use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.
the class LogDownloadController method getLogFile.
@RequestMapping(value = "/log/{file:[a-zA-Z0-9\\.\\-_]+}", method = RequestMethod.GET)
public void getLogFile(HttpServletResponse response, @RequestParam(value = "s") String sessionId, @RequestParam(value = "full", required = false) Boolean downloadFull, @PathVariable(value = "file") String logFileName) throws IOException {
UserSession userSession = getSession(sessionId, response);
if (userSession == null)
return;
if (!userSession.isSpecificPermitted("cuba.gui.administration.downloadlogs")) {
response.sendError(HttpServletResponse.SC_FORBIDDEN);
return;
}
// security check, handle only valid file name
String filename = FilenameUtils.getName(logFileName);
try {
File logFile = logControl.getLogFile(filename);
response.setHeader("Cache-Control", "no-cache");
response.setHeader("Pragma", "no-cache");
response.setDateHeader("Expires", 0);
response.setHeader("Content-Type", "application/zip");
response.setHeader("Pragma", "no-cache");
response.setHeader("Content-Disposition", "attachment; filename=" + filename);
OutputStream outputStream = null;
try {
outputStream = response.getOutputStream();
if (BooleanUtils.isTrue(downloadFull)) {
LogArchiver.writeArchivedLogToStream(logFile, outputStream);
} else {
LogArchiver.writeArchivedLogTailToStream(logFile, outputStream);
}
} catch (RuntimeException | IOException ex) {
log.error("Unable to download file", ex);
response.sendError(HttpServletResponse.SC_INTERNAL_SERVER_ERROR);
} finally {
IOUtils.closeQuietly(outputStream);
}
} catch (LogFileNotFoundException e) {
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
}
}
use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.
the class ServiceInterceptor method aroundInvoke.
private Object aroundInvoke(ProceedingJoinPoint ctx) throws Throwable {
SecurityContext securityContext = AppContext.getSecurityContextNN();
boolean internalInvocation = securityContext.incServiceInvocation() > 0;
try {
if (internalInvocation) {
if (logInternalServiceInvocation) {
log.warn("Invoking '{}' from another service", ctx.getSignature());
}
ValidateServiceMethodContext validatedContext = getValidateServiceMethodContext(ctx);
validateMethodParameters(ctx, validatedContext);
Object res = ctx.proceed();
validateMethodResult(ctx, validatedContext, res);
return res;
} else {
statisticsAccumulator.incMiddlewareRequestsCount();
try {
// Using UserSessionsAPI directly to make sure the session's "last used" timestamp is propagated to the cluster
UserSession userSession = userSessions.getAndRefresh(securityContext.getSessionId(), true);
if (userSession == null) {
throw new NoUserSessionException(securityContext.getSessionId());
}
ValidateServiceMethodContext validatedContext = getValidateServiceMethodContext(ctx);
validateMethodParameters(ctx, validatedContext);
boolean checkTransactionOnExit = Stores.getAdditional().isEmpty() && !persistence.isInTransaction();
log.trace("Invoking: {}, session={}", ctx.getSignature(), userSession);
Object res = ctx.proceed();
validateMethodResult(ctx, validatedContext, res);
if (checkTransactionOnExit && persistence.isInTransaction()) {
log.warn("Open transaction left in {}", ctx.getSignature().toShortString());
}
return res;
} catch (Throwable e) {
logException(e, ctx);
// Propagate the special exception to avoid serialization errors on remote clients
throw new RemoteException(e);
}
}
} finally {
securityContext.decServiceInvocation();
}
}
use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.
the class UserSessionSourceImpl method getUserSession.
@Override
public UserSession getUserSession() {
SecurityContext securityContext = AppContext.getSecurityContextNN();
if (securityContext.getSession() != null && securityContext.getSession().isSystem()) {
return securityContext.getSession();
}
UserSession session = userSessions.getAndRefresh(securityContext.getSessionId());
if (session == null) {
throw new NoUserSessionException(securityContext.getSessionId());
}
return session;
}
use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.
the class TestUserSessionSource method getUserSession.
@Override
public synchronized UserSession getUserSession() {
if (exceptionOnGetUserSession) {
throw new NoUserSessionException(UUID.fromString(USER_ID));
}
if (session == null) {
User user = new User();
user.setId(UUID.fromString(USER_ID));
user.setLogin("test_admin");
user.setName("Test Administrator");
user.setPassword(DigestUtils.md5Hex("test_admin"));
session = new UserSession(UUID.randomUUID(), user, Collections.<Role>emptyList(), Locale.forLanguageTag("en"), false);
}
return session;
}
use of com.haulmont.cuba.security.global.UserSession in project cuba by cuba-platform.
the class Connection method login.
public void login(String login, String password, Locale locale) throws LoginException {
UserSession userSession = doLogin(login, password, locale, getLoginParams());
ClientUserSession clientUserSession = new ClientUserSession(userSession);
clientUserSession.setAuthenticated(true);
session = clientUserSession;
AppContext.setSecurityContext(new SecurityContext(session));
log.info("Logged in: {}", session);
updateSessionClientInfo();
connected = true;
fireConnectionListeners();
}
Aggregations