use of com.google.gerrit.server.PeerDaemonUser in project gerrit by GerritCodeReview.
the class PRED_current_user_1 method exec.
@Override
public Operation exec(Prolog engine) throws PrologException {
engine.setB0();
Term a1 = arg1.dereference();
CurrentUser curUser = StoredValues.CURRENT_USER.getOrNull(engine);
if (curUser == null) {
throw new EvaluationException("Current user not available in this rule type");
}
Term resultTerm;
if (curUser.isIdentifiedUser()) {
Account.Id id = curUser.getAccountId();
resultTerm = new IntegerTerm(id.get());
} else if (curUser instanceof AnonymousUser) {
resultTerm = anonymous;
} else if (curUser instanceof PeerDaemonUser) {
resultTerm = peerDaemon;
} else {
throw new EvaluationException("Unknown user type");
}
if (!a1.unify(new StructureTerm(user, resultTerm), engine.trail)) {
return engine.fail();
}
return cont;
}
use of com.google.gerrit.server.PeerDaemonUser in project gerrit by GerritCodeReview.
the class DatabasePubKeyAuth method authenticate.
@Override
public boolean authenticate(String username, PublicKey suppliedKey, ServerSession session) {
SshSession sd = session.getAttribute(SshSession.KEY);
Preconditions.checkState(sd.getUser() == null);
if (PeerDaemonUser.USER_NAME.equals(username)) {
if (myHostKeys.contains(suppliedKey) || getPeerKeys().contains(suppliedKey)) {
PeerDaemonUser user = peerFactory.create(sd.getRemoteAddress());
return SshUtil.success(username, session, sshScope, sshLog, sd, user);
}
sd.authenticationError(username, "no-matching-key");
return false;
}
if (config.getBoolean("auth", "userNameToLowerCase", false)) {
username = username.toLowerCase(Locale.US);
}
Iterable<SshKeyCacheEntry> keyList = sshKeyCache.get(username);
SshKeyCacheEntry key = find(keyList, suppliedKey);
if (key == null) {
String err;
if (keyList == SshKeyCacheImpl.NO_SUCH_USER) {
err = "user-not-found";
} else if (keyList == SshKeyCacheImpl.NO_KEYS) {
err = "key-list-empty";
} else {
err = "no-matching-key";
}
sd.authenticationError(username, err);
return false;
}
//
for (SshKeyCacheEntry otherKey : keyList) {
if (!key.getAccount().equals(otherKey.getAccount())) {
sd.authenticationError(username, "keys-cross-accounts");
return false;
}
}
IdentifiedUser cu = SshUtil.createUser(sd, userFactory, key.getAccount());
if (!cu.getAccount().isActive()) {
sd.authenticationError(username, "inactive-account");
return false;
}
return SshUtil.success(username, session, sshScope, sshLog, sd, cu);
}
use of com.google.gerrit.server.PeerDaemonUser in project gerrit by GerritCodeReview.
the class SshLog method log.
private LoggingEvent log(final String msg) {
final SshSession sd = session.get();
final CurrentUser user = sd.getUser();
final LoggingEvent event = new //
LoggingEvent(// fqnOfCategoryClass
Logger.class.getName(), // logger
log, // when
TimeUtil.nowMs(), // level
Level.INFO, // message text
msg, // thread name
"SSHD", // exception information
null, // current NDC string
null, // caller location
null, // MDC properties
null);
event.setProperty(P_SESSION, id(sd.getSessionId()));
String userName = "-";
String accountId = "-";
if (user != null && user.isIdentifiedUser()) {
IdentifiedUser u = user.asIdentifiedUser();
userName = u.getAccount().getUserName();
accountId = "a/" + u.getAccountId().toString();
} else if (user instanceof PeerDaemonUser) {
userName = PeerDaemonUser.USER_NAME;
}
event.setProperty(P_USER_NAME, userName);
event.setProperty(P_ACCOUNT_ID, accountId);
return event;
}
Aggregations