Search in sources :

Example 6 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class SessionMgr method getActiveUserSessionsForPortalUserId.

public Set<UserSessionBase> getActiveUserSessionsForPortalUserId(Long portalUserId) {
    CopyOnWriteArrayList<UserSessionBase> activeSessions = getActiveSessionsOnServer();
    if (CollectionUtils.isEmpty(activeSessions)) {
        return null;
    }
    Set<UserSessionBase> activeUserSessions = new HashSet<UserSessionBase>();
    for (UserSessionBase session : activeSessions) {
        if (session.getUserId().equals(portalUserId)) {
            activeUserSessions.add(session);
        }
    }
    if (logger.isDebugEnabled()) {
        logger.debug("No Session Found with portalUserId: " + portalUserId);
    }
    return activeUserSessions;
}
Also used : UserSessionBase(org.apache.ranger.common.UserSessionBase) HashSet(java.util.HashSet)

Example 7 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class UserMgr method updateRoleForExternalUsers.

protected VXPortalUser updateRoleForExternalUsers(Collection<String> reqRoleList, Collection<String> existingRoleList, VXPortalUser userProfileRes) {
    rangerBizUtil.blockAuditorRoleUser();
    UserSessionBase session = ContextUtil.getCurrentUserSession();
    if (session != null && session.getXXPortalUser() != null && session.getXXPortalUser().getLoginId() != null && "rangerusersync".equals(session.getXXPortalUser().getLoginId()) && reqRoleList != null && !reqRoleList.isEmpty() && existingRoleList != null && !existingRoleList.isEmpty()) {
        if (!reqRoleList.equals(existingRoleList)) {
            userProfileRes.setUserRoleList(reqRoleList);
            userProfileRes.setUserSource(RangerCommonEnums.USER_EXTERNAL);
            List<XXUserPermission> xuserPermissionList = daoManager.getXXUserPermission().findByUserPermissionId(userProfileRes.getId());
            if (xuserPermissionList != null && xuserPermissionList.size() > 0) {
                for (XXUserPermission xXUserPermission : xuserPermissionList) {
                    if (xXUserPermission != null) {
                        try {
                            xUserPermissionService.deleteResource(xXUserPermission.getId());
                        } catch (Exception e) {
                            logger.error(e.getMessage());
                        }
                    }
                }
            }
            updateUser(userProfileRes);
        }
    } else {
        if (logger.isDebugEnabled()) {
            logger.debug("Permission" + " denied. LoggedInUser=" + (session != null ? session.getXXPortalUser().getId() : "") + " isn't permitted to perform the action.");
        }
    }
    return userProfileRes;
}
Also used : XXUserPermission(org.apache.ranger.entity.XXUserPermission) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 8 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class UserMgr method deleteUserRole.

public boolean deleteUserRole(Long userId, XXPortalUserRole gjUserRole) {
    /*
		 * if (RangerConstants.ROLE_USER.equals(gjUserRole.getUserRole())) {
		 * return false; }
		 */
    rangerBizUtil.blockAuditorRoleUser();
    boolean publicRole = false;
    for (String publicRoleStr : publicRoles) {
        if (publicRoleStr.equalsIgnoreCase(gjUserRole.getUserRole())) {
            publicRole = true;
            break;
        }
    }
    if (!publicRole) {
        UserSessionBase sess = ContextUtil.getCurrentUserSession();
        if (sess == null || (!sess.isUserAdmin() && !sess.isKeyAdmin())) {
            return false;
        }
    }
    daoManager.getXXPortalUserRole().remove(gjUserRole.getId());
    return true;
}
Also used : VXString(org.apache.ranger.view.VXString) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 9 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class UserMgr method mapXXPortalUserToVXPortalUser.

/**
 * @param user
 * @return
 */
public VXPortalUser mapXXPortalUserToVXPortalUser(XXPortalUser user, Collection<String> userRoleList) {
    if (user == null) {
        return null;
    }
    UserSessionBase sess = ContextUtil.getCurrentUserSession();
    if (sess == null) {
        return null;
    }
    VXPortalUser userProfile = new VXPortalUser();
    gjUserToUserProfile(user, userProfile);
    if (sess.isUserAdmin() || sess.isKeyAdmin() || sess.getXXPortalUser().getId().equals(user.getId())) {
        if (userRoleList == null) {
            userRoleList = new ArrayList<String>();
            List<XXPortalUserRole> gjUserRoleList = daoManager.getXXPortalUserRole().findByParentId(user.getId());
            for (XXPortalUserRole userRole : gjUserRoleList) {
                userRoleList.add(userRole.getUserRole());
            }
        }
        userProfile.setUserRoleList(userRoleList);
    }
    userProfile.setUserSource(user.getUserSource());
    return userProfile;
}
Also used : VXPortalUser(org.apache.ranger.view.VXPortalUser) VXString(org.apache.ranger.view.VXString) XXPortalUserRole(org.apache.ranger.entity.XXPortalUserRole) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 10 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class XUserMgr method updateXUserPermission.

public VXUserPermission updateXUserPermission(VXUserPermission vXUserPermission) {
    vXUserPermission = xUserPermissionService.updateResource(vXUserPermission);
    Set<UserSessionBase> userSessions = sessionMgr.getActiveUserSessionsForPortalUserId(vXUserPermission.getUserId());
    if (!CollectionUtils.isEmpty(userSessions)) {
        for (UserSessionBase userSession : userSessions) {
            logger.info("Updating permission of user who's found logged in into system, so updating permission in session of user: [" + vXUserPermission.getUserName() + "]");
            sessionMgr.resetUserModulePermission(userSession);
        }
    }
    return vXUserPermission;
}
Also used : UserSessionBase(org.apache.ranger.common.UserSessionBase)

Aggregations

UserSessionBase (org.apache.ranger.common.UserSessionBase)69 RangerSecurityContext (org.apache.ranger.security.context.RangerSecurityContext)24 XXPortalUser (org.apache.ranger.entity.XXPortalUser)11 VXString (org.apache.ranger.view.VXString)11 XXUser (org.apache.ranger.entity.XXUser)8 ArrayList (java.util.ArrayList)6 XXPortalUserRole (org.apache.ranger.entity.XXPortalUserRole)6 XXService (org.apache.ranger.entity.XXService)5 VXResponse (org.apache.ranger.view.VXResponse)4 Test (org.junit.Test)4 Authentication (org.springframework.security.core.Authentication)4 HashSet (java.util.HashSet)3 HttpSession (javax.servlet.http.HttpSession)3 XXGroupUser (org.apache.ranger.entity.XXGroupUser)3 XXResource (org.apache.ranger.entity.XXResource)3 EntityManager (javax.persistence.EntityManager)2 CriteriaBuilder (javax.persistence.criteria.CriteriaBuilder)2 Predicate (javax.persistence.criteria.Predicate)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2