Examples with AuthorizedEventBus com.b2international.snowowl.core.authorization.AuthorizedEventBus used on opensource projects

Example 1 with AuthorizedEventBus

use of com.b2international.snowowl.core.authorization.AuthorizedEventBus in project snow-owl by b2ihealthcare.

the class CommitInfoRequestTest method searchCommitInfoByBranch.

@Test
public void searchCommitInfoByBranch() {
    final String oid = UUID.randomUUID().toString();
    final String shortName = "Resource6";
    final String comment = "Code system for commit info 6";
    final String branchName = "Test6";
    final String term = "Test Description 6";
    createCodeSystem(shortName, oid, comment);
    final String branchPath = createBranch(String.format("%s/%s", BRANCH, shortName), branchName);
    createDescription(ResourceURI.branch(CodeSystem.RESOURCE_TYPE, shortName, branchName), term, comment);
    // Search as admin
    assertEquals(1, RepositoryRequests.commitInfos().prepareSearchCommitInfo().filterByBranch(branchPath).build(REPOSITORY_ID).execute(bus).getSync().getTotal());
    final Permission userPermission = Permission.requireAll(Permission.OPERATION_BROWSE, String.format("%s*", shortName));
    final List<Role> roles = List.of(new Role("Editor", List.of(userPermission)));
    final String userName = "User6";
    final User user = new User(userName, roles);
    final IEventBus authorizedBus = new AuthorizedEventBus(bus, ImmutableMap.of(AuthorizedRequest.AUTHORIZATION_HEADER, Services.service(JWTGenerator.class).generate(user)));
    // Search as user with limited permissions
    assertEquals(1, RepositoryRequests.commitInfos().prepareSearchCommitInfo().filterByBranch(branchPath).build(REPOSITORY_ID).execute(authorizedBus).getSync().getTotal());
}

Example 2 with AuthorizedEventBus

use of com.b2international.snowowl.core.authorization.AuthorizedEventBus in project snow-owl by b2ihealthcare.

the class SnowOwlCommandProvider method _snowowl.

public void _snowowl(CommandInterpreter interpreter) throws Exception {
    // first read all args into an array
    List<String> args = newArrayList();
    String arg;
    while ((arg = interpreter.nextArgument()) != null) {
        args.add(arg);
    }
    final Environment env = ApplicationContext.getServiceForClass(Environment.class);
    final List<CommandLine> commands = cli(env).parse(args.toArray(new String[] {}));
    try (InterpreterStream out = new InterpreterStream(interpreter)) {
        // print help if requested for any command
        if (CommandLine.printHelpIfRequested(commands, out, out, CommandLine.Help.Ansi.AUTO)) {
            return;
        }
        // get the last command used in the cli
        CommandLine cli = Iterables.getLast(commands, null);
        if (cli == null) {
            return;
        }
        // we should get an executable Snow Owl Command, so execute it
        BaseCommand cmd = (BaseCommand) cli.getCommand();
        final String authorizationToken = ApplicationContext.getServiceForClass(JWTGenerator.class).generate(User.SYSTEM);
        final ServiceProvider context = env.inject().bind(IEventBus.class, new AuthorizedEventBus(ApplicationContext.getServiceForClass(IEventBus.class), ImmutableMap.of(AuthorizedRequest.AUTHORIZATION_HEADER, authorizationToken))).build();
        cmd.setContext(context);
        cmd.run(out);
    } catch (Exception e) {
        interpreter.println("Unknown error occured");
        interpreter.printStackTrace(e);
    }
}

Example 3 with AuthorizedEventBus

use of com.b2international.snowowl.core.authorization.AuthorizedEventBus in project snow-owl by b2ihealthcare.

the class TransportClient method connect.

public User connect(final String username, final String password) throws SnowowlServiceException {
    try {
        this.user = username;
        this.password = password;
        // initialize connectors first
        initConnection();
        // try to log in with the specified username and password using the non-authorized bus instance
        final Token token = UserRequests.prepareLogin().setUsername(username).setPassword(password).buildAsync().execute(bus).getSync();
        // if successfully logged in replace the event bus with an authorized one
        env.services().registerService(IEventBus.class, new AuthorizedEventBus(bus, ImmutableMap.of("Authorization", token.getToken())));
        env.services().registerService(TransportClient.class, this);
        return env.service(AuthorizationHeaderVerifier.class).toUser(token.getToken());
    } catch (UnauthorizedException e) {
        throw new SnowowlServiceException(e.getMessage());
    } catch (final Throwable t) {
        final Throwable rootCause = Throwables.getRootCause(t);
        final String message = Strings.nullToEmpty(StringUtils.getLine(rootCause.getMessage(), "\n", 0)).replace("\r", "");
        LOG.error("Exception caught while connecting to the server.", t);
        // FIXME: "Sentiment analysis" for exception messages
        if (message.startsWith(COULD_NOT_ACTIVATE_PREFIX)) {
            throw new SnowowlServiceException("The server could not be reached. Please verify the connection URL.");
        } else if (message.startsWith(ALREADY_LOGGED_IN_PREFIX)) {
            throw new SnowowlServiceException("Another client with the same user is already connected to the server.");
        } else if (message.startsWith(INCORRECT_USER_NAME_OR_PASSWORD)) {
            throw new SnowowlServiceException(message);
        } else if (message.startsWith(LOGIN_DISABLED)) {
            throw new SnowowlServiceException(message);
        } else if (message.startsWith(LDAP_CONNECTION_REFUSED)) {
            throw new SnowowlServiceException("The LDAP server could not be reached for authentication. Please contact the administrator.");
        } else {
            throw new SnowowlServiceException("An unexpected error occurred while connecting to the server. Please contact the administrator.");
        }
    }
}

Example 4 with AuthorizedEventBus

use of com.b2international.snowowl.core.authorization.AuthorizedEventBus in project snow-owl by b2ihealthcare.

the class CommitInfoRequestTest method searchCommitOnSubBranch.

@Test
public void searchCommitOnSubBranch() {
    // Search with no branch filter, to test security filter for user with limited resources
    final String oid = UUID.randomUUID().toString();
    final String shortName = "Resource7";
    final String comment = "Code system for commit info 7";
    final String branchName = "Test7";
    final String commitComment = "Create Description 7";
    final String term = "Test Description 7";
    // Commit on resource branch
    createCodeSystem(shortName, oid, comment);
    createDescription(ResourceURI.of(CodeSystem.RESOURCE_TYPE, shortName), term, commitComment);
    // Commit on version branch
    final String branchPath = createBranch(String.format("%s/%s", BRANCH, shortName), branchName);
    createDescription(ResourceURI.branch(CodeSystem.RESOURCE_TYPE, shortName, branchName), term, commitComment);
    // Commit on deeper branch
    final String newBranchName = String.format("%s/%s", branchName, branchName);
    createBranch(branchPath, branchName);
    createDescription(ResourceURI.branch(CodeSystem.RESOURCE_TYPE, shortName, newBranchName), term, commitComment);
    final Permission userPermission = Permission.requireAll(Permission.OPERATION_BROWSE, String.format("%s*", shortName));
    final List<Role> roles = List.of(new Role("Editor", List.of(userPermission)));
    final String userName = "User7";
    final User user = new User(userName, roles);
    final IEventBus authorizedBus = new AuthorizedEventBus(bus, ImmutableMap.of(AuthorizedRequest.AUTHORIZATION_HEADER, Services.service(JWTGenerator.class).generate(user)));
    // Search as user with permission only to access the resource and one sub branch
    assertEquals(2, RepositoryRequests.commitInfos().prepareSearchCommitInfo().filterByComment(commitComment).build(REPOSITORY_ID).execute(authorizedBus).getSync().getTotal());
    // Search as admin user with permission to access all
    assertEquals(3, RepositoryRequests.commitInfos().prepareSearchCommitInfo().filterByComment(commitComment).build(REPOSITORY_ID).execute(bus).getSync().getTotal());
}