Search in sources :

Example 26 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class WebUserSessionSource method checkCurrentUserSession.

@Override
public boolean checkCurrentUserSession() {
    if (App.isBound()) {
        App app = App.getInstance();
        Connection connection = app.getConnection();
        return connection.isConnected() && connection.getSession() != null;
    } else {
        SecurityContext securityContext = AppContext.getSecurityContext();
        if (securityContext == null) {
            return false;
        }
        if (securityContext.getSession() != null) {
            return true;
        } else {
            try {
                getUserSessionFromMiddleware(securityContext.getSessionId());
                return true;
            } catch (Exception e) {
                return false;
            }
        }
    }
}
Also used : App(com.haulmont.cuba.web.App) Connection(com.haulmont.cuba.web.Connection) SecurityContext(com.haulmont.cuba.core.sys.SecurityContext)

Example 27 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class RunnerBean method setSecurityContext.

protected void setSecurityContext(ScheduledTask task, @Nullable UserSession userSession) throws LoginException {
    if (userSession == null) {
        UUID sessionId = userSessionIds.get(task.getUserName());
        userSession = sessionId == null ? null : userSessions.getAndRefresh(sessionId);
        if (userSession == null) {
            userSession = authenticationManager.login(new SystemUserCredentials(task.getUserName())).getSession();
            userSessionIds.put(task.getUserName(), userSession.getId());
        }
    }
    AppContext.setSecurityContext(new SecurityContext(userSession));
}
Also used : SystemUserCredentials(com.haulmont.cuba.security.auth.SystemUserCredentials) SecurityContext(com.haulmont.cuba.core.sys.SecurityContext)

Example 28 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class ConfigCacheStrategy method updateCacheInBackground.

protected void updateCacheInBackground() {
    UserSession userSession = cacheUserSessionProvider.getUserSession();
    if (userSession == null) {
        // cache user session unavailable
        return;
    }
    try {
        AppContext.setSecurityContext(new SecurityContext(userSession));
        Map<String, String> cachedPropertiesFromServer = Collections.unmodifiableMap(configStorageService.getDbProperties());
        readWriteLock.writeLock().lock();
        try {
            cachedProperties = cachedPropertiesFromServer;
            lastUsedTs = System.currentTimeMillis();
        } finally {
            readWriteLock.writeLock().unlock();
        }
    } catch (NoUserSessionException e) {
        log.warn("Cache user session expired", e);
    } catch (Exception e) {
        log.error("Unable to update config storage cache", e);
    } finally {
        AppContext.setSecurityContext(null);
        backgroundUpdateTriggered = false;
    }
}
Also used : UserSession(com.haulmont.cuba.security.global.UserSession) SecurityContext(com.haulmont.cuba.core.sys.SecurityContext) NoUserSessionException(com.haulmont.cuba.security.global.NoUserSessionException) NoUserSessionException(com.haulmont.cuba.security.global.NoUserSessionException)

Example 29 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class FileUploadController method upload.

@RequestMapping(value = "/upload", method = RequestMethod.POST)
public void upload(HttpServletRequest request, HttpServletResponse response) throws IOException {
    UserSession userSession = getSession(request, response);
    if (userSession == null)
        return;
    AppContext.setSecurityContext(new SecurityContext(userSession));
    try {
        InputStream is = request.getInputStream();
        if (is == null) {
            response.sendError(HttpServletResponse.SC_BAD_REQUEST);
            return;
        }
        FileDescriptor fd = getFileDescriptor(request, response);
        if (fd == null)
            return;
        try {
            fileStorage.saveStream(fd, is);
        } catch (FileStorageException e) {
            log.error("Unable to upload file", e);
            response.sendError(e.getType().getHttpStatus());
        } finally {
            IOUtils.closeQuietly(is);
        }
    } finally {
        AppContext.setSecurityContext(null);
    }
}
Also used : InputStream(java.io.InputStream) UserSession(com.haulmont.cuba.security.global.UserSession) SecurityContext(com.haulmont.cuba.core.sys.SecurityContext) FileStorageException(com.haulmont.cuba.core.global.FileStorageException) FileDescriptor(com.haulmont.cuba.core.entity.FileDescriptor) RequestMapping(org.springframework.web.bind.annotation.RequestMapping)

Example 30 with SecurityContext

use of com.haulmont.cuba.core.sys.SecurityContext in project cuba by cuba-platform.

the class EntityListenerManager method fireListener.

@SuppressWarnings("unchecked")
public void fireListener(Entity entity, EntityListenerType type, String storeName) {
    if (!enabled)
        return;
    List listeners = getListener(entity.getClass(), type);
    if (listeners.isEmpty())
        return;
    // check if a listener for this instance is already executed
    List<ListenerExecution> executions = threadLocalExecutions.get();
    if (executions == null) {
        executions = new ArrayList<>();
        threadLocalExecutions.set(executions);
    }
    ListenerExecution execution = new ListenerExecution(entity, type);
    if (executions.contains(execution)) {
        return;
    } else {
        executions.add(execution);
    }
    try {
        boolean saved = false;
        SecurityContext securityContext = AppContext.getSecurityContext();
        if (securityContext != null) {
            // can be null before login when detaching entities
            saved = securityContext.isAuthorizationRequired();
            securityContext.setAuthorizationRequired(false);
        }
        try {
            for (Object listener : listeners) {
                switch(type) {
                    case BEFORE_DETACH:
                        logExecution(type, entity);
                        ((BeforeDetachEntityListener) listener).onBeforeDetach(entity, persistence.getEntityManager(storeName));
                        break;
                    case BEFORE_ATTACH:
                        logExecution(type, entity);
                        ((BeforeAttachEntityListener) listener).onBeforeAttach(entity);
                        break;
                    case BEFORE_INSERT:
                        logExecution(type, entity);
                        ((BeforeInsertEntityListener) listener).onBeforeInsert(entity, persistence.getEntityManager(storeName));
                        break;
                    case AFTER_INSERT:
                        logExecution(type, entity);
                        ((AfterInsertEntityListener) listener).onAfterInsert(entity, persistence.getEntityManager(storeName).getConnection());
                        break;
                    case BEFORE_UPDATE:
                        logExecution(type, entity);
                        ((BeforeUpdateEntityListener) listener).onBeforeUpdate(entity, persistence.getEntityManager(storeName));
                        break;
                    case AFTER_UPDATE:
                        logExecution(type, entity);
                        ((AfterUpdateEntityListener) listener).onAfterUpdate(entity, persistence.getEntityManager(storeName).getConnection());
                        break;
                    case BEFORE_DELETE:
                        logExecution(type, entity);
                        ((BeforeDeleteEntityListener) listener).onBeforeDelete(entity, persistence.getEntityManager(storeName));
                        break;
                    case AFTER_DELETE:
                        logExecution(type, entity);
                        ((AfterDeleteEntityListener) listener).onAfterDelete(entity, persistence.getEntityManager(storeName).getConnection());
                        break;
                    default:
                        throw new UnsupportedOperationException("Unsupported EntityListenerType: " + type);
                }
            }
        } finally {
            SecurityContext sc = AppContext.getSecurityContext();
            if (sc != null) {
                sc.setAuthorizationRequired(saved);
            }
        }
    } finally {
        executions.remove(execution);
        if (executions.isEmpty())
            threadLocalExecutions.remove();
    }
}
Also used : SecurityContext(com.haulmont.cuba.core.sys.SecurityContext)

Aggregations

SecurityContext (com.haulmont.cuba.core.sys.SecurityContext)43 UserSession (com.haulmont.cuba.security.global.UserSession)29 LoginException (com.haulmont.cuba.security.global.LoginException)13 UUID (java.util.UUID)10 NoUserSessionException (com.haulmont.cuba.security.global.NoUserSessionException)8 IOException (java.io.IOException)8 FileStorageException (com.haulmont.cuba.core.global.FileStorageException)6 AppContext.withSecurityContext (com.haulmont.cuba.core.sys.AppContext.withSecurityContext)6 RequestMapping (org.springframework.web.bind.annotation.RequestMapping)6 FileDescriptor (com.haulmont.cuba.core.entity.FileDescriptor)5 Locale (java.util.Locale)5 Transaction (com.haulmont.cuba.core.Transaction)3 AppContext.getSecurityContext (com.haulmont.cuba.core.sys.AppContext.getSecurityContext)3 AppContext.setSecurityContext (com.haulmont.cuba.core.sys.AppContext.setSecurityContext)3 TrustedClientCredentials (com.haulmont.cuba.security.auth.TrustedClientCredentials)3 InvocationTargetException (java.lang.reflect.InvocationTargetException)3 Nonnull (javax.annotation.Nonnull)3 LogFileNotFoundException (com.haulmont.cuba.core.sys.logging.LogFileNotFoundException)2 LoginPasswordCredentials (com.haulmont.cuba.security.auth.LoginPasswordCredentials)2 SystemUserCredentials (com.haulmont.cuba.security.auth.SystemUserCredentials)2