use of org.pentaho.platform.core.mt.Tenant in project pentaho-platform by pentaho.
the class RepositoryTenantManager method createTenant.
/*
* (non-Javadoc)
*
* @see org.pentaho.platform.api.repository2.unified.ITenantManager#createTenant(java.lang.String,
* java.lang.String)
*/
@Override
public ITenant createTenant(final ITenant parentTenant, final String tenantName, final String tenantAdminRoleName, final String authenticatedRoleName, final String anonymousRoleName) {
Tenant newTenant;
String parentTenantFolder;
if (parentTenant == null) {
if (repositoryFileDao.getFileByAbsolutePath("/" + tenantName) != null) {
return null;
}
} else {
if (repositoryFileDao.getFileByAbsolutePath(parentTenant.getRootFolderAbsolutePath() + "/" + tenantName) != null) {
return null;
}
}
if (parentTenant == null) {
newTenant = new Tenant(RepositoryFile.SEPARATOR + tenantName, true);
parentTenantFolder = "/";
} else {
newTenant = new Tenant(parentTenant.getRootFolderAbsolutePath() + RepositoryFile.SEPARATOR + tenantName, true);
parentTenantFolder = parentTenant.getRootFolderAbsolutePath();
}
String tenantCreatorId = PentahoSessionHolder.getSession().getName();
RepositoryFile tenantRootFolder = createTenantFolder(parentTenant, tenantName, tenantCreatorId);
userRoleDao.createRole(newTenant, tenantAdminRoleName, "", new String[0]);
userRoleDao.createRole(newTenant, authenticatedRoleName, "", new String[0]);
userRoleDao.createRole(newTenant, anonymousRoleName, "", new String[0]);
roleBindingDao.setRoleBindings(newTenant, authenticatedRoleName, singleTenantAuthenticatedAuthorityRoleBindingList);
String tenantAdminRoleId = tenantedRoleNameResolver.getPrincipleId(newTenant, tenantAdminRoleName);
RepositoryFileSid tenantAdminRoleSid = new RepositoryFileSid(tenantAdminRoleId, Type.ROLE);
this.jcrTemplate.save();
// tenant admin permissions on the root folder.
if (parentTenant == null) {
repositoryFileAclDao.addAce(tenantRootFolder.getId(), tenantAdminRoleSid, EnumSet.of(RepositoryFilePermission.ALL));
} else {
RepositoryFileAcl acl = repositoryFileAclDao.getAcl(tenantRootFolder.getId());
Builder aclBuilder = new RepositoryFileAcl.Builder(acl).ace(tenantAdminRoleSid, EnumSet.of(RepositoryFilePermission.ALL));
IPentahoSession origPentahoSession = PentahoSessionHolder.getSession();
Authentication origAuthentication = SecurityContextHolder.getContext().getAuthentication();
login(repositoryAdminUsername, tenantAdminRoleId);
try {
// Give all to Tenant Admin of all ancestors
while (!parentTenantFolder.equals("/")) {
ITenant tenant = new Tenant(parentTenantFolder, true);
String parentTenantAdminRoleId = tenantedRoleNameResolver.getPrincipleId(tenant, tenantAdminRoleName);
RepositoryFileSid parentTenantAdminSid = new RepositoryFileSid(parentTenantAdminRoleId, Type.ROLE);
aclBuilder.ace(parentTenantAdminSid, EnumSet.of(RepositoryFilePermission.ALL));
parentTenantFolder = FilenameUtils.getFullPathNoEndSeparator(parentTenantFolder);
}
repositoryFileAclDao.updateAcl(aclBuilder.build());
} catch (Throwable th) {
th.printStackTrace();
} finally {
PentahoSessionHolder.setSession(origPentahoSession);
SecurityContextHolder.getContext().setAuthentication(origAuthentication);
}
}
try {
RepositoryFileSid fileOwnerSid = new RepositoryFileSid(tenantCreatorId);
createInitialTenantFolders(newTenant, tenantRootFolder, fileOwnerSid);
} catch (Exception ex) {
throw new RuntimeException("Error creating initial tenant folders", ex);
}
return newTenant;
}
use of org.pentaho.platform.core.mt.Tenant in project pentaho-platform by pentaho.
the class JdbcUserRoleListServiceTest method testGetAllAuthoritiesForTenant.
@Test
public void testGetAllAuthoritiesForTenant() throws Exception {
ITenant defaultTenant = new Tenant("/pentaho/tenant0", true);
login("admin", defaultTenant);
JdbcUserRoleListService dao = makePopulatedJdbcUserRoleListService();
// $NON-NLS-1$
dao.setAllAuthoritiesQuery("SELECT DISTINCT(AUTHORITY) AS AUTHORITY FROM AUTHORITIES ORDER BY 1");
dao.afterPropertiesSet();
List<String> auths = dao.getAllRoles(defaultTenant);
// $NON-NLS-1$
assertTrue("Authorities list should not be empty", auths.size() > 0);
for (String auth : auths) {
// $NON-NLS-1$
System.out.println("Authority: " + auth);
}
try {
auths = dao.getAllRoles(new Tenant("/pentaho", true));
} catch (UnsupportedOperationException uoe) {
assertNotNull(uoe);
}
}
use of org.pentaho.platform.core.mt.Tenant in project pentaho-platform by pentaho.
the class JdbcUserRoleListServiceTest method testGetAllUsernamesForTenant.
@Test
public void testGetAllUsernamesForTenant() throws Exception {
ITenant defaultTenant = new Tenant("/pentaho/tenant0", true);
login("admin", defaultTenant);
JdbcUserRoleListService dao = makePopulatedJdbcUserRoleListService();
// $NON-NLS-1$
dao.setAllUsernamesQuery("SELECT DISTINCT(USERNAME) FROM USERS ORDER BY USERNAME");
dao.afterPropertiesSet();
List<String> allUsers = dao.getAllUsers(defaultTenant);
// $NON-NLS-1$
assertTrue("User List should not be empty", allUsers.size() > 0);
for (String username : allUsers) {
// $NON-NLS-1$
System.out.println("User: " + username);
}
try {
allUsers = dao.getAllUsers(new Tenant("/pentaho", true));
} catch (UnsupportedOperationException uoe) {
assertNotNull(uoe);
}
}
use of org.pentaho.platform.core.mt.Tenant in project pentaho-platform by pentaho.
the class JdbcUserRoleListServiceTest method testGetRolesForUserForTenant.
@Test
public void testGetRolesForUserForTenant() throws Exception {
ITenant defaultTenant = new Tenant("/pentaho/tenant0", true);
login("admin", defaultTenant);
JdbcUserRoleListService dao = makePopulatedJdbcUserRoleListService();
dao.setUserDetailsService(makePopulatedJdbcDao());
dao.afterPropertiesSet();
// $NON-NLS-1$
List<String> roles = dao.getRolesForUser(defaultTenant, "rod");
// $NON-NLS-1$
assertTrue(roles.contains("ROLE_TELLER"));
// $NON-NLS-1$
assertTrue(roles.contains("ROLE_SUPERVISOR"));
try {
roles = dao.getRolesForUser(new Tenant("/pentaho", true), "rod");
} catch (UnsupportedOperationException uoe) {
assertNotNull(uoe);
}
}
use of org.pentaho.platform.core.mt.Tenant in project pentaho-platform by pentaho.
the class JdbcUserRoleListServiceTest method testGetAllAuthoritiesWithRolePrefixForTenant.
@Test
public void testGetAllAuthoritiesWithRolePrefixForTenant() throws Exception {
ITenant defaultTenant = new Tenant("/pentaho/tenant0", true);
login("admin", defaultTenant);
JdbcUserRoleListService dao = makePopulatedJdbcUserRoleListService();
// $NON-NLS-1$
dao.setAllAuthoritiesQuery("SELECT DISTINCT(AUTHORITY) AS AUTHORITY FROM AUTHORITIES ORDER BY 1");
// $NON-NLS-1$
dao.setRolePrefix("ARBITRARY_PREFIX_");
dao.afterPropertiesSet();
List<String> auths = dao.getAllRoles(defaultTenant);
// $NON-NLS-1$
assertTrue("Authorities list should not be empty", auths.size() > 0);
for (String role : auths) {
// $NON-NLS-1$
System.out.println("Authority with prefix: " + role);
}
try {
auths = dao.getAllRoles(new Tenant("/pentaho", true));
} catch (UnsupportedOperationException uoe) {
assertNotNull(uoe);
}
}
Aggregations