adminRoleId);
}
final Set<String> basePermissions = permissions.readerPermissions(user.getName());
final boolean hasCompleteReaderSet = permissionSet.containsAll(basePermissions);
// - it has the wildcard permissions
if (!user.getRoleIds().isEmpty() && hasCompleteReaderSet && hasWildcardPermission) {
log.debug("Not migrating user {}, it has already been migrated.", user.getName());
continue;
}
if (hasCompleteReaderSet && !user.getRoleIds().contains(readerRoleId)) {
// need to add the reader role to this user
fixedRoleIds.add(readerRoleId);
}
// filter out the individual permissions to dashboards and streams
final List<String> dashboardStreamPermissions = Lists.newArrayList(Sets.filter(permissionSet, permission -> !basePermissions.contains(permission) && !"*".equals(permission)));
// add the minimal permission set back to the user
fixedPermissions.addAll(permissions.userSelfEditPermissions(user.getName()));
fixedPermissions.addAll(dashboardStreamPermissions);
log.info("Migrating permissions to roles for user {} from permissions {} and roles {} to new permissions {} and roles {}", user.getName(), permissionSet, user.getRoleIds(), fixedPermissions, fixedRoleIds);
user.setRoleIds(fixedRoleIds);
user.setPermissions(Lists.newArrayList(fixedPermissions));
try {
userService.save(user);
} catch (ValidationException e) {
log.error("Unable to migrate user permissions for user " + user.getName(), e);
}
}
log.info("Marking user permission migration as done.");
clusterConfigService.write(UserPermissionMigrationState.create(true));
}
Also used :
Logger(org.slf4j.Logger)
RoleService(org.graylog2.users.RoleService)
LoggerFactory(org.slf4j.LoggerFactory)
Set(java.util.Set)
Sets(com.google.common.collect.Sets)
Inject(javax.inject.Inject)
Periodical(org.graylog2.plugin.periodical.Periodical)
List(java.util.List)
Lists(com.google.common.collect.Lists)
ClusterConfigService(org.graylog2.plugin.cluster.ClusterConfigService)
UserService(org.graylog2.shared.users.UserService)
Predicate(com.google.common.base.Predicate)
ValidationException(org.graylog2.plugin.database.ValidationException)
UserPermissionMigrationState(org.graylog2.cluster.UserPermissionMigrationState)
User(org.graylog2.plugin.database.users.User)
Permissions(org.graylog2.shared.security.Permissions)
User(org.graylog2.plugin.database.users.User)
ValidationException(org.graylog2.plugin.database.ValidationException)
Example 2 with User
use of org.graylog2.plugin.database.users.User in project graylog2-server by Graylog2.
the class SyslogCodecTest method rfc3164_section5_4_messages.
@Test
public void rfc3164_section5_4_messages() {
// See https://tools.ietf.org/html/rfc3164#section-5.4
final Map<String, Map<String, Object>> rfc3164messages = ImmutableMap.of("<34>Oct 11 22:14:15 mymachine su: 'su root' failed for lonvick on /dev/pts/8", ImmutableMap.of("timestamp", new DateTime(YEAR + "-10-11T22:14:15"), "source", "mymachine", "level", 2, "facility", "security/authorization", "message", "mymachine su: 'su root' failed for lonvick on /dev/pts/8"), "<13>Feb 5 17:32:18 10.0.0.99 Use the BFG!", ImmutableMap.of("timestamp", new DateTime(YEAR + "-02-05T17:32:18"), "source", "10.0.0.99", "level", 5, "facility", "user-level", "message", "10.0.0.99 Use the BFG!"));
for (Map.Entry<String, Map<String, Object>> entry : rfc3164messages.entrySet()) {
final Message message = codec.decode(buildRawMessage(entry.getKey()));
assertThat(message).isNotNull();
assertThat(message.getFields()).containsAllEntriesOf(entry.getValue());
}
}
Also used :
RawMessage(org.graylog2.plugin.journal.RawMessage)
Message(org.graylog2.plugin.Message)
Map(java.util.Map)
ImmutableMap(com.google.common.collect.ImmutableMap)
DateTime(org.joda.time.DateTime)
Test(org.junit.Test)
Example 3 with User
use of org.graylog2.plugin.database.users.User in project graylog2-server by Graylog2.
the class JsonExtractorTest method testRunWithFlattenedObjectAndDifferentKVSeparator.
@Test
public void testRunWithFlattenedObjectAndDifferentKVSeparator() throws Exception {
final JsonExtractor jsonExtractor = new JsonExtractor(new MetricRegistry(), "json", "title", 0L, Extractor.CursorStrategy.COPY, "source", "target", ImmutableMap.<String, Object>of("flatten", true, "kv_separator", ":"), "user", Collections.<Converter>emptyList(), Extractor.ConditionType.NONE, "");
final String value = "{\"object\": {\"text\": \"foobar\", \"number\": 1234.5678, \"bool\": true, \"nested\": {\"text\": \"foobar\"}}}";
final Extractor.Result[] results = jsonExtractor.run(value);
assertThat(results).contains(new Extractor.Result("text:foobar, number:1234.5678, bool:true, nested:{text=foobar}", "object", -1, -1));
}
Also used :
MetricRegistry(com.codahale.metrics.MetricRegistry)
Extractor(org.graylog2.plugin.inputs.Extractor)
Test(org.junit.Test)
Example 4 with User
use of org.graylog2.plugin.database.users.User in project graylog2-server by Graylog2.
the class JsonExtractorTest method testRunWithWhitespaceInNestedKey.
@Test
public void testRunWithWhitespaceInNestedKey() throws Exception {
final String value = "{\"foo\":{\"b a r\":{\"b a z\": 42}}}";
final JsonExtractor jsonExtractor = new JsonExtractor(new MetricRegistry(), "json", "title", 0L, Extractor.CursorStrategy.COPY, "source", "target", ImmutableMap.of("replace_key_whitespace", true, "key_whitespace_replacement", "-"), "user", Collections.emptyList(), Extractor.ConditionType.NONE, "");
assertThat(jsonExtractor.run(value)).containsOnly(new Extractor.Result(42, "foo_b-a-r_b-a-z", -1, -1));
}
Also used :
MetricRegistry(com.codahale.metrics.MetricRegistry)
Extractor(org.graylog2.plugin.inputs.Extractor)
Test(org.junit.Test)
Example 5 with User
use of org.graylog2.plugin.database.users.User in project graylog2-server by Graylog2.
the class RegexReplaceExtractorTest method testReplacementWithReplaceAll.
@Test
public void testReplacementWithReplaceAll() throws Exception {
final Message message = new Message("Foobar 123 Foobaz 456", "source", Tools.nowUTC());
final RegexReplaceExtractor extractor = new RegexReplaceExtractor(metricRegistry, "id", "title", 0L, Extractor.CursorStrategy.COPY, "message", "message", ImmutableMap.<String, Object>of("regex", "(\\w+) (\\d+)", "replacement", "$2/$1", "replace_all", true), "user", Collections.<Converter>emptyList(), Extractor.ConditionType.NONE, null);
extractor.runExtractor(message);
assertThat(message.getMessage()).isEqualTo("123/Foobar 456/Foobaz");
}Aggregations
User (org.graylog2.plugin.database.users.User)33
Test (org.junit.Test)27
ApiOperation (io.swagger.annotations.ApiOperation)19
Path (javax.ws.rs.Path)16
AuditEvent (org.graylog2.audit.jersey.AuditEvent)15
ApiResponses (io.swagger.annotations.ApiResponses)11
Message (org.graylog2.plugin.Message)10
BadRequestException (javax.ws.rs.BadRequestException)9
NotFoundException (javax.ws.rs.NotFoundException)9
RequiresPermissions (org.apache.shiro.authz.annotation.RequiresPermissions)9
Role (org.graylog2.shared.users.Role)8
MetricRegistry (com.codahale.metrics.MetricRegistry)7
POST (javax.ws.rs.POST)7
PUT (javax.ws.rs.PUT)7
DELETE (javax.ws.rs.DELETE)6
ValidationException (org.graylog2.plugin.database.ValidationException)6
Permissions (org.graylog2.shared.security.Permissions)6
GET (javax.ws.rs.GET)5
Extractor (org.graylog2.plugin.inputs.Extractor)5
AccessToken (org.graylog2.security.AccessToken)5
