Search in sources :

Example 66 with IdentityUser

use of com.sequenceiq.cloudbreak.common.model.user.IdentityUser in project cloudbreak by hortonworks.

the class SecurityGroupController method getPublic.

@Override
public SecurityGroupResponse getPublic(String name) {
    IdentityUser user = authenticatedUserService.getCbUser();
    SecurityGroup securityGroup = securityGroupService.getPublicSecurityGroup(name, user);
    return convert(securityGroup);
}
Also used : IdentityUser(com.sequenceiq.cloudbreak.common.model.user.IdentityUser) SecurityGroup(com.sequenceiq.cloudbreak.domain.SecurityGroup)

Example 67 with IdentityUser

use of com.sequenceiq.cloudbreak.common.model.user.IdentityUser in project cloudbreak by hortonworks.

the class SecurityGroupController method getPublics.

@Override
public Set<SecurityGroupResponse> getPublics() {
    IdentityUser user = authenticatedUserService.getCbUser();
    Set<SecurityGroup> securityGroups = securityGroupService.retrieveAccountSecurityGroups(user);
    return convert(securityGroups);
}
Also used : IdentityUser(com.sequenceiq.cloudbreak.common.model.user.IdentityUser) SecurityGroup(com.sequenceiq.cloudbreak.domain.SecurityGroup)

Example 68 with IdentityUser

use of com.sequenceiq.cloudbreak.common.model.user.IdentityUser in project cloudbreak by hortonworks.

the class SecurityGroupController method getPrivates.

@Override
public Set<SecurityGroupResponse> getPrivates() {
    IdentityUser user = authenticatedUserService.getCbUser();
    Set<SecurityGroup> securityGroups = securityGroupService.retrievePrivateSecurityGroups(user);
    return convert(securityGroups);
}
Also used : IdentityUser(com.sequenceiq.cloudbreak.common.model.user.IdentityUser) SecurityGroup(com.sequenceiq.cloudbreak.domain.SecurityGroup)

Example 69 with IdentityUser

use of com.sequenceiq.cloudbreak.common.model.user.IdentityUser in project cloudbreak by hortonworks.

the class OwnerBasedPermissionEvaluator method hasPermission.

@Override
public boolean hasPermission(Authentication authentication, Object target, Object permission) {
    Permission p = Permission.valueOf(permission.toString().toUpperCase());
    if (target == null) {
        return false;
    }
    OAuth2Authentication oauth = (OAuth2Authentication) authentication;
    if (oauth.getUserAuthentication() == null) {
        return oauth.getOAuth2Request().getScope().contains(AUTO_SCALE_SCOPE);
    }
    IdentityUser user = userDetailsService.getDetails((String) authentication.getPrincipal(), UserFilterField.USERNAME);
    Collection<?> targets = target instanceof Collection ? (Collection<?>) target : Collections.singleton(target);
    return targets.stream().allMatch(t -> {
        try {
            return hasPermission(user, p, t);
        } catch (IllegalAccessException e) {
            LOGGER.error("Object doesn't have properties to check permission with class: " + t.getClass().getCanonicalName(), e);
            return false;
        }
    });
}
Also used : IdentityUser(com.sequenceiq.cloudbreak.common.model.user.IdentityUser) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Collection(java.util.Collection)

Example 70 with IdentityUser

use of com.sequenceiq.cloudbreak.common.model.user.IdentityUser in project cloudbreak by hortonworks.

the class ScimAccountGroupReaderFilter method doFilterInternal.

@Override
protected void doFilterInternal(HttpServletRequest request, HttpServletResponse response, FilterChain filterChain) throws ServletException, IOException {
    Authentication authentication = SecurityContextHolder.getContext().getAuthentication();
    if (authentication != null) {
        OAuth2Authentication oauth = (OAuth2Authentication) authentication;
        if (oauth.getUserAuthentication() != null) {
            String username = (String) authentication.getPrincipal();
            IdentityUser user = userDetailsService.getDetails(username, UserFilterField.USERNAME);
            request.setAttribute("user", user);
        }
    }
    filterChain.doFilter(request, response);
}
Also used : IdentityUser(com.sequenceiq.cloudbreak.common.model.user.IdentityUser) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication) Authentication(org.springframework.security.core.Authentication) OAuth2Authentication(org.springframework.security.oauth2.provider.OAuth2Authentication)

Aggregations

IdentityUser (com.sequenceiq.cloudbreak.common.model.user.IdentityUser)133 Test (org.junit.Test)14 Stack (com.sequenceiq.cloudbreak.domain.Stack)13 UserFilterField (com.sequenceiq.cloudbreak.common.service.user.UserFilterField)9 Async (org.springframework.scheduling.annotation.Async)9 Blueprint (com.sequenceiq.cloudbreak.domain.Blueprint)8 Credential (com.sequenceiq.cloudbreak.domain.Credential)8 FlexSubscription (com.sequenceiq.cloudbreak.domain.FlexSubscription)8 Cluster (com.sequenceiq.cloudbreak.domain.Cluster)7 LdapConfig (com.sequenceiq.cloudbreak.domain.LdapConfig)7 ProxyConfig (com.sequenceiq.cloudbreak.domain.ProxyConfig)7 ImageCatalog (com.sequenceiq.cloudbreak.domain.ImageCatalog)6 RDSConfig (com.sequenceiq.cloudbreak.domain.RDSConfig)6 Before (org.junit.Before)6 TestingAuthenticationToken (org.springframework.security.authentication.TestingAuthenticationToken)6 UpdateStackJson (com.sequenceiq.cloudbreak.api.model.UpdateStackJson)5 Template (com.sequenceiq.cloudbreak.domain.Template)5 ConstraintTemplate (com.sequenceiq.cloudbreak.domain.ConstraintTemplate)4 Network (com.sequenceiq.cloudbreak.domain.Network)4 Recipe (com.sequenceiq.cloudbreak.domain.Recipe)4