Examples with User - com.hortonworks.streamline.streams.security.catalog.User

Example 11 with User

use of com.hortonworks.streamline.streams.security.catalog.User in project streamline by hortonworks.

the class SecurityCatalogService method fillRoles.

private User fillRoles(User user) {
    User res = null;
    if (user != null) {
        User userWithRole = new User(user);
        userWithRole.setRoles(Collections.emptySet());
        List<QueryParam> qps = QueryParam.params(UserRole.USER_ID, String.valueOf(user.getId()));
        listUserRoles(qps).forEach(userRole -> {
            userWithRole.addRole(getRole(userRole.getRoleId()).getName());
        });
        res = userWithRole;
    }
    return res;
}

Also used : User(com.hortonworks.streamline.streams.security.catalog.User) QueryParam(com.hortonworks.registries.common.QueryParam)

Example 12 with User

use of com.hortonworks.streamline.streams.security.catalog.User in project streamline by hortonworks.

the class SecurityCatalogService method getUser.

public User getUser(Long userId) {
    User user = new User();
    user.setId(userId);
    return fillRoles(this.dao.<User>get(new StorableKey(User.NAMESPACE, user.getPrimaryKey())));
}

Also used : User(com.hortonworks.streamline.streams.security.catalog.User) StorableKey(com.hortonworks.registries.storage.StorableKey)

Example 13 with User

use of com.hortonworks.streamline.streams.security.catalog.User in project streamline by hortonworks.

the class SecurityCatalogService method removeUser.

public User removeUser(Long userId) {
    User userToRemove = getUser(userId);
    if (userToRemove != null) {
        if (userToRemove.getRoles() != null) {
            userToRemove.getRoles().forEach(roleName -> {
                Optional<Role> r = getRole(roleName);
                if (r.isPresent()) {
                    removeUserRole(userId, r.get().getId());
                }
            });
        }
        // remove permissions assigned to user
        LOG.debug("Removing ACL entries for user {}", userToRemove);
        List<QueryParam> qps = QueryParam.params(AclEntry.SID_ID, String.valueOf(userId), AclEntry.SID_TYPE, AclEntry.SidType.USER.toString());
        listAcls(qps).forEach(aclEntry -> removeAcl(aclEntry.getId()));
        return dao.remove(new StorableKey(User.NAMESPACE, userToRemove.getPrimaryKey()));
    }
    throw new IllegalArgumentException("No user with id: " + userId);
}

Also used : UserRole(com.hortonworks.streamline.streams.security.catalog.UserRole) Role(com.hortonworks.streamline.streams.security.catalog.Role) User(com.hortonworks.streamline.streams.security.catalog.User) QueryParam(com.hortonworks.registries.common.QueryParam) StorableKey(com.hortonworks.registries.storage.StorableKey)

Example 14 with User

use of com.hortonworks.streamline.streams.security.catalog.User in project streamline by hortonworks.

the class DefaultStreamlineAuthorizer method addAcl.

@Override
public void addAcl(AuthenticationContext ctx, String targetEntityNamespace, Long targetEntityId, boolean owner, boolean grant, EnumSet<Permission> permissions) {
    validateAuthenticationContext(ctx);
    String userName = SecurityUtil.getUserName(ctx);
    User user = catalogService.getUser(userName);
    if (user == null || user.getId() == null) {
        String msg = String.format("No such user '%s'", userName);
        LOG.warn(msg);
        throw new AuthorizationException(msg);
    }
    AclEntry aclEntry = new AclEntry();
    aclEntry.setObjectId(targetEntityId);
    aclEntry.setObjectNamespace(targetEntityNamespace);
    aclEntry.setSidId(user.getId());
    aclEntry.setSidType(AclEntry.SidType.USER);
    aclEntry.setOwner(owner);
    aclEntry.setGrant(grant);
    aclEntry.setPermissions(permissions);
    catalogService.addAcl(aclEntry);
}

Also used : User(com.hortonworks.streamline.streams.security.catalog.User) AuthorizationException(com.hortonworks.streamline.streams.security.AuthorizationException) AclEntry(com.hortonworks.streamline.streams.security.catalog.AclEntry)

Example 15 with User

use of com.hortonworks.streamline.streams.security.catalog.User in project streamline by hortonworks.

the class DefaultStreamlineAuthorizer method mayBeAddAdminUsers.

private void mayBeAddAdminUsers() {
    LOG.info("Checking user entries for admin users");
    adminUsers.stream().filter(name -> {
        User user = catalogService.getUser(name);
        if (user != null) {
            LOG.info("Entry for user '{}' already exists", name);
            return false;
        } else {
            return true;
        }
    }).forEach(name -> {
        User user = new User();
        user.setName(name);
        user.setEmail(name + "@auto-generated.com");
        user.setMetadata("{\"colorCode\":\"#8261be\",\"colorLabel\":\"purple\",\"icon\":\"gears\"}");
        try {
            User addedUser = catalogService.addUser(user);
            LOG.info("Added admin user entry: {}", addedUser);
        } catch (DuplicateEntityException exception) {
            // In HA setup the other server may have already added the user.
            LOG.info("Caught exception: " + ExceptionUtils.getStackTrace(exception));
            LOG.info("Admin user entry: {} already exists.", user);
        }
    });
}

Also used : DuplicateEntityException(com.hortonworks.streamline.common.exception.DuplicateEntityException) SecurityUtil(com.hortonworks.streamline.streams.security.SecurityUtil) AclEntry(com.hortonworks.streamline.streams.security.catalog.AclEntry) Roles(com.hortonworks.streamline.streams.security.Roles) User(com.hortonworks.streamline.streams.security.catalog.User) Logger(org.slf4j.Logger) Permission(com.hortonworks.streamline.streams.security.Permission) SecurityCatalogService(com.hortonworks.streamline.streams.security.service.SecurityCatalogService) LoggerFactory(org.slf4j.LoggerFactory) AuthorizationException(com.hortonworks.streamline.streams.security.AuthorizationException) Set(java.util.Set) Collectors(java.util.stream.Collectors) Map(java.util.Map) Optional(java.util.Optional) AuthenticationContext(com.hortonworks.streamline.streams.security.AuthenticationContext) StreamlineAuthorizer(com.hortonworks.streamline.streams.security.StreamlineAuthorizer) Role(com.hortonworks.streamline.streams.security.catalog.Role) EnumSet(java.util.EnumSet) ExceptionUtils(org.apache.commons.lang3.exception.ExceptionUtils) User(com.hortonworks.streamline.streams.security.catalog.User) DuplicateEntityException(com.hortonworks.streamline.common.exception.DuplicateEntityException)

Aggregations

User (com.hortonworks.streamline.streams.security.catalog.User)22 Role (com.hortonworks.streamline.streams.security.catalog.Role)10 AclEntry (com.hortonworks.streamline.streams.security.catalog.AclEntry)8 UserRole (com.hortonworks.streamline.streams.security.catalog.UserRole)7 Timed (com.codahale.metrics.annotation.Timed)6 QueryParam (com.hortonworks.registries.common.QueryParam)6 AuthorizationException (com.hortonworks.streamline.streams.security.AuthorizationException)6 Permission (com.hortonworks.streamline.streams.security.Permission)6 Path (javax.ws.rs.Path)6 AuthenticationContext (com.hortonworks.streamline.streams.security.AuthenticationContext)5 Roles (com.hortonworks.streamline.streams.security.Roles)4 SecurityUtil (com.hortonworks.streamline.streams.security.SecurityUtil)4 StreamlineAuthorizer (com.hortonworks.streamline.streams.security.StreamlineAuthorizer)4 Principal (java.security.Principal)4 EnumSet (java.util.EnumSet)4 Set (java.util.Set)4 Collectors (java.util.stream.Collectors)4 POST (javax.ws.rs.POST)4 Date (java.util.Date)3 DELETE (javax.ws.rs.DELETE)3