Search in sources :

Example 26 with DatawavePrincipal

use of datawave.security.authorization.DatawavePrincipal in project datawave by NationalSecurityAgency.

the class QueryExecutorBean method predictions.

/**
 * Pulls back the current predictions for a query.
 *
 * @param id
 *            - (@Required)
 *
 * @return GenericResponse containing predictions
 * @RequestHeader X-ProxiedEntitiesChain use when proxying request for user, by specifying a chain of DNs of the identities to proxy
 * @RequestHeader X-ProxiedIssuersChain required when using X-ProxiedEntitiesChain, specify one issuer DN per subject DN listed in X-ProxiedEntitiesChain
 * @RequestHeader query-session-id session id value used for load balancing purposes. query-session-id can be placed in the request in a Cookie header or as
 *                a query parameter
 * @ResponseHeader X-OperationTimeInMS time spent on the server performing the operation, does not account for network or result serialization
 *
 * @HTTP 200 success
 * @HTTP 204 success and no results
 * @HTTP 404 if id not found
 * @HTTP 412 if the query is no longer alive, client should call {@link #reset(String)} and try again
 * @HTTP 500 internal server error
 */
@GET
@Path("/{id}/predictions")
@Produces({ "application/xml", "text/xml", "application/json", "text/yaml", "text/x-yaml", "application/x-yaml", "application/x-protobuf", "application/x-protostuff" })
@GZIP
@Interceptors({ ResponseInterceptor.class, RequiredInterceptor.class })
@Override
@Timed(name = "dw.query.predictions", absolute = true)
public GenericResponse<String> predictions(@Required("id") @PathParam("id") String id) {
    // in case we don't make it to creating the response from the QueryLogic
    GenericResponse<String> response = new GenericResponse<>();
    Principal p = ctx.getCallerPrincipal();
    String userid = p.getName();
    if (p instanceof DatawavePrincipal) {
        DatawavePrincipal dp = (DatawavePrincipal) p;
        userid = dp.getShortName();
    }
    try {
        // Not calling getQueryById() here. We don't want to pull the persisted definition.
        RunningQuery query = queryCache.get(id);
        // an error.
        if (null == query || null == query.getConnection()) {
            // status code.
            if (null == query) {
                List<Query> queries = persister.findById(id);
                if (queries == null || queries.size() != 1) {
                    throw new NotFoundQueryException(DatawaveErrorCode.NO_QUERY_OBJECT_MATCH, MessageFormat.format("{0}", id));
                }
            }
            throw new PreConditionFailedQueryException(DatawaveErrorCode.QUERY_TIMEOUT_OR_SERVER_ERROR, MessageFormat.format("id = {0}", id));
        } else {
            // Validate the query belongs to the caller
            if (!query.getSettings().getOwner().equals(userid)) {
                throw new UnauthorizedQueryException(DatawaveErrorCode.QUERY_OWNER_MISMATCH, MessageFormat.format("{0} != {1}", userid, query.getSettings().getOwner()));
            }
            // pull the predictions out of the query metric
            Set<Prediction> predictions = query.getMetric().getPredictions();
            if (predictions != null && !predictions.isEmpty()) {
                response.setResult(predictions.toString());
                response.setHasResults(true);
            }
        }
    } catch (Exception e) {
        log.error("Failed to get query predictions", e);
        QueryException qe = new QueryException(DatawaveErrorCode.QUERY_PREDICTIONS_ERROR, e, MessageFormat.format("query id: {0}", id));
        log.error(qe, e);
        response.addException(qe.getBottomQueryException());
        int statusCode = qe.getBottomQueryException().getStatusCode();
        throw new DatawaveWebApplicationException(qe, response, statusCode);
    }
    return response;
}
Also used : Query(datawave.webservice.query.Query) GenericResponse(datawave.webservice.result.GenericResponse) PreConditionFailedQueryException(datawave.webservice.query.exception.PreConditionFailedQueryException) Prediction(datawave.microservice.querymetric.BaseQueryMetric.Prediction) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal) NotFoundQueryException(datawave.webservice.query.exception.NotFoundQueryException) DatawaveWebApplicationException(datawave.webservice.common.exception.DatawaveWebApplicationException) CancellationException(java.util.concurrent.CancellationException) PreConditionFailedQueryException(datawave.webservice.query.exception.PreConditionFailedQueryException) WebApplicationException(javax.ws.rs.WebApplicationException) HeuristicMixedException(javax.transaction.HeuristicMixedException) NotFoundQueryException(datawave.webservice.query.exception.NotFoundQueryException) NoResultsQueryException(datawave.webservice.query.exception.NoResultsQueryException) IOException(java.io.IOException) QueryException(datawave.webservice.query.exception.QueryException) BadRequestException(datawave.webservice.common.exception.BadRequestException) HeuristicRollbackException(javax.transaction.HeuristicRollbackException) UnauthorizedQueryException(datawave.webservice.query.exception.UnauthorizedQueryException) JAXBException(javax.xml.bind.JAXBException) UnauthorizedException(datawave.webservice.common.exception.UnauthorizedException) NoResultsException(datawave.webservice.common.exception.NoResultsException) RejectedExecutionException(java.util.concurrent.RejectedExecutionException) RollbackException(javax.transaction.RollbackException) BadRequestQueryException(datawave.webservice.query.exception.BadRequestQueryException) UnauthorizedQueryException(datawave.webservice.query.exception.UnauthorizedQueryException) PreConditionFailedQueryException(datawave.webservice.query.exception.PreConditionFailedQueryException) NotFoundQueryException(datawave.webservice.query.exception.NotFoundQueryException) NoResultsQueryException(datawave.webservice.query.exception.NoResultsQueryException) QueryException(datawave.webservice.query.exception.QueryException) UnauthorizedQueryException(datawave.webservice.query.exception.UnauthorizedQueryException) BadRequestQueryException(datawave.webservice.query.exception.BadRequestQueryException) DatawaveWebApplicationException(datawave.webservice.common.exception.DatawaveWebApplicationException) Principal(java.security.Principal) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal) Path(javax.ws.rs.Path) Interceptors(javax.interceptor.Interceptors) Produces(javax.ws.rs.Produces) Timed(com.codahale.metrics.annotation.Timed) GET(javax.ws.rs.GET) GZIP(org.jboss.resteasy.annotations.GZIP)

Example 27 with DatawavePrincipal

use of datawave.security.authorization.DatawavePrincipal in project datawave by NationalSecurityAgency.

the class QueryMetricsBean method updateMetric.

/*
     * @PermitAll is necessary because this method is called indirectly from the @PreDestroy method of the QueryExpirationBean and the QueryExpirationBean's
     * 
     * @RunAs annotation is not being honored in the @PreDestroy hook
     */
@PermitAll
public void updateMetric(BaseQueryMetric metric) throws Exception {
    DatawavePrincipal dp = getPrincipal();
    if (metric.getLastWrittenHash() != metric.hashCode()) {
        metric.setLastWrittenHash(metric.hashCode());
        try {
            metric.setLastUpdated(new Date());
            sendQueryMetric(dp, metric);
            // PageMetrics now know their own page numbers
            // this should keep large queries from blowing up the queue
            // Leave the last page on the list so that interceptors can update it.
            Iterator<PageMetric> itr = metric.getPageTimes().iterator();
            while (metric.getPageTimes().size() > 1) {
                itr.next();
                itr.remove();
            }
        } catch (Exception e) {
            log.error(e.getMessage(), e);
        }
    }
}
Also used : PageMetric(datawave.microservice.querymetric.BaseQueryMetric.PageMetric) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal) Date(java.util.Date) PermitAll(javax.annotation.security.PermitAll)

Example 28 with DatawavePrincipal

use of datawave.security.authorization.DatawavePrincipal in project datawave by NationalSecurityAgency.

the class QueryMetricsBean method getPrincipal.

/**
 * Find out who/what called this method
 *
 * @return
 */
private DatawavePrincipal getPrincipal() {
    DatawavePrincipal dp = null;
    Principal p = ctx.getCallerPrincipal();
    if (p instanceof DatawavePrincipal) {
        dp = (DatawavePrincipal) p;
    }
    return dp;
}
Also used : DatawavePrincipal(datawave.security.authorization.DatawavePrincipal) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal) Principal(java.security.Principal)

Example 29 with DatawavePrincipal

use of datawave.security.authorization.DatawavePrincipal in project datawave by NationalSecurityAgency.

the class DatawaveRoleManagerTest method createAndSetWithSingleRole.

private void createAndSetWithSingleRole() {
    String dn = "dn1";
    String issuerDN = "idn";
    SubjectIssuerDNPair combinedDN = SubjectIssuerDNPair.of(dn, issuerDN);
    Collection<String> roles = Lists.newArrayList("REQ_ROLE_1");
    DatawaveUser user = new DatawaveUser(combinedDN, UserType.USER, null, roles, null, System.currentTimeMillis());
    datawavePrincipal = new DatawavePrincipal(Lists.newArrayList(user));
}
Also used : SubjectIssuerDNPair(datawave.security.authorization.SubjectIssuerDNPair) DatawaveUser(datawave.security.authorization.DatawaveUser) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal)

Example 30 with DatawavePrincipal

use of datawave.security.authorization.DatawavePrincipal in project datawave by NationalSecurityAgency.

the class DatawaveRoleManagerTest method createAndSetWithTwoRoles.

private void createAndSetWithTwoRoles() {
    String dn = "dn1";
    String issuerDN = "idn";
    SubjectIssuerDNPair combinedDn1 = SubjectIssuerDNPair.of(dn, issuerDN);
    String combinedDN = dn + "<" + issuerDN + ">";
    String dn2 = "dn2";
    String combinedDN2 = dn2 + "<" + issuerDN + ">";
    SubjectIssuerDNPair combinedDn2 = SubjectIssuerDNPair.of(dn2, issuerDN);
    DatawaveUser u1 = new DatawaveUser(combinedDn1, UserType.USER, null, getFirstRole(), null, System.currentTimeMillis());
    DatawaveUser u2 = new DatawaveUser(combinedDn2, UserType.SERVER, null, getSecondRole(), null, System.currentTimeMillis());
    datawavePrincipal = new DatawavePrincipal(Lists.newArrayList(u1, u2));
}
Also used : SubjectIssuerDNPair(datawave.security.authorization.SubjectIssuerDNPair) DatawaveUser(datawave.security.authorization.DatawaveUser) DatawavePrincipal(datawave.security.authorization.DatawavePrincipal)

Aggregations

DatawavePrincipal (datawave.security.authorization.DatawavePrincipal)93 DatawaveUser (datawave.security.authorization.DatawaveUser)41 Principal (java.security.Principal)37 HashSet (java.util.HashSet)33 Test (org.junit.Test)29 QueryException (datawave.webservice.query.exception.QueryException)24 Connector (org.apache.accumulo.core.client.Connector)23 IOException (java.io.IOException)19 DatawaveWebApplicationException (datawave.webservice.common.exception.DatawaveWebApplicationException)18 NotFoundQueryException (datawave.webservice.query.exception.NotFoundQueryException)18 Authorizations (org.apache.accumulo.core.security.Authorizations)17 Query (datawave.webservice.query.Query)16 UnauthorizedQueryException (datawave.webservice.query.exception.UnauthorizedQueryException)15 NoResultsException (datawave.webservice.common.exception.NoResultsException)13 ArrayList (java.util.ArrayList)13 Path (javax.ws.rs.Path)13 Produces (javax.ws.rs.Produces)13 SubjectIssuerDNPair (datawave.security.authorization.SubjectIssuerDNPair)12 WebApplicationException (javax.ws.rs.WebApplicationException)12 BadRequestException (datawave.webservice.common.exception.BadRequestException)11