Examples with UsernamePrincipal com.thinkbiganalytics.security.UsernamePrincipal used on opensource projects

Search in sources :

Example 1 with UsernamePrincipal

use of com.thinkbiganalytics.security.UsernamePrincipal in project kylo by Teradata.

the class JpaFeedProviderTest method testFindFeedUsingGenericFilter.

@WithMockJaasUser(username = "dladmin", password = "secret", authorities = { "admin" })
@Test
public void testFindFeedUsingGenericFilter() {
    // Create feed
    final String name = "testCategory.testFeed";
    final String id = metadataAccess.commit(() -> {
        final OpsManagerFeed.ID feedId = feedProvider.resolveId(UUID.randomUUID().toString());
        feedProvider.save(feedId, name, false, 1000L);
        return feedId.toString();
    });
    // Add ACL entries
    final BaseFeed.FeedId feedId = new BaseFeed.FeedId(id);
    final JpaFeedOpsAclEntry userAcl = new JpaFeedOpsAclEntry(feedId, "dladmin", JpaFeedOpsAclEntry.PrincipalType.USER);
    final JpaFeedOpsAclEntry adminAcl = new JpaFeedOpsAclEntry(feedId, "admin", JpaFeedOpsAclEntry.PrincipalType.GROUP);
    aclProvider.grantAccess(feedId, new UsernamePrincipal("dladmin"), new GroupPrincipal("admin"));
    // Verify access to feeds
    metadataAccess.read(() -> {
        List<OpsManagerFeed> feeds = feedProvider.findAll("name:" + name);
        Assert.assertTrue(feeds != null && !feeds.isEmpty());
        List<String> feedNames = feedProvider.getFeedNames();
        Assert.assertTrue(feedNames != null && !feedNames.isEmpty());
        return feeds;
    });
}
Also used : UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) OpsManagerFeed(com.thinkbiganalytics.metadata.api.feed.OpsManagerFeed) GroupPrincipal(com.thinkbiganalytics.security.GroupPrincipal) BaseFeed(com.thinkbiganalytics.metadata.core.feed.BaseFeed) JpaFeedOpsAclEntry(com.thinkbiganalytics.metadata.jpa.feed.security.JpaFeedOpsAclEntry) Test(org.junit.Test) WithMockJaasUser(com.thinkbiganalytics.test.security.WithMockJaasUser)

Example 2 with UsernamePrincipal

use of com.thinkbiganalytics.security.UsernamePrincipal in project kylo by Teradata.

the class JcrUserProviderTest method testUserGetPrincipals.

@Test(dependsOnMethods = "testAddUsersMembers")
public void testUserGetPrincipals() {
    metadata.read(() -> {
        User user1 = this.provider.findUserBySystemName("user1").get();
        User user2 = this.provider.findUserBySystemName("user2").get();
        User user3 = this.provider.findUserBySystemName("user3").get();
        assertThat(user1.getPrincipal()).isEqualTo(new UsernamePrincipal("user1"));
        assertThat(user2.getPrincipal()).isEqualTo(new UsernamePrincipal("user2"));
        assertThat(user3.getPrincipal()).isEqualTo(new UsernamePrincipal("user3"));
    });
}
Also used : UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) User(com.thinkbiganalytics.metadata.api.user.User) Test(org.testng.annotations.Test)

Example 3 with UsernamePrincipal

use of com.thinkbiganalytics.security.UsernamePrincipal in project kylo by Teradata.

the class JcrProjectProvider method getMyEditableProjects.

@Override
public List<Project> getMyEditableProjects() {
    UsernamePrincipal user = JcrMetadataAccess.getActiveUser();
    logger.debug("user={}", user);
    List<Project> projects = getProjects();
    return projects.stream().filter(prj -> {
        try {
            prj.getAllowedActions().checkPermission(ProjectAccessControl.EDIT_PROJECT);
            return true;
        } catch (AccessControlException ace) {
            return false;
        }
    }).collect(Collectors.toList());
}
Also used : UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) AllowedEntityActionsProvider(com.thinkbiganalytics.security.action.AllowedEntityActionsProvider) LoggerFactory(org.slf4j.LoggerFactory) JcrProject(com.thinkbiganalytics.metadata.modeshape.project.JcrProject) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) AllowedActions(com.thinkbiganalytics.security.action.AllowedActions) Inject(javax.inject.Inject) JcrQueryUtil(com.thinkbiganalytics.metadata.modeshape.support.JcrQueryUtil) SecurityRole(com.thinkbiganalytics.security.role.SecurityRole) RepositoryException(javax.jcr.RepositoryException) Node(javax.jcr.Node) Map(java.util.Map) AccessController(com.thinkbiganalytics.security.AccessController) Nonnull(javax.annotation.Nonnull) ImmutableSet(com.google.common.collect.ImmutableSet) Logger(org.slf4j.Logger) RoleMembership(com.thinkbiganalytics.metadata.api.security.RoleMembership) UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) Session(javax.jcr.Session) Set(java.util.Set) ProjectAccessControl(com.thinkbiganalytics.metadata.api.project.security.ProjectAccessControl) ProjectPaths(com.thinkbiganalytics.metadata.modeshape.project.ProjectPaths) Collectors(java.util.stream.Collectors) Sets(com.google.common.collect.Sets) Project(com.thinkbiganalytics.metadata.api.project.Project) Serializable(java.io.Serializable) SecurityRoleProvider(com.thinkbiganalytics.security.role.SecurityRoleProvider) List(java.util.List) AccessControlException(java.security.AccessControlException) JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) Optional(java.util.Optional) JcrUtil(com.thinkbiganalytics.metadata.modeshape.support.JcrUtil) BaseJcrProvider(com.thinkbiganalytics.metadata.modeshape.BaseJcrProvider) Collections(java.util.Collections) JcrMetadataAccess(com.thinkbiganalytics.metadata.modeshape.JcrMetadataAccess) JcrEntity(com.thinkbiganalytics.metadata.modeshape.common.JcrEntity) JcrProject(com.thinkbiganalytics.metadata.modeshape.project.JcrProject) Project(com.thinkbiganalytics.metadata.api.project.Project) AccessControlException(java.security.AccessControlException)

Example 4 with UsernamePrincipal

use of com.thinkbiganalytics.security.UsernamePrincipal in project kylo by Teradata.

the class JcrActionsGroupBuilder method build.

/* (non-Javadoc)
     * @see com.thinkbiganalytics.security.action.config.ActionsModuleBuilder#build()
     */
@Override
public AllowedActions build() {
    try {
        Session session = this.protoActionsNode.getSession();
        JcrAccessControlUtil.addPermissions(this.protoActionsNode, this.managementPrincipal, Privilege.JCR_ALL);
        JcrAccessControlUtil.addPermissions(this.protoActionsNode, new UsernamePrincipal(session.getUserID()), Privilege.JCR_ALL);
        JcrAccessControlUtil.addPermissions(this.protoActionsNode, SimplePrincipal.EVERYONE, Privilege.JCR_READ);
        JcrAllowedActions protoAllowed = new JcrAllowedActions(this.protoActionsNode);
        return protoAllowed;
    } catch (RepositoryException e) {
        throw new MetadataRepositoryException("Failed to build action", e);
    }
}
Also used : UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) MetadataRepositoryException(com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException) RepositoryException(javax.jcr.RepositoryException) Session(javax.jcr.Session)

Example 5 with UsernamePrincipal

use of com.thinkbiganalytics.security.UsernamePrincipal in project kylo by Teradata.

the class JcrDatasourceProvider method ensureDatasourceDetails.

@Override
public <D extends DatasourceDetails> Optional<D> ensureDatasourceDetails(@Nonnull final Datasource.ID id, @Nonnull final Class<D> type) {
    try {
        // Ensure the data source exists
        final Optional<JcrUserDatasource> parent = Optional.ofNullable(getDatasource(id)).filter(JcrUserDatasource.class::isInstance).map(JcrUserDatasource.class::cast);
        if (!parent.isPresent()) {
            return Optional.empty();
        }
        // Create the details
        final Class<? extends JcrDatasourceDetails> implType = JcrUserDatasource.resolveDetailsClass(type);
        final boolean isNew = !hasEntityNode(parent.get().getPath(), JcrUserDatasource.DETAILS);
        final Node node = findOrCreateEntityNode(parent.get().getPath(), JcrUserDatasource.DETAILS, implType);
        @SuppressWarnings("unchecked") final D details = (D) JcrUtil.createJcrObject(node, implType);
        // Re-assign permissions to data source
        if (isNew) {
            final UsernamePrincipal owner = parent.map(JcrUserDatasource::getOwner).map(Principal::getName).map(UsernamePrincipal::new).orElse(JcrMetadataAccess.getActiveUser());
            if (accessController.isEntityAccessControlled()) {
                final List<SecurityRole> roles = roleProvider.getEntityRoles(SecurityRole.DATASOURCE);
                actionsProvider.getAvailableActions(AllowedActions.DATASOURCE).ifPresent(actions -> parent.get().enableAccessControl((JcrAllowedActions) actions, owner, roles));
            } else {
                actionsProvider.getAvailableActions(AllowedActions.DATASOURCE).ifPresent(actions -> parent.get().disableAccessControl((JcrAllowedActions) actions, owner));
            }
        }
        return Optional.of(details);
    } catch (final IllegalArgumentException e) {
        throw new MetadataException("Unable to create datasource details: " + type, e);
    }
}
Also used : SecurityRole(com.thinkbiganalytics.security.role.SecurityRole) Node(javax.jcr.Node) MetadataException(com.thinkbiganalytics.metadata.api.MetadataException) UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) JcrAllowedActions(com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions) UsernamePrincipal(com.thinkbiganalytics.security.UsernamePrincipal) Principal(java.security.Principal)

Aggregations

UsernamePrincipal (com.thinkbiganalytics.security.UsernamePrincipal)20 GroupPrincipal (com.thinkbiganalytics.security.GroupPrincipal)9 Principal (java.security.Principal)5 Subject (javax.security.auth.Subject)5 Project (com.thinkbiganalytics.metadata.api.project.Project)3 JcrProject (com.thinkbiganalytics.metadata.modeshape.project.JcrProject)3 NameCallback (javax.security.auth.callback.NameCallback)3 PasswordCallback (javax.security.auth.callback.PasswordCallback)3 MetadataRepositoryException (com.thinkbiganalytics.metadata.modeshape.MetadataRepositoryException)2 JcrAllowedActions (com.thinkbiganalytics.metadata.modeshape.security.action.JcrAllowedActions)2 SecurityRole (com.thinkbiganalytics.security.role.SecurityRole)2 List (java.util.List)2 Node (javax.jcr.Node)2 RepositoryException (javax.jcr.RepositoryException)2 Session (javax.jcr.Session)2 Test (org.testng.annotations.Test)2 ImmutableSet (com.google.common.collect.ImmutableSet)1 Sets (com.google.common.collect.Sets)1 MetadataException (com.thinkbiganalytics.metadata.api.MetadataException)1 OpsManagerFeed (com.thinkbiganalytics.metadata.api.feed.OpsManagerFeed)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial