Search in sources :

Example 1 with PeerDaemonUser

use of com.google.gerrit.server.PeerDaemonUser in project gerrit by GerritCodeReview.

the class PRED_current_user_1 method exec.

@Override
public Operation exec(Prolog engine) throws PrologException {
    engine.setB0();
    Term a1 = arg1.dereference();
    CurrentUser curUser = StoredValues.CURRENT_USER.getOrNull(engine);
    if (curUser == null) {
        throw new EvaluationException("Current user not available in this rule type");
    }
    Term resultTerm;
    if (curUser.isIdentifiedUser()) {
        Account.Id id = curUser.getAccountId();
        resultTerm = new IntegerTerm(id.get());
    } else if (curUser instanceof AnonymousUser) {
        resultTerm = anonymous;
    } else if (curUser instanceof PeerDaemonUser) {
        resultTerm = peerDaemon;
    } else {
        throw new EvaluationException("Unknown user type");
    }
    if (!a1.unify(new StructureTerm(user, resultTerm), engine.trail)) {
        return engine.fail();
    }
    return cont;
}
Also used : Account(com.google.gerrit.reviewdb.client.Account) IntegerTerm(com.googlecode.prolog_cafe.lang.IntegerTerm) CurrentUser(com.google.gerrit.server.CurrentUser) StructureTerm(com.googlecode.prolog_cafe.lang.StructureTerm) AnonymousUser(com.google.gerrit.server.AnonymousUser) Term(com.googlecode.prolog_cafe.lang.Term) IntegerTerm(com.googlecode.prolog_cafe.lang.IntegerTerm) StructureTerm(com.googlecode.prolog_cafe.lang.StructureTerm) SymbolTerm(com.googlecode.prolog_cafe.lang.SymbolTerm) EvaluationException(com.googlecode.prolog_cafe.exceptions.EvaluationException) PeerDaemonUser(com.google.gerrit.server.PeerDaemonUser)

Example 2 with PeerDaemonUser

use of com.google.gerrit.server.PeerDaemonUser in project gerrit by GerritCodeReview.

the class DatabasePubKeyAuth method authenticate.

@Override
public boolean authenticate(String username, PublicKey suppliedKey, ServerSession session) {
    SshSession sd = session.getAttribute(SshSession.KEY);
    Preconditions.checkState(sd.getUser() == null);
    if (PeerDaemonUser.USER_NAME.equals(username)) {
        if (myHostKeys.contains(suppliedKey) || getPeerKeys().contains(suppliedKey)) {
            PeerDaemonUser user = peerFactory.create(sd.getRemoteAddress());
            return SshUtil.success(username, session, sshScope, sshLog, sd, user);
        }
        sd.authenticationError(username, "no-matching-key");
        return false;
    }
    if (config.getBoolean("auth", "userNameToLowerCase", false)) {
        username = username.toLowerCase(Locale.US);
    }
    Iterable<SshKeyCacheEntry> keyList = sshKeyCache.get(username);
    SshKeyCacheEntry key = find(keyList, suppliedKey);
    if (key == null) {
        String err;
        if (keyList == SshKeyCacheImpl.NO_SUCH_USER) {
            err = "user-not-found";
        } else if (keyList == SshKeyCacheImpl.NO_KEYS) {
            err = "key-list-empty";
        } else {
            err = "no-matching-key";
        }
        sd.authenticationError(username, err);
        return false;
    }
    //
    for (SshKeyCacheEntry otherKey : keyList) {
        if (!key.getAccount().equals(otherKey.getAccount())) {
            sd.authenticationError(username, "keys-cross-accounts");
            return false;
        }
    }
    IdentifiedUser cu = SshUtil.createUser(sd, userFactory, key.getAccount());
    if (!cu.getAccount().isActive()) {
        sd.authenticationError(username, "inactive-account");
        return false;
    }
    return SshUtil.success(username, session, sshScope, sshLog, sd, cu);
}
Also used : IdentifiedUser(com.google.gerrit.server.IdentifiedUser) PeerDaemonUser(com.google.gerrit.server.PeerDaemonUser)

Example 3 with PeerDaemonUser

use of com.google.gerrit.server.PeerDaemonUser in project gerrit by GerritCodeReview.

the class SshLog method log.

private LoggingEvent log(final String msg) {
    final SshSession sd = session.get();
    final CurrentUser user = sd.getUser();
    final LoggingEvent event = new //
    LoggingEvent(// fqnOfCategoryClass
    Logger.class.getName(), // logger
    log, // when
    TimeUtil.nowMs(), // level
    Level.INFO, // message text
    msg, // thread name
    "SSHD", // exception information
    null, // current NDC string
    null, // caller location
    null, // MDC properties
    null);
    event.setProperty(P_SESSION, id(sd.getSessionId()));
    String userName = "-";
    String accountId = "-";
    if (user != null && user.isIdentifiedUser()) {
        IdentifiedUser u = user.asIdentifiedUser();
        userName = u.getAccount().getUserName();
        accountId = "a/" + u.getAccountId().toString();
    } else if (user instanceof PeerDaemonUser) {
        userName = PeerDaemonUser.USER_NAME;
    }
    event.setProperty(P_USER_NAME, userName);
    event.setProperty(P_ACCOUNT_ID, accountId);
    return event;
}
Also used : LoggingEvent(org.apache.log4j.spi.LoggingEvent) CurrentUser(com.google.gerrit.server.CurrentUser) Logger(org.apache.log4j.Logger) IdentifiedUser(com.google.gerrit.server.IdentifiedUser) PeerDaemonUser(com.google.gerrit.server.PeerDaemonUser)

Aggregations

PeerDaemonUser (com.google.gerrit.server.PeerDaemonUser)3 CurrentUser (com.google.gerrit.server.CurrentUser)2 IdentifiedUser (com.google.gerrit.server.IdentifiedUser)2 Account (com.google.gerrit.reviewdb.client.Account)1 AnonymousUser (com.google.gerrit.server.AnonymousUser)1 EvaluationException (com.googlecode.prolog_cafe.exceptions.EvaluationException)1 IntegerTerm (com.googlecode.prolog_cafe.lang.IntegerTerm)1 StructureTerm (com.googlecode.prolog_cafe.lang.StructureTerm)1 SymbolTerm (com.googlecode.prolog_cafe.lang.SymbolTerm)1 Term (com.googlecode.prolog_cafe.lang.Term)1 Logger (org.apache.log4j.Logger)1 LoggingEvent (org.apache.log4j.spi.LoggingEvent)1