Search in sources :

Example 21 with Subject

use of ddf.security.Subject in project ddf by codice.

the class AbstractCswSource method query.

@Override
public SourceResponse query(QueryRequest queryRequest) throws UnsupportedQueryException {
    Subject subject = (Subject) queryRequest.getPropertyValue(SecurityConstants.SECURITY_SUBJECT);
    Csw csw = factory.getClientForSubject(subject);
    return query(queryRequest, ElementSetType.FULL, null, csw);
}
Also used : Csw(org.codice.ddf.spatial.ogc.csw.catalog.common.Csw) Subject(ddf.security.Subject)

Example 22 with Subject

use of ddf.security.Subject in project ddf by codice.

the class AbstractCswSource method getCapabilities.

protected CapabilitiesType getCapabilities() {
    CapabilitiesType caps = null;
    Subject subject = getSystemSubject();
    Csw csw = factory.getClientForSubject(subject);
    try {
        LOGGER.debug("Doing getCapabilities() call for CSW");
        GetCapabilitiesRequest request = new GetCapabilitiesRequest(CswConstants.CSW);
        request.setAcceptVersions(CswConstants.VERSION_2_0_2 + "," + CswConstants.VERSION_2_0_1);
        caps = csw.getCapabilities(request);
    } catch (CswException cswe) {
        LOGGER.info(CSW_SERVER_ERROR + " Received HTTP code '{}' from server for source with id='{}'. Set Logging to DEBUG for details.", cswe.getHttpStatus(), cswSourceConfiguration.getId());
        LOGGER.debug(CSW_SERVER_ERROR, cswe);
    } catch (WebApplicationException wae) {
        LOGGER.debug(handleWebApplicationException(wae), wae);
    } catch (Exception ce) {
        handleClientException(ce);
    }
    return caps;
}
Also used : GetCapabilitiesRequest(org.codice.ddf.spatial.ogc.csw.catalog.common.GetCapabilitiesRequest) WebApplicationException(javax.ws.rs.WebApplicationException) SpatialCapabilitiesType(net.opengis.filter.v_1_1_0.SpatialCapabilitiesType) CapabilitiesType(net.opengis.cat.csw.v_2_0_2.CapabilitiesType) GetCapabilitiesType(net.opengis.cat.csw.v_2_0_2.GetCapabilitiesType) Csw(org.codice.ddf.spatial.ogc.csw.catalog.common.Csw) CswException(org.codice.ddf.spatial.ogc.csw.catalog.common.CswException) Subject(ddf.security.Subject) SSLHandshakeException(javax.net.ssl.SSLHandshakeException) ResourceNotFoundException(ddf.catalog.resource.ResourceNotFoundException) WebApplicationException(javax.ws.rs.WebApplicationException) ConnectException(java.net.ConnectException) IOException(java.io.IOException) UnsupportedQueryException(ddf.catalog.source.UnsupportedQueryException) InvalidSyntaxException(org.osgi.framework.InvalidSyntaxException) CswException(org.codice.ddf.spatial.ogc.csw.catalog.common.CswException) JAXBException(javax.xml.bind.JAXBException) CatalogTransformerException(ddf.catalog.transform.CatalogTransformerException) ResourceNotSupportedException(ddf.catalog.resource.ResourceNotSupportedException)

Example 23 with Subject

use of ddf.security.Subject in project ddf by codice.

the class TestWorkspaceQueryService method testRun.

@SuppressWarnings("unchecked")
@Test
public void testRun() throws SchedulerException, UnsupportedQueryException, SourceUnavailableException, FederationException {
    String workspaceId = "3";
    QueryUpdateSubscriber queryUpdateSubscriber = mock(QueryUpdateSubscriber.class);
    WorkspaceService workspaceService = mock(WorkspaceService.class);
    CatalogFramework catalogFramework = mock(CatalogFramework.class);
    FilterBuilder filterBuilder = mock(FilterBuilder.class);
    Scheduler scheduler = mock(Scheduler.class);
    when(scheduler.getContext()).thenReturn(mock(SchedulerContext.class));
    Supplier<Optional<Scheduler>> schedulerSupplier = () -> Optional.of(scheduler);
    SecurityService securityService = new SecurityService() {

        @Override
        public Subject getSystemSubject() {
            return mock(Subject.class);
        }

        @Override
        public Map<String, Serializable> addSystemSubject(Map<String, Serializable> properties) {
            return properties;
        }
    };
    FilterService filterService = mock(FilterService.class);
    when(filterService.getModifiedDateFilter(any())).thenReturn(mock(Filter.class));
    when(filterBuilder.anyOf(Mockito.any(Filter.class))).thenReturn(mock(Or.class));
    when(filterBuilder.allOf(Mockito.<Filter>anyVararg())).thenReturn(mock(And.class));
    WorkspaceQueryServiceImpl workspaceQueryServiceImpl = new WorkspaceQueryServiceImpl(queryUpdateSubscriber, workspaceService, catalogFramework, filterBuilder, schedulerSupplier, securityService, filterService);
    workspaceQueryServiceImpl.setQueryTimeInterval(60);
    String ecql = "area( Polygon((10 10, 20 10, 20 20, 10 10)) ) BETWEEN 10000 AND 30000";
    WorkspaceMetacardImpl workspaceMetacard = mock(WorkspaceMetacardImpl.class);
    when(workspaceMetacard.getId()).thenReturn(workspaceId);
    QueryMetacardImpl queryMetacardWithSource = mock(QueryMetacardImpl.class);
    when(queryMetacardWithSource.getSources()).thenReturn(Collections.singletonList("SomeSource"));
    when(queryMetacardWithSource.getCql()).thenReturn(ecql);
    Attribute id1 = mock(Attribute.class);
    when(id1.getValue()).thenReturn("1");
    when(queryMetacardWithSource.getAttribute(Metacard.ID)).thenReturn(id1);
    QueryMetacardImpl queryMetacardWithoutSource = mock(QueryMetacardImpl.class);
    when(queryMetacardWithoutSource.getSources()).thenReturn(Collections.emptyList());
    when(queryMetacardWithoutSource.getCql()).thenReturn(ecql);
    Attribute id2 = mock(Attribute.class);
    when(id2.getValue()).thenReturn("2");
    when(queryMetacardWithoutSource.getAttribute(Metacard.ID)).thenReturn(id2);
    Map<String, Pair<WorkspaceMetacardImpl, List<QueryMetacardImpl>>> queryMetacards = Collections.singletonMap(id2.getValue().toString(), new ImmutablePair<>(workspaceMetacard, Arrays.asList(queryMetacardWithSource, queryMetacardWithoutSource)));
    when(workspaceService.getQueryMetacards()).thenReturn(queryMetacards);
    long hitCount1 = 10;
    long hitCount2 = 20;
    QueryResponse queryResponse = mock(QueryResponse.class);
    when(queryResponse.getHits()).thenReturn(hitCount1).thenReturn(hitCount2);
    when(catalogFramework.query(any())).thenReturn(queryResponse);
    workspaceQueryServiceImpl.setSubject(new Subject() {

        @Override
        public boolean isGuest() {
            return false;
        }

        @Override
        public Object getPrincipal() {
            return null;
        }

        @Override
        public PrincipalCollection getPrincipals() {
            return null;
        }

        @Override
        public boolean isPermitted(String s) {
            return false;
        }

        @Override
        public boolean isPermitted(Permission permission) {
            return false;
        }

        @Override
        public boolean[] isPermitted(String... strings) {
            return new boolean[0];
        }

        @Override
        public boolean[] isPermitted(List<Permission> list) {
            return new boolean[0];
        }

        @Override
        public boolean isPermittedAll(String... strings) {
            return false;
        }

        @Override
        public boolean isPermittedAll(Collection<Permission> collection) {
            return false;
        }

        @Override
        public void checkPermission(String s) throws AuthorizationException {
        }

        @Override
        public void checkPermission(Permission permission) throws AuthorizationException {
        }

        @Override
        public void checkPermissions(String... strings) throws AuthorizationException {
        }

        @Override
        public void checkPermissions(Collection<Permission> collection) throws AuthorizationException {
        }

        @Override
        public boolean hasRole(String s) {
            return false;
        }

        @Override
        public boolean[] hasRoles(List<String> list) {
            return new boolean[0];
        }

        @Override
        public boolean hasAllRoles(Collection<String> collection) {
            return false;
        }

        @Override
        public void checkRole(String s) throws AuthorizationException {
        }

        @Override
        public void checkRoles(Collection<String> collection) throws AuthorizationException {
        }

        @Override
        public void checkRoles(String... strings) throws AuthorizationException {
        }

        @Override
        public void login(AuthenticationToken authenticationToken) throws AuthenticationException {
        }

        @Override
        public boolean isAuthenticated() {
            return false;
        }

        @Override
        public boolean isRemembered() {
            return false;
        }

        @Override
        public Session getSession() {
            return null;
        }

        @Override
        public Session getSession(boolean b) {
            return null;
        }

        @Override
        public void logout() {
        }

        @Override
        public <V> V execute(Callable<V> callable) throws ExecutionException {
            try {
                return callable.call();
            } catch (Exception e) {
                throw new ExecutionException(e);
            }
        }

        @Override
        public void execute(Runnable runnable) {
        }

        @Override
        public <V> Callable<V> associateWith(Callable<V> callable) {
            return null;
        }

        @Override
        public Runnable associateWith(Runnable runnable) {
            return null;
        }

        @Override
        public void runAs(PrincipalCollection principalCollection) throws NullPointerException, IllegalStateException {
        }

        @Override
        public boolean isRunAs() {
            return false;
        }

        @Override
        public PrincipalCollection getPreviousPrincipals() {
            return null;
        }

        @Override
        public PrincipalCollection releaseRunAs() {
            return null;
        }
    });
    workspaceQueryServiceImpl.setCronString("0 0 0 * * ?");
    workspaceQueryServiceImpl.setQueryTimeoutMinutes(5L);
    workspaceQueryServiceImpl.run();
    ArgumentCaptor<Map> argumentCaptor = ArgumentCaptor.forClass(Map.class);
    verify(queryUpdateSubscriber).notify(argumentCaptor.capture());
    Map queryUpdateSubscriberArgumentRaw = argumentCaptor.getValue();
    Map<String, Pair<WorkspaceMetacardImpl, Long>> queryUpdateSubscriberArgument = (Map<String, Pair<WorkspaceMetacardImpl, Long>>) queryUpdateSubscriberArgumentRaw;
    assertThat(queryUpdateSubscriberArgument.get(workspaceId).getRight(), is(hitCount1 + hitCount2));
}
Also used : Serializable(java.io.Serializable) Or(org.opengis.filter.Or) AuthenticationToken(org.apache.shiro.authc.AuthenticationToken) AuthorizationException(org.apache.shiro.authz.AuthorizationException) AuthenticationException(org.apache.shiro.authc.AuthenticationException) QueryMetacardImpl(org.codice.ddf.catalog.ui.metacard.workspace.QueryMetacardImpl) CatalogFramework(ddf.catalog.CatalogFramework) SchedulerContext(org.quartz.SchedulerContext) Permission(org.apache.shiro.authz.Permission) Optional(java.util.Optional) WorkspaceService(org.codice.ddf.catalog.ui.query.monitor.api.WorkspaceService) And(org.opengis.filter.And) QueryUpdateSubscriber(org.codice.ddf.catalog.ui.query.monitor.api.QueryUpdateSubscriber) Map(java.util.Map) Attribute(ddf.catalog.data.Attribute) Scheduler(org.quartz.Scheduler) FilterService(org.codice.ddf.catalog.ui.query.monitor.api.FilterService) PrincipalCollection(org.apache.shiro.subject.PrincipalCollection) Callable(java.util.concurrent.Callable) FilterBuilder(ddf.catalog.filter.FilterBuilder) SecurityService(org.codice.ddf.catalog.ui.query.monitor.api.SecurityService) ExecutionException(org.apache.shiro.subject.ExecutionException) Pair(org.apache.commons.lang3.tuple.Pair) ImmutablePair(org.apache.commons.lang3.tuple.ImmutablePair) Subject(ddf.security.Subject) SourceUnavailableException(ddf.catalog.source.SourceUnavailableException) UnsupportedQueryException(ddf.catalog.source.UnsupportedQueryException) SchedulerException(org.quartz.SchedulerException) FederationException(ddf.catalog.federation.FederationException) AuthorizationException(org.apache.shiro.authz.AuthorizationException) ExecutionException(org.apache.shiro.subject.ExecutionException) AuthenticationException(org.apache.shiro.authc.AuthenticationException) Filter(org.opengis.filter.Filter) QueryResponse(ddf.catalog.operation.QueryResponse) WorkspaceMetacardImpl(org.codice.ddf.catalog.ui.metacard.workspace.WorkspaceMetacardImpl) Session(org.apache.shiro.session.Session) Test(org.junit.Test)

Example 24 with Subject

use of ddf.security.Subject in project ddf by codice.

the class WorkspaceQueryServiceImpl method run.

/**
     * Main entry point, should be called by a scheduler.
     */
public void run() {
    SECURITY.runAsAdmin(() -> {
        Subject runSubject = subject != null ? subject : SECURITY.getSystemSubject();
        return runSubject.execute(() -> {
            LOGGER.trace("running workspace query service");
            Map<String, Pair<WorkspaceMetacardImpl, List<QueryMetacardImpl>>> queryMetacards = workspaceService.getQueryMetacards();
            LOGGER.debug("queryMetacards: size={}", queryMetacards.size());
            List<WorkspaceTask> workspaceTasks = createWorkspaceTasks(queryMetacards);
            LOGGER.debug("workspaceTasks: size={}", workspaceTasks.size());
            Map<String, Pair<WorkspaceMetacardImpl, Long>> results = executeWorkspaceTasks(workspaceTasks, queryTimeoutMinutes, TimeUnit.MINUTES);
            LOGGER.debug("results: {}", results);
            queryUpdateSubscriber.notify(results);
            return null;
        });
    });
}
Also used : QueryMetacardImpl(org.codice.ddf.catalog.ui.metacard.workspace.QueryMetacardImpl) Subject(ddf.security.Subject) Pair(org.apache.commons.lang3.tuple.Pair) ImmutablePair(org.apache.commons.lang3.tuple.ImmutablePair)

Example 25 with Subject

use of ddf.security.Subject in project ddf by codice.

the class UserApplication method init.

@Override
public void init() {
    get("/user", (req, res) -> {
        Subject subject = (Subject) SecurityUtils.getSubject();
        res.type(APPLICATION_JSON);
        return getSubjectAttributes(subject);
    }, util::getJson);
    put("/user/preferences", APPLICATION_JSON, (req, res) -> {
        Subject subject = (Subject) SecurityUtils.getSubject();
        if (subject.isGuest()) {
            res.status(401);
            return ImmutableMap.of("message", "Guest cannot save preferences.");
        }
        Map<String, Object> preferences = JsonFactory.create().parser().parseMap(req.body());
        if (preferences == null) {
            preferences = new HashMap<>();
        }
        setUserPreferences(subject, preferences);
        return preferences;
    }, util::getJson);
}
Also used : Subject(ddf.security.Subject)

Aggregations

Subject (ddf.security.Subject)94 Test (org.junit.Test)47 SecurityAssertion (ddf.security.assertion.SecurityAssertion)23 SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)23 HashMap (java.util.HashMap)20 Metacard (ddf.catalog.data.Metacard)18 SecurityManager (ddf.security.service.SecurityManager)14 IOException (java.io.IOException)14 Serializable (java.io.Serializable)14 CollectionPermission (ddf.security.permission.CollectionPermission)13 ArrayList (java.util.ArrayList)12 Map (java.util.Map)12 CreateRequest (ddf.catalog.operation.CreateRequest)11 CreateRequestImpl (ddf.catalog.operation.impl.CreateRequestImpl)11 UnsupportedQueryException (ddf.catalog.source.UnsupportedQueryException)10 SecurityServiceException (ddf.security.service.SecurityServiceException)10 HashSet (java.util.HashSet)10 PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)9 Before (org.junit.Before)9 HttpServletRequest (javax.servlet.http.HttpServletRequest)8