Search in sources :

Example 41 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class XUserMgr method createXUserPermission.

// User permission
public VXUserPermission createXUserPermission(VXUserPermission vXUserPermission) {
    vXUserPermission = xUserPermissionService.createResource(vXUserPermission);
    Set<UserSessionBase> userSessions = sessionMgr.getActiveUserSessionsForPortalUserId(vXUserPermission.getUserId());
    if (!CollectionUtils.isEmpty(userSessions)) {
        for (UserSessionBase userSession : userSessions) {
            logger.info("Assigning permission to user who's found logged in into system, so updating permission in session of that user: [" + vXUserPermission.getUserName() + "]");
            sessionMgr.resetUserModulePermission(userSession);
        }
    }
    return vXUserPermission;
}
Also used : UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 42 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class XUserMgr method updateXGroupPermission.

public VXGroupPermission updateXGroupPermission(VXGroupPermission vXGroupPermission) {
    vXGroupPermission = xGroupPermissionService.updateResource(vXGroupPermission);
    List<XXGroupUser> grpUsers = daoManager.getXXGroupUser().findByGroupId(vXGroupPermission.getGroupId());
    for (XXGroupUser xGrpUser : grpUsers) {
        Set<UserSessionBase> userSessions = sessionMgr.getActiveUserSessionsForXUserId(xGrpUser.getUserId());
        if (!CollectionUtils.isEmpty(userSessions)) {
            for (UserSessionBase userSession : userSessions) {
                logger.info("Assigning permission to group whose one of the user found logged in into system, so updating permission in session of that user");
                sessionMgr.resetUserModulePermission(userSession);
            }
        }
    }
    return vXGroupPermission;
}
Also used : XXGroupUser(org.apache.ranger.entity.XXGroupUser) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 43 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class XUserMgr method deleteXGroupPermission.

public void deleteXGroupPermission(Long id, boolean force) {
    XXGroupPermission xGrpPerm = daoManager.getXXGroupPermission().getById(id);
    if (xGrpPerm == null) {
        throw restErrorUtil.createRESTException("No GroupPermission object with ID: [" + id + "found.", MessageEnums.DATA_NOT_FOUND);
    }
    xGroupPermissionService.deleteResource(id);
    List<XXGroupUser> grpUsers = daoManager.getXXGroupUser().findByGroupId(xGrpPerm.getGroupId());
    for (XXGroupUser xGrpUser : grpUsers) {
        Set<UserSessionBase> userSessions = sessionMgr.getActiveUserSessionsForXUserId(xGrpUser.getUserId());
        if (!CollectionUtils.isEmpty(userSessions)) {
            for (UserSessionBase userSession : userSessions) {
                logger.info("deleting permission of the group whose one of the user found logged in into system, so updating permission in session of that user");
                sessionMgr.resetUserModulePermission(userSession);
            }
        }
    }
}
Also used : XXGroupUser(org.apache.ranger.entity.XXGroupUser) XXGroupPermission(org.apache.ranger.entity.XXGroupPermission) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 44 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class XUserMgr method modifyUserActiveStatus.

public void modifyUserActiveStatus(HashMap<Long, Integer> statusMap) {
    checkAdminAccess();
    UserSessionBase session = ContextUtil.getCurrentUserSession();
    String currentUser = null;
    if (session != null) {
        currentUser = session.getLoginId();
        if (currentUser == null || currentUser.trim().isEmpty()) {
            currentUser = null;
        }
    }
    if (currentUser == null) {
        return;
    }
    Set<Map.Entry<Long, Integer>> entries = statusMap.entrySet();
    for (Map.Entry<Long, Integer> entry : entries) {
        if (entry != null && entry.getKey() != null && entry.getValue() != null) {
            XXUser xUser = daoManager.getXXUser().getById(entry.getKey());
            if (xUser != null) {
                VXPortalUser vXPortalUser = userMgr.getUserProfileByLoginId(xUser.getName());
                if (vXPortalUser != null) {
                    if (vXPortalUser.getLoginId() != null && !vXPortalUser.getLoginId().equalsIgnoreCase(currentUser)) {
                        vXPortalUser.setStatus(entry.getValue());
                        userMgr.updateUser(vXPortalUser);
                    }
                }
            }
        }
    }
}
Also used : XXUser(org.apache.ranger.entity.XXUser) Map(java.util.Map) XXAuditMap(org.apache.ranger.entity.XXAuditMap) HashMap(java.util.HashMap) XXPermMap(org.apache.ranger.entity.XXPermMap) UserSessionBase(org.apache.ranger.common.UserSessionBase)

Example 45 with UserSessionBase

use of org.apache.ranger.common.UserSessionBase in project ranger by apache.

the class XUserMgr method checkAdminAccess.

public void checkAdminAccess() {
    UserSessionBase session = ContextUtil.getCurrentUserSession();
    if (session != null) {
        if (!session.isUserAdmin()) {
            VXResponse vXResponse = new VXResponse();
            vXResponse.setStatusCode(HttpServletResponse.SC_UNAUTHORIZED);
            vXResponse.setMsgDesc("Operation" + " denied. LoggedInUser=" + (session != null ? session.getXXPortalUser().getId() : "Not Logged In") + " ,isn't permitted to perform the action.");
            throw restErrorUtil.generateRESTException(vXResponse);
        }
    } else {
        VXResponse vXResponse = new VXResponse();
        vXResponse.setStatusCode(HttpServletResponse.SC_UNAUTHORIZED);
        vXResponse.setMsgDesc("Bad Credentials");
        throw restErrorUtil.generateRESTException(vXResponse);
    }
}
Also used : UserSessionBase(org.apache.ranger.common.UserSessionBase)

Aggregations

UserSessionBase (org.apache.ranger.common.UserSessionBase)69 RangerSecurityContext (org.apache.ranger.security.context.RangerSecurityContext)24 XXPortalUser (org.apache.ranger.entity.XXPortalUser)11 VXString (org.apache.ranger.view.VXString)11 XXUser (org.apache.ranger.entity.XXUser)8 ArrayList (java.util.ArrayList)6 XXPortalUserRole (org.apache.ranger.entity.XXPortalUserRole)6 XXService (org.apache.ranger.entity.XXService)5 VXResponse (org.apache.ranger.view.VXResponse)4 Test (org.junit.Test)4 Authentication (org.springframework.security.core.Authentication)4 HashSet (java.util.HashSet)3 HttpSession (javax.servlet.http.HttpSession)3 XXGroupUser (org.apache.ranger.entity.XXGroupUser)3 XXResource (org.apache.ranger.entity.XXResource)3 EntityManager (javax.persistence.EntityManager)2 CriteriaBuilder (javax.persistence.criteria.CriteriaBuilder)2 Predicate (javax.persistence.criteria.Predicate)2 HttpServletRequest (javax.servlet.http.HttpServletRequest)2 HttpServletResponse (javax.servlet.http.HttpServletResponse)2