Examples with ScaleApprovalData com.tremolosecurity.scalejs.data.ScaleApprovalData used on opensource projects

Search in sources :

Example 1 with ScaleApprovalData

use of com.tremolosecurity.scalejs.data.ScaleApprovalData in project OpenUnison by TremoloSecurity.

the class ScaleMain method doFilter.

@Override
public void doFilter(HttpFilterRequest request, HttpFilterResponse response, HttpFilterChain chain) throws Exception {
    Gson gson = new Gson();
    request.getServletRequest().setAttribute("com.tremolosecurity.unison.proxy.noRedirectOnError", "com.tremolosecurity.unison.proxy.noRedirectOnError");
    try {
        if (request.getRequestURI().endsWith("/main/config")) {
            if (scaleConfig.getUiDecisions() != null) {
                AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
                Set<String> allowedAttrs = this.scaleConfig.getUiDecisions().availableAttributes(userData, request.getServletRequest());
                ScaleConfig local = new ScaleConfig(this.scaleConfig);
                if (allowedAttrs != null) {
                    for (String attrName : this.scaleConfig.getAttributes().keySet()) {
                        if (!allowedAttrs.contains(attrName)) {
                            local.getAttributes().remove(attrName);
                        }
                    }
                }
                local.setCanEditUser(this.scaleConfig.getUiDecisions().canEditUser(userData, request.getServletRequest()));
                ScaleJSUtils.addCacheHeaders(response);
                response.setContentType("application/json");
                response.getWriter().println(gson.toJson(local).trim());
            } else {
                ScaleJSUtils.addCacheHeaders(response);
                response.setContentType("application/json");
                response.getWriter().println(gson.toJson(scaleConfig).trim());
            }
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().endsWith("/main/user")) {
            lookupUser(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("PUT") && request.getRequestURI().endsWith("/main/user")) {
            saveUser(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().endsWith("/main/orgs")) {
            AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
            AzSys az = new AzSys();
            OrgType ot = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getOrg();
            Organization org = new Organization();
            copyOrg(org, ot, az, userData);
            ScaleJSUtils.addCacheHeaders(response);
            response.setContentType("application/json");
            response.getWriter().println(gson.toJson(org).trim());
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/workflows/org/")) {
            loadWorkflows(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/workflows/candelegate")) {
            try {
                AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
                OrgType ot = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getOrg();
                AzSys az = new AzSys();
                HashSet<String> allowedOrgs = new HashSet<String>();
                this.checkOrg(allowedOrgs, ot, az, userData, request.getSession());
                String workflowName = request.getParameter("workflowName").getValues().get(0);
                // need to check org
                String orgid = null;
                for (WorkflowType wf : GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getWorkflows().getWorkflow()) {
                    if (wf.getName().equals(workflowName)) {
                        orgid = wf.getOrgid();
                        break;
                    }
                }
                PreCheckResponse preCheckResp = new PreCheckResponse();
                if (request.getParameter("uuid") != null) {
                    preCheckResp.setUuid(request.getParameter("uuid").getValues().get(0));
                }
                checkPreCheck(request, userData, allowedOrgs, workflowName, orgid, preCheckResp);
                ScaleJSUtils.addCacheHeaders(response);
                response.getWriter().print(gson.toJson(preCheckResp).trim());
                response.getWriter().flush();
            } catch (Throwable t) {
                logger.error("Could not check for preapproval status", t);
                response.setStatus(500);
                response.setContentType("application/json");
                ScaleJSUtils.addCacheHeaders(response);
                ScaleError error = new ScaleError();
                error.getErrors().add("Unable to check");
                response.getWriter().print(gson.toJson(error).trim());
                response.getWriter().flush();
            }
        } else if (request.getMethod().equalsIgnoreCase("PUT") && request.getRequestURI().endsWith("/main/workflows")) {
            executeWorkflows(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().endsWith("/main/approvals")) {
            AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
            String uid = userData.getAttribs().get(this.scaleConfig.getUidAttributeName()).getValues().get(0);
            response.setContentType("application/json");
            ScaleJSUtils.addCacheHeaders(response);
            response.getWriter().println(gson.toJson(ServiceActions.listOpenApprovals(uid, this.scaleConfig.getDisplayNameAttribute(), GlobalEntries.getGlobalEntries().getConfigManager())).trim());
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/approvals/")) {
            loadApproval(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("PUT") && request.getRequestURI().contains("/main/approvals/")) {
            int approvalID = Integer.parseInt(request.getRequestURI().substring(request.getRequestURI().lastIndexOf('/') + 1));
            AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
            String uid = userData.getAttribs().get(this.scaleConfig.getUidAttributeName()).getValues().get(0);
            boolean ok = false;
            ApprovalSummaries summaries = ServiceActions.listOpenApprovals(uid, this.scaleConfig.getDisplayNameAttribute(), GlobalEntries.getGlobalEntries().getConfigManager());
            for (ApprovalSummary as : summaries.getApprovals()) {
                if (as.getApproval() == approvalID) {
                    ok = true;
                }
            }
            if (!ok) {
                response.setStatus(401);
                response.setContentType("application/json");
                ScaleJSUtils.addCacheHeaders(response);
                ScaleError error = new ScaleError();
                error.getErrors().add("Unauthorized");
                response.getWriter().print(gson.toJson(error).trim());
                response.getWriter().flush();
            } else {
                ScaleApprovalData approvalData = gson.fromJson(new String((byte[]) request.getAttribute(ProxySys.MSG_BODY)), ScaleApprovalData.class);
                try {
                    String approval = approvalData.getReason().trim();
                    if (approval.length() > 255) {
                        logger.warn("approval justification greater then 255 characters");
                        approval = approval.substring(0, 255);
                    }
                    GlobalEntries.getGlobalEntries().getConfigManager().getProvisioningEngine().doApproval(approvalID, uid, approvalData.isApproved(), approval);
                } catch (Exception e) {
                    logger.error("Could not execute approval", e);
                    response.setStatus(500);
                    ScaleError error = new ScaleError();
                    error.getErrors().add("There was a problem completeding your request, please contact your system administrator");
                    ScaleJSUtils.addCacheHeaders(response);
                    response.getWriter().print(gson.toJson(error).trim());
                    response.getWriter().flush();
                }
            }
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/reports/org/")) {
            loadReports(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/reports/excel/")) {
            exportToExcel(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/reports/")) {
            runReport(request, response, gson);
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().endsWith("/main/urls")) {
            AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
            AzSys az = new AzSys();
            PortalUrlsType pt = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getPortal();
            PortalURLs urls = new PortalURLs();
            if (pt != null && pt.getUrls() != null) {
                for (PortalUrlType url : pt.getUrls()) {
                    if (url.getAzRules() != null && url.getAzRules().getRule().size() > 0) {
                        ArrayList<AzRule> rules = new ArrayList<AzRule>();
                        for (AzRuleType art : url.getAzRules().getRule()) {
                            rules.add(new AzRule(art.getScope(), art.getConstraint(), art.getClassName(), GlobalEntries.getGlobalEntries().getConfigManager(), null));
                        }
                        if (!az.checkRules(userData, GlobalEntries.getGlobalEntries().getConfigManager(), rules, request.getSession(), this.appType, new HashMap<String, Object>())) {
                            continue;
                        }
                    }
                    PortalURL purl = new PortalURL();
                    purl.setName(url.getName());
                    purl.setLabel(url.getLabel());
                    purl.setOrg(url.getOrg());
                    purl.setUrl(url.getUrl());
                    purl.setIcon(url.getIcon());
                    urls.getUrls().add(purl);
                }
            }
            ScaleJSUtils.addCacheHeaders(response);
            response.getWriter().print(gson.toJson(urls.getUrls()).trim());
            response.getWriter().flush();
        } else if (request.getMethod().equalsIgnoreCase("GET") && request.getRequestURI().contains("/main/urls/org")) {
            String id = URLDecoder.decode(request.getRequestURI().substring(request.getRequestURI().lastIndexOf('/') + 1), "UTF-8");
            AuthInfo userData = ((AuthController) request.getSession().getAttribute(ProxyConstants.AUTH_CTL)).getAuthInfo();
            AzSys az = new AzSys();
            PortalUrlsType pt = GlobalEntries.getGlobalEntries().getConfigManager().getCfg().getProvisioning().getPortal();
            PortalURLs urls = new PortalURLs();
            for (PortalUrlType url : pt.getUrls()) {
                if (url.getOrg().equalsIgnoreCase(id)) {
                    if (url.getAzRules() != null && url.getAzRules().getRule().size() > 0) {
                        ArrayList<AzRule> rules = new ArrayList<AzRule>();
                        for (AzRuleType art : url.getAzRules().getRule()) {
                            rules.add(new AzRule(art.getScope(), art.getConstraint(), art.getClassName(), GlobalEntries.getGlobalEntries().getConfigManager(), null));
                        }
                        if (!az.checkRules(userData, GlobalEntries.getGlobalEntries().getConfigManager(), rules, request.getSession(), this.appType, new HashMap<String, Object>())) {
                            continue;
                        }
                    }
                    PortalURL purl = new PortalURL();
                    purl.setName(url.getName());
                    purl.setLabel(url.getLabel());
                    purl.setOrg(url.getOrg());
                    purl.setUrl(url.getUrl());
                    purl.setIcon(url.getIcon());
                    urls.getUrls().add(purl);
                }
            }
            ScaleJSUtils.addCacheHeaders(response);
            response.getWriter().print(gson.toJson(urls.getUrls()).trim());
            response.getWriter().flush();
        } else {
            response.setStatus(500);
            ScaleError error = new ScaleError();
            error.getErrors().add("Operation not supported");
            ScaleJSUtils.addCacheHeaders(response);
            response.getWriter().print(gson.toJson(error).trim());
            response.getWriter().flush();
        }
    } catch (Throwable t) {
        logger.error("Could not execute request", t);
        response.setStatus(500);
        ScaleError error = new ScaleError();
        error.getErrors().add("Operation not supported");
        ScaleJSUtils.addCacheHeaders(response);
        response.getWriter().print(gson.toJson(error).trim());
        response.getWriter().flush();
    }
}
Also used : Organization(com.tremolosecurity.provisioning.service.util.Organization) PortalUrlType(com.tremolosecurity.config.xml.PortalUrlType) PortalURL(com.tremolosecurity.provisioning.service.util.PortalURL) HashMap(java.util.HashMap) PortalURLs(com.tremolosecurity.provisioning.service.util.PortalURLs) ArrayList(java.util.ArrayList) Gson(com.google.gson.Gson) PortalUrlsType(com.tremolosecurity.config.xml.PortalUrlsType) XSSFRichTextString(org.apache.poi.xssf.usermodel.XSSFRichTextString) RichTextString(org.apache.poi.ss.usermodel.RichTextString) AzRuleType(com.tremolosecurity.config.xml.AzRuleType) ApprovalSummaries(com.tremolosecurity.provisioning.service.util.ApprovalSummaries) HashSet(java.util.HashSet) ApprovalSummary(com.tremolosecurity.provisioning.service.util.ApprovalSummary) AuthInfo(com.tremolosecurity.proxy.auth.AuthInfo) PreCheckResponse(com.tremolosecurity.scalejs.data.PreCheckResponse) ScaleApprovalData(com.tremolosecurity.scalejs.data.ScaleApprovalData) ScaleError(com.tremolosecurity.scalejs.data.ScaleError) AuthController(com.tremolosecurity.proxy.auth.AuthController) ProvisioningException(com.tremolosecurity.provisioning.core.ProvisioningException) LDAPException(com.novell.ldap.LDAPException) SQLException(java.sql.SQLException) IOException(java.io.IOException) UnsupportedEncodingException(java.io.UnsupportedEncodingException) MalformedURLException(java.net.MalformedURLException) OrgType(com.tremolosecurity.config.xml.OrgType) WorkflowType(com.tremolosecurity.config.xml.WorkflowType) AzSys(com.tremolosecurity.proxy.auth.AzSys) JsonObject(com.google.gson.JsonObject) AzRule(com.tremolosecurity.proxy.az.AzRule) ScaleConfig(com.tremolosecurity.scalejs.cfg.ScaleConfig)

Aggregations

Gson (com.google.gson.Gson)1 JsonObject (com.google.gson.JsonObject)1 LDAPException (com.novell.ldap.LDAPException)1 AzRuleType (com.tremolosecurity.config.xml.AzRuleType)1 OrgType (com.tremolosecurity.config.xml.OrgType)1 PortalUrlType (com.tremolosecurity.config.xml.PortalUrlType)1 PortalUrlsType (com.tremolosecurity.config.xml.PortalUrlsType)1 WorkflowType (com.tremolosecurity.config.xml.WorkflowType)1 ProvisioningException (com.tremolosecurity.provisioning.core.ProvisioningException)1 ApprovalSummaries (com.tremolosecurity.provisioning.service.util.ApprovalSummaries)1 ApprovalSummary (com.tremolosecurity.provisioning.service.util.ApprovalSummary)1 Organization (com.tremolosecurity.provisioning.service.util.Organization)1 PortalURL (com.tremolosecurity.provisioning.service.util.PortalURL)1 PortalURLs (com.tremolosecurity.provisioning.service.util.PortalURLs)1 AuthController (com.tremolosecurity.proxy.auth.AuthController)1 AuthInfo (com.tremolosecurity.proxy.auth.AuthInfo)1 AzSys (com.tremolosecurity.proxy.auth.AzSys)1 AzRule (com.tremolosecurity.proxy.az.AzRule)1 ScaleConfig (com.tremolosecurity.scalejs.cfg.ScaleConfig)1 PreCheckResponse (com.tremolosecurity.scalejs.data.PreCheckResponse)1
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial