use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.
the class Connection method login.
public void login(String login, String password, Locale locale) throws LoginException {
UserSession userSession = doLogin(login, password, locale, getLoginParams());
ClientUserSession clientUserSession = new ClientUserSession(userSession);
clientUserSession.setAuthenticated(true);
session = clientUserSession;
AppContext.setSecurityContext(new SecurityContext(session));
log.info("Logged in: {}", session);
updateSessionClientInfo();
connected = true;
fireConnectionListeners();
}
use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.
the class FileStorage method saveStream.
@Override
public long saveStream(final FileDescriptor fileDescr, final InputStream inputStream) throws FileStorageException {
checkFileDescriptor(fileDescr);
File[] roots = getStorageRoots();
// Store to primary storage
checkStorageDefined(roots, fileDescr);
checkPrimaryStorageAccessible(roots, fileDescr);
File dir = getStorageDir(roots[0], fileDescr);
dir.mkdirs();
checkDirectoryExists(dir);
final File file = new File(dir, getFileName(fileDescr));
checkFileExists(file);
long size = 0;
OutputStream os = null;
try {
os = FileUtils.openOutputStream(file);
size = IOUtils.copyLarge(inputStream, os);
os.flush();
writeLog(file, false);
} catch (IOException e) {
IOUtils.closeQuietly(os);
FileUtils.deleteQuietly(file);
throw new FileStorageException(FileStorageException.Type.IO_EXCEPTION, file.getAbsolutePath(), e);
} finally {
IOUtils.closeQuietly(os);
}
// Copy file to secondary storages asynchronously
final SecurityContext securityContext = AppContext.getSecurityContext();
for (int i = 1; i < roots.length; i++) {
if (!roots[i].exists()) {
log.error("Error saving {} into {} : directory doesn't exist", fileDescr, roots[i]);
continue;
}
File copyDir = getStorageDir(roots[i], fileDescr);
final File fileCopy = new File(copyDir, getFileName(fileDescr));
writeExecutor.submit(new Runnable() {
@Override
public void run() {
try {
AppContext.setSecurityContext(securityContext);
FileUtils.copyFile(file, fileCopy, true);
writeLog(fileCopy, false);
} catch (Exception e) {
log.error("Error saving {} into {} : {}", fileDescr, fileCopy.getAbsolutePath(), e.getMessage());
} finally {
AppContext.setSecurityContext(null);
}
}
});
}
return size;
}
use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.
the class FileDownloadController method download.
@RequestMapping(value = "/download", method = RequestMethod.GET)
public ModelAndView download(HttpServletRequest request, HttpServletResponse response) throws IOException {
UserSession userSession = getSession(request, response);
if (userSession == null) {
error(response);
return null;
}
AppContext.setSecurityContext(new SecurityContext(userSession));
try {
UUID fileId;
try {
fileId = UUID.fromString(request.getParameter("f"));
} catch (Exception e) {
log.error(e.toString());
error(response);
return null;
}
FileDescriptor fd = dataService.load(LoadContext.create(FileDescriptor.class).setId(fileId));
if (fd == null) {
log.warn("Unable to find file with id {}", fileId);
error(response);
return null;
}
String fileName = URLEncodeUtils.encodeUtf8(fd.getName());
response.setHeader(HttpHeaders.CACHE_CONTROL, "no-cache");
response.setDateHeader(HttpHeaders.EXPIRES, 0);
response.setHeader(HttpHeaders.CONTENT_TYPE, getContentType(fd));
response.setHeader(HttpHeaders.PRAGMA, "no-cache");
boolean attach = Boolean.valueOf(request.getParameter("a"));
response.setHeader("Content-Disposition", (attach ? "attachment" : "inline") + "; filename=" + fileName);
downloadFromMiddlewareAndWriteResponse(fd, response);
} finally {
AppContext.setSecurityContext(null);
}
return null;
}
use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.
the class LogDownloadController method getSession.
protected UserSession getSession(String sessionId, HttpServletResponse response) throws IOException {
UUID sessionUUID;
try {
sessionUUID = UUID.fromString(sessionId);
} catch (Exception e) {
log.error("Error parsing sessionId from URL param", e);
response.sendError(HttpServletResponse.SC_BAD_REQUEST);
return null;
}
AppContext.setSecurityContext(new SecurityContext(sessionUUID));
try {
UserSession session = userSessionService.getUserSession(sessionUUID);
if (session == null)
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return session;
} finally {
AppContext.setSecurityContext(null);
}
}
use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.
the class BaseIdpSessionFilter method getWebAppUrl.
protected String getWebAppUrl() {
if (webAppUrl == null) {
synchronized (this) {
if (webAppUrl == null) {
UserSession systemSession;
try {
systemSession = trustedClientService.getSystemSession(webAuthConfig.getTrustedClientPassword());
} catch (LoginException e) {
throw new RuntimeException("Unable to get systemSession", e);
}
// webAppUrl can be overridden in DB, thus we need SecurityContext to obtain it from middleware
withSecurityContext(new SecurityContext(systemSession), () -> {
String webAppUrl = globalConfig.getWebAppUrl();
if (!webAppUrl.endsWith("/")) {
webAppUrl += "/";
}
this.webAppUrl = webAppUrl;
});
}
}
}
return this.webAppUrl;
}
Aggregations