Example 21 with Subject
use of ddf.security.Subject in project ddf by codice.
the class AbstractCswSource method query.
@Override
public SourceResponse query(QueryRequest queryRequest) throws UnsupportedQueryException {
Subject subject = (Subject) queryRequest.getPropertyValue(SecurityConstants.SECURITY_SUBJECT);
Csw csw = factory.getClientForSubject(subject);
return query(queryRequest, ElementSetType.FULL, null, csw);
}Example 22 with Subject
use of ddf.security.Subject in project ddf by codice.
the class AbstractCswSource method getCapabilities.
protected CapabilitiesType getCapabilities() {
CapabilitiesType caps = null;
Subject subject = getSystemSubject();
Csw csw = factory.getClientForSubject(subject);
try {
LOGGER.debug("Doing getCapabilities() call for CSW");
GetCapabilitiesRequest request = new GetCapabilitiesRequest(CswConstants.CSW);
request.setAcceptVersions(CswConstants.VERSION_2_0_2 + "," + CswConstants.VERSION_2_0_1);
caps = csw.getCapabilities(request);
} catch (CswException cswe) {
LOGGER.info(CSW_SERVER_ERROR + " Received HTTP code '{}' from server for source with id='{}'. Set Logging to DEBUG for details.", cswe.getHttpStatus(), cswSourceConfiguration.getId());
LOGGER.debug(CSW_SERVER_ERROR, cswe);
} catch (WebApplicationException wae) {
LOGGER.debug(handleWebApplicationException(wae), wae);
} catch (Exception ce) {
handleClientException(ce);
}
return caps;
}
Also used :
GetCapabilitiesRequest(org.codice.ddf.spatial.ogc.csw.catalog.common.GetCapabilitiesRequest)
WebApplicationException(javax.ws.rs.WebApplicationException)
SpatialCapabilitiesType(net.opengis.filter.v_1_1_0.SpatialCapabilitiesType)
CapabilitiesType(net.opengis.cat.csw.v_2_0_2.CapabilitiesType)
GetCapabilitiesType(net.opengis.cat.csw.v_2_0_2.GetCapabilitiesType)
Csw(org.codice.ddf.spatial.ogc.csw.catalog.common.Csw)
CswException(org.codice.ddf.spatial.ogc.csw.catalog.common.CswException)
Subject(ddf.security.Subject)
SSLHandshakeException(javax.net.ssl.SSLHandshakeException)
ResourceNotFoundException(ddf.catalog.resource.ResourceNotFoundException)
WebApplicationException(javax.ws.rs.WebApplicationException)
ConnectException(java.net.ConnectException)
IOException(java.io.IOException)
UnsupportedQueryException(ddf.catalog.source.UnsupportedQueryException)
InvalidSyntaxException(org.osgi.framework.InvalidSyntaxException)
CswException(org.codice.ddf.spatial.ogc.csw.catalog.common.CswException)
JAXBException(javax.xml.bind.JAXBException)
CatalogTransformerException(ddf.catalog.transform.CatalogTransformerException)
ResourceNotSupportedException(ddf.catalog.resource.ResourceNotSupportedException)
Example 23 with Subject
use of ddf.security.Subject in project ddf by codice.
the class TestWorkspaceQueryService method testRun.
@SuppressWarnings("unchecked")
@Test
public void testRun() throws SchedulerException, UnsupportedQueryException, SourceUnavailableException, FederationException {
String workspaceId = "3";
QueryUpdateSubscriber queryUpdateSubscriber = mock(QueryUpdateSubscriber.class);
WorkspaceService workspaceService = mock(WorkspaceService.class);
CatalogFramework catalogFramework = mock(CatalogFramework.class);
FilterBuilder filterBuilder = mock(FilterBuilder.class);
Scheduler scheduler = mock(Scheduler.class);
when(scheduler.getContext()).thenReturn(mock(SchedulerContext.class));
Supplier<Optional<Scheduler>> schedulerSupplier = () -> Optional.of(scheduler);
SecurityService securityService = new SecurityService() {
@Override
public Subject getSystemSubject() {
return mock(Subject.class);
}
@Override
public Map<String, Serializable> addSystemSubject(Map<String, Serializable> properties) {
return properties;
}
};
FilterService filterService = mock(FilterService.class);
when(filterService.getModifiedDateFilter(any())).thenReturn(mock(Filter.class));
when(filterBuilder.anyOf(Mockito.any(Filter.class))).thenReturn(mock(Or.class));
when(filterBuilder.allOf(Mockito.<Filter>anyVararg())).thenReturn(mock(And.class));
WorkspaceQueryServiceImpl workspaceQueryServiceImpl = new WorkspaceQueryServiceImpl(queryUpdateSubscriber, workspaceService, catalogFramework, filterBuilder, schedulerSupplier, securityService, filterService);
workspaceQueryServiceImpl.setQueryTimeInterval(60);
String ecql = "area( Polygon((10 10, 20 10, 20 20, 10 10)) ) BETWEEN 10000 AND 30000";
WorkspaceMetacardImpl workspaceMetacard = mock(WorkspaceMetacardImpl.class);
when(workspaceMetacard.getId()).thenReturn(workspaceId);
QueryMetacardImpl queryMetacardWithSource = mock(QueryMetacardImpl.class);
when(queryMetacardWithSource.getSources()).thenReturn(Collections.singletonList("SomeSource"));
when(queryMetacardWithSource.getCql()).thenReturn(ecql);
Attribute id1 = mock(Attribute.class);
when(id1.getValue()).thenReturn("1");
when(queryMetacardWithSource.getAttribute(Metacard.ID)).thenReturn(id1);
QueryMetacardImpl queryMetacardWithoutSource = mock(QueryMetacardImpl.class);
when(queryMetacardWithoutSource.getSources()).thenReturn(Collections.emptyList());
when(queryMetacardWithoutSource.getCql()).thenReturn(ecql);
Attribute id2 = mock(Attribute.class);
when(id2.getValue()).thenReturn("2");
when(queryMetacardWithoutSource.getAttribute(Metacard.ID)).thenReturn(id2);
Map<String, Pair<WorkspaceMetacardImpl, List<QueryMetacardImpl>>> queryMetacards = Collections.singletonMap(id2.getValue().toString(), new ImmutablePair<>(workspaceMetacard, Arrays.asList(queryMetacardWithSource, queryMetacardWithoutSource)));
when(workspaceService.getQueryMetacards()).thenReturn(queryMetacards);
long hitCount1 = 10;
long hitCount2 = 20;
QueryResponse queryResponse = mock(QueryResponse.class);
when(queryResponse.getHits()).thenReturn(hitCount1).thenReturn(hitCount2);
when(catalogFramework.query(any())).thenReturn(queryResponse);
workspaceQueryServiceImpl.setSubject(new Subject() {
@Override
public boolean isGuest() {
return false;
}
@Override
public Object getPrincipal() {
return null;
}
@Override
public PrincipalCollection getPrincipals() {
return null;
}
@Override
public boolean isPermitted(String s) {
return false;
}
@Override
public boolean isPermitted(Permission permission) {
return false;
}
@Override
public boolean[] isPermitted(String... strings) {
return new boolean[0];
}
@Override
public boolean[] isPermitted(List<Permission> list) {
return new boolean[0];
}
@Override
public boolean isPermittedAll(String... strings) {
return false;
}
@Override
public boolean isPermittedAll(Collection<Permission> collection) {
return false;
}
@Override
public void checkPermission(String s) throws AuthorizationException {
}
@Override
public void checkPermission(Permission permission) throws AuthorizationException {
}
@Override
public void checkPermissions(String... strings) throws AuthorizationException {
}
@Override
public void checkPermissions(Collection<Permission> collection) throws AuthorizationException {
}
@Override
public boolean hasRole(String s) {
return false;
}
@Override
public boolean[] hasRoles(List<String> list) {
return new boolean[0];
}
@Override
public boolean hasAllRoles(Collection<String> collection) {
return false;
}
@Override
public void checkRole(String s) throws AuthorizationException {
}
@Override
public void checkRoles(Collection<String> collection) throws AuthorizationException {
}
@Override
public void checkRoles(String... strings) throws AuthorizationException {
}
@Override
public void login(AuthenticationToken authenticationToken) throws AuthenticationException {
}
@Override
public boolean isAuthenticated() {
return false;
}
@Override
public boolean isRemembered() {
return false;
}
@Override
public Session getSession() {
return null;
}
@Override
public Session getSession(boolean b) {
return null;
}
@Override
public void logout() {
}
@Override
public <V> V execute(Callable<V> callable) throws ExecutionException {
try {
return callable.call();
} catch (Exception e) {
throw new ExecutionException(e);
}
}
@Override
public void execute(Runnable runnable) {
}
@Override
public <V> Callable<V> associateWith(Callable<V> callable) {
return null;
}
@Override
public Runnable associateWith(Runnable runnable) {
return null;
}
@Override
public void runAs(PrincipalCollection principalCollection) throws NullPointerException, IllegalStateException {
}
@Override
public boolean isRunAs() {
return false;
}
@Override
public PrincipalCollection getPreviousPrincipals() {
return null;
}
@Override
public PrincipalCollection releaseRunAs() {
return null;
}
});
workspaceQueryServiceImpl.setCronString("0 0 0 * * ?");
workspaceQueryServiceImpl.setQueryTimeoutMinutes(5L);
workspaceQueryServiceImpl.run();
ArgumentCaptor<Map> argumentCaptor = ArgumentCaptor.forClass(Map.class);
verify(queryUpdateSubscriber).notify(argumentCaptor.capture());
Map queryUpdateSubscriberArgumentRaw = argumentCaptor.getValue();
Map<String, Pair<WorkspaceMetacardImpl, Long>> queryUpdateSubscriberArgument = (Map<String, Pair<WorkspaceMetacardImpl, Long>>) queryUpdateSubscriberArgumentRaw;
assertThat(queryUpdateSubscriberArgument.get(workspaceId).getRight(), is(hitCount1 + hitCount2));
}
Also used :
Serializable(java.io.Serializable)
Or(org.opengis.filter.Or)
AuthenticationToken(org.apache.shiro.authc.AuthenticationToken)
AuthorizationException(org.apache.shiro.authz.AuthorizationException)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
QueryMetacardImpl(org.codice.ddf.catalog.ui.metacard.workspace.QueryMetacardImpl)
CatalogFramework(ddf.catalog.CatalogFramework)
SchedulerContext(org.quartz.SchedulerContext)
Permission(org.apache.shiro.authz.Permission)
Optional(java.util.Optional)
WorkspaceService(org.codice.ddf.catalog.ui.query.monitor.api.WorkspaceService)
And(org.opengis.filter.And)
QueryUpdateSubscriber(org.codice.ddf.catalog.ui.query.monitor.api.QueryUpdateSubscriber)
Map(java.util.Map)
Attribute(ddf.catalog.data.Attribute)
Scheduler(org.quartz.Scheduler)
FilterService(org.codice.ddf.catalog.ui.query.monitor.api.FilterService)
PrincipalCollection(org.apache.shiro.subject.PrincipalCollection)
Callable(java.util.concurrent.Callable)
FilterBuilder(ddf.catalog.filter.FilterBuilder)
SecurityService(org.codice.ddf.catalog.ui.query.monitor.api.SecurityService)
ExecutionException(org.apache.shiro.subject.ExecutionException)
Pair(org.apache.commons.lang3.tuple.Pair)
ImmutablePair(org.apache.commons.lang3.tuple.ImmutablePair)
Subject(ddf.security.Subject)
SourceUnavailableException(ddf.catalog.source.SourceUnavailableException)
UnsupportedQueryException(ddf.catalog.source.UnsupportedQueryException)
SchedulerException(org.quartz.SchedulerException)
FederationException(ddf.catalog.federation.FederationException)
AuthorizationException(org.apache.shiro.authz.AuthorizationException)
ExecutionException(org.apache.shiro.subject.ExecutionException)
AuthenticationException(org.apache.shiro.authc.AuthenticationException)
Filter(org.opengis.filter.Filter)
QueryResponse(ddf.catalog.operation.QueryResponse)
WorkspaceMetacardImpl(org.codice.ddf.catalog.ui.metacard.workspace.WorkspaceMetacardImpl)
Session(org.apache.shiro.session.Session)
Test(org.junit.Test)
Example 24 with Subject
use of ddf.security.Subject in project ddf by codice.
the class WorkspaceQueryServiceImpl method run.
/**
* Main entry point, should be called by a scheduler.
*/
public void run() {
SECURITY.runAsAdmin(() -> {
Subject runSubject = subject != null ? subject : SECURITY.getSystemSubject();
return runSubject.execute(() -> {
LOGGER.trace("running workspace query service");
Map<String, Pair<WorkspaceMetacardImpl, List<QueryMetacardImpl>>> queryMetacards = workspaceService.getQueryMetacards();
LOGGER.debug("queryMetacards: size={}", queryMetacards.size());
List<WorkspaceTask> workspaceTasks = createWorkspaceTasks(queryMetacards);
LOGGER.debug("workspaceTasks: size={}", workspaceTasks.size());
Map<String, Pair<WorkspaceMetacardImpl, Long>> results = executeWorkspaceTasks(workspaceTasks, queryTimeoutMinutes, TimeUnit.MINUTES);
LOGGER.debug("results: {}", results);
queryUpdateSubscriber.notify(results);
return null;
});
});
}
Also used :
QueryMetacardImpl(org.codice.ddf.catalog.ui.metacard.workspace.QueryMetacardImpl)
Subject(ddf.security.Subject)
Pair(org.apache.commons.lang3.tuple.Pair)
ImmutablePair(org.apache.commons.lang3.tuple.ImmutablePair)
Example 25 with Subject
use of ddf.security.Subject in project ddf by codice.
the class UserApplication method init.
@Override
public void init() {
get("/user", (req, res) -> {
Subject subject = (Subject) SecurityUtils.getSubject();
res.type(APPLICATION_JSON);
return getSubjectAttributes(subject);
}, util::getJson);
put("/user/preferences", APPLICATION_JSON, (req, res) -> {
Subject subject = (Subject) SecurityUtils.getSubject();
if (subject.isGuest()) {
res.status(401);
return ImmutableMap.of("message", "Guest cannot save preferences.");
}
Map<String, Object> preferences = JsonFactory.create().parser().parseMap(req.body());
if (preferences == null) {
preferences = new HashMap<>();
}
setUserPreferences(subject, preferences);
return preferences;
}, util::getJson);
}
Also used :
Subject(ddf.security.Subject)
Aggregations
Subject (ddf.security.Subject)94
Test (org.junit.Test)47
SecurityAssertion (ddf.security.assertion.SecurityAssertion)23
SecurityToken (org.apache.cxf.ws.security.tokenstore.SecurityToken)23
HashMap (java.util.HashMap)20
Metacard (ddf.catalog.data.Metacard)18
SecurityManager (ddf.security.service.SecurityManager)14
IOException (java.io.IOException)14
Serializable (java.io.Serializable)14
CollectionPermission (ddf.security.permission.CollectionPermission)13
ArrayList (java.util.ArrayList)12
Map (java.util.Map)12
CreateRequest (ddf.catalog.operation.CreateRequest)11
CreateRequestImpl (ddf.catalog.operation.impl.CreateRequestImpl)11
UnsupportedQueryException (ddf.catalog.source.UnsupportedQueryException)10
SecurityServiceException (ddf.security.service.SecurityServiceException)10
HashSet (java.util.HashSet)10
PrincipalCollection (org.apache.shiro.subject.PrincipalCollection)9
Before (org.junit.Before)9
HttpServletRequest (javax.servlet.http.HttpServletRequest)8
