Search in sources :

Example 46 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class XUserMgr method searchXPermMaps.

public VXPermMapList searchXPermMaps(SearchCriteria searchCriteria) {
    VXPermMapList returnList;
    UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
    // If user is system admin
    if (currentUserSession != null && currentUserSession.isUserAdmin()) {
        returnList = super.searchXPermMaps(searchCriteria);
    } else {
        returnList = new VXPermMapList();
        int startIndex = searchCriteria.getStartIndex();
        int pageSize = searchCriteria.getMaxRows();
        searchCriteria.setStartIndex(0);
        searchCriteria.setMaxRows(Integer.MAX_VALUE);
        List<VXPermMap> resultList = xPermMapService.searchXPermMaps(searchCriteria).getVXPermMaps();
        List<VXPermMap> adminPermResourceList = new ArrayList<VXPermMap>();
        for (VXPermMap xXPermMap : resultList) {
            XXResource xRes = daoManager.getXXResource().getById(xXPermMap.getResourceId());
            VXResponse vXResponse = msBizUtil.hasPermission(xResourceService.populateViewBean(xRes), AppConstants.XA_PERM_TYPE_ADMIN);
            if (vXResponse.getStatusCode() == VXResponse.STATUS_SUCCESS) {
                adminPermResourceList.add(xXPermMap);
            }
        }
        if (adminPermResourceList.size() > 0) {
            populatePageList(adminPermResourceList, startIndex, pageSize, returnList);
        }
    }
    return returnList;
}
Also used : XXResource(org.apache.ranger.entity.XXResource) ArrayList(java.util.ArrayList) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 47 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class RangerBizUtil method getXUserId.

/**
 * returns current user's userID from active user sessions
 *
 * @return
 */
public Long getXUserId() {
    UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
    if (currentUserSession == null) {
        logger.debug("Unable to find session.");
        return null;
    }
    XXPortalUser user = daoManager.getXXPortalUser().getById(currentUserSession.getUserId());
    if (user == null) {
        logger.debug("XXPortalUser not found with logged in user id : " + currentUserSession.getUserId());
        return null;
    }
    XXUser xUser = daoManager.getXXUser().findByUserName(user.getLoginId());
    if (xUser == null) {
        logger.debug("XXPortalUser not found for user id :" + user.getId() + " with name " + user.getFirstName());
        return null;
    }
    return xUser.getId();
}
Also used : XXPortalUser(org.apache.ranger.entity.XXPortalUser) XXUser(org.apache.ranger.entity.XXUser) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 48 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class RangerBizUtil method isUserAllowed.

public boolean isUserAllowed(RangerService rangerService, String cfgNameAllowedUsers) {
    Map<String, String> map = rangerService.getConfigs();
    String user = null;
    UserSessionBase userSession = ContextUtil.getCurrentUserSession();
    if (userSession != null) {
        user = userSession.getLoginId();
    }
    if (map != null && map.containsKey(cfgNameAllowedUsers)) {
        String userNames = map.get(cfgNameAllowedUsers);
        String[] userList = userNames.split(",");
        if (userList != null) {
            for (String u : userList) {
                if ("*".equals(u) || (user != null && u.equalsIgnoreCase(user))) {
                    return true;
                }
            }
        }
    }
    return false;
}
Also used : VXString(org.apache.ranger.view.VXString) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 49 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class RangerBizUtil method blockAuditorRoleUser.

public void blockAuditorRoleUser() {
    UserSessionBase session = ContextUtil.getCurrentUserSession();
    if (session != null) {
        if (session.isAuditKeyAdmin() || session.isAuditUserAdmin()) {
            VXResponse vXResponse = new VXResponse();
            vXResponse.setStatusCode(HttpServletResponse.SC_UNAUTHORIZED);
            vXResponse.setMsgDesc("Operation" + " denied. LoggedInUser=" + session.getXXPortalUser().getId() + " ,isn't permitted to perform the action.");
            throw restErrorUtil.generateRESTException(vXResponse);
        }
    } else {
        VXResponse vXResponse = new VXResponse();
        vXResponse.setStatusCode(HttpServletResponse.SC_UNAUTHORIZED);
        vXResponse.setMsgDesc("Bad Credentials");
        throw restErrorUtil.generateRESTException(vXResponse);
    }
}
Also used : VXResponse(org.apache.ranger.view.VXResponse) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 50 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class RangerBizUtil method getCurrentUserLoginId.

/**
 * return username of currently logged in user
 *
 * @return
 */
public String getCurrentUserLoginId() {
    String ret = null;
    UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
    if (currentUserSession != null) {
        ret = currentUserSession.getLoginId();
    }
    return ret;
}
Also used : VXString(org.apache.ranger.view.VXString) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Aggregations

UserSessionBase (org.apache.ranger.common.UserSessionBase)69 RangerSecurityContext (org.apache.ranger.security.context.RangerSecurityContext)24 XXPortalUser (org.apache.ranger.entity.XXPortalUser)11 VXString (org.apache.ranger.view.VXString)11 XXUser (org.apache.ranger.entity.XXUser)8 ArrayList (java.util.ArrayList)6 XXPortalUserRole (org.apache.ranger.entity.XXPortalUserRole)6 XXService (org.apache.ranger.entity.XXService)5 VXResponse (org.apache.ranger.view.VXResponse)4 Test (org.junit.Test)4 Authentication (org.springframework.security.core.Authentication)4 HashSet (java.util.HashSet)3 HttpSession (javax.servlet.http.HttpSession)3 XXGroupUser (org.apache.ranger.entity.XXGroupUser)3 XXResource (org.apache.ranger.entity.XXResource)3 EntityManager (javax.persistence.EntityManager)2 CriteriaBuilder (javax.persistence.criteria.CriteriaBuilder)2 Predicate (javax.persistence.criteria.Predicate)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2