Examples with UnauthorizedQueryException datawave.webservice.query.exception.UnauthorizedQueryException used on opensource projects

Example 1 with UnauthorizedQueryException

use of datawave.webservice.query.exception.UnauthorizedQueryException in project datawave by NationalSecurityAgency.

the class CachedResultsBean method reset.

/**
 * Re-allocate resources for these cached results and reset paging to the beginning
 *
 * @param queryId
 *            user defined id for this query
 *
 * @return datawave.webservice.result.CachedResultsResponse
 * @RequestHeader X-ProxiedEntitiesChain use when proxying request for user by specifying a chain of DNs of the identities to proxy
 * @RequestHeader X-ProxiedIssuersChain required when using X-ProxiedEntitiesChain, specify one issuer DN per subject DN listed in X-ProxiedEntitiesChain
 * @ResponseHeader query-session-id this header and value will be in the Set-Cookie header, subsequent calls for this session will need to supply the
 *                 query-session-id header in the request in a Cookie header or as a query parameter
 * @ResponseHeader X-OperationTimeInMS time spent on the server performing the operation, does not account for network or result serialization
 *
 * @HTTP 200 success
 * @HTTP 500 internal server error
 */
@PUT
@Produces({ "application/xml", "text/xml", "application/json", "text/yaml", "text/x-yaml", "application/x-yaml" })
@javax.ws.rs.Path("/{queryId}/reset")
@Interceptors({ RequiredInterceptor.class, ResponseInterceptor.class })
@GenerateQuerySessionId(cookieBasePath = "/DataWave/CachedResults/")
@Timed(name = "dw.cachedr.close", absolute = true)
public CachedResultsResponse reset(@PathParam("queryId") @Required("queryId") String queryId) {
    CreateQuerySessionIDFilter.QUERY_ID.set(null);
    CachedResultsResponse response = new CachedResultsResponse();
    // Find out who/what called this method
    Principal p = ctx.getCallerPrincipal();
    String owner = getOwnerFromPrincipal(p);
    try {
        CachedRunningQuery crq = null;
        try {
            // Get the CachedRunningQuery object from the cache
            try {
                crq = retrieve(queryId, owner);
            } catch (IOException e) {
                throw new PreConditionFailedQueryException(DatawaveErrorCode.CACHED_RESULTS_IMPORT_ERROR);
            }
            if (null == crq)
                throw new PreConditionFailedQueryException(DatawaveErrorCode.QUERY_NOT_CACHED);
            if (!crq.getUser().equals(owner)) {
                throw new UnauthorizedQueryException(DatawaveErrorCode.QUERY_OWNER_MISMATCH, MessageFormat.format("{0} != {1}", crq.getUser(), owner));
            }
            synchronized (crq) {
                if (crq.isActivated() == true) {
                    crq.closeConnection(log);
                }
                Connection connection = ds.getConnection();
                String logicName = crq.getQueryLogicName();
                QueryLogic<?> queryLogic = queryFactory.getQueryLogic(logicName, p);
                crq.activate(connection, queryLogic);
                response.setQueryId(crq.getQueryId());
                response.setOriginalQueryId(crq.getOriginalQueryId());
                response.setViewName(crq.getView());
                response.setAlias(crq.getAlias());
                response.setTotalRows(crq.getTotalRows());
            }
            CreateQuerySessionIDFilter.QUERY_ID.set(queryId);
            return response;
        } finally {
            // Push metrics
            if (null != crq && crq.getQueryLogic().getCollectQueryMetrics() == true) {
                try {
                    metrics.updateMetric(crq.getMetric());
                } catch (Exception e1) {
                    log.error("Error updating metrics", e1);
                }
            }
        }
    } catch (Exception e) {
        response.addMessage(e.getMessage());
        QueryException qe = new QueryException(DatawaveErrorCode.RESET_CALL_ERROR, e);
        log.error(qe);
        response.addException(qe.getBottomQueryException());
        int statusCode = qe.getBottomQueryException().getStatusCode();
        throw new DatawaveWebApplicationException(qe, response, statusCode);
    }
}

Example 2 with UnauthorizedQueryException

use of datawave.webservice.query.exception.UnauthorizedQueryException in project datawave by NationalSecurityAgency.

the class CachedResultsBean method getRows.

/**
 * Returns a set of rows based on the given starting and end positions. The response object type is dynamic, see the listQueryLogic operation to determine
 * what the response type object will be.
 *
 * @param queryId
 *            CachedResults queryId
 * @param rowBegin
 *            first row to be returned
 * @param rowEnd
 *            last row to be returned
 * @return datawave.webservice.result.BaseQueryResponse
 * @RequestHeader X-ProxiedEntitiesChain use when proxying request for user by specifying a chain of DNs of the identities to proxy
 * @RequestHeader X-ProxiedIssuersChain required when using X-ProxiedEntitiesChain, specify one issuer DN per subject DN listed in X-ProxiedEntitiesChain
 * @RequestHeader query-session-id session id value used for load balancing purposes. query-session-id can be placed in the request in a Cookie header or as
 *                a query parameter
 * @ResponseHeader X-OperationTimeInMS time spent on the server performing the operation, does not account for network or result serialization
 * @ResponseHeader X-Partial-Results true if the page contains less than the requested number of results
 *
 * @HTTP 200 success
 * @HTTP 401 caller is not authorized to run the query
 * @HTTP 412 if the query is not active
 * @HTTP 500 internal server error
 */
@GET
@javax.ws.rs.Path("/{queryId}/getRows")
@Produces({ "application/xml", "text/xml", "application/json", "text/yaml", "text/x-yaml", "application/x-yaml", "application/x-protobuf" })
@GZIP
@Interceptors({ RequiredInterceptor.class, ResponseInterceptor.class })
@Timed(name = "dw.cachedr.getRows", absolute = true)
public BaseQueryResponse getRows(@PathParam("queryId") @Required("queryId") String queryId, @QueryParam("rowBegin") @DefaultValue("1") Integer rowBegin, @QueryParam("rowEnd") Integer rowEnd) {
    BaseQueryResponse response = responseObjectFactory.getEventQueryResponse();
    // Find out who/what called this method
    Principal p = ctx.getCallerPrincipal();
    String owner = getOwnerFromPrincipal(p);
    try {
        if (rowBegin < 1) {
            throw new BadRequestQueryException(DatawaveErrorCode.ROW_BEGIN_LESS_THAN_1);
        }
        if (rowEnd != null && rowEnd < rowBegin) {
            throw new BadRequestQueryException(DatawaveErrorCode.ROW_END_LESS_THAN_ROW_BEGIN);
        }
        // If there is a this.maxPageSize set, then we should honor it here. Otherwise, we use Integer.MAX_VALUE
        int maxPageSize = cachedResultsConfiguration.getMaxPageSize();
        if (rowEnd == null) {
            if (maxPageSize > 0) {
                rowEnd = (rowBegin + maxPageSize) - 1;
            } else {
                rowEnd = Integer.MAX_VALUE;
            }
        }
        int pagesize = (rowEnd - rowBegin) + 1;
        if (maxPageSize > 0 && pagesize > maxPageSize) {
            throw new QueryException(DatawaveErrorCode.TOO_MANY_ROWS_REQUESTED, MessageFormat.format("Size must be less than or equal to: {0}", maxPageSize));
        }
        CachedRunningQuery crq = null;
        try {
            // Get the CachedRunningQuery object from the cache
            try {
                crq = retrieve(queryId, owner);
            } catch (IOException e) {
                throw new PreConditionFailedQueryException(DatawaveErrorCode.CACHED_RESULTS_IMPORT_ERROR, e);
            }
            if (null == crq)
                throw new PreConditionFailedQueryException(DatawaveErrorCode.QUERY_NOT_CACHED);
            response = crq.getQueryLogic().getResponseObjectFactory().getEventQueryResponse();
            if (!crq.getUser().equals(owner)) {
                throw new UnauthorizedQueryException(DatawaveErrorCode.QUERY_OWNER_MISMATCH, MessageFormat.format("{0} != {1}", crq.getUser(), owner));
            }
            synchronized (crq) {
                if (crq.isActivated() == false) {
                    Connection connection = ds.getConnection();
                    String logicName = crq.getQueryLogicName();
                    QueryLogic<?> queryLogic = queryFactory.getQueryLogic(logicName, p);
                    crq.activate(connection, queryLogic);
                }
                try {
                    ResultsPage resultList = crq.getRows(rowBegin, rowEnd, cachedResultsConfiguration.getPageByteTrigger());
                    response = crq.getTransformer().createResponse(resultList);
                    Status status;
                    if (!resultList.getResults().isEmpty()) {
                        response.setHasResults(true);
                        status = Status.OK;
                    } else {
                        response.setHasResults(false);
                        status = Status.NO_CONTENT;
                    }
                    response.setLogicName(crq.getQueryLogic().getLogicName());
                    response.setQueryId(crq.getQueryId());
                    if (response instanceof TotalResultsAware) {
                        ((TotalResultsAware) response).setTotalResults(crq.getTotalRows());
                    }
                    if (status == Status.NO_CONTENT) {
                        throw new NoResultsQueryException(DatawaveErrorCode.NO_CONTENT_STATUS);
                    }
                    crq.getMetric().setLifecycle(QueryMetric.Lifecycle.RESULTS);
                    return response;
                } catch (SQLException e) {
                    throw new QueryException();
                } catch (NoResultsQueryException e) {
                    throw e;
                } catch (RuntimeException e) {
                    log.error(e.getMessage(), e);
                    throw e;
                } finally {
                    crq.closeConnection(log);
                }
            }
        } finally {
            // Push metrics
            try {
                if (null != crq && crq.getQueryLogic().getCollectQueryMetrics() == true) {
                    metrics.updateMetric(crq.getMetric());
                }
            } catch (Exception e1) {
                log.error("Error updating metrics", e1);
            }
        }
    } catch (Exception e) {
        DatawaveErrorCode dec;
        if (e instanceof NoResultsQueryException) {
            dec = DatawaveErrorCode.NO_CONTENT_STATUS;
        } else {
            dec = DatawaveErrorCode.CACHED_QUERY_TRANSACTION_ERROR;
        }
        QueryException qe = new QueryException(dec, e);
        log.error(qe);
        response.addException(qe.getBottomQueryException());
        int statusCode = qe.getBottomQueryException().getStatusCode();
        throw new DatawaveWebApplicationException(qe, response, statusCode);
    }
}

Example 3 with UnauthorizedQueryException

use of datawave.webservice.query.exception.UnauthorizedQueryException in project datawave by NationalSecurityAgency.

the class CachedResultsBean method status.

/**
 * Returns status of the requested cached result
 *
 * @param queryId
 * @return List of attribute names that can be used in subsequent queries
 *
 * @return {@code datawave.webservice.result.GenericResponse<String>}
 * @RequestHeader X-ProxiedEntitiesChain use when proxying request for user by specifying a chain of DNs of the identities to proxy
 * @RequestHeader X-ProxiedIssuersChain required when using X-ProxiedEntitiesChain, specify one issuer DN per subject DN listed in X-ProxiedEntitiesChain
 * @ResponseHeader X-OperationTimeInMS time spent on the server performing the operation, does not account for network or result serialization
 *
 * @HTTP 200 success
 * @HTTP 404 not found
 * @HTTP 412 not yet loaded
 * @HTTP 500 internal server error
 */
@GET
@Produces({ "application/xml", "text/xml", "application/json", "text/yaml", "text/x-yaml", "application/x-yaml", "application/x-protobuf" })
@javax.ws.rs.Path("/{queryId}/status")
@GZIP
@Interceptors({ RequiredInterceptor.class, ResponseInterceptor.class })
@Timed(name = "dw.cachedr.status", absolute = true)
public GenericResponse<String> status(@PathParam("queryId") @Required("queryId") String queryId) {
    GenericResponse<String> response = new GenericResponse<>();
    // Find out who/what called this method
    Principal p = ctx.getCallerPrincipal();
    String owner = getOwnerFromPrincipal(p);
    CachedRunningQuery crq;
    try {
        crq = retrieve(queryId, owner);
    } catch (IOException e1) {
        PreConditionFailedQueryException e = new PreConditionFailedQueryException(DatawaveErrorCode.CACHED_RESULTS_IMPORT_ERROR, e1);
        response.addException(e);
        response.setResult("CachedResult not found");
        throw new PreConditionFailedException(e, response);
    }
    if (null == crq) {
        NotFoundQueryException e = new NotFoundQueryException(DatawaveErrorCode.CACHED_RESULT_NOT_FOUND);
        response.addException(e);
        response.setResult("CachedResult not found");
        throw new NotFoundException(e, response);
    }
    if (!crq.getUser().equals(owner)) {
        UnauthorizedQueryException e = new UnauthorizedQueryException(DatawaveErrorCode.QUERY_OWNER_MISMATCH, MessageFormat.format("{0} != {1}", crq.getUser(), owner));
        response.addException(e);
        response.setResult("Current user does not match user that defined query.");
        throw new UnauthorizedException(e, response);
    }
    CachedRunningQuery.Status status = crq.getStatus();
    if (status == null) {
        response.setResult(CachedRunningQuery.Status.NONE.toString());
    } else {
        response.setResult(status.toString());
    }
    if (crq.getStatusMessage() != null && crq.getStatusMessage().isEmpty() == false) {
        response.addMessage(crq.getStatusMessage());
    }
    return response;
}

Example 4 with UnauthorizedQueryException

use of datawave.webservice.query.exception.UnauthorizedQueryException in project datawave by NationalSecurityAgency.

the class CachedResultsBean method previous.

/**
 * Returns the previous page of results to the caller. The response object type is dynamic, see the listQueryLogic operation to determine what the response
 * type object will be.
 *
 * @param queryId
 *            user defined id for this query
 * @return previous page of results
 *
 * @return datawave.webservice.result.BaseQueryResponse
 * @RequestHeader X-ProxiedEntitiesChain use when proxying request for user by specifying a chain of DNs of the identities to proxy
 * @RequestHeader X-ProxiedIssuersChain required when using X-ProxiedEntitiesChain, specify one issuer DN per subject DN listed in X-ProxiedEntitiesChain
 * @RequestHeader query-session-id session id value used for load balancing purposes. query-session-id can be placed in the request in a Cookie header or as
 *                a query parameter
 * @ResponseHeader X-OperationTimeInMS time spent on the server performing the operation, does not account for network or result serialization
 * @ResponseHeader X-query-page-number page number returned by this call
 * @ResponseHeader X-query-last-page if true then there are no more pages for this query, caller should call close()
 * @ResponseHeader X-Partial-Results true if the page contains less than the requested number of results
 *
 * @HTTP 200 success
 * @HTTP 401 caller is not authorized to run the query
 * @HTTP 412 if the query is not active
 * @HTTP 500 internal server error
 */
@GET
@javax.ws.rs.Path("/{queryId}/previous")
@Produces({ "application/xml", "text/xml", "application/json", "text/yaml", "text/x-yaml", "application/x-yaml", "application/x-protobuf" })
@GZIP
@Interceptors({ RequiredInterceptor.class, ResponseInterceptor.class })
@Timed(name = "dw.cachedr.previous", absolute = true)
public BaseQueryResponse previous(@PathParam("queryId") @Required("queryId") String queryId) {
    BaseQueryResponse response = responseObjectFactory.getEventQueryResponse();
    // Find out who/what called this method
    Principal p = ctx.getCallerPrincipal();
    String owner = getOwnerFromPrincipal(p);
    try {
        CachedRunningQuery crq = null;
        try {
            // Get the CachedRunningQuery object from the cache
            try {
                crq = retrieve(queryId, owner);
            } catch (IOException e) {
                throw new PreConditionFailedQueryException(DatawaveErrorCode.CACHED_RESULTS_IMPORT_ERROR, e);
            }
            if (null == crq)
                throw new PreConditionFailedQueryException(DatawaveErrorCode.QUERY_NOT_CACHED);
            if (!crq.getUser().equals(owner)) {
                throw new UnauthorizedQueryException(DatawaveErrorCode.QUERY_OWNER_MISMATCH, MessageFormat.format("{0} != {1}", crq.getUser(), owner));
            }
            synchronized (crq) {
                if (crq.isActivated() == false) {
                    if (crq.getShouldAutoActivate()) {
                        Connection connection = ds.getConnection();
                        String logicName = crq.getQueryLogicName();
                        QueryLogic<?> queryLogic = queryFactory.getQueryLogic(logicName, p);
                        crq.activate(connection, queryLogic);
                    } else {
                        throw new PreConditionFailedQueryException(DatawaveErrorCode.QUERY_TIMEOUT_FOR_RESOURCES);
                    }
                }
                try {
                    ResultsPage resultList = crq.previous(cachedResultsConfiguration.getPageByteTrigger());
                    long pageNum = crq.getLastPageNumber();
                    response = crq.getTransformer().createResponse(resultList);
                    Status status = null;
                    if (!resultList.getResults().isEmpty()) {
                        response.setHasResults(true);
                        status = Status.OK;
                    } else {
                        response.setHasResults(false);
                        status = Status.NO_CONTENT;
                    }
                    response.setPageNumber(pageNum);
                    response.setLogicName(crq.getQueryLogic().getLogicName());
                    response.setQueryId(crq.getQueryId());
                    if (response instanceof TotalResultsAware) {
                        ((TotalResultsAware) response).setTotalResults(crq.getTotalRows());
                    }
                    if (status == Status.NO_CONTENT) {
                        throw new NoResultsException(null);
                    }
                    crq.getMetric().setLifecycle(QueryMetric.Lifecycle.RESULTS);
                    return response;
                } catch (SQLException e) {
                    throw new QueryException(DatawaveErrorCode.CACHED_QUERY_SQL_ERROR, e);
                }
            }
        } finally {
            // Push metrics
            if (null != crq && crq.getQueryLogic().getCollectQueryMetrics() == true) {
                try {
                    metrics.updateMetric(crq.getMetric());
                } catch (Exception e1) {
                    log.error("Error updating metrics", e1);
                }
            }
        }
    } catch (Exception e) {
        QueryException qe = null;
        if (e instanceof NoResultsException) {
            qe = new QueryException(DatawaveErrorCode.NO_CONTENT_STATUS, e);
        } else {
            qe = new QueryException("Error calling previous.", e, "500-42");
            log.error(qe);
        }
        response.addException(qe.getBottomQueryException());
        int statusCode = qe.getBottomQueryException().getStatusCode();
        throw new DatawaveWebApplicationException(qe, response, statusCode);
    }
}

Example 5 with UnauthorizedQueryException

use of datawave.webservice.query.exception.UnauthorizedQueryException in project datawave by NationalSecurityAgency.

the class CachedResultsBean method cancelLoad.

/**
 * Cancel the load process.
 *
 * @param originalQueryId
 *
 * @return datawave.webservice.result.VoidResponse
 * @RequestHeader X-ProxiedEntitiesChain use when proxying request for user by specifying a chain of DNs of the identities to proxy
 * @RequestHeader X-ProxiedIssuersChain required when using X-ProxiedEntitiesChain, specify one issuer DN per subject DN listed in X-ProxiedEntitiesChain
 * @RequestHeader query-session-id session id value used for load balancing purposes. query-session-id can be placed in the request in a Cookie header or as
 *                a query parameter
 * @ResponseHeader X-OperationTimeInMS time spent on the server performing the operation, does not account for network or result serialization
 *
 * @HTTP 200 success
 * @HTTP 401 caller is not authorized to cancel the query
 */
@PUT
@Produces({ "application/xml", "text/xml", "application/json", "text/yaml", "text/x-yaml", "application/x-yaml", "application/x-protobuf", "application/x-protostuff" })
@javax.ws.rs.Path("/{queryId}/cancel")
@GZIP
@ClearQuerySessionId
@Interceptors({ RequiredInterceptor.class, ResponseInterceptor.class })
@Timed(name = "dw.cachedr.cancel", absolute = true)
public VoidResponse cancelLoad(@PathParam("queryId") @Required("queryId") String originalQueryId) {
    // Find out who/what called this method
    Principal p = ctx.getCallerPrincipal();
    String owner = getOwnerFromPrincipal(p);
    VoidResponse response = new VoidResponse();
    try {
        // check if query is even loading
        RunningQuery query = CachedResultsBean.loadingQueryMap.get(originalQueryId);
        if (query == null) {
            NotFoundQueryException e = new NotFoundQueryException(DatawaveErrorCode.NO_QUERY_OBJECT_MATCH);
            throw new NotFoundException(e, response);
        } else {
            if (query.getSettings().getOwner().equals(owner)) {
                accumuloConnectionRequestBean.cancelConnectionRequest(originalQueryId);
                query.cancel();
                response.addMessage("CachedResults load canceled.");
            } else {
                UnauthorizedQueryException e = new UnauthorizedQueryException(DatawaveErrorCode.QUERY_OWNER_MISMATCH, MessageFormat.format("{0} != {1}", query.getSettings().getOwner(), owner));
                throw new UnauthorizedException(e, response);
            }
        }
        return response;
    } catch (DatawaveWebApplicationException e) {
        throw e;
    } catch (Exception e) {
        QueryException qe = new QueryException(DatawaveErrorCode.CANCELLATION_ERROR, e, MessageFormat.format("query_id: {0}", originalQueryId));
        log.error(qe);
        response.addException(qe.getBottomQueryException());
        int statusCode = qe.getBottomQueryException().getStatusCode();
        throw new DatawaveWebApplicationException(qe, response, statusCode);
    }
}