Examples with DatawavePrincipal datawave.security.authorization.DatawavePrincipal used on opensource projects

Search in sources :

Example 11 with DatawavePrincipal

use of datawave.security.authorization.DatawavePrincipal in project datawave by NationalSecurityAgency.

the class MapReduceStatePersisterTest method setup.

@Before
public void setup() throws Exception {
    System.setProperty(NpeUtils.NPE_OU_PROPERTY, "iamnotaperson");
    System.setProperty("dw.metadatahelper.all.auths", "A,B,C,D");
    connection = instance.getConnector("root", new PasswordToken(""));
    if (connection.tableOperations().exists(TABLE_NAME))
        connection.tableOperations().delete(TABLE_NAME);
    if (connection.tableOperations().exists(INDEX_TABLE_NAME))
        connection.tableOperations().delete(INDEX_TABLE_NAME);
    DatawaveUser user = new DatawaveUser(SubjectIssuerDNPair.of(userDN, "CN=ca, OU=acme"), UserType.USER, Arrays.asList(auths), null, null, 0L);
    principal = new DatawavePrincipal(Collections.singletonList(user));
    connectionFactory = createMock(AccumuloConnectionFactory.class);
    ctx = createStrictMock(EJBContext.class);
    bean = new MapReduceStatePersisterBean();
    field(MapReduceStatePersisterBean.class, "connectionFactory").set(bean, connectionFactory);
    field(MapReduceStatePersisterBean.class, "ctx").set(bean, ctx);
    Logger.getLogger(MapReduceStatePersisterBean.class).setLevel(Level.OFF);
}
Also used : PasswordToken(org.apache.accumulo.core.client.security.tokens.PasswordToken) EJBContext(javax.ejb.EJBContext) DatawaveUser(datawave.security.authorization.DatawaveUser) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal) AccumuloConnectionFactory(datawave.webservice.common.connection.AccumuloConnectionFactory) Before(org.junit.Before)

Example 12 with DatawavePrincipal

use of datawave.security.authorization.DatawavePrincipal in project datawave by NationalSecurityAgency.

the class MapReduceStatePersisterTest method testDontFindSomeoneElsesResults.

@Test
public void testDontFindSomeoneElsesResults() throws Exception {
    // create some entries
    testPersistentCreate();
    PowerMock.resetAll();
    id = UUID.randomUUID().toString();
    testPersistentCreate();
    PowerMock.resetAll();
    id = UUID.randomUUID().toString();
    testPersistentCreate();
    PowerMock.resetAll();
    DatawaveUser user = new DatawaveUser(SubjectIssuerDNPair.of("CN=Gal Some Other sogal, OU=acme", "CN=ca, OU=acme"), UserType.USER, Arrays.asList(auths), null, null, 0L);
    principal = new DatawavePrincipal(Collections.singletonList(user));
    EasyMock.expect(ctx.getCallerPrincipal()).andReturn(principal);
    HashMap<String, String> trackingMap = new HashMap<>();
    expect(connectionFactory.getTrackingMap(EasyMock.anyObject())).andReturn(trackingMap);
    expect(connectionFactory.getConnection(EasyMock.eq(AccumuloConnectionFactory.Priority.ADMIN), EasyMock.eq(trackingMap))).andReturn(connection);
    connectionFactory.returnConnection(connection);
    replayAll();
    MapReduceInfoResponseList result = bean.find();
    verifyAll();
    assertEquals(0, result.getResults().size());
}
Also used : HashMap(java.util.HashMap) DatawaveUser(datawave.security.authorization.DatawaveUser) MapReduceInfoResponseList(datawave.webservice.results.mr.MapReduceInfoResponseList) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal) Test(org.junit.Test)

Example 13 with DatawavePrincipal

use of datawave.security.authorization.DatawavePrincipal in project datawave by NationalSecurityAgency.

the class ModelBean method listModelNames.

/**
 * Get the names of the models
 *
 * @param modelTableName
 *            name of the table that contains the model
 * @return datawave.webservice.model.ModelList
 * @RequestHeader X-ProxiedEntitiesChain use when proxying request for user
 *
 * @HTTP 200 success
 * @HTTP 500 internal server error
 */
@GET
@Produces({ "application/xml", "text/xml", "application/json", "text/yaml", "text/x-yaml", "application/x-yaml", "application/x-protobuf", "application/x-protostuff", "text/html" })
@Path("/list")
@GZIP
@Interceptors(ResponseInterceptor.class)
public ModelList listModelNames(@QueryParam("modelTableName") String modelTableName) {
    if (modelTableName == null) {
        modelTableName = defaultModelTableName;
    }
    ModelList response = new ModelList(jqueryUri, dataTablesUri, modelTableName);
    // Find out who/what called this method
    Principal p = ctx.getCallerPrincipal();
    String user = p.getName();
    Set<Authorizations> cbAuths = new HashSet<>();
    if (p instanceof DatawavePrincipal) {
        DatawavePrincipal cp = (DatawavePrincipal) p;
        user = cp.getShortName();
        for (Collection<String> auths : cp.getAuthorizations()) {
            cbAuths.add(new Authorizations(auths.toArray(new String[auths.size()])));
        }
    }
    log.trace(user + " has authorizations " + cbAuths);
    Connector connector = null;
    HashSet<String> modelNames = new HashSet<>();
    try {
        Map<String, String> trackingMap = connectionFactory.getTrackingMap(Thread.currentThread().getStackTrace());
        connector = connectionFactory.getConnection(AccumuloConnectionFactory.Priority.LOW, trackingMap);
        try (Scanner scanner = ScannerHelper.createScanner(connector, this.checkModelTableName(modelTableName), cbAuths)) {
            for (Entry<Key, Value> entry : scanner) {
                String colf = entry.getKey().getColumnFamily().toString();
                if (!RESERVED_COLF_VALUES.contains(colf) && !modelNames.contains(colf)) {
                    String[] parts = colf.split(ModelKeyParser.NULL_BYTE);
                    if (parts.length == 1)
                        modelNames.add(colf);
                    else if (parts.length == 2)
                        modelNames.add(parts[0]);
                }
            }
        }
    } catch (Exception e) {
        QueryException qe = new QueryException(DatawaveErrorCode.MODEL_NAME_LIST_ERROR, e);
        log.error(qe);
        response.addException(qe.getBottomQueryException());
        throw new DatawaveWebApplicationException(qe, response);
    } finally {
        if (null != connector) {
            try {
                connectionFactory.returnConnection(connector);
            } catch (Exception e) {
                log.error("Error returning connection to factory", e);
            }
        }
    }
    response.setNames(modelNames);
    return response;
}
Also used : Connector(org.apache.accumulo.core.client.Connector) Scanner(org.apache.accumulo.core.client.Scanner) Authorizations(org.apache.accumulo.core.security.Authorizations) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal) DatawaveWebApplicationException(datawave.webservice.common.exception.DatawaveWebApplicationException) PreConditionFailedException(datawave.webservice.common.exception.PreConditionFailedException) NotFoundException(datawave.webservice.common.exception.NotFoundException) MutationsRejectedException(org.apache.accumulo.core.client.MutationsRejectedException) QueryException(datawave.webservice.query.exception.QueryException) ModelList(datawave.webservice.model.ModelList) QueryException(datawave.webservice.query.exception.QueryException) DefaultValue(javax.ws.rs.DefaultValue) Value(org.apache.accumulo.core.data.Value) DatawaveWebApplicationException(datawave.webservice.common.exception.DatawaveWebApplicationException) Principal(java.security.Principal) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal) Key(org.apache.accumulo.core.data.Key) HashSet(java.util.HashSet) Path(javax.ws.rs.Path) Interceptors(javax.interceptor.Interceptors) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) GZIP(org.jboss.resteasy.annotations.GZIP)

Example 14 with DatawavePrincipal

use of datawave.security.authorization.DatawavePrincipal in project datawave by NationalSecurityAgency.

the class ModelBean method getModel.

/**
 * Retrieve the model and all of its mappings
 *
 * @param name
 *            model name
 * @param modelTableName
 *            name of the table that contains the model
 * @return datawave.webservice.model.Model
 * @RequestHeader X-ProxiedEntitiesChain use when proxying request for user
 *
 * @HTTP 200 success
 * @HTTP 404 model not found
 * @HTTP 500 internal server error
 */
@GET
@Produces({ "application/xml", "text/xml", "application/json", "text/yaml", "text/x-yaml", "application/x-yaml", "application/x-protobuf", "application/x-protostuff", "text/html" })
@Path("/{name}")
@GZIP
@Interceptors({ RequiredInterceptor.class, ResponseInterceptor.class })
public datawave.webservice.model.Model getModel(@Required("name") @PathParam("name") String name, @QueryParam("modelTableName") String modelTableName) {
    if (modelTableName == null) {
        modelTableName = defaultModelTableName;
    }
    datawave.webservice.model.Model response = new datawave.webservice.model.Model(jqueryUri, dataTablesUri);
    // Find out who/what called this method
    Principal p = ctx.getCallerPrincipal();
    String user = p.getName();
    Set<Authorizations> cbAuths = new HashSet<>();
    if (p instanceof DatawavePrincipal) {
        DatawavePrincipal cp = (DatawavePrincipal) p;
        user = cp.getShortName();
        for (Collection<String> auths : cp.getAuthorizations()) {
            cbAuths.add(new Authorizations(auths.toArray(new String[auths.size()])));
        }
    }
    log.trace(user + " has authorizations " + cbAuths);
    Connector connector = null;
    try {
        Map<String, String> trackingMap = connectionFactory.getTrackingMap(Thread.currentThread().getStackTrace());
        connector = connectionFactory.getConnection(AccumuloConnectionFactory.Priority.LOW, trackingMap);
        try (Scanner scanner = ScannerHelper.createScanner(connector, this.checkModelTableName(modelTableName), cbAuths)) {
            IteratorSetting cfg = new IteratorSetting(21, "colfRegex", RegExFilter.class.getName());
            cfg.addOption(RegExFilter.COLF_REGEX, "^" + name + "(\\x00.*)?");
            scanner.addScanIterator(cfg);
            for (Entry<Key, Value> entry : scanner) {
                FieldMapping mapping = ModelKeyParser.parseKey(entry.getKey(), cbAuths);
                response.getFields().add(mapping);
            }
        }
    } catch (Exception e) {
        QueryException qe = new QueryException(DatawaveErrorCode.MODEL_FETCH_ERROR, e);
        log.error(qe);
        response.addException(qe.getBottomQueryException());
        throw new DatawaveWebApplicationException(qe, response);
    } finally {
        if (null != connector) {
            try {
                connectionFactory.returnConnection(connector);
            } catch (Exception e) {
                log.error("Error returning connection to factory", e);
            }
        }
    }
    // return 404 if model not found
    if (response.getFields().isEmpty()) {
        throw new NotFoundException(null, response);
    }
    response.setName(name);
    return response;
}
Also used : Connector(org.apache.accumulo.core.client.Connector) Scanner(org.apache.accumulo.core.client.Scanner) FieldMapping(datawave.webservice.model.FieldMapping) NotFoundException(datawave.webservice.common.exception.NotFoundException) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal) RegExFilter(org.apache.accumulo.core.iterators.user.RegExFilter) DatawaveWebApplicationException(datawave.webservice.common.exception.DatawaveWebApplicationException) HashSet(java.util.HashSet) Authorizations(org.apache.accumulo.core.security.Authorizations) DatawaveWebApplicationException(datawave.webservice.common.exception.DatawaveWebApplicationException) PreConditionFailedException(datawave.webservice.common.exception.PreConditionFailedException) NotFoundException(datawave.webservice.common.exception.NotFoundException) MutationsRejectedException(org.apache.accumulo.core.client.MutationsRejectedException) QueryException(datawave.webservice.query.exception.QueryException) QueryException(datawave.webservice.query.exception.QueryException) IteratorSetting(org.apache.accumulo.core.client.IteratorSetting) DefaultValue(javax.ws.rs.DefaultValue) Value(org.apache.accumulo.core.data.Value) Principal(java.security.Principal) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal) Key(org.apache.accumulo.core.data.Key) Path(javax.ws.rs.Path) Interceptors(javax.interceptor.Interceptors) Produces(javax.ws.rs.Produces) GET(javax.ws.rs.GET) GZIP(org.jboss.resteasy.annotations.GZIP)

Example 15 with DatawavePrincipal

use of datawave.security.authorization.DatawavePrincipal in project datawave by NationalSecurityAgency.

the class Persister method findById.

/**
 * Finds Query objects by the query id
 *
 * @param id
 * @return null if no results or list of query objects
 */
@SuppressWarnings("unchecked")
public List<Query> findById(String id) {
    // Find out who/what called this method
    Principal p = ctx.getCallerPrincipal();
    String sid = p.getName();
    Set<Authorizations> auths = new HashSet<>();
    if (p instanceof DatawavePrincipal) {
        DatawavePrincipal dp = (DatawavePrincipal) p;
        sid = dp.getShortName();
        for (Collection<String> cbAuths : dp.getAuthorizations()) auths.add(new Authorizations(cbAuths.toArray(new String[cbAuths.size()])));
    }
    log.trace(sid + " has authorizations " + auths);
    Connector conn = null;
    try {
        Map<String, String> trackingMap = connectionFactory.getTrackingMap(Thread.currentThread().getStackTrace());
        conn = connectionFactory.getConnection(Priority.ADMIN, trackingMap);
        tableCheck(conn);
        IteratorSetting regex = new IteratorSetting(21, RegExFilter.class);
        regex.addOption(RegExFilter.COLQ_REGEX, id + "\0.*");
        try (Scanner scanner = ScannerHelper.createScanner(conn, TABLE_NAME, auths)) {
            scanner.setRange(new Range(sid, sid));
            scanner.addScanIterator(regex);
            return Lists.newArrayList(Iterables.transform(scanner, resultsTransform));
        }
    } catch (Exception e) {
        log.error("Error creating query", e);
        throw new EJBException("Error creating query", e);
    } finally {
        try {
            connectionFactory.returnConnection(conn);
        } catch (Exception e) {
            log.error("Error creating query", e);
        }
    }
}
Also used : Connector(org.apache.accumulo.core.client.Connector) Scanner(org.apache.accumulo.core.client.Scanner) Authorizations(org.apache.accumulo.core.security.Authorizations) Range(org.apache.accumulo.core.data.Range) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal) TableNotFoundException(org.apache.accumulo.core.client.TableNotFoundException) InvalidProtocolBufferException(com.google.protobuf.InvalidProtocolBufferException) EJBException(javax.ejb.EJBException) TableExistsException(org.apache.accumulo.core.client.TableExistsException) AccumuloSecurityException(org.apache.accumulo.core.client.AccumuloSecurityException) AccumuloException(org.apache.accumulo.core.client.AccumuloException) IteratorSetting(org.apache.accumulo.core.client.IteratorSetting) EJBException(javax.ejb.EJBException) Principal(java.security.Principal) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal) HashSet(java.util.HashSet)

Aggregations

DatawavePrincipal (datawave.security.authorization.DatawavePrincipal)93 DatawaveUser (datawave.security.authorization.DatawaveUser)41 Principal (java.security.Principal)37 HashSet (java.util.HashSet)33 Test (org.junit.Test)29 QueryException (datawave.webservice.query.exception.QueryException)24 Connector (org.apache.accumulo.core.client.Connector)23 IOException (java.io.IOException)19 DatawaveWebApplicationException (datawave.webservice.common.exception.DatawaveWebApplicationException)18 NotFoundQueryException (datawave.webservice.query.exception.NotFoundQueryException)18 Authorizations (org.apache.accumulo.core.security.Authorizations)17 Query (datawave.webservice.query.Query)16 UnauthorizedQueryException (datawave.webservice.query.exception.UnauthorizedQueryException)15 NoResultsException (datawave.webservice.common.exception.NoResultsException)13 ArrayList (java.util.ArrayList)13 Path (javax.ws.rs.Path)13 Produces (javax.ws.rs.Produces)13 SubjectIssuerDNPair (datawave.security.authorization.SubjectIssuerDNPair)12 WebApplicationException (javax.ws.rs.WebApplicationException)12 BadRequestException (datawave.webservice.common.exception.BadRequestException)11
About Me
UseOf

Java Tutorials :

Simple Java RabbitMQ Example with Spring
Simple Springboot JPA Eclipeslink Example
Simple SpringBoot JPA Hibernate Example
Jackson JSON @JsonIgnore and @JsonIgnoreProperties Examples
Java Infinite recursion (StackOverflowError) Jackson solutions
Simple Java Jackson Serialize Objects to JSON and convert them back To Object
ElasticSearch 5 - Upload files using Java API in binary field Example
Java JAXB marshall unmarshall Examples from String and Stream
Java 8 forEach List and Map examples
ElasticSearch 5 Java API SearchRequestBuilder examples
Java ElasticSearch 5 examples with node index and mapping - running local
Convert String to int or Integer Java 8
Java 9 in action - JShell - Ubuntu
Java - removing invalid characters from a file name
Hello world!? or Hello Tutorial