Example 86 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project iaf by ibissource.
the class AuthorizationFilter method filter.
@Override
public void filter(ContainerRequestContext requestContext) throws IOException {
SecurityContext securityContext = requestContext.getSecurityContext();
if (securityContext.getUserPrincipal() == null) {
// No userPrincipal, authentication is disabled.
return;
}
if (requestContext.getMethod().equalsIgnoreCase("OPTIONS")) {
// Preflight in here?
return;
}
Message message = JAXRSUtils.getCurrentMessage();
Method method = (Method) message.get("org.apache.cxf.resource.method");
if (method == null) {
log.error("unable to fetch resource method from CXF Message");
requestContext.abortWith(SERVER_ERROR);
return;
}
if (method.isAnnotationPresent(DenyAll.class)) {
// Functionality has been disallowed.
requestContext.abortWith(FORBIDDEN);
return;
}
if (method.isAnnotationPresent(PermitAll.class)) {
// No authorization required.
return;
}
// Presume `PermitAll` when RolesAllowed annotation is not set
if (method.isAnnotationPresent(RolesAllowed.class)) {
RolesAllowed rolesAnnotation = method.getAnnotation(RolesAllowed.class);
Set<String> rolesSet = new HashSet<String>(Arrays.asList(rolesAnnotation.value()));
log.info("checking authorisation for user [" + securityContext.getUserPrincipal().getName() + "] on uri [" + method.getAnnotation(javax.ws.rs.Path.class).value() + "] required roles " + rolesSet.toString());
if (!doAuth(securityContext, rolesSet)) {
requestContext.abortWith(FORBIDDEN);
return;
}
}
}
Also used :
RolesAllowed(javax.annotation.security.RolesAllowed)
Message(org.apache.cxf.message.Message)
SecurityContext(javax.ws.rs.core.SecurityContext)
Method(java.lang.reflect.Method)
HashSet(java.util.HashSet)
Example 87 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project iaf by ibissource.
the class BrowseJdbcTable method execute.
@POST
@RolesAllowed({ "IbisDataAdmin", "IbisAdmin", "IbisTester" })
@Path("/jdbc/browse")
@Consumes(MediaType.APPLICATION_JSON)
@Produces(MediaType.APPLICATION_JSON)
public Response execute(LinkedHashMap<String, Object> json) throws ApiException {
String datasource = null, tableName = null, where = "", order = "";
Boolean numberOfRowsOnly = false;
int minRow = 1, maxRow = 100;
for (Entry<String, Object> entry : json.entrySet()) {
String key = entry.getKey();
if (key.equalsIgnoreCase("datasource")) {
datasource = entry.getValue().toString();
}
if (key.equalsIgnoreCase("table")) {
tableName = entry.getValue().toString();
}
if (key.equalsIgnoreCase("where")) {
where = entry.getValue().toString();
}
if (key.equalsIgnoreCase("order")) {
order = entry.getValue().toString();
}
if (key.equalsIgnoreCase("numberOfRowsOnly")) {
numberOfRowsOnly = Boolean.parseBoolean(entry.getValue().toString());
}
if (key.equalsIgnoreCase("minRow")) {
if (entry.getValue() != "") {
minRow = Integer.parseInt(entry.getValue().toString());
minRow = Math.max(minRow, 0);
}
}
if (key.equalsIgnoreCase("maxRow")) {
if (entry.getValue() != "") {
maxRow = Integer.parseInt(entry.getValue().toString());
maxRow = Math.max(maxRow, 1);
}
}
}
if (datasource == null || tableName == null) {
throw new ApiException("datasource and/or tableName not defined.", 400);
}
if (maxRow < minRow)
throw new ApiException("Rownum max must be greater than or equal to Rownum min", 400);
if (maxRow - minRow >= 100) {
throw new ApiException("Difference between Rownum max and Rownum min must be less than hundred", 400);
}
if (!readAllowed(permissionRules, tableName))
throw new ApiException("Access to table (" + tableName + ") not allowed", 400);
// We have all info we need, lets execute the query!
Map<String, Object> fieldDef = new LinkedHashMap<>();
String result = "";
String query = null;
DirectQuerySender qs;
try {
qs = getIbisContext().createBeanAutowireByName(DirectQuerySender.class);
} catch (Exception e) {
throw new ApiException("An error occured on creating or closing the connection!", e);
}
try {
qs.setName("QuerySender");
qs.setDatasourceName(datasource);
qs.setQueryType("select");
qs.setSqlDialect("Oracle");
qs.setBlobSmartGet(true);
qs.setIncludeFieldDefinition(true);
qs.configure(true);
qs.open();
try (Connection conn = qs.getConnection()) {
ResultSet rs = null;
try {
rs = conn.getMetaData().getColumns(null, null, tableName, null);
if (!rs.isBeforeFirst()) {
rs.close();
rs = conn.getMetaData().getColumns(null, null, tableName.toUpperCase(), null);
}
StringBuilder fielddefinition = new StringBuilder("<fielddefinition>");
String field = null;
if (!numberOfRowsOnly) {
field = "<field name=\"" + rnumColumnName + "\" type=\"INTEGER\" />";
fielddefinition.append(field);
fieldDef.put(rnumColumnName, "INTEGER");
while (rs.next()) {
field = "<field name=\"" + rs.getString(COLUMN_NAME) + "\" type=\"" + DB2XMLWriter.getFieldType(rs.getInt(DATA_TYPE)) + "\" size=\"" + rs.getInt(COLUMN_SIZE) + "\"/>";
fielddefinition.append(field);
fieldDef.put(rs.getString(COLUMN_NAME), DB2XMLWriter.getFieldType(rs.getInt(DATA_TYPE)) + "(" + rs.getInt(COLUMN_SIZE) + ")");
}
} else {
field = "<field name=\"" + countColumnName + "\" type=\"INTEGER\" />";
fielddefinition.append(field);
fieldDef.put(countColumnName, "INTEGER");
if (StringUtils.isNotEmpty(order)) {
rs = conn.getMetaData().getColumns(null, null, tableName, order);
while (rs.next()) {
field = "<field name=\"" + rs.getString(COLUMN_NAME) + "\" type=\"" + DB2XMLWriter.getFieldType(rs.getInt(DATA_TYPE)) + "\" size=\"" + rs.getInt(COLUMN_SIZE) + "\"/>";
fielddefinition.append(field);
fieldDef.put(rs.getString(COLUMN_NAME), DB2XMLWriter.getFieldType(rs.getInt(DATA_TYPE)) + "(" + rs.getInt(COLUMN_SIZE) + ")");
}
}
}
fielddefinition.append("</fielddefinition>");
String browseJdbcTableExecuteREQ = "<browseJdbcTableExecuteREQ>" + "<dbmsName>" + qs.getDbmsSupport().getDbmsName() + "</dbmsName>" + "<countColumnName>" + countColumnName + "</countColumnName>" + "<rnumColumnName>" + rnumColumnName + "</rnumColumnName>" + "<tableName>" + tableName + "</tableName>" + "<where>" + XmlUtils.encodeChars(where) + "</where>" + "<numberOfRowsOnly>" + numberOfRowsOnly + "</numberOfRowsOnly>" + "<order>" + order + "</order>" + "<rownumMin>" + minRow + "</rownumMin>" + "<rownumMax>" + maxRow + "</rownumMax>" + fielddefinition + "<maxColumnSize>1000</maxColumnSize>" + "</browseJdbcTableExecuteREQ>";
URL url = ClassUtils.getResourceURL(DB2XML_XSLT);
if (url != null) {
Transformer t = XmlUtils.createTransformer(url);
query = XmlUtils.transformXml(t, browseJdbcTableExecuteREQ);
}
result = qs.sendMessage(new Message(query), null).asString();
} finally {
if (rs != null) {
rs.close();
}
}
}
} catch (Throwable t) {
throw new ApiException("An error occured on executing jdbc query [" + query + "]", t);
} finally {
qs.close();
}
List<Map<String, String>> resultMap = null;
if (XmlUtils.isWellFormed(result)) {
try {
resultMap = new QueryOutputToListOfMaps().parseString(result);
} catch (IOException | SAXException e) {
throw new ApiException("Query result could not be parsed.", e);
}
}
if (resultMap == null)
throw new ApiException("Invalid query result [null].", 400);
Map<String, Object> resultObject = new HashMap<String, Object>();
resultObject.put("table", tableName);
resultObject.put("query", XmlUtils.encodeChars(query));
resultObject.put("fielddefinition", fieldDef);
resultObject.put("result", resultMap);
return Response.status(Response.Status.CREATED).entity(resultObject).build();
}
Also used :
Transformer(javax.xml.transform.Transformer)
Message(nl.nn.adapterframework.stream.Message)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
Connection(java.sql.Connection)
DirectQuerySender(nl.nn.adapterframework.jdbc.DirectQuerySender)
QueryOutputToListOfMaps(nl.nn.adapterframework.jdbc.transformer.QueryOutputToListOfMaps)
IOException(java.io.IOException)
IOException(java.io.IOException)
SAXException(org.xml.sax.SAXException)
URL(java.net.URL)
LinkedHashMap(java.util.LinkedHashMap)
SAXException(org.xml.sax.SAXException)
ResultSet(java.sql.ResultSet)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
Map(java.util.Map)
Path(javax.ws.rs.Path)
RolesAllowed(javax.annotation.security.RolesAllowed)
POST(javax.ws.rs.POST)
Consumes(javax.ws.rs.Consumes)
Produces(javax.ws.rs.Produces)
Example 88 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project iaf by ibissource.
the class TransactionalStorage method browseReceiverMessages.
@GET
@RolesAllowed({ "IbisDataAdmin", "IbisAdmin", "IbisTester" })
@Path("/adapters/{adapterName}/receivers/{receiverName}/stores/{processState}")
@Produces(MediaType.APPLICATION_JSON)
public Response browseReceiverMessages(@PathParam("adapterName") String adapterName, @PathParam("receiverName") String receiverName, @PathParam("processState") String processState, @QueryParam("type") String type, @QueryParam("host") String host, @QueryParam("id") String id, @QueryParam("messageId") String messageId, @QueryParam("correlationId") String correlationId, @QueryParam("comment") String comment, @QueryParam("message") String message, @QueryParam("label") String label, @QueryParam("startDate") String startDateStr, @QueryParam("endDate") String endDateStr, @QueryParam("sort") String sort, @QueryParam("skip") int skipMessages, @QueryParam("max") int maxMessages) throws ApiException {
Adapter adapter = getIbisManager().getRegisteredAdapter(adapterName);
if (adapter == null) {
throw new ApiException("Adapter not found!");
}
Receiver<?> receiver = adapter.getReceiverByName(receiverName);
if (receiver == null) {
throw new ApiException("Receiver [" + receiverName + "] not found!");
}
// StorageType
ProcessState state = ProcessState.getProcessStateFromName(processState);
IMessageBrowser<?> storage = receiver.getMessageBrowser(state);
Map<ProcessState, Map<String, String>> targetPSInfo = getTargetProcessStateInfo(receiver.targetProcessStates().get(state));
if (storage == null) {
throw new ApiException("no IMessageBrowser found");
}
// Apply filters
MessageBrowsingFilter filter = new MessageBrowsingFilter(maxMessages, skipMessages);
filter.setTypeMask(type);
filter.setHostMask(host);
filter.setIdMask(id);
filter.setMessageIdMask(messageId);
filter.setCorrelationIdMask(correlationId);
filter.setCommentMask(comment);
filter.setMessageMask(message, storage, receiver.getListener());
filter.setLabelMask(label);
filter.setStartDateMask(startDateStr);
filter.setEndDateMask(endDateStr);
if ("desc".equalsIgnoreCase(sort))
filter.setSortOrder(SortOrder.DESC);
if ("asc".equalsIgnoreCase(sort))
filter.setSortOrder(SortOrder.ASC);
Map<String, Object> resultObj = getMessages(storage, filter);
if (targetPSInfo != null && targetPSInfo.size() > 0) {
resultObj.put("targetStates", targetPSInfo);
}
return Response.status(Response.Status.OK).entity(resultObj).build();
}
Also used :
ProcessState(nl.nn.adapterframework.core.ProcessState)
Adapter(nl.nn.adapterframework.core.Adapter)
HashMap(java.util.HashMap)
LinkedHashMap(java.util.LinkedHashMap)
Map(java.util.Map)
MessageBrowsingFilter(nl.nn.adapterframework.util.MessageBrowsingFilter)
Path(javax.ws.rs.Path)
RolesAllowed(javax.annotation.security.RolesAllowed)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Example 89 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project iaf by ibissource.
the class TransactionalStorage method browsePipeMessages.
@GET
@RolesAllowed({ "IbisDataAdmin", "IbisAdmin", "IbisTester" })
@Path("/adapters/{adapterName}/pipes/{pipeName}/messages")
@Produces(MediaType.APPLICATION_JSON)
public Response browsePipeMessages(@PathParam("adapterName") String adapterName, @PathParam("pipeName") String pipeName, @QueryParam("type") String type, @QueryParam("host") String host, @QueryParam("id") String id, @QueryParam("messageId") String messageId, @QueryParam("correlationId") String correlationId, @QueryParam("comment") String comment, @QueryParam("message") String message, @QueryParam("label") String label, @QueryParam("startDate") String startDateStr, @QueryParam("endDate") String endDateStr, @QueryParam("sort") String sort, @QueryParam("skip") int skipMessages, @QueryParam("max") int maxMessages) throws ApiException {
Adapter adapter = getIbisManager().getRegisteredAdapter(adapterName);
if (adapter == null) {
throw new ApiException("Adapter not found!");
}
MessageSendingPipe pipe = (MessageSendingPipe) adapter.getPipeLine().getPipe(pipeName);
if (pipe == null) {
throw new ApiException("Pipe [" + pipeName + "] not found!");
}
IMessageBrowser<?> storage = pipe.getMessageLog();
// Apply filters
MessageBrowsingFilter filter = new MessageBrowsingFilter(maxMessages, skipMessages);
filter.setTypeMask(type);
filter.setHostMask(host);
filter.setIdMask(id);
filter.setMessageIdMask(messageId);
filter.setCorrelationIdMask(correlationId);
filter.setCommentMask(comment);
filter.setMessageMask(message, storage);
filter.setLabelMask(label);
filter.setStartDateMask(startDateStr);
filter.setEndDateMask(endDateStr);
if ("desc".equalsIgnoreCase(sort))
filter.setSortOrder(SortOrder.DESC);
if ("asc".equalsIgnoreCase(sort))
filter.setSortOrder(SortOrder.ASC);
return Response.status(Response.Status.OK).entity(getMessages(storage, filter)).build();
}
Also used :
MessageSendingPipe(nl.nn.adapterframework.pipes.MessageSendingPipe)
Adapter(nl.nn.adapterframework.core.Adapter)
MessageBrowsingFilter(nl.nn.adapterframework.util.MessageBrowsingFilter)
Path(javax.ws.rs.Path)
RolesAllowed(javax.annotation.security.RolesAllowed)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Example 90 with RolesAllowed
use of javax.annotation.security.RolesAllowed in project iaf by ibissource.
the class TransactionalStorage method browseReceiverMessage.
@GET
@RolesAllowed({ "IbisDataAdmin", "IbisAdmin", "IbisTester" })
@Path("/adapters/{adapterName}/receivers/{receiverName}/stores/{processState}/messages/{messageId}")
@Produces(MediaType.APPLICATION_JSON)
public Response browseReceiverMessage(@PathParam("adapterName") String adapterName, @PathParam("receiverName") String receiverName, @PathParam("processState") String processState, @PathParam("messageId") String messageId) throws ApiException {
Adapter adapter = getIbisManager().getRegisteredAdapter(adapterName);
if (adapter == null) {
throw new ApiException("Adapter not found!");
}
Receiver<?> receiver = adapter.getReceiverByName(receiverName);
if (receiver == null) {
throw new ApiException("Receiver [" + receiverName + "] not found!");
}
IMessageBrowser<?> storage = receiver.getMessageBrowser(ProcessState.getProcessStateFromName(processState));
try {
// messageId is double URLEncoded, because it can contain '/' in ExchangeMailListener
messageId = Misc.urlDecode(messageId);
String message = getMessage(storage, receiver.getListener(), messageId);
StorageItemDTO entity = getMessageMetadata(storage, messageId, message);
return Response.status(Response.Status.OK).entity(entity).build();
} catch (ListenerException e) {
throw new ApiException("Could not get message metadata", e);
}
}
Also used :
ListenerException(nl.nn.adapterframework.core.ListenerException)
Adapter(nl.nn.adapterframework.core.Adapter)
Path(javax.ws.rs.Path)
RolesAllowed(javax.annotation.security.RolesAllowed)
Produces(javax.ws.rs.Produces)
GET(javax.ws.rs.GET)
Aggregations
RolesAllowed (javax.annotation.security.RolesAllowed)191
Path (javax.ws.rs.Path)127
Produces (javax.ws.rs.Produces)110
Consumes (javax.ws.rs.Consumes)55
GET (javax.ws.rs.GET)54
POST (javax.ws.rs.POST)40
PUT (javax.ws.rs.PUT)35
HashMap (java.util.HashMap)34
ArrayList (java.util.ArrayList)32
IOException (java.io.IOException)30
ApiOperation (io.swagger.annotations.ApiOperation)29
ApiResponses (io.swagger.annotations.ApiResponses)29
Response (javax.ws.rs.core.Response)28
Adapter (nl.nn.adapterframework.core.Adapter)21
DELETE (javax.ws.rs.DELETE)19
WebApplicationException (org.rembx.jeeshop.rest.WebApplicationException)19
LinkedHashMap (java.util.LinkedHashMap)16
Locale (java.util.Locale)16
Map (java.util.Map)12
ResponseBuilder (javax.ws.rs.core.Response.ResponseBuilder)12
