use of org.apache.geode.security.NotAuthorizedException in project geode by apache.
the class ContainsKey method cmdExecute.
@Override
public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) throws IOException {
Part regionNamePart = null;
Part keyPart = null;
String regionName = null;
Object key = null;
CacheServerStats stats = serverConnection.getCacheServerStats();
serverConnection.setAsTrue(REQUIRES_RESPONSE);
{
long oldStart = start;
start = DistributionStats.getStatTime();
stats.incReadContainsKeyRequestTime(start - oldStart);
}
// Retrieve the data from the message parts
regionNamePart = clientMessage.getPart(0);
keyPart = clientMessage.getPart(1);
regionName = regionNamePart.getString();
try {
key = keyPart.getStringOrObject();
} catch (Exception e) {
writeException(clientMessage, e, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
if (logger.isDebugEnabled()) {
logger.debug("{}: Received containsKey request ({} bytes) from {} for region {} key {}", serverConnection.getName(), clientMessage.getPayloadLength(), serverConnection.getSocketString(), regionName, key);
}
// Process the containsKey request
if (key == null || regionName == null) {
String errMessage = "";
if (key == null) {
logger.warn(LocalizedMessage.create(LocalizedStrings.ContainsKey_0_THE_INPUT_KEY_FOR_THE_CONTAINSKEY_REQUEST_IS_NULL, serverConnection.getName()));
errMessage = LocalizedStrings.ContainsKey_THE_INPUT_KEY_FOR_THE_CONTAINSKEY_REQUEST_IS_NULL.toLocalizedString();
}
if (regionName == null) {
logger.warn(LocalizedMessage.create(LocalizedStrings.ContainsKey_0_THE_INPUT_REGION_NAME_FOR_THE_CONTAINSKEY_REQUEST_IS_NULL, serverConnection.getName()));
errMessage = LocalizedStrings.ContainsKey_THE_INPUT_REGION_NAME_FOR_THE_CONTAINSKEY_REQUEST_IS_NULL.toLocalizedString();
}
writeErrorResponse(clientMessage, MessageType.CONTAINS_KEY_DATA_ERROR, errMessage, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
LocalRegion region = (LocalRegion) serverConnection.getCache().getRegion(regionName);
if (region == null) {
String reason = LocalizedStrings.ContainsKey_WAS_NOT_FOUND_DURING_CONTAINSKEY_REQUEST.toLocalizedString();
writeRegionDestroyedEx(clientMessage, regionName, reason, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
try {
this.securityService.authorizeRegionRead(regionName, key.toString());
} catch (NotAuthorizedException ex) {
writeException(clientMessage, ex, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
AuthorizeRequest authzRequest = serverConnection.getAuthzRequest();
if (authzRequest != null) {
try {
authzRequest.containsKeyAuthorize(regionName, key);
} catch (NotAuthorizedException ex) {
writeException(clientMessage, ex, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
}
// Execute the containsKey
boolean containsKey = region.containsKey(key);
// Update the statistics and write the reply
{
long oldStart = start;
start = DistributionStats.getStatTime();
stats.incProcessContainsKeyTime(start - oldStart);
}
writeContainsKeyResponse(containsKey, clientMessage, serverConnection);
serverConnection.setAsTrue(RESPONDED);
if (logger.isDebugEnabled()) {
logger.debug("{}: Sent containsKey response for region {} key {}", serverConnection.getName(), regionName, key);
}
stats.incWriteContainsKeyResponseTime(DistributionStats.getStatTime() - start);
}
use of org.apache.geode.security.NotAuthorizedException in project geode by apache.
the class CreateRegion method cmdExecute.
@Override
public void cmdExecute(Message clientMessage, ServerConnection serverConnection, long start) throws IOException {
Part regionNamePart = null;
String regionName = null;
serverConnection.setAsTrue(REQUIRES_RESPONSE);
// bserverStats.incLong(readDestroyRequestTimeId,
// DistributionStats.getStatTime() - start);
// bserverStats.incInt(destroyRequestsId, 1);
// start = DistributionStats.getStatTime();
// Retrieve the data from the message parts
Part parentRegionNamePart = clientMessage.getPart(0);
String parentRegionName = parentRegionNamePart.getString();
regionNamePart = clientMessage.getPart(1);
regionName = regionNamePart.getString();
if (logger.isDebugEnabled()) {
logger.debug("{}: Received create region request ({} bytes) from {} for parent region {} region {}", serverConnection.getName(), clientMessage.getPayloadLength(), serverConnection.getSocketString(), parentRegionName, regionName);
}
// Process the create region request
if (parentRegionName == null || regionName == null) {
String errMessage = "";
if (parentRegionName == null) {
logger.warn(LocalizedMessage.create(LocalizedStrings.CreateRegion_0_THE_INPUT_PARENT_REGION_NAME_FOR_THE_CREATE_REGION_REQUEST_IS_NULL, serverConnection.getName()));
errMessage = LocalizedStrings.CreateRegion_THE_INPUT_PARENT_REGION_NAME_FOR_THE_CREATE_REGION_REQUEST_IS_NULL.toLocalizedString();
}
if (regionName == null) {
logger.warn(LocalizedMessage.create(LocalizedStrings.CreateRegion_0_THE_INPUT_REGION_NAME_FOR_THE_CREATE_REGION_REQUEST_IS_NULL, serverConnection.getName()));
errMessage = LocalizedStrings.CreateRegion_THE_INPUT_REGION_NAME_FOR_THE_CREATE_REGION_REQUEST_IS_NULL.toLocalizedString();
}
writeErrorResponse(clientMessage, MessageType.CREATE_REGION_DATA_ERROR, errMessage, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
Region parentRegion = serverConnection.getCache().getRegion(parentRegionName);
if (parentRegion == null) {
String reason = LocalizedStrings.CreateRegion__0_WAS_NOT_FOUND_DURING_SUBREGION_CREATION_REQUEST.toLocalizedString(parentRegionName);
writeRegionDestroyedEx(clientMessage, parentRegionName, reason, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
try {
this.securityService.authorizeDataManage();
} catch (NotAuthorizedException ex) {
writeException(clientMessage, ex, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
AuthorizeRequest authzRequest = serverConnection.getAuthzRequest();
if (authzRequest != null) {
try {
authzRequest.createRegionAuthorize(parentRegionName + '/' + regionName);
} catch (NotAuthorizedException ex) {
writeException(clientMessage, ex, false, serverConnection);
serverConnection.setAsTrue(RESPONDED);
return;
}
}
// Create or get the subregion
Region region = parentRegion.getSubregion(regionName);
if (region == null) {
AttributesFactory factory = new AttributesFactory(parentRegion.getAttributes());
region = parentRegion.createSubregion(regionName, factory.create());
if (logger.isDebugEnabled()) {
logger.debug("{}: Created region {}", serverConnection.getName(), region);
}
} else {
if (logger.isDebugEnabled()) {
logger.debug("{}: Retrieved region {}", serverConnection.getName(), region);
}
}
// Update the statistics and write the reply
// start = DistributionStats.getStatTime(); WHY ARE WE GETTING START AND
// NOT USING IT
// bserverStats.incLong(processDestroyTimeId,
// DistributionStats.getStatTime() - start);
writeReply(clientMessage, serverConnection);
serverConnection.setAsTrue(RESPONDED);
if (logger.isDebugEnabled()) {
logger.debug("{}: Sent create region response for parent region {} region {}", serverConnection.getName(), parentRegionName, regionName);
}
}
use of org.apache.geode.security.NotAuthorizedException in project geode by apache.
the class AuthorizeRequest method executeCQAuthorize.
public ExecuteCQOperationContext executeCQAuthorize(String cqName, String queryString, Set regionNames) throws NotAuthorizedException {
if (regionNames == null) {
regionNames = new HashSet();
}
ExecuteCQOperationContext executeCQContext = new ExecuteCQOperationContext(cqName, queryString, regionNames, false);
if (!this.authzCallback.authorizeOperation(null, executeCQContext)) {
String errStr = LocalizedStrings.AuthorizeRequest_NOT_AUTHORIZED_TO_PERFOM_EXECUTE_CQ_OPERATION_0_ON_THE_CACHE.toLocalizedString(queryString);
this.logger.warning(LocalizedStrings.TWO_ARG_COLON, new Object[] { this, errStr });
if (this.isPrincipalSerializable) {
throw new NotAuthorizedException(errStr, this.principal);
} else {
throw new NotAuthorizedException(errStr);
}
} else {
if (this.logger.finestEnabled()) {
this.logger.finest(toString() + ": Authorized to perform EXECUTE_CQ operation [" + queryString + "] on cache");
}
}
return executeCQContext;
}
use of org.apache.geode.security.NotAuthorizedException in project geode by apache.
the class AuthorizeRequest method containsKeyAuthorize.
public void containsKeyAuthorize(String regionName, Object key) throws NotAuthorizedException {
ContainsKeyOperationContext containsKeyContext = new ContainsKeyOperationContext(key);
if (!this.authzCallback.authorizeOperation(regionName, containsKeyContext)) {
String errStr = LocalizedStrings.AuthorizeRequest_NOT_AUTHORIZED_TO_PERFORM_CONTAINS_KEY_OPERATION_ON_REGION_0.toLocalizedString(regionName);
this.logger.warning(LocalizedStrings.TWO_ARG_COLON, new Object[] { this, errStr });
if (this.isPrincipalSerializable) {
throw new NotAuthorizedException(errStr, this.principal);
} else {
throw new NotAuthorizedException(errStr);
}
} else {
if (this.logger.finestEnabled()) {
this.logger.finest(toString() + ": Authorized to perform CONTAINS_KEY operation on region [" + regionName + ']');
}
}
}
use of org.apache.geode.security.NotAuthorizedException in project geode by apache.
the class AuthorizeRequest method queryAuthorize.
public QueryOperationContext queryAuthorize(String queryString, Set regionNames, Object[] queryParams) throws NotAuthorizedException {
if (regionNames == null) {
regionNames = new HashSet();
}
QueryOperationContext queryContext = new QueryOperationContext(queryString, regionNames, false, queryParams);
if (!this.authzCallback.authorizeOperation(null, queryContext)) {
String errStr = LocalizedStrings.AuthorizeRequest_NOT_AUTHORIZED_TO_PERFOM_QUERY_OPERATION_0_ON_THE_CACHE.toLocalizedString(queryString);
this.logger.warning(LocalizedStrings.TWO_ARG_COLON, new Object[] { this, errStr });
if (this.isPrincipalSerializable) {
throw new NotAuthorizedException(errStr, this.principal);
} else {
throw new NotAuthorizedException(errStr);
}
} else {
if (this.logger.finestEnabled()) {
this.logger.finest(toString() + ": Authorized to perform QUERY operation [" + queryString + "] on cache");
}
}
return queryContext;
}
Aggregations