use of org.apache.ranger.common.UserSessionBase in project ranger by apache.
the class TestUserMgr method setupKeyAdmin.
public void setupKeyAdmin() {
RangerSecurityContext context = new RangerSecurityContext();
context.setUserSession(new UserSessionBase());
RangerContextHolder.setSecurityContext(context);
UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
XXPortalUser userKeyAdmin = new XXPortalUser();
userKeyAdmin.setId(userProfile().getId());
userKeyAdmin.setLoginId(userProfile().getLoginId());
currentUserSession.setXXPortalUser(userKeyAdmin);
currentUserSession.setKeyAdmin(true);
}
use of org.apache.ranger.common.UserSessionBase in project ranger by apache.
the class TestUserMgr method setupUser.
public void setupUser() {
RangerSecurityContext context = new RangerSecurityContext();
context.setUserSession(new UserSessionBase());
RangerContextHolder.setSecurityContext(context);
UserSessionBase currentUserSession = ContextUtil.getCurrentUserSession();
XXPortalUser user = new XXPortalUser();
user.setId(userProfile().getId());
user.setLoginId(userProfile().getLoginId());
currentUserSession.setXXPortalUser(user);
}
use of org.apache.ranger.common.UserSessionBase in project ranger by apache.
the class UserService method gjUserToUserProfile.
// TODO: Need to remove this ASAP
public void gjUserToUserProfile(XXPortalUser user, VXPortalUser userProfile) {
userProfile.setId(user.getId());
userProfile.setLoginId(user.getLoginId());
userProfile.setFirstName(user.getFirstName());
userProfile.setLastName(user.getLastName());
userProfile.setPublicScreenName(user.getPublicScreenName());
userProfile.setStatus(user.getStatus());
userProfile.setUserRoleList(new ArrayList<String>());
UserSessionBase sess = ContextUtil.getCurrentUserSession();
String emailAddress = user.getEmailAddress();
if (emailAddress != null && stringUtil.validateEmail(emailAddress)) {
userProfile.setEmailAddress(user.getEmailAddress());
}
if (sess != null) {
userProfile.setUserSource(sess.getAuthProvider());
}
List<XXPortalUserRole> gjUserRoleList = daoManager.getXXPortalUserRole().findByParentId(user.getId());
for (XXPortalUserRole gjUserRole : gjUserRoleList) {
userProfile.getUserRoleList().add(gjUserRole.getUserRole());
}
}
use of org.apache.ranger.common.UserSessionBase in project ranger by apache.
the class ServiceDBStore method createService.
@Override
public RangerService createService(RangerService service) throws Exception {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ServiceDBStore.createService(" + service + ")");
}
if (service == null) {
throw restErrorUtil.createRESTException("Service object cannot be null.", MessageEnums.ERROR_CREATING_OBJECT);
}
boolean createDefaultPolicy = true;
Map<String, String> configs = service.getConfigs();
Map<String, String> validConfigs = validateRequiredConfigParams(service, configs);
if (validConfigs == null) {
if (LOG.isDebugEnabled()) {
LOG.debug("==> ConfigParams cannot be null, ServiceDBStore.createService(" + service + ")");
}
throw restErrorUtil.createRESTException("ConfigParams cannot be null.", MessageEnums.ERROR_CREATING_OBJECT);
}
// While creating, value of version should be 1.
service.setVersion(Long.valueOf(1));
service.setTagVersion(Long.valueOf(1));
if (populateExistingBaseFields) {
svcServiceWithAssignedId.setPopulateExistingBaseFields(true);
daoMgr.getXXService().setIdentityInsert(true);
service = svcServiceWithAssignedId.create(service);
daoMgr.getXXService().setIdentityInsert(false);
daoMgr.getXXService().updateSequence();
svcServiceWithAssignedId.setPopulateExistingBaseFields(false);
createDefaultPolicy = false;
} else {
service = svcService.create(service);
}
XXService xCreatedService = daoMgr.getXXService().getById(service.getId());
VXUser vXUser = null;
XXServiceConfigMapDao xConfMapDao = daoMgr.getXXServiceConfigMap();
for (Entry<String, String> configMap : validConfigs.entrySet()) {
String configKey = configMap.getKey();
String configValue = configMap.getValue();
if (StringUtils.equalsIgnoreCase(configKey, "username")) {
String userName = stringUtil.getValidUserName(configValue);
XXUser xxUser = daoMgr.getXXUser().findByUserName(userName);
if (xxUser != null) {
vXUser = xUserService.populateViewBean(xxUser);
} else {
UserSessionBase usb = ContextUtil.getCurrentUserSession();
if (usb != null && !usb.isUserAdmin() && !usb.isSpnegoEnabled()) {
throw restErrorUtil.createRESTException("User does not exist with given username: [" + userName + "] please use existing user", MessageEnums.OPER_NO_PERMISSION);
}
vXUser = xUserMgr.createServiceConfigUser(userName);
}
}
if (StringUtils.equalsIgnoreCase(configKey, CONFIG_KEY_PASSWORD)) {
String cryptConfigString = CRYPT_ALGO + "," + ENCRYPT_KEY + "," + SALT + "," + ITERATION_COUNT + "," + configValue;
String encryptedPwd = PasswordUtils.encryptPassword(cryptConfigString);
encryptedPwd = CRYPT_ALGO + "," + ENCRYPT_KEY + "," + SALT + "," + ITERATION_COUNT + "," + encryptedPwd;
String decryptedPwd = PasswordUtils.decryptPassword(encryptedPwd);
if (StringUtils.equals(decryptedPwd, configValue)) {
configValue = encryptedPwd;
}
}
XXServiceConfigMap xConfMap = new XXServiceConfigMap();
xConfMap = rangerAuditFields.populateAuditFields(xConfMap, xCreatedService);
xConfMap.setServiceId(xCreatedService.getId());
xConfMap.setConfigkey(configKey);
xConfMap.setConfigvalue(configValue);
xConfMapDao.create(xConfMap);
}
if (LOG.isDebugEnabled()) {
LOG.debug("vXUser:[" + vXUser + "]");
}
RangerService createdService = svcService.getPopulatedViewObject(xCreatedService);
if (createdService == null) {
throw restErrorUtil.createRESTException("Could not create service - Internal error ", MessageEnums.ERROR_CREATING_OBJECT);
}
dataHistService.createObjectDataHistory(createdService, RangerDataHistService.ACTION_CREATE);
List<XXTrxLog> trxLogList = svcService.getTransactionLog(createdService, RangerServiceService.OPERATION_CREATE_CONTEXT);
bizUtil.createTrxLog(trxLogList);
if (createDefaultPolicy) {
createDefaultPolicies(createdService);
}
return createdService;
}
use of org.apache.ranger.common.UserSessionBase in project ranger by apache.
the class SessionMgr method getSSOSpnegoAuthCheckForAPI.
private void getSSOSpnegoAuthCheckForAPI(String currentLoginId, HttpServletRequest request) {
RangerSecurityContext context = RangerContextHolder.getSecurityContext();
UserSessionBase session = context != null ? context.getUserSession() : null;
boolean ssoEnabled = session != null ? session.isSSOEnabled() : PropertiesUtil.getBooleanProperty("ranger.sso.enabled", false);
XXPortalUser gjUser = daoManager.getXXPortalUser().findByLoginId(currentLoginId);
if (gjUser == null && ((request.getAttribute("spnegoEnabled") != null && (boolean) request.getAttribute("spnegoEnabled")) || (ssoEnabled))) {
if (logger.isDebugEnabled()) {
logger.debug("User : " + currentLoginId + " doesn't exist in Ranger DB So creating user as it's SSO or Spnego authenticated");
}
xUserMgr.createServiceConfigUser(currentLoginId);
}
}
Aggregations